From 41b16a3c324f729caa9812c5651b874b0c5de5c2 Mon Sep 17 00:00:00 2001
From: Grzegorz Rychlik <Grzegorz.Rychlik@f-secure.com>
Date: Fri, 17 Jan 2020 14:00:51 +0100
Subject: [PATCH] Fix not-null terminated section names

---
 Src/CebuLoader/UnexportedWinApi.cpp | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/Src/CebuLoader/UnexportedWinApi.cpp b/Src/CebuLoader/UnexportedWinApi.cpp
index 19788a8..b26b7a6 100644
--- a/Src/CebuLoader/UnexportedWinApi.cpp
+++ b/Src/CebuLoader/UnexportedWinApi.cpp
@@ -154,7 +154,10 @@ namespace MWR::Loader::UnexportedWinApi
 			auto sectionHeader = IMAGE_FIRST_SECTION(ntHeaders);
 			for (int i = 0; i < ntHeaders->FileHeader.NumberOfSections; i++, sectionHeader++)
 			{
-				if (_stricmp(section.c_str(), (char*)sectionHeader->Name) == 0)
+				char currentSection[9];
+				memcpy(currentSection, sectionHeader->Name, 8);
+				currentSection[8] = 0; // ensure null-termination
+				if (_stricmp(section.c_str(), currentSection) == 0)
 				{
 					auto sectionVa = Rva2Va<char*>(dllBase, sectionHeader->VirtualAddress);
 					return { sectionVa, sectionVa + sectionHeader->Misc.VirtualSize };