Add support for the VS2017 built binaries.

syzygy/pe/decomposer.cc

 // Copyright 2012 Google Inc. All Rights Reserved.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //     http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
@@ skipping 1774 matching lines @@
     } else {
       // Zero-length data symbols act as 'forward declares' in some sense. They
       // are always followed by a non-zero length data symbol with the same name
       // and location.
       return DiaBrowser::kBrowserTerminatePath;
     }
   }
 
   // Verify that the data symbol does not exceed the size of the block.
   if (addr + length > block_addr + block->size()) {
+    base::StringPiece spname(name);
     // The data symbol can exceed the size of the block in the case of data
     // imports. For some reason the toolchain emits a global data symbol with
     // type information equal to the type of the data *pointed* to by the import
     // entry rather than the type of the entry itself. Thus, if the data type
     // is bigger than the entire IAT this symbol will exceed it. To complicate
     // matters even more, a poorly written module can import its own export in
     // which case a linker generated pseudo-import-entry block will be
     // generated. This won't be part of the IAT, so we can't even filter based
     // on that. Instead, we simply ignore global data symbols that exceed the
     // block size.
-    base::StringPiece spname(name);
-    if (sym_tags.size() == 1 && spname.starts_with("_imp_")) {
+    bool is_imported_data_symbol = (sym_tags.size() == 1 &&
+                                    spname.starts_with("_imp_"));
+    // In VS2017 we've noticed that the size returned by IDiaSymbol::get_length
+    // function is invalid for the objects using RTTI in VS2017. This has been
+    // reported here:
+    // https://developercommunity.visualstudio.com/content/problem/47386/invalid-symbols-when-using-rtti.html
+    //
+    // In this situation the data symbol that we get always starts 4 bytes after
+    // the beginning of its parent block and has an identical size.
+    bool is_vtable_symbol = spname.ends_with("::`vftable'") &&
+                            (addr - block_addr == 4) &&
+                            length == block->size();
+    if (is_imported_data_symbol) {
       VLOG(1) << "Encountered an imported data symbol \"" << name << "\" that "
               << "extends past its parent block \"" << block->name() << "\".";
+    } else if (is_vtable_symbol) {
+      VLOG(1) << "Encountered a vtable data symbol \"" << name << "\" that "
+              << "extends past its parent block \"" << block->name() << "\".";
     } else {
       LOG(ERROR) << "Received data symbol \"" << name << "\" that extends past "
                  << "its parent block \"" << block->name() << "\".";
       return DiaBrowser::kBrowserAbort;
     }
   }
 
   if (!AddLabelToBlock(offset, name, attr, block))
     return DiaBrowser::kBrowserAbort;
 
@@ skipping 382 matching lines @@
           block_type, block_end, next->first.start() - block_end)) {
         return false;
       }
     }
   }
 
   return true;
 }
 
 }  // namespace pe