Prevent unaligned access to NE in-memory module data.
diff --git a/loader/module.c b/loader/module.c index b687ea6..a50b5bd 100644 --- a/loader/module.c +++ b/loader/module.c
@@ -356,7 +356,7 @@ + strlen(filename) + 1; size = sizeof(NE_MODULE) + /* loaded file info */ - of_size + + ((of_size + 3) & ~3) + /* segment table: DS,CS */ 2 * sizeof(SEGTABLEENTRY) + /* name table */ @@ -405,7 +405,7 @@ ofs->cBytes = of_size < 256 ? of_size : 255; /* FIXME */ strcpy( ofs->szPathName, filename ); - pSegment = (SEGTABLEENTRY*)((char*)(pModule + 1) + of_size); + pSegment = (SEGTABLEENTRY*)((char*)(pModule + 1) + ((of_size + 3) & ~3)); pModule->seg_table = (int)pSegment - (int)pModule; /* Data segment */ pSegment->size = 0;
diff --git a/loader/ne/module.c b/loader/ne/module.c index f4fc76a..5b30d0b 100644 --- a/loader/ne/module.c +++ b/loader/ne/module.c
@@ -10,6 +10,7 @@ #include <string.h> #include <unistd.h> #include <ctype.h> +#include "wine/port.h" #include "wine/winbase16.h" #include "wine/library.h" #include "winerror.h" @@ -264,9 +265,9 @@ { if (((BYTE)*cpnt == len) && !memcmp( cpnt+1, buffer, len )) { - TRACE(" Found: ordinal=%d\n", - *(WORD *)(cpnt + *cpnt + 1) ); - return *(WORD *)(cpnt + *cpnt + 1); + WORD ordinal = GET_UA_WORD( cpnt + *cpnt + 1 ); + TRACE(" Found: ordinal=%d\n", ordinal ); + return ordinal; } cpnt += *cpnt + 1 + sizeof(WORD); } @@ -282,9 +283,9 @@ { if (((BYTE)*cpnt == len) && !memcmp( cpnt+1, buffer, len )) { - TRACE(" Found: ordinal=%d\n", - *(WORD *)(cpnt + *cpnt + 1) ); - return *(WORD *)(cpnt + *cpnt + 1); + WORD ordinal = GET_UA_WORD( cpnt + *cpnt + 1 ); + TRACE(" Found: ordinal=%d\n", ordinal ); + return ordinal; } cpnt += *cpnt + 1 + sizeof(WORD); } @@ -331,7 +332,7 @@ entry++; sel = entry->segnum; - offset = entry->offs; + offset = GET_UA_WORD( &entry->offs ); if (sel == 0xfe) sel = 0xffff; /* constant entry */ else sel = GlobalHandleToSel16(NE_SEG_TABLE(pModule)[sel-1].hSeg); @@ -372,7 +373,7 @@ for (i=0; i < (ordinal - bundle->first - 1); i++) entry++; - entry->offs = offset; + PUT_UA_WORD( &entry->offs, offset ); return TRUE; }
diff --git a/loader/ne/resource.c b/loader/ne/resource.c index 531585e..835f935 100644 --- a/loader/ne/resource.c +++ b/loader/ne/resource.c
@@ -14,6 +14,7 @@ #include <fcntl.h> #include <unistd.h> #include "windef.h" +#include "wine/port.h" #include "wine/winbase16.h" #include "wine/library.h" #include "global.h" @@ -259,7 +260,7 @@ while(pTypeInfo->type_id) { - pTypeInfo->resloader = DefResourceHandlerProc; + PUT_UA_DWORD( &pTypeInfo->resloader, (DWORD)DefResourceHandlerProc ); pTypeInfo = NEXT_TYPEINFO(pTypeInfo); } return TRUE; @@ -285,8 +286,8 @@ { if (!(pTypeInfo = NE_FindTypeSection( pResTab, pTypeInfo, typeId ))) break; - prevHandler = pTypeInfo->resloader; - pTypeInfo->resloader = resourceHandler; + prevHandler = (FARPROC16)GET_UA_DWORD( &pTypeInfo->resloader ); + PUT_UA_DWORD( &pTypeInfo->resloader, (DWORD)resourceHandler ); pTypeInfo = NEXT_TYPEINFO(pTypeInfo); } return prevHandler; @@ -483,10 +484,10 @@ } else { - if ( pTypeInfo->resloader - && pTypeInfo->resloader != DefResourceHandlerProc ) + FARPROC16 resloader = (FARPROC16)GET_UA_DWORD( &pTypeInfo->resloader ); + if ( resloader && resloader != DefResourceHandlerProc ) pNameInfo->handle = NE_CallTo16_word_www( - pTypeInfo->resloader, pNameInfo->handle, pModule->self, hRsrc ); + resloader, pNameInfo->handle, pModule->self, hRsrc ); else pNameInfo->handle = NE_DefResourceHandler( pNameInfo->handle, pModule->self, hRsrc );