libclamav/pe: Use endian wrapper in more places. #814
Conversation
|
This looks really good to me. Thank you @sebastianas! I will spend more time with it, testing, etc as soon as I am able. |
|
This change makes sense to me. Thank you for tracking down the endianness issues and submitting this PR. I almost feel like it would make more sense to do it when we populate the Line 5041 in a85f853 in the same way that we do with peinfo->nsections, here: Line 4735 in a85f853 or peinfo->e_lfanew, here: Line 4560 in a85f853 Just for consistency it feels better to assume that all fields in the If it's not too much trouble, can you change it to fix the endianness when populating Best, |
A few user of VirtualAddress and Size in cli_exe_info::pe_image_data_dir don't use the endian wrapper while other places do. This leads to testsuite failures on big endian machines. Convert the content of struct pe_image_data_dir to native format so that that the EC32() conversation can be removed. Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
|
On 2023-03-17 11:31:57 [-0700], Micah Snyder wrote:
Merged #814 into main.
Could this also go into the rel/1.0 branch? It is a regression coming
from the previous LTS (0.103.8).
Sebastian
|
|
Sure let's do that. But I did find that we messed up something and coverity is angry: And for the other variable: I had put in a ticket for us to try to solve that next week, but if you want to help you're welcome to. |
val-ms
added
the
🍒cherry-pick-candidate
A few user of VirtualAddress and Size in cli_exe_info::pe_image_data_dir don't use the endian wrapper while other places do. This leads to testsuite failures on big endian machines.
Use the endian wrapper in all places across pe.c for the two members.
Signed-off-by: Sebastian Andrzej Siewior sebastian@breakpoint.cc