Improve CreateFile flags parsing

author: woni <81616747+W0ni@users.noreply.github.com> 2024-01-16 18:28:10 +0100
committer: woni <81616747+W0ni@users.noreply.github.com> 2024-01-16 18:28:10 +0100
commit: 78a73cac2bc4bd0a82332de5ea3e81343acc79d2 (patch)
tree: 1f100f2baa0de4d64d37b9cae851214732a7484d
parent: ec29f74614b2906af63cf57ec2bc64652d342025 (diff)
download: focaccia-miasm-78a73cac2bc4bd0a82332de5ea3e81343acc79d2.tar.gz
focaccia-miasm-78a73cac2bc4bd0a82332de5ea3e81343acc79d2.zip
1 files changed, 9 insertions, 6 deletions
diff --git a/miasm/os_dep/win_api_x86_32.py b/miasm/os_dep/win_api_x86_32.py
index b60ff879..6e568abb 100644
--- a/miasm/os_dep/win_api_x86_32.py
+++ b/miasm/os_dep/win_api_x86_32.py
@@ -623,10 +623,10 @@ def kernel32_CreateFile(jitter, funcname, get_str):
     elif fname.upper() in ['NUL']:
         ret = winobjs.module_cur_hwnd
     else:
-        # sandox path
+        # sandbox path
         sb_fname = windows_to_sbpath(fname)
         if args.access & 0x80000000 or args.access == 1:
-            # read
+            # read and maybe write
             if args.dwcreationdisposition == 2:
                 # create_always
                 if os.access(sb_fname, os.R_OK):
@@ -642,7 +642,10 @@ def kernel32_CreateFile(jitter, funcname, get_str):
                     if stat.S_ISDIR(s.st_mode):
                         ret = winobjs.handle_pool.add(sb_fname, 0x1337)
                     else:
-                        h = open(sb_fname, 'r+b')
+                        open_mode = 'rb'
+                        if (args.access & 0x40000000) or args.access == 2:
+                            open_mode = 'r+b'
+                        h = open(sb_fname, open_mode)
                         ret = winobjs.handle_pool.add(sb_fname, h)
                 else:
                     log.warning("FILE %r (%s) DOES NOT EXIST!", fname, sb_fname)
@@ -671,8 +674,8 @@ def kernel32_CreateFile(jitter, funcname, get_str):
                     raise NotImplementedError("Untested case")
             else:
                 raise NotImplementedError("Untested case")
-        elif args.access & 0x40000000:
-            # write
+        elif (args.access & 0x40000000) or args.access == 2:
+            # write but not read
             if args.dwcreationdisposition == 3:
                 # open existing
                 if is_original_file:
@@ -684,7 +687,7 @@ def kernel32_CreateFile(jitter, funcname, get_str):
                         # open dir
                         ret = winobjs.handle_pool.add(sb_fname, 0x1337)
                     else:
-                        h = open(sb_fname, 'r+b')
+                        h = open(sb_fname, 'wb')
                         ret = winobjs.handle_pool.add(sb_fname, h)
                 else:
                     raise NotImplementedError("Untested case")  # to test
author	woni <81616747+W0ni@users.noreply.github.com>	2024-01-16 18:28:10 +0100
committer	woni <81616747+W0ni@users.noreply.github.com>	2024-01-16 18:28:10 +0100
commit	78a73cac2bc4bd0a82332de5ea3e81343acc79d2 (patch)
tree	1f100f2baa0de4d64d37b9cae851214732a7484d
parent	ec29f74614b2906af63cf57ec2bc64652d342025 (diff)
download	focaccia-miasm-78a73cac2bc4bd0a82332de5ea3e81343acc79d2.tar.gz focaccia-miasm-78a73cac2bc4bd0a82332de5ea3e81343acc79d2.zip