Skip to content

Commit

Permalink
API: PE32 - Fix SizeOfImage alignment.
Browse files Browse the repository at this point in the history 
API: PE64 - Fix SizeOfImage alignment.
Unpacker: v20.x86 - Fix SizeOfImage alignment.
Unpacker: v21.x86 - Fix SizeOfImage alignment.
Unpacker: v30.x64 - Fix incorrect TlsOepRva being stored and used.
Unpacker: v30.x64 - Fix incorrect TlsOepRva calculations when reading payload and SteamDRMP.dll.
Unpacker: v31.x64 - Fix incorrect TlsOepRva being stored and used.
Unpacker: v31.x64 - Fix incorrect TlsOepRva calculations when reading payload and SteamDRMP.dll.
  • Loading branch information
@atom0s
atom0s committed Mar 24, 2022
1 parent 079a086 commit 0ad40ae
Show file tree
Hide file tree
Showing 8 changed files with 16 additions and 16 deletions.
2 changes: 1 addition & 1 deletion Steamless.API/PE32/Pe32File.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -328,7 +328,7 @@ public void RebuildSections(bool realign = true)

// Update the size of the image..
var ntHeaders = this.NtHeaders;
ntHeaders.OptionalHeader.SizeOfImage = this.Sections.Last().VirtualAddress + this.Sections.Last().VirtualSize;
ntHeaders.OptionalHeader.SizeOfImage = (uint)this.GetAlignment(this.Sections.Last().VirtualAddress + this.Sections.Last().VirtualSize, this.NtHeaders.OptionalHeader.SectionAlignment);
this.NtHeaders = ntHeaders;
}

Expand Down
2 changes: 1 addition & 1 deletion Steamless.API/PE64/Pe64File.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -331,7 +331,7 @@ public void RebuildSections(bool realign = true)

// Update the size of the image..
var ntHeaders = this.NtHeaders;
ntHeaders.OptionalHeader.SizeOfImage = this.Sections.Last().VirtualAddress + this.Sections.Last().VirtualSize;
ntHeaders.OptionalHeader.SizeOfImage = (uint)this.GetAlignment(this.Sections.Last().VirtualAddress + this.Sections.Last().VirtualSize, this.NtHeaders.OptionalHeader.SectionAlignment);
this.NtHeaders = ntHeaders;
}

Expand Down
2 changes: 1 addition & 1 deletion Steamless.Unpacker.Variant20.x86/Main.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -324,7 +324,7 @@ private bool Step4()
var ntHeaders = this.File.NtHeaders;
var lastSection = this.File.Sections[this.File.Sections.Count - 1];
ntHeaders.OptionalHeader.AddressOfEntryPoint = this.File.GetRvaFromVa(this.StubHeader.OEP);
ntHeaders.OptionalHeader.SizeOfImage = lastSection.VirtualAddress + lastSection.VirtualSize;
ntHeaders.OptionalHeader.SizeOfImage = this.File.GetAlignment(lastSection.VirtualAddress + lastSection.VirtualSize, this.File.NtHeaders.OptionalHeader.SectionAlignment);
this.File.NtHeaders = ntHeaders;

// Write the NT headers to the file..
Expand Down
2 changes: 1 addition & 1 deletion Steamless.Unpacker.Variant21.x86/Main.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -451,7 +451,7 @@ private bool Step6()
var lastSection = this.File.Sections[this.File.Sections.Count - 1];
var originalEntry = BitConverter.ToUInt32(this.PayloadData.Skip(this.SteamDrmpOffsets[2]).Take(4).ToArray(), 0);
ntHeaders.OptionalHeader.AddressOfEntryPoint = this.File.GetRvaFromVa(originalEntry);
ntHeaders.OptionalHeader.SizeOfImage = lastSection.VirtualAddress + lastSection.VirtualSize;
ntHeaders.OptionalHeader.SizeOfImage = this.File.GetAlignment(lastSection.VirtualAddress + lastSection.VirtualSize, this.File.NtHeaders.OptionalHeader.SectionAlignment);
this.File.NtHeaders = ntHeaders;

// Write the NT headers to the file..
Expand Down
6 changes: 3 additions & 3 deletions Steamless.Unpacker.Variant30.x64/Main.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -233,7 +233,7 @@ private bool Step1()

// Tls was valid for the real oep..
this.TlsAsOep = true;
this.TlsOepRva = fileOffset;
this.TlsOepRva = this.File.GetRvaFromVa(this.File.TlsCallbacks[0]);
return true;
}

Expand All @@ -246,7 +246,7 @@ private bool Step1()
private bool Step2()
{
// Obtain the payload address and size..
var payloadAddr = this.File.GetFileOffsetFromRva(this.TlsAsOep ? this.TlsOepRva : this.File.NtHeaders.OptionalHeader.AddressOfEntryPoint - this.StubHeader.BindSectionOffset);
var payloadAddr = this.File.GetFileOffsetFromRva(this.TlsAsOep ? this.TlsOepRva - this.StubHeader.BindSectionOffset : this.File.NtHeaders.OptionalHeader.AddressOfEntryPoint - this.StubHeader.BindSectionOffset);
var payloadSize = (this.StubHeader.PayloadSize + 0x0F) & 0xFFFFFFF0;

// Do nothing if there is no payload..
Expand Down Expand Up @@ -296,7 +296,7 @@ private bool Step3()
try
{
// Obtain the SteamDRMP.dll file address and data..
var drmpAddr = this.File.GetFileOffsetFromRva(this.TlsAsOep ? this.TlsOepRva : this.File.NtHeaders.OptionalHeader.AddressOfEntryPoint - this.StubHeader.BindSectionOffset + this.StubHeader.DRMPDllOffset);
var drmpAddr = this.File.GetFileOffsetFromRva(this.TlsAsOep ? this.TlsOepRva - this.StubHeader.BindSectionOffset + this.StubHeader.DRMPDllOffset : this.File.NtHeaders.OptionalHeader.AddressOfEntryPoint - this.StubHeader.BindSectionOffset + this.StubHeader.DRMPDllOffset);
var drmpData = new byte[this.StubHeader.DRMPDllSize];
Array.Copy(this.File.FileData, (long)drmpAddr, drmpData, 0, drmpData.Length);

Expand Down
6 changes: 3 additions & 3 deletions Steamless.Unpacker.Variant30.x86/Main.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -238,7 +238,7 @@ private bool Step1()

// Tls was valid for the real oep..
this.TlsAsOep = true;
this.TlsOepRva = fileOffset;
this.TlsOepRva = this.File.GetRvaFromVa(this.File.TlsCallbacks[0]);
return true;
}

Expand All @@ -251,7 +251,7 @@ private bool Step1()
private bool Step2()
{
// Obtain the payload address and size..
var payloadAddr = this.File.GetFileOffsetFromRva(this.TlsAsOep ? this.TlsOepRva : this.File.NtHeaders.OptionalHeader.AddressOfEntryPoint - this.StubHeader.BindSectionOffset);
var payloadAddr = this.File.GetFileOffsetFromRva(this.TlsAsOep ? this.TlsOepRva - this.StubHeader.BindSectionOffset : this.File.NtHeaders.OptionalHeader.AddressOfEntryPoint - this.StubHeader.BindSectionOffset);
var payloadSize = (this.StubHeader.PayloadSize + 0x0F) & 0xFFFFFFF0;

// Do nothing if there is no payload..
Expand Down Expand Up @@ -301,7 +301,7 @@ private bool Step3()
try
{
// Obtain the SteamDRMP.dll file address and data..
var drmpAddr = this.File.GetFileOffsetFromRva(this.TlsAsOep ? this.TlsOepRva : this.File.NtHeaders.OptionalHeader.AddressOfEntryPoint - this.StubHeader.BindSectionOffset + this.StubHeader.DRMPDllOffset);
var drmpAddr = this.File.GetFileOffsetFromRva(this.TlsAsOep ? this.TlsOepRva - this.StubHeader.BindSectionOffset + this.StubHeader.DRMPDllOffset : this.File.NtHeaders.OptionalHeader.AddressOfEntryPoint - this.StubHeader.BindSectionOffset + this.StubHeader.DRMPDllOffset);
var drmpData = new byte[this.StubHeader.DRMPDllSize];
Array.Copy(this.File.FileData, drmpAddr, drmpData, 0, drmpData.Length);

Expand Down
6 changes: 3 additions & 3 deletions Steamless.Unpacker.Variant31.x64/Main.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -229,7 +229,7 @@ private bool Step1()

// Tls was valid for the real oep..
this.TlsAsOep = true;
this.TlsOepRva = fileOffset;
this.TlsOepRva = this.File.GetRvaFromVa(this.File.TlsCallbacks[0]);
return true;
}

Expand All @@ -242,7 +242,7 @@ private bool Step1()
private bool Step2()
{
// Obtain the payload address and size..
var payloadAddr = this.File.GetFileOffsetFromRva(this.TlsAsOep ? this.TlsOepRva : this.File.NtHeaders.OptionalHeader.AddressOfEntryPoint - this.StubHeader.BindSectionOffset);
var payloadAddr = this.File.GetFileOffsetFromRva(this.TlsAsOep ? this.TlsOepRva - this.StubHeader.BindSectionOffset : this.File.NtHeaders.OptionalHeader.AddressOfEntryPoint - this.StubHeader.BindSectionOffset);
var payloadSize = (this.StubHeader.PayloadSize + 0x0F) & 0xFFFFFFF0;

// Do nothing if there is no payload..
Expand Down Expand Up @@ -292,7 +292,7 @@ private bool Step3()
try
{
// Obtain the SteamDRMP.dll file address and data..
var drmpAddr = this.File.GetFileOffsetFromRva(this.TlsAsOep ? this.TlsOepRva : this.File.NtHeaders.OptionalHeader.AddressOfEntryPoint - this.StubHeader.BindSectionOffset + this.StubHeader.DRMPDllOffset);
var drmpAddr = this.File.GetFileOffsetFromRva(this.TlsAsOep ? this.TlsOepRva - this.StubHeader.BindSectionOffset + this.StubHeader.DRMPDllOffset : this.File.NtHeaders.OptionalHeader.AddressOfEntryPoint - this.StubHeader.BindSectionOffset + this.StubHeader.DRMPDllOffset);
var drmpData = new byte[this.StubHeader.DRMPDllSize];
Array.Copy(this.File.FileData, (long)drmpAddr, drmpData, 0, drmpData.Length);

Expand Down
6 changes: 3 additions & 3 deletions Steamless.Unpacker.Variant31.x86/Main.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -234,7 +234,7 @@ private bool Step1()

// Tls was valid for the real oep..
this.TlsAsOep = true;
this.TlsOepRva = fileOffset;
this.TlsOepRva = this.File.GetRvaFromVa(this.File.TlsCallbacks[0]);
return true;
}

Expand All @@ -247,7 +247,7 @@ private bool Step1()
private bool Step2()
{
// Obtain the payload address and size..
var payloadAddr = this.File.GetFileOffsetFromRva(this.TlsAsOep ? this.TlsOepRva : this.File.NtHeaders.OptionalHeader.AddressOfEntryPoint - this.StubHeader.BindSectionOffset);
var payloadAddr = this.File.GetFileOffsetFromRva(this.TlsAsOep ? this.TlsOepRva - this.StubHeader.BindSectionOffset : this.File.NtHeaders.OptionalHeader.AddressOfEntryPoint - this.StubHeader.BindSectionOffset);
var payloadSize = (this.StubHeader.PayloadSize + 0x0F) & 0xFFFFFFF0;

// Do nothing if there is no payload..
Expand Down Expand Up @@ -297,7 +297,7 @@ private bool Step3()
try
{
// Obtain the SteamDRMP.dll file address and data..
var drmpAddr = this.File.GetFileOffsetFromRva(this.TlsAsOep ? this.TlsOepRva : this.File.NtHeaders.OptionalHeader.AddressOfEntryPoint - this.StubHeader.BindSectionOffset + this.StubHeader.DRMPDllOffset);
var drmpAddr = this.File.GetFileOffsetFromRva(this.TlsAsOep ? this.TlsOepRva - this.StubHeader.BindSectionOffset + this.StubHeader.DRMPDllOffset : this.File.NtHeaders.OptionalHeader.AddressOfEntryPoint - this.StubHeader.BindSectionOffset + this.StubHeader.DRMPDllOffset);
var drmpData = new byte[this.StubHeader.DRMPDllSize];
Array.Copy(this.File.FileData, drmpAddr, drmpData, 0, drmpData.Length);

Expand Down

0 comments on commit 0ad40ae

Please sign in to comment.