From f3cc97ed46de8ca2426a13f47a3dbeabc9c11d58 Mon Sep 17 00:00:00 2001
From: Roee Toledano <roeetoledano10@gmail.com>
Date: Mon, 11 Nov 2024 03:34:42 +0200
Subject: [PATCH] Clear PE format 'has_canary' function

---
 librz/bin/p/bin_pe.inc | 31 ++++++++++---------------------
 1 file changed, 10 insertions(+), 21 deletions(-)

diff --git a/librz/bin/p/bin_pe.inc b/librz/bin/p/bin_pe.inc
index 21a22b0a78c..0b5ea0207d9 100644
--- a/librz/bin/p/bin_pe.inc
+++ b/librz/bin/p/bin_pe.inc
@@ -639,28 +639,17 @@ err:
 
 static int has_canary(RzBinFile *bf) {
 	// TODO: use O(1) when imports sdbized
-	struct PE_(rz_bin_pe_obj_t) *bin = bf->o->bin_obj;
 	void **it;
-	if (bin) {
-		// const RzPVector *relocs_vec = bin->relocs;
-		// RzBinReloc *rel;
-		// if (relocs_vec) {
-		// 	rz_pvector_foreach (relocs_vec, it) {
-		// 		rel = *it;
-		// 		if (!strcmp(rel->import->name, "__security_init_cookie")) {
-		// 			return true;
-		// 		}
-		// 	}
-		// }
-	} else { // rz_bin needs this as it will not initialise bin
-		const RzPVector *imports_vec = imports(bf);
-		RzBinImport *imp;
-		if (imports_vec) {
-			rz_pvector_foreach (imports_vec, it) {
-				imp = *it;
-				if (!strcmp(imp->name, "__security_init_cookie")) {
-					return true;
-				}
+	const RzPVector *imports_vec = imports(bf);
+	RzBinImport *imp;
+	if (imports_vec) {
+		rz_pvector_foreach (imports_vec, it) {
+			imp = *it;
+			// __security_init_cookie is a function imported from msvcrt.dll (libc) that when called
+			// initiliazes the stack canary. So if the function is imported, we can
+			// assume the binary uses stack canary.
+			if (!strcmp(imp->name, "__security_init_cookie")) {
+				return true;
 			}
 		}
 	}