If load config size is larger than reported, overwrite

checksec.cpp

@@ -60,6 +60,13 @@ Checksec::Checksec(std::string filepath) : filepath_(filepath), loadedImage_(fil
         auto size = std::min(loadConfigData.size(), sizeof(loadConfig));
         memcpy(&loadConfig, loadConfigData.data(), size);
         loadConfigSize_ = loadConfigData.size();
+        if ((loadConfig.Size > loadConfigSize_) && (loadConfig.Size <= size)) {
+            std::cerr << "Warn: load config larger than reported by data directory entry,"
+                      <<  " overwriting"
+                      << "\n";
+            memcpy(&loadConfig, loadConfigData.data(), loadConfig.Size);
+            loadConfigSize_ = loadConfig.Size;
+        }
         loadConfigGuardFlags_ = loadConfig.GuardFlags;
         loadConfigSecurityCookie_ = loadConfig.SecurityCookie;
         loadConfigSEHandlerTable_ = loadConfig.SEHandlerTable;
@@ -129,9 +136,17 @@ Checksec::Checksec(std::string filepath) : filepath_(filepath), loadedImage_(fil
             std::cerr << "Warn: undersized load config, probably missing fields"
                       << "\n";
         }
+
         auto size = std::min(loadConfigData.size(), sizeof(loadConfig));
         memcpy(&loadConfig, loadConfigData.data(), size);
         loadConfigSize_ = loadConfigData.size();
+        if ((loadConfig.Size > loadConfigSize_) && (loadConfig.Size <= size)) {
+            std::cerr << "Warn: load config larger than reported by data directory entry,"
+                      <<  " overwriting"
+                      << "\n";
+            memcpy(&loadConfig, loadConfigData.data(), loadConfig.Size);
+            loadConfigSize_ = loadConfig.Size;
+        }
         loadConfigGuardFlags_ = loadConfig.GuardFlags;
         loadConfigSecurityCookie_ = loadConfig.SecurityCookie;
         loadConfigSEHandlerTable_ = loadConfig.SEHandlerTable;