[Forensics-changes] [yara] 238/415: Fix issue with newline characters in regular expressions
Hilko Bengen
bengen at moszumanska.debian.org
Thu Apr 3 05:43:10 UTC 2014
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to branch debian
in repository yara.
commit 77c6f0c2470218d6b67837e0d75dbef12ceb86e8
Author: Victor M. Alvarez <plusvic at gmail.com>
Date: Fri Nov 22 12:05:35 2013 +0000
Fix issue with newline characters in regular expressions
---
libyara/re.c | 5 ++++-
libyara/re.h | 1 +
libyara/rules.c | 3 +++
3 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/libyara/re.c b/libyara/re.c
index 22d657c..5134002 100644
--- a/libyara/re.c
+++ b/libyara/re.c
@@ -1194,7 +1194,10 @@ int yr_re_exec(
break;
case RE_OPCODE_ANY:
- _yr_re_add_fiber(next_fibers, storage, ip + 1, stack);
+ if (*current_input != 0x0A || flags & RE_FLAGS_DOT_ALL)
+ _yr_re_add_fiber(next_fibers, storage, ip + 1, stack);
+ else
+ _yr_re_free_stack(stack, &storage->stack_pool);
break;
case RE_OPCODE_MATCH:
diff --git a/libyara/re.h b/libyara/re.h
index 1f019ae..5e68a90 100644
--- a/libyara/re.h
+++ b/libyara/re.h
@@ -66,6 +66,7 @@ limitations under the License.
#define RE_FLAGS_WIDE 0x40
#define RE_FLAGS_NO_CASE 0x80
#define RE_FLAGS_SCAN 0x100
+#define RE_FLAGS_DOT_ALL 0x200
typedef struct RE RE;
diff --git a/libyara/rules.c b/libyara/rules.c
index 8f82ff4..377e870 100644
--- a/libyara/rules.c
+++ b/libyara/rules.c
@@ -468,6 +468,9 @@ int _yr_scan_verify_re_match(
if (STRING_IS_NO_CASE(ac_match->string))
flags |= RE_FLAGS_NO_CASE;
+ if (STRING_IS_HEX(ac_match->string))
+ flags |= RE_FLAGS_DOT_ALL;
+
if (STRING_IS_ASCII(ac_match->string))
{
forward_matches = exec(
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list