Use of potentially uninitialized FILE pointer in PE::get_raw_bytes()
rc0r opened this issue · comments
Hi,
I came across just another minor issue. Consider the following:
int main(int argc, char *argv[]) {
// check argc == 2
mana::PE pe(argv[1]);
pe.get_raw_bytes(-1);
return 0;
}
In case argv[1]
is set to a nonexistent file this will segfault during fseek()
called from PE::get_raw_bytes()
since PE::_file_handle
is not initialized and doesn't point to a proper FILE
object.
Since all the other methods of the PE
class that operate on _file_handle
have a nullptr
check I assumed such a check wasn't intentionally omitted.
Cheers
rc0r
You're right that this was an omission on my part. Thanks for taking the time to provide a fix!