Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DcsBoot.efi contains an invalid section name #1480

Open
hughsie opened this issue Jan 30, 2025 · 0 comments
Open

DcsBoot.efi contains an invalid section name #1480

hughsie opened this issue Jan 30, 2025 · 0 comments
Labels
bug

Comments

@hughsie
Copy link

hughsie commented Jan 30, 2025

DcsBoot.efi contains an invalid section name:

$ fwupdtool firmware-parse DcsBoot.efi pefile
failed to read section 0x2: invalid section name

Looking deeper, it's indeed 8 bytes of NUL.

$ fwupdtool firmware-parse /home/hughsie/Downloads/DcsBoot.efi pefile -vv
FuStructPeCoffSection:
  virtual_size: 0x18c
  virtual_address: 0x3920
  size_of_raw_data: 0x1a0
  pointer_to_raw_data: 0x3920
  characteristics: 0x42000040

Expected behavior

I expected all sections to have a name -- the others do, e.g. .data, .text etc. Although https://learn.microsoft.com/en-us/windows/win32/debug/pe-format#section-table-section-headers doesn't explicitly forbid it, it's certainly not in the spirit of the PE/COFF standard.

It also breaks deployment of the dbx update on Linux systems as we check all the PE files in the ESPs for blocked Authenticode hashes before we update the dbx key.
@hughsie hughsie added the bug label Jan 30, 2025
hughsie added a commit to fwupd/fwupd that referenced this issue Jan 30, 2025
@hughsie
Fix dbx deployment by ignoring missing PE/COFF sections
6be63b8 
The VeraCrypt binary has a PE/COFF section of `\0\0\0\0\0\0\0\0` -- which
although isn't really in the spirit of the PE/COFF specification is actually
perfectly valid. Just create something plausible and use the idx to identify
the section.

See also: veracrypt/VeraCrypt#1480
@hughsie hughsie mentioned this issue Jan 30, 2025
Merged
4 tasks
hughsie added a commit to fwupd/fwupd that referenced this issue Jan 31, 2025
@hughsie
Fix dbx deployment by ignoring missing PE/COFF sections
e2e1f96 
The VeraCrypt binary has a PE/COFF section of `\0\0\0\0\0\0\0\0` -- which
although isn't really in the spirit of the PE/COFF specification is actually
perfectly valid. Just create something plausible and use the idx to identify
the section.

See also: veracrypt/VeraCrypt#1480
hughsie added a commit to fwupd/fwupd that referenced this issue Jan 31, 2025
@hughsie
Fix dbx deployment by ignoring missing PE/COFF sections
0bd2a1b 
The VeraCrypt binary has a PE/COFF section of `\0\0\0\0\0\0\0\0` -- which
although isn't really in the spirit of the PE/COFF specification is actually
perfectly valid. Just create something plausible and use the idx to identify
the section.

See also: veracrypt/VeraCrypt#1480
hughsie added a commit to fwupd/fwupd that referenced this issue Feb 4, 2025
@hughsie
Fix dbx deployment by ignoring missing PE/COFF sections
7a85620 
The VeraCrypt binary has a PE/COFF section of `\0\0\0\0\0\0\0\0` -- which
although isn't really in the spirit of the PE/COFF specification is actually
perfectly valid. Just create something plausible and use the idx to identify
the section.

See also: veracrypt/VeraCrypt#1480

(cherry picked from commit 0bd2a1b)
hughsie added a commit to fwupd/fwupd that referenced this issue Feb 4, 2025
@hughsie
Fix dbx deployment by ignoring missing PE/COFF sections
77b7893 
The VeraCrypt binary has a PE/COFF section of `\0\0\0\0\0\0\0\0` -- which
although isn't really in the spirit of the PE/COFF specification is actually
perfectly valid. Just create something plausible and use the idx to identify
the section.

See also: veracrypt/VeraCrypt#1480

(cherry picked from commit 0bd2a1b)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@hughsie