Owen Rudge <oru...@codeweavers.com> writes: > @@ -64,6 +64,10 @@ static BOOL IMAGEHLP_GetSecurityDirOffset( HANDLE handle, > if( count != sizeof dos_hdr ) > return FALSE; > > + /* verify magic number of 'MZ' */ > + if( dos_hdr.e_magic != 0x5A4D ) > + return FALSE; > + > /* read the PE header */ > count = SetFilePointer( handle, dos_hdr.e_lfanew, NULL, FILE_BEGIN ); > if( count == INVALID_SET_FILE_POINTER ) > @@ -75,6 +79,10 @@ static BOOL IMAGEHLP_GetSecurityDirOffset( HANDLE handle, > if( count != sizeof nt_hdr ) > return FALSE; > > + /* verify NT signature */ > + if( nt_hdr.Signature != IMAGE_NT_SIGNATURE ) > + return FALSE; > + > sd = &nt_hdr.OptionalHeader. > DataDirectory[IMAGE_FILE_SECURITY_DIRECTORY];
You also need to check the optional header magic to differentiate between 32-bit and 64-bit PE files. -- Alexandre Julliard julli...@winehq.org