From 003083beae9f74720eaa563fcd969ad315bc4e66 Mon Sep 17 00:00:00 2001
From: Austin Wise <AustinWise@gmail.com>
Date: Wed, 13 Jul 2016 12:51:21 -0700
Subject: Validate PDB magic and ImageDebugDirectory type and version.

---
 symbols/pdb/Microsoft.Cci.Pdb/PdbFileHeader.cs | 33 +++++++++++++++-----------
 symbols/pdb/Mono.Cecil.Pdb/PdbReader.cs        |  5 ++++
 2 files changed, 24 insertions(+), 14 deletions(-)

diff --git a/symbols/pdb/Microsoft.Cci.Pdb/PdbFileHeader.cs b/symbols/pdb/Microsoft.Cci.Pdb/PdbFileHeader.cs
index e1f56db..0a92038 100644
--- a/symbols/pdb/Microsoft.Cci.Pdb/PdbFileHeader.cs
+++ b/symbols/pdb/Microsoft.Cci.Pdb/PdbFileHeader.cs
@@ -24,6 +24,8 @@ namespace Microsoft.Cci.Pdb {
     //  this.pageSize = pageSize;
     //}
 
+    const string MAGIC = "Microsoft C/C++ MSF 7.00";
+
     internal PdbFileHeader(Stream reader, BitAccess bits) {
       bits.MinCapacity(56);
       reader.Seek(0, SeekOrigin.Begin);
@@ -37,15 +39,18 @@ namespace Microsoft.Cci.Pdb {
       bits.ReadInt32(out this.directorySize);     //  44..47
       bits.ReadInt32(out this.zero);              //  48..51
 
+      if (Magic != MAGIC) {
+        throw new InvalidOperationException("Magic is wrong.");
+      }
       int directoryPages = ((((directorySize + pageSize - 1) / pageSize) * 4) + pageSize - 1) / pageSize;
       this.directoryRoot = new int[directoryPages];
       bits.FillBuffer(reader, directoryPages * 4);
       bits.ReadInt32(this.directoryRoot);
     }
 
-    //internal string Magic {
-    //  get { return StringFromBytesUTF8(magic); }
-    //}
+    string Magic {
+      get { return StringFromBytesUTF8(magic, 0, MAGIC.Length); }
+    }
 
     //internal void Write(Stream writer, BitAccess bits) {
     //  bits.MinCapacity(pageSize);
@@ -63,18 +68,18 @@ namespace Microsoft.Cci.Pdb {
 
     //////////////////////////////////////////////////// Helper Functions.
     //
-    //internal static string StringFromBytesUTF8(byte[] bytes) {
-    //  return StringFromBytesUTF8(bytes, 0, bytes.Length);
-    //}
+    static string StringFromBytesUTF8(byte[] bytes) {
+      return StringFromBytesUTF8(bytes, 0, bytes.Length);
+    }
 
-    //internal static string StringFromBytesUTF8(byte[] bytes, int offset, int length) {
-    //  for (int i = 0; i < length; i++) {
-    //    if (bytes[offset + i] < ' ') {
-    //      length = i;
-    //    }
-    //  }
-    //  return Encoding.UTF8.GetString(bytes, offset, length);
-    //}
+    static string StringFromBytesUTF8(byte[] bytes, int offset, int length) {
+      for (int i = 0; i < length; i++) {
+        if (bytes[offset + i] < ' ') {
+          length = i;
+        }
+      }
+      return Encoding.UTF8.GetString(bytes, offset, length);
+    }
 
     ////////////////////////////////////////////////////////////// Fields.
     //
diff --git a/symbols/pdb/Mono.Cecil.Pdb/PdbReader.cs b/symbols/pdb/Mono.Cecil.Pdb/PdbReader.cs
index d56ead0..d06ac91 100644
--- a/symbols/pdb/Mono.Cecil.Pdb/PdbReader.cs
+++ b/symbols/pdb/Mono.Cecil.Pdb/PdbReader.cs
@@ -41,6 +41,11 @@ namespace Mono.Cecil.Pdb {
 
 		public bool ProcessDebugHeader (ImageDebugDirectory directory, byte [] header)
 		{
+			if (directory.Type != 2) //IMAGE_DEBUG_TYPE_CODEVIEW
+				return false;
+			if (directory.MajorVersion != 0 || directory.MinorVersion != 0)
+				return false;
+
 			if (header.Length < 24)
 				return false;
 
-- 
cgit v1.2.3