Handle some invalid parsing cases that were missed previously

mnadareski · mnadareski · commit 6d2e2d8c3bfd · 2025-09-21T11:44:58.000-04:00
diff --git a/SabreTools.Serialization/Deserializers/NewExecutable.cs b/SabreTools.Serialization/Deserializers/NewExecutable.cs
@@ -420,7 +420,14 @@ public static PerSegmentData ParsePerSegmentData(Stream data)
             obj.RelocationRecords = new RelocationRecord[obj.RelocationRecordCount];
             for (int i = 0; i < obj.RelocationRecords.Length; i++)
             {
-                obj.RelocationRecords[i] = ParseRelocationRecord(data);
+                if (data.Position >= data.Length)
+                    break;
+
+                var record = ParseRelocationRecord(data);
+                if (record == null)
+                    break;
+
+                obj.RelocationRecords[i] = record;
             }
 
             return obj;
@@ -433,12 +440,20 @@ public static PerSegmentData ParsePerSegmentData(Stream data)
         /// <returns>Filled RelocationRecord on success, null on error</returns>
         public static RelocationRecord ParseRelocationRecord(Stream data)
         {
+            // Handle partial relocation sections
+            if (data.Position > data.Length - 4)
+                return null;
+
             var obj = new RelocationRecord();
 
             obj.SourceType = (RelocationRecordSourceType)data.ReadByteValue();
             obj.Flags = (RelocationRecordFlag)data.ReadByteValue();
             obj.Offset = data.ReadUInt16LittleEndian();
 
+            // Handle incomplete entries
+            if (data.Position > data.Length - 4)
+                return obj;
+
             switch (obj.Flags & RelocationRecordFlag.TARGET_MASK)
             {
                 case RelocationRecordFlag.INTERNALREF:
diff --git a/SabreTools.Serialization/Deserializers/PortableExecutable.cs b/SabreTools.Serialization/Deserializers/PortableExecutable.cs
@@ -1601,7 +1601,7 @@ public static void ParseResourceData(Stream data,
                         continue;
 
                     // If the offset is within the table data, read from there
-                    if (nextOffset - tableStart + entry.DataEntry.Size <= tableLength)
+                    if (nextOffset > tableStart && nextOffset - tableStart + entry.DataEntry.Size <= tableLength)
                     {
                         dataOffset = (int)(nextOffset - tableStart);
                         entry.DataEntry.Data = tableData.ReadBytes(ref dataOffset, (int)entry.DataEntry.Size);
diff --git a/SabreTools.Serialization/Extensions.PortableExecutable.cs b/SabreTools.Serialization/Extensions.PortableExecutable.cs
@@ -729,7 +729,7 @@ public static SecuROMAddDEntry ParseSecuROMAddDEntry(this byte[] data, ref int o
                     #region Creation data
 
                     dialogItemTemplate.CreationDataSize = entry.Data.ReadUInt16LittleEndian(ref offset);
-                    if (dialogItemTemplate.CreationDataSize != 0)
+                    if (dialogItemTemplate.CreationDataSize != 0 && dialogItemTemplate.CreationDataSize + offset < entry.Data.Length)
                         dialogItemTemplate.CreationData = entry.Data.ReadBytes(ref offset, dialogItemTemplate.CreationDataSize);
 
                     #endregion

Original file line number	Diff line number	Diff line change
`@@ -1601,7 +1601,7 @@ public static void ParseResourceData(Stream data,`
`1601`	`1601`	`continue;`
`1602`	`1602`
`1603`	`1603`	`// If the offset is within the table data, read from there`
`1604`		`- if (nextOffset - tableStart + entry.DataEntry.Size <= tableLength)`
	`1604`	`+ if (nextOffset > tableStart && nextOffset - tableStart + entry.DataEntry.Size <= tableLength)`
`1605`	`1605`	`{`
`1606`	`1606`	`dataOffset = (int)(nextOffset - tableStart);`
`1607`	`1607`	`entry.DataEntry.Data = tableData.ReadBytes(ref dataOffset, (int)entry.DataEntry.Size);`