This repository was archived by the owner on Jul 5, 2023. It is now read-only.
This repository was archived by the owner on Jul 5, 2023. It is now read-only.
syzygy has serveral problems in WinSDK 17134 and clang compiler builds project #65
Description
1,in pe_file_parser.cc
PEFileParser::ParseDelayImportDir
if (!AddBlock(BlockGraph::DATA_BLOCK,
import_name_addr,
//common::AlignUp(import_name.size() + 1, 2),
// if use above,there will be many block overlap error
// so i just uses import_name.size() + 1
// maybe it's clang compiler's special Alignup style
import_name.size() + 1,
base::StringPrintf("Delay import DLL Name \"%s\"",
import_name.c_str()).c_str())) {
LOG(ERROR) << "Unable to create import name block.";
return NULL;
}
Other AddBlock functions have the same problem when parse clang PE file.
2,in pe_structs.h
it just supports 15063 SDK,if use 17134 SDK,it needs modify here:
struct LoadConfigDirectory
// need to append the 2 DWORD at last of the struct
DWORD Reserved3;
DWORD EnclaveConfigurationPointer; // VA
and it needs to modify in enum LoadConfigDirectoryVersion related above struct.
3,in decomposer.cc
Decomposer::CreateBlocksFromSectionContribs
DWORD rva = 0;
DWORD length = 0;
DWORD section_id = 0;
BOOL code = FALSE;
ScopedComPtr<IDiaSymbol> compiland;
ScopedBstr bstr_compiland_name;
if ((hr = section_contrib->get_relativeVirtualAddress(&rva)) != S_OK ||
(hr = section_contrib->get_length(&length)) != S_OK ||
(hr = section_contrib->get_addressSection(§ion_id)) != S_OK ||
(hr = section_contrib->get_code(&code)) != S_OK ||
(hr = section_contrib->get_compiland(compiland.Receive())) != S_OK ||
(hr = compiland->get_name(bstr_compiland_name.Receive())) != S_OK) {
LOG(ERROR) << "Failed to get section contribution properties: "
<< common::LogHr(hr) << ".";
return false;
}
sometimes,i get length is 0,then it will cause CreateBlockOrFindCoveringPeBlock ERROR.
How to fix the issue?
4,also in decomposer.cc
Decomposer::CreateBlockOrFindCoveringPeBlock
if (name == "* Linker *" && block_addr == addr && size > block->size()) {
if (!image_->ResizeBlock(block, size)) {
LOG(ERROR) << "Failed to extend PE-parsed "
<< BlockInfo(block, block_addr) << " with linker "
<< "section contribution of size " << size << ".";
// Get the conflicting block and output additional information about
// it.
Block* conflict = image_->GetFirstIntersectingBlock(
block_addr + block->size(), size - block->size());
if (conflict) {
RelativeAddress conflict_addr;
CHECK(image_->GetAddressOf(conflict, &conflict_addr));
LOG(ERROR) << "Conflicts with existing "
<< BlockInfo(conflict, conflict_addr) << ".";
}
return NULL;
}
// Update the data in the extended block.
const uint8_t* data = image_file_.GetImageData(addr, size);
block->SetData(data, size);
return block;
}
// If this is not a PE parsed or COFF group block that covers us entirely,
// then this is an error.
static const BlockGraph::BlockAttributes kCoveringAttributes =
BlockGraph::PE_PARSED | BlockGraph::COFF_GROUP;
RelativeRange existing_block(block_addr, block->size());
if ((block->attributes() & kCoveringAttributes) == 0 ||
!existing_block.Contains(addr, size)) {
LOG(ERROR) << "Trying to create block \"" << name.as_string() << "\" at "
<< addr.value() << " with size " << size << " that conflicts "
<< "with existing " << BlockInfo(block, block_addr) << ".";
return NULL;
}
Here,the name is "* Linker *",too.But block_addr != addr && size < block->size(),then it goto existing_block.Contains(addr, size),then ERROR.
How it occurs?