Merge pull request #188 from serpilliere/fix_winapi

Fix winapi

1 files changed, 13 insertions, 4 deletions

diff --git a/miasm2/os_dep/win_api_x86_32.py b/miasm2/os_dep/win_api_x86_32.py
index 62254a66..fecc8a29 100644
--- a/miasm2/os_dep/win_api_x86_32.py
+++ b/miasm2/os_dep/win_api_x86_32.py
@@ -23,6 +23,7 @@ import time
 import string
 import logging
 from zlib import crc32
+from StringIO import StringIO
 
 try:
     from Crypto.Hash import MD5, SHA
@@ -2175,10 +2176,18 @@ def kernel32_CreateFileMapping(jitter, funcname, get_str):
                                              "dwmaximumsizelow", "lpname"])
     # f = get_str(jitter, args.lpname) if args.lpname else None
 
-    if not args.hfile in winobjs.handle_pool:
-        raise ValueError('unknown handle')
+    if args.hfile == 0xffffffff:
+        # Create null mapping
+        if args.dwmaximumsizehigh:
+            raise NotImplementedError("Untested case")
+        hmap = StringIO("\x00"*args.dwmaximumsizelow)
+        hmap_handle = winobjs.handle_pool.add('filemem', hmap)
 
-    ret = winobjs.handle_pool.add('filemapping', args.hfile)
+        ret = winobjs.handle_pool.add('filemapping', hmap_handle)
+    else:
+        if not args.hfile in winobjs.handle_pool:
+            raise ValueError('unknown handle')
+        ret = winobjs.handle_pool.add('filemapping', args.hfile)
     jitter.func_ret_stdcall(ret_ad, ret)
 
 
@@ -2205,7 +2214,7 @@ def kernel32_MapViewOfFile(jitter):
     hfile_o = winobjs.handle_pool[hmap.info]
     fd = hfile_o.info
     fd.seek((args.dwfileoffsethigh << 32) | args.dwfileoffsetlow)
-    data = fd.read(args.length) if args.length else args.read()
+    data = fd.read(args.length) if args.length else fd.read()
     length = len(data)
 
     log.debug('mapp total: %x', len(data))