sync entry point calculation with cli_scanpe

git-svn: trunk@1658

clamav-devel/ChangeLog

@@ -1,3 +1,8 @@
+Tue Jul 19 22:35:02 CEST 2005 (tk)
+----------------------------------
+  * libclamav/pe.c: cli_peheader: sync entry point calculation with cli_scanpe
+		    (problem reported by Christoph Cordes <ccordes*clamav.net>)
+
 Tue Jul 19 22:07:15 CEST 2005 (tk)
 ----------------------------------
   * configure.in: fix compilation error when curl is installed in a

clamav-devel/libclamav/pe.c

@@ -1369,6 +1369,7 @@ int cli_peheader(int desc, struct cli_pe_info *peinfo)
 {
 	uint16_t e_magic; /* DOS signature ("MZ") */
 	uint32_t e_lfanew; /* address of new exe header */
+	uint32_t min, max;
 	struct pe_image_file_hdr file_hdr;
 	struct pe_image_optional_hdr optional_hdr;
 	struct pe_image_section_hdr *section_hdr;
@@ -1467,11 +1468,20 @@ int cli_peheader(int desc, struct cli_pe_info *peinfo)
 	peinfo->section[i].vsz = EC32(section_hdr[i].VirtualSize);
 	peinfo->section[i].raw = EC32(section_hdr[i].PointerToRawData);
 	peinfo->section[i].rsz = EC32(section_hdr[i].SizeOfRawData);
-    }
 
-    peinfo->ep = cli_rawaddr(EC32(optional_hdr.AddressOfEntryPoint), section_hdr, peinfo->nsections, &err);
+	if(!i) {
+	    min = EC32(section_hdr[i].VirtualAddress);
+	    max = EC32(section_hdr[i].VirtualAddress) + EC32(section_hdr[i].SizeOfRawData);
+	} else {
+	    if(EC32(section_hdr[i].VirtualAddress) < min)
+		min = EC32(section_hdr[i].VirtualAddress);
+
+	    if(EC32(section_hdr[i].VirtualAddress) + EC32(section_hdr[i].SizeOfRawData) > max)
+		max = EC32(section_hdr[i].VirtualAddress) + EC32(section_hdr[i].SizeOfRawData);
+	}
+    }
 
-    if(err) {
+    if((peinfo->ep = EC32(optional_hdr.AddressOfEntryPoint)) >= min && !(peinfo->ep = cli_rawaddr(EC32(optional_hdr.AddressOfEntryPoint), section_hdr, peinfo->nsections, &err)) && err) {
 	cli_dbgmsg("Possibly broken PE file\n");
 	free(section_hdr);
 	free(peinfo->section);