[Forensics-changes] [yara] 18/135: Fix issue caused by regexp code spanning over non-contiguous arena pages
Hilko Bengen
bengen at moszumanska.debian.org
Sat Jul 1 10:27:28 UTC 2017
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to annotated tag v3.1.0
in repository yara.
commit 79304f37e9a38839660ca1f984ba8cf3278bc64e
Author: Victor Manuel Alvarez <vmalvarez at virustotal.com>
Date: Wed May 14 11:26:57 2014 +0200
Fix issue caused by regexp code spanning over non-contiguous arena pages
---
libyara/arena.c | 51 ++++++++++++++++++++++++++++++++++++++++-----------
libyara/arena.h | 5 +++++
libyara/re.c | 20 ++++++++++++++++++--
3 files changed, 63 insertions(+), 13 deletions(-)
diff --git a/libyara/arena.c b/libyara/arena.c
index 9ceaf37..9b8ff30 100644
--- a/libyara/arena.c
+++ b/libyara/arena.c
@@ -489,30 +489,34 @@ int yr_arena_coalesce(
//
-// yr_arena_allocate_memory
+// yr_arena_reserve_memory
//
-// Allocates memory within the arena.
+// Ensures that the arena have enough contiguous memory for future allocations.
+// if the available space in the current page is lower than "size", a new page
+// is allocated.
//
// Args:
-// YR_ARENA* arena - Pointer to the arena.
-// size_t size - Size of the region to be allocated.
-// void** allocated_memory - Address of a pointer to newly allocated
-// region.
+// YR_ARENA* arena - Pointer to the arena.
+// size_t size - Size of the region to be reserved.
+//
// Returns:
// ERROR_SUCCESS if succeed or the corresponding error code otherwise.
//
-int yr_arena_allocate_memory(
+
+int yr_arena_reserve_memory(
YR_ARENA* arena,
- size_t size,
- void** allocated_memory)
+ size_t size)
{
+ YR_ARENA_PAGE* new_page;
size_t new_page_size;
void* new_page_address;
- YR_ARENA_PAGE* new_page;
if (size > free_space(arena->current_page))
{
+ if (arena->flags & ARENA_FLAGS_FIXED_SIZE)
+ return ERROR_INSUFICIENT_MEMORY;
+
// Requested space is bigger than current page's empty space,
// lets calculate the size for a new page.
@@ -552,13 +556,37 @@ int yr_arena_allocate_memory(
}
}
+ return ERROR_SUCCESS;
+}
+
+
+//
+// yr_arena_allocate_memory
+//
+// Allocates memory within the arena.
+//
+// Args:
+// YR_ARENA* arena - Pointer to the arena.
+// size_t size - Size of the region to be allocated.
+// void** allocated_memory - Address of a pointer to newly allocated
+// region.
+// Returns:
+// ERROR_SUCCESS if succeed or the corresponding error code otherwise.
+//
+
+int yr_arena_allocate_memory(
+ YR_ARENA* arena,
+ size_t size,
+ void** allocated_memory)
+{
+ FAIL_ON_ERROR(yr_arena_reserve_memory(arena, size));
+
*allocated_memory = arena->current_page->address + \
arena->current_page->used;
arena->current_page->used += size;
return ERROR_SUCCESS;
-
}
@@ -744,6 +772,7 @@ int yr_arena_append(
YR_ARENA* source_arena)
{
target_arena->current_page->next = source_arena->page_list_head;
+ source_arena->page_list_head->prev = target_arena->current_page;
target_arena->current_page = source_arena->current_page;
yr_free(source_arena);
diff --git a/libyara/arena.h b/libyara/arena.h
index bde1b8e..1bdcd0e 100644
--- a/libyara/arena.h
+++ b/libyara/arena.h
@@ -50,6 +50,11 @@ int yr_arena_coalesce(
YR_ARENA* arena);
+int yr_arena_reserve_memory(
+ YR_ARENA* arena,
+ size_t size);
+
+
int yr_arena_allocate_memory(
YR_ARENA* arena,
size_t size,
diff --git a/libyara/re.c b/libyara/re.c
index ba5eadd..a93fddd 100644
--- a/libyara/re.c
+++ b/libyara/re.c
@@ -42,8 +42,10 @@ order to avoid confusion with operating system threads.
#include "re.h"
-#define RE_MAX_STACK 1024
-#define RE_SCAN_LIMIT 4096
+#define RE_MAX_STACK 1024
+#define RE_MAX_CODE_SIZE 4096
+#define RE_SCAN_LIMIT 4096
+
#define EMIT_BACKWARDS 1
#define DONT_UPDATE_FORWARDS_CODE 2
@@ -938,7 +940,14 @@ int yr_re_emit_code(
{
int code_size;
+ // Ensure that we have enough contiguos memory space in the arena to
+ // contain the regular expression code. The code can't span over multiple
+ // non-contiguos pages.
+
+ yr_arena_reserve_memory(arena, RE_MAX_CODE_SIZE);
+
// Emit code for matching the regular expressions forwards.
+
FAIL_ON_ERROR(_yr_re_emit(
re->root_node,
arena,
@@ -946,13 +955,18 @@ int yr_re_emit_code(
NULL,
&code_size));
+ assert(code_size < RE_MAX_CODE_SIZE);
+
FAIL_ON_ERROR(_yr_emit_inst(
arena,
RE_OPCODE_MATCH,
NULL,
&code_size));
+ yr_arena_reserve_memory(arena, RE_MAX_CODE_SIZE);
+
// Emit code for matching the regular expressions backwards.
+
FAIL_ON_ERROR(_yr_re_emit(
re->root_node,
arena,
@@ -960,6 +974,8 @@ int yr_re_emit_code(
NULL,
&code_size));
+ assert(code_size < RE_MAX_CODE_SIZE);
+
FAIL_ON_ERROR(_yr_emit_inst(
arena,
RE_OPCODE_MATCH,
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list