ModuleStomping icon indicating copy to clipboard operation
ModuleStomping copied to clipboard

Published 20 hours ago verified publisher icon WithSecureLabs

Wrong format specifier for sizeof

Open phuclv90 opened this issue 5 years ago • 0 comments

The return type of sizeof is size_t which must be printed using %zu. Technically using the wrong format specifier (%llu in this case) invokes UB

DbgPrint("Short read of read MmPfnDatabase pointer %p as provided by userspace (read %llu of %llu bytes)\n", MmPfnDatabaseUnsafe, bytesRead, sizeof(PVOID));

DbgPrint("Failed to read PFN from PFN database at %p (%p[0x%16llx]): NTSTATUS 0x%08lx, transferred %llu of %llu bytes\n", srcAddress.VirtualAddress, MmPfnDatabase, pfnArray[pfnIdx], s, numRead, sizeof(struct PFN));

https://github.com/countercept/ModuleStomping/blob/56c778b37229606818487b87e96d74b1db858817/driver/driver.c#L195

https://github.com/countercept/ModuleStomping/blob/56c778b37229606818487b87e96d74b1db858817/driver/driver.c#L342

phuclv90 avatar Aug 25 '20 07:08 phuclv90