rebased and chars replaced

avast · Jun 21, 2019 · 3bfcecb · 3bfcecb
1 parent 30d532a
commit 3bfcecb
Showing 1 changed file with 12 additions and 12 deletions.
diff --git a/src/fileformat/file_format/pe/pe_format.cpp b/src/fileformat/file_format/pe/pe_format.cpp
@@ -3546,7 +3546,7 @@ void PeFormat::scanForSectionAnomalies()
 			{
 				if (std::find(duplSections.begin(), duplSections.end(), name) == duplSections.end())
 				{
-					anomalies.emplace_back("unusualSecName", "Unusual section name: " + name);
+					anomalies.emplace_back("unusualSecName", "Unusual section name: " + replaceNonprintableChars(name));
 				}
 			}
 
@@ -3555,35 +3555,35 @@ void PeFormat::scanForSectionAnomalies()
 			{
 				if (std::find(duplSections.begin(), duplSections.end(), name) == duplSections.end())
 				{
-					anomalies.emplace_back("packedSecName", "Packer section name: " + name);
+					anomalies.emplace_back("packedSecName", "Packer section name: " + replaceNonprintableChars(name));
 				}
 			}
 
 			// scan for unexpected characteristics
 			auto characIt = usualSectionCharacteristics.find(name);
 			if (characIt != usualSectionCharacteristics.end() && characIt->second != flags)
 			{
-				anomalies.emplace_back("unusualSecChar", "Section " + name + " has unusual characteristics");
+				anomalies.emplace_back("unusualSecChar", "Section " + replaceNonprintableChars(name) + " has unusual characteristics");
 			}
 		}
 
 		// scan size over 100MB
 		if (sec->getSizeInFile() >= 100000000UL)
 		{
-			anomalies.emplace_back("largeSec", "Section " + msgName + " has size over 100MB");
+			anomalies.emplace_back("largeSec", "Section " + replaceNonprintableChars(msgName) + " has size over 100MB");
 		}
 
 		// scan section marked uninitialized but contains data
 		if ((flags & PELIB_IMAGE_SCN_CNT_UNINITIALIZED_DATA) &&
 			(sec->getOffset() != 0 || sec->getSizeInFile() != 0))
 		{
-			anomalies.emplace_back("uninitSecHasData", "Section " + msgName + " is marked uninitialized but contains data");
+			anomalies.emplace_back("uninitSecHasData", "Section " + replaceNonprintableChars(msgName) + " is marked uninitialized but contains data");
 		}
 
 		// scan sizeOfRawData of section is 0
 		if (sec->getSizeInFile() == 0)
 		{
-			anomalies.emplace_back("noRawDataSec", "Section " + msgName + " has zero SizeOfRawData");
+			anomalies.emplace_back("noRawDataSec", "Section " + replaceNonprintableChars(msgName) + " has zero SizeOfRawData");
 		}
 
 		for (std::size_t j = i + 1; j < nSecs; j++)
@@ -3600,7 +3600,7 @@ void PeFormat::scanForSectionAnomalies()
 			{
 				if (std::find(duplSections.begin(), duplSections.end(), name) == duplSections.end())
 				{
-					anomalies.emplace_back("duplSecNames", "Multiple sections with name " + name);
+					anomalies.emplace_back("duplSecNames", "Multiple sections with name " + replaceNonprintableChars(name));
 					duplSections.push_back(name);
 				}
 			}
@@ -3614,7 +3614,7 @@ void PeFormat::scanForSectionAnomalies()
 				(cmpSecStart <= secStart && secStart < cmpSecEnd))
 			{
 				const std::string cmpMsgName = (cmpName.empty()) ? numToStr(cmpSec->getIndex()) : cmpName;
-				anomalies.emplace_back("overlappingSecs", "Sections " + msgName + " and " + cmpMsgName + " overlap");
+				anomalies.emplace_back("overlappingSecs", "Sections " + replaceNonprintableChars(msgName) + " and " + replaceNonprintableChars(cmpMsgName) + " overlap");
 			}
 		}
 	}
@@ -3644,15 +3644,15 @@ void PeFormat::scanForResourceAnomalies()
 		// scan for resource size over 100MB
 		if (res->getSizeInFile() >= 100000000UL)
 		{
-			anomalies.emplace_back("largeRes", "Resource " + msgName + " has size over 100MB");
+			anomalies.emplace_back("largeRes", "Resource " + replaceNonprintableChars(msgName) + " has size over 100MB");
 		}
 
 		// scan for resource stretched over multiple sections
 		unsigned long long resAddr;
 		if (getAddressFromOffset(resAddr, res->getOffset()) &&
 			isObjectStretchedOverSections(resAddr, res->getSizeInFile()))
 		{
-			anomalies.emplace_back("stretchedRes", "Resource " + msgName + " is stretched over multiple sections");
+			anomalies.emplace_back("stretchedRes", "Resource " + replaceNonprintableChars(msgName) + " is stretched over multiple sections");
 		}
 	}
 }
@@ -3696,7 +3696,7 @@ void PeFormat::scanForImportAnomalies()
 				}
 			}
 
-			anomalies.emplace_back("stretchedImp", "Import " + msgName + " is stretched over multiple sections");
+			anomalies.emplace_back("stretchedImp", "Import " + replaceNonprintableChars(msgName) + " is stretched over multiple sections");
 		}
 	}
 }
@@ -3740,7 +3740,7 @@ void PeFormat::scanForExportAnomalies()
 				}
 			}
 
-			anomalies.emplace_back("stretchedExp", "Export " + msgName + " is stretched over multiple sections");
+			anomalies.emplace_back("stretchedExp", "Export " + replaceNonprintableChars(msgName) + " is stretched over multiple sections");
 		}
 	}
 }