[Forensics-changes] [yara] 19/415: Bug fixes: heap underrun and memory leaks
Hilko Bengen
bengen at moszumanska.debian.org
Thu Apr 3 05:42:38 UTC 2014
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to branch debian
in repository yara.
commit 3e4ff2588435fcfc4cf90fda68556b35d007a356
Author: Victor M. Alvarez <plusvic at gmail.com>
Date: Fri Mar 6 12:14:06 2009 +0000
Bug fixes: heap underrun and memory leaks
---
libyara/ast.c | 25 +++++---
libyara/error.c | 4 ++
libyara/error.h | 1 -
libyara/grammar.c | 2 +-
libyara/grammar.y | 2 +-
libyara/libyara.tmproj | 153 +++++++++++++++++++++++++------------------------
libyara/scan.c | 29 ++++------
libyara/yara.h | 2 +
8 files changed, 112 insertions(+), 106 deletions(-)
diff --git a/libyara/ast.c b/libyara/ast.c
index 69735f0..c228535 100644
--- a/libyara/ast.c
+++ b/libyara/ast.c
@@ -444,10 +444,9 @@ int new_text_string(SIZED_STRING* charstr, int flags, unsigned char** hexstr, RE
{
return ERROR_INSUFICIENT_MEMORY;
}
-
+
memcpy(*hexstr, charstr->c_string, charstr->length);
-
-
+
if (flags & STRING_FLAGS_REGEXP)
{
options = PCRE_ANCHORED;
@@ -456,7 +455,7 @@ int new_text_string(SIZED_STRING* charstr, int flags, unsigned char** hexstr, RE
{
options |= PCRE_CASELESS;
}
-
+
re->regexp = pcre_compile(charstr->c_string, options, &error, &erroffset, NULL);
if (re->regexp != NULL)
@@ -515,7 +514,7 @@ int new_string(char* identifier, SIZED_STRING* charstr, int flags, STRING** stri
{
result = ERROR_INSUFICIENT_MEMORY;
}
-
+
*string = new_string;
return result;
}
@@ -686,7 +685,7 @@ void free_term(TERM* term)
{
TERM_STRING* next;
TERM_STRING* tmp;
-
+
switch(term->type)
{
case TERM_TYPE_STRING:
@@ -730,6 +729,7 @@ void free_term(TERM* term)
case TERM_TYPE_LE:
case TERM_TYPE_EQ:
case TERM_TYPE_OF:
+ case TERM_TYPE_NOT_EQ:
free_term(((TERM_BINARY_OPERATION*)term)->op1);
free_term(((TERM_BINARY_OPERATION*)term)->op2);
break;
@@ -743,6 +743,15 @@ void free_term(TERM* term)
case TERM_TYPE_UINT32_AT_OFFSET:
free_term(((TERM_UNARY_OPERATION*)term)->op);
break;
+
+ case TERM_TYPE_FOR:
+ free_term(((TERM_TERNARY_OPERATION*)term)->op1);
+ free_term(((TERM_TERNARY_OPERATION*)term)->op2);
+
+ if (((TERM_TERNARY_OPERATION*)term)->op3 != NULL)
+ free_term(((TERM_TERNARY_OPERATION*)term)->op3);
+
+ break;
}
free(term);
@@ -783,7 +792,7 @@ void free_rule_list(RULE_LIST* rule_list)
rule = rule_list->head;
while (rule != NULL)
- {
+ {
next_rule = rule->next;
string = rule->string_list_head;
@@ -831,7 +840,7 @@ void free_rule_list(RULE_LIST* rule_list)
}
free_term(rule->condition);
-
+ free(rule->identifier);
free(rule);
rule = next_rule;
}
diff --git a/libyara/error.c b/libyara/error.c
index 7e3e3d6..685fda5 100644
--- a/libyara/error.c
+++ b/libyara/error.c
@@ -144,3 +144,7 @@ char* get_error_message(int error_code)
return error_message;
}
+
+
+
+
diff --git a/libyara/error.h b/libyara/error.h
index f06a5ff..44a31eb 100644
--- a/libyara/error.h
+++ b/libyara/error.h
@@ -29,6 +29,5 @@ extern const char* file_name;
char* get_error_message(int error_code);
-
#endif
diff --git a/libyara/grammar.c b/libyara/grammar.c
index f97e409..eee2486 100644
--- a/libyara/grammar.c
+++ b/libyara/grammar.c
@@ -1673,7 +1673,7 @@ yyreduce:
#line 371 "grammar.y"
{
inside_for--;
-
+
(yyval.term) = reduce_term(TERM_TYPE_FOR, reduce_constant(1), (yyvsp[-5].term), (yyvsp[-1].term));
if ((yyval.term) == NULL)
diff --git a/libyara/grammar.y b/libyara/grammar.y
index 3be5c9f..060b264 100644
--- a/libyara/grammar.y
+++ b/libyara/grammar.y
@@ -370,7 +370,7 @@ boolean_expression : _TRUE_ { $$ = reduce_consta
'(' boolean_expression ')'
{
inside_for--;
-
+
$$ = reduce_term(TERM_TYPE_FOR, reduce_constant(1), $4, $8);
if ($$ == NULL)
diff --git a/libyara/libyara.tmproj b/libyara/libyara.tmproj
index 2fe190b..734d4f2 100644
--- a/libyara/libyara.tmproj
+++ b/libyara/libyara.tmproj
@@ -3,7 +3,7 @@
<plist version="1.0">
<dict>
<key>currentDocument</key>
- <string>ast.c</string>
+ <string>error.c</string>
<key>documents</key>
<array>
<dict>
@@ -13,7 +13,7 @@
<key>filename</key>
<string>scan.c</string>
<key>lastUsed</key>
- <date>2009-02-17T13:19:30Z</date>
+ <date>2009-03-06T12:08:32Z</date>
</dict>
<dict>
<key>filename</key>
@@ -25,51 +25,51 @@
<key>filename</key>
<string>filemap.c</string>
<key>lastUsed</key>
- <date>2009-02-13T15:54:54Z</date>
+ <date>2009-03-02T22:23:16Z</date>
</dict>
<dict>
<key>filename</key>
<string>eval.c</string>
<key>lastUsed</key>
- <date>2009-02-17T13:21:20Z</date>
+ <date>2009-03-02T21:50:00Z</date>
</dict>
<dict>
<key>filename</key>
<string>error.c</string>
<key>lastUsed</key>
- <date>2009-02-17T14:51:49Z</date>
+ <date>2009-03-06T12:08:55Z</date>
+ <key>selected</key>
+ <true/>
</dict>
<dict>
<key>filename</key>
<string>compile.c</string>
<key>lastUsed</key>
- <date>2009-02-17T13:20:15Z</date>
+ <date>2009-03-02T19:31:18Z</date>
</dict>
<dict>
<key>filename</key>
<string>ast.c</string>
<key>lastUsed</key>
- <date>2009-02-18T09:06:25Z</date>
- <key>selected</key>
- <true/>
+ <date>2009-03-02T22:40:27Z</date>
</dict>
<dict>
<key>filename</key>
<string>lex.l</string>
<key>lastUsed</key>
- <date>2009-02-17T15:52:57Z</date>
+ <date>2009-03-02T20:06:26Z</date>
</dict>
<dict>
<key>filename</key>
<string>grammar.y</string>
<key>lastUsed</key>
- <date>2009-02-17T13:48:13Z</date>
+ <date>2009-03-02T21:26:10Z</date>
</dict>
<dict>
<key>filename</key>
<string>../yara.c</string>
<key>lastUsed</key>
- <date>2009-02-17T13:19:55Z</date>
+ <date>2009-03-02T21:57:12Z</date>
</dict>
</array>
<key>expanded</key>
@@ -84,7 +84,7 @@
<key>filename</key>
<string>yara.h</string>
<key>lastUsed</key>
- <date>2009-02-17T13:58:12Z</date>
+ <date>2009-03-02T20:33:50Z</date>
</dict>
<dict>
<key>filename</key>
@@ -120,25 +120,25 @@
<key>filename</key>
<string>error.h</string>
<key>lastUsed</key>
- <date>2009-02-12T15:24:30Z</date>
+ <date>2009-03-06T12:08:55Z</date>
</dict>
<dict>
<key>filename</key>
<string>compile.h</string>
<key>lastUsed</key>
- <date>2009-02-10T12:21:33Z</date>
+ <date>2009-03-02T21:31:17Z</date>
</dict>
<dict>
<key>filename</key>
<string>ast.h</string>
<key>lastUsed</key>
- <date>2009-02-17T14:53:31Z</date>
+ <date>2009-03-02T22:05:03Z</date>
</dict>
<dict>
<key>filename</key>
<string>sizedstr.h</string>
<key>lastUsed</key>
- <date>2009-02-17T13:58:18Z</date>
+ <date>2009-03-02T19:37:11Z</date>
</dict>
</array>
<key>expanded</key>
@@ -156,65 +156,81 @@
<key>caret</key>
<dict>
<key>column</key>
- <integer>52</integer>
+ <integer>0</integer>
<key>line</key>
- <integer>57</integer>
+ <integer>0</integer>
</dict>
<key>firstVisibleColumn</key>
<integer>0</integer>
<key>firstVisibleLine</key>
- <integer>353</integer>
+ <integer>191</integer>
</dict>
<key>ast.c</key>
<dict>
<key>caret</key>
<dict>
<key>column</key>
- <integer>52</integer>
+ <integer>0</integer>
<key>line</key>
- <integer>459</integer>
+ <integer>0</integer>
</dict>
<key>firstVisibleColumn</key>
<integer>0</integer>
<key>firstVisibleLine</key>
- <integer>432</integer>
+ <integer>504</integer>
</dict>
<key>ast.h</key>
<dict>
<key>caret</key>
<dict>
<key>column</key>
- <integer>55</integer>
+ <integer>8</integer>
<key>line</key>
- <integer>75</integer>
+ <integer>56</integer>
</dict>
+ <key>columnSelection</key>
+ <false/>
<key>firstVisibleColumn</key>
<integer>0</integer>
<key>firstVisibleLine</key>
- <integer>93</integer>
+ <integer>109</integer>
+ <key>selectFrom</key>
+ <dict>
+ <key>column</key>
+ <integer>25</integer>
+ <key>line</key>
+ <integer>56</integer>
+ </dict>
+ <key>selectTo</key>
+ <dict>
+ <key>column</key>
+ <integer>8</integer>
+ <key>line</key>
+ <integer>56</integer>
+ </dict>
</dict>
<key>compile.c</key>
<dict>
<key>caret</key>
<dict>
<key>column</key>
- <integer>11</integer>
+ <integer>12</integer>
<key>line</key>
- <integer>34</integer>
+ <integer>6</integer>
</dict>
<key>firstVisibleColumn</key>
<integer>0</integer>
<key>firstVisibleLine</key>
- <integer>15</integer>
+ <integer>0</integer>
</dict>
<key>compile.h</key>
<dict>
<key>caret</key>
<dict>
<key>column</key>
- <integer>23</integer>
+ <integer>0</integer>
<key>line</key>
- <integer>25</integer>
+ <integer>0</integer>
</dict>
<key>firstVisibleColumn</key>
<integer>0</integer>
@@ -226,23 +242,23 @@
<key>caret</key>
<dict>
<key>column</key>
- <integer>0</integer>
+ <integer>26</integer>
<key>line</key>
- <integer>34</integer>
+ <integer>23</integer>
</dict>
<key>firstVisibleColumn</key>
<integer>0</integer>
<key>firstVisibleLine</key>
- <integer>94</integer>
+ <integer>0</integer>
</dict>
<key>error.h</key>
<dict>
<key>caret</key>
<dict>
<key>column</key>
- <integer>27</integer>
+ <integer>40</integer>
<key>line</key>
- <integer>24</integer>
+ <integer>29</integer>
</dict>
<key>firstVisibleColumn</key>
<integer>0</integer>
@@ -254,14 +270,14 @@
<key>caret</key>
<dict>
<key>column</key>
- <integer>2</integer>
+ <integer>0</integer>
<key>line</key>
- <integer>223</integer>
+ <integer>0</integer>
</dict>
<key>firstVisibleColumn</key>
<integer>0</integer>
<key>firstVisibleLine</key>
- <integer>27</integer>
+ <integer>79</integer>
</dict>
<key>eval.h</key>
<dict>
@@ -270,7 +286,7 @@
<key>column</key>
<integer>0</integer>
<key>line</key>
- <integer>34</integer>
+ <integer>0</integer>
</dict>
<key>firstVisibleColumn</key>
<integer>0</integer>
@@ -282,9 +298,9 @@
<key>caret</key>
<dict>
<key>column</key>
- <integer>22</integer>
+ <integer>0</integer>
<key>line</key>
- <integer>72</integer>
+ <integer>0</integer>
</dict>
<key>firstVisibleColumn</key>
<integer>0</integer>
@@ -296,9 +312,9 @@
<key>caret</key>
<dict>
<key>column</key>
- <integer>2</integer>
+ <integer>0</integer>
<key>line</key>
- <integer>14</integer>
+ <integer>0</integer>
</dict>
<key>firstVisibleColumn</key>
<integer>0</integer>
@@ -324,37 +340,37 @@
<key>caret</key>
<dict>
<key>column</key>
- <integer>42</integer>
+ <integer>0</integer>
<key>line</key>
- <integer>569</integer>
+ <integer>0</integer>
</dict>
<key>firstVisibleColumn</key>
<integer>0</integer>
<key>firstVisibleLine</key>
- <integer>216</integer>
+ <integer>655</integer>
</dict>
<key>lex.l</key>
<dict>
<key>caret</key>
<dict>
<key>column</key>
- <integer>38</integer>
+ <integer>0</integer>
<key>line</key>
- <integer>165</integer>
+ <integer>0</integer>
</dict>
<key>firstVisibleColumn</key>
<integer>0</integer>
<key>firstVisibleLine</key>
- <integer>170</integer>
+ <integer>106</integer>
</dict>
<key>pefile.c</key>
<dict>
<key>caret</key>
<dict>
<key>column</key>
- <integer>1</integer>
+ <integer>0</integer>
<key>line</key>
- <integer>49</integer>
+ <integer>0</integer>
</dict>
<key>firstVisibleColumn</key>
<integer>0</integer>
@@ -380,23 +396,23 @@
<key>caret</key>
<dict>
<key>column</key>
- <integer>28</integer>
+ <integer>0</integer>
<key>line</key>
- <integer>857</integer>
+ <integer>0</integer>
</dict>
<key>firstVisibleColumn</key>
<integer>0</integer>
<key>firstVisibleLine</key>
- <integer>645</integer>
+ <integer>825</integer>
</dict>
<key>sizedstr.h</key>
<dict>
<key>caret</key>
<dict>
<key>column</key>
- <integer>31</integer>
+ <integer>15</integer>
<key>line</key>
- <integer>22</integer>
+ <integer>30</integer>
</dict>
<key>firstVisibleColumn</key>
<integer>0</integer>
@@ -408,30 +424,14 @@
<key>caret</key>
<dict>
<key>column</key>
- <integer>8</integer>
+ <integer>0</integer>
<key>line</key>
- <integer>86</integer>
+ <integer>196</integer>
</dict>
- <key>columnSelection</key>
- <false/>
<key>firstVisibleColumn</key>
<integer>0</integer>
<key>firstVisibleLine</key>
- <integer>11</integer>
- <key>selectFrom</key>
- <dict>
- <key>column</key>
- <integer>30</integer>
- <key>line</key>
- <integer>86</integer>
- </dict>
- <key>selectTo</key>
- <dict>
- <key>column</key>
- <integer>8</integer>
- <key>line</key>
- <integer>86</integer>
- </dict>
+ <integer>68</integer>
</dict>
</dict>
<key>openDocuments</key>
@@ -442,6 +442,7 @@
<string>sizedstr.h</string>
<string>compile.c</string>
<string>error.c</string>
+ <string>compile.h</string>
<string>error.h</string>
<string>pefile.c</string>
<string>eval.c</string>
diff --git a/libyara/scan.c b/libyara/scan.c
index c8b5d59..41aa7fc 100644
--- a/libyara/scan.c
+++ b/libyara/scan.c
@@ -229,7 +229,7 @@ int hex_match(unsigned char* buffer, unsigned int buffer_size, unsigned char* pa
return matches;
}
-int regexp_match(unsigned char* buffer, unsigned int buffer_size, unsigned char* pattern, int pattern_length, REGEXP re, int negative_size)
+int regexp_match(unsigned char* buffer, unsigned int buffer_size, unsigned char* pattern, int pattern_length, REGEXP re, int file_beginning)
{
int ovector[3];
unsigned int len;
@@ -240,11 +240,11 @@ int regexp_match(unsigned char* buffer, unsigned int buffer_size, unsigned char*
result = 0;
/*
- negative_size > 0 indicates that we are not at the beginning of the file,
- therefore if pattern begins with ^ the string doesn't match
+ if we are not at the beginning of the file, and the pattern
+ begins with ^, the string doesn't match
*/
- if (negative_size > 0 && pattern[0] == '^')
+ if (file_beginning && pattern[0] == '^')
{
return 0;
}
@@ -521,19 +521,10 @@ int string_match(unsigned char* buffer, unsigned int buffer_size, STRING* string
{
i += 2;
}
-
- if (negative_size > 2 && buffer[-1] == 0 && isalnum(buffer[-2]))
- {
- len = i/2 + 1;
- tmp = malloc(len);
- i = -1;
- }
- else
- {
- len = i/2;
- tmp = malloc(len);
- i = 0;
- }
+
+ len = i/2;
+ tmp = malloc(len);
+ i = 0;
if (tmp != NULL)
{
@@ -543,7 +534,7 @@ int string_match(unsigned char* buffer, unsigned int buffer_size, STRING* string
i++;
}
- match = regexp_match(tmp, len, string->string, string->length, string->re, (negative_size > 2) ? 1 : 0);
+ match = regexp_match(tmp, len, string->string, string->length, string->re, (negative_size > 2));
free(tmp);
return match * 2;
@@ -857,7 +848,7 @@ int scan_file(const char* file_path, RULE_LIST* rule_list, YARACALLBACK callback
{
MAPPED_FILE mfile;
int result;
-
+
result = map_file(file_path, &mfile);
if (result == ERROR_SUCCESS)
diff --git a/libyara/yara.h b/libyara/yara.h
index 6b306a9..461cdb8 100644
--- a/libyara/yara.h
+++ b/libyara/yara.h
@@ -195,5 +195,7 @@ int get_error_line_number();
char* get_last_error_message();
void set_report_function(YARAREPORT fn);
+
+
#endif
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list