diff options
| -rw-r--r-- | miasm2/os_dep/win_api_x86_32.py | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/miasm2/os_dep/win_api_x86_32.py b/miasm2/os_dep/win_api_x86_32.py index 62254a66..fecc8a29 100644 --- a/miasm2/os_dep/win_api_x86_32.py +++ b/miasm2/os_dep/win_api_x86_32.py @@ -23,6 +23,7 @@ import time import string import logging from zlib import crc32 +from StringIO import StringIO try: from Crypto.Hash import MD5, SHA @@ -2175,10 +2176,18 @@ def kernel32_CreateFileMapping(jitter, funcname, get_str): "dwmaximumsizelow", "lpname"]) # f = get_str(jitter, args.lpname) if args.lpname else None - if not args.hfile in winobjs.handle_pool: - raise ValueError('unknown handle') + if args.hfile == 0xffffffff: + # Create null mapping + if args.dwmaximumsizehigh: + raise NotImplementedError("Untested case") + hmap = StringIO("\x00"*args.dwmaximumsizelow) + hmap_handle = winobjs.handle_pool.add('filemem', hmap) - ret = winobjs.handle_pool.add('filemapping', args.hfile) + ret = winobjs.handle_pool.add('filemapping', hmap_handle) + else: + if not args.hfile in winobjs.handle_pool: + raise ValueError('unknown handle') + ret = winobjs.handle_pool.add('filemapping', args.hfile) jitter.func_ret_stdcall(ret_ad, ret) @@ -2205,7 +2214,7 @@ def kernel32_MapViewOfFile(jitter): hfile_o = winobjs.handle_pool[hmap.info] fd = hfile_o.info fd.seek((args.dwfileoffsethigh << 32) | args.dwfileoffsetlow) - data = fd.read(args.length) if args.length else args.read() + data = fd.read(args.length) if args.length else fd.read() length = len(data) log.debug('mapp total: %x', len(data)) |