diff --git a/src/pe/mod.rs b/src/pe/mod.rs index 5a7337630..c903f3904 100644 --- a/src/pe/mod.rs +++ b/src/pe/mod.rs @@ -222,18 +222,23 @@ impl<'a> PE<'a> { } } - let certtable = if let Some(certificate_table) = - *optional_header.data_directories.get_certificate_table() - { - certificates = certificate_table::enumerate_certificates( - bytes, - certificate_table.virtual_address, - certificate_table.size, - )?; + // Parse attribute certificates unless opted out of + let certtable = if opts.parse_attribute_certificates { + if let Some(certificate_table) = + *optional_header.data_directories.get_certificate_table() + { + certificates = certificate_table::enumerate_certificates( + bytes, + certificate_table.virtual_address, + certificate_table.size, + )?; - let start = certificate_table.virtual_address as usize; - let end = start + certificate_table.size as usize; - Some(start..end) + let start = certificate_table.virtual_address as usize; + let end = start + certificate_table.size as usize; + Some(start..end) + } else { + None + } } else { None }; diff --git a/src/pe/options.rs b/src/pe/options.rs index 5fea632f7..4461a4c7b 100644 --- a/src/pe/options.rs +++ b/src/pe/options.rs @@ -3,11 +3,19 @@ pub struct ParseOptions { /// Wether the parser should resolve rvas or not. Default: true pub resolve_rva: bool, + /// Whether or not to parse attribute certificates. + /// Set to false for in-memory representation, as the [loader does not map this info into + /// memory](https://learn.microsoft.com/en-us/windows/win32/debug/pe-format#other-contents-of-the-file). + /// For on-disk representations, leave as true. Default: true + pub parse_attribute_certificates: bool, } impl ParseOptions { /// Returns a parse options structure with default values pub fn default() -> Self { - ParseOptions { resolve_rva: true } + ParseOptions { + resolve_rva: true, + parse_attribute_certificates: true, + } } }