[Forensics-changes] [yara] 34/407: Fix issues in PE module

[Hilko Bengen]

This is an automated email from the git hooks/post-receive script.

bengen pushed a commit to annotated tag v3.3.0
in repository yara.

commit 81ff9891103ac1cd62e23148348ef33491fedd26
Author: Victor Manuel Alvarez <vmalvarez at virustotal.com>
Date:   Tue Sep 16 14:19:28 2014 +0200

    Fix issues in PE module
---
 libyara/modules/pe.c | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/libyara/modules/pe.c b/libyara/modules/pe.c
index 1be0ae7..8a81f2c 100644
--- a/libyara/modules/pe.c
+++ b/libyara/modules/pe.c
@@ -485,17 +485,14 @@ void pe_parse(
       (RESOURCE_CALLBACK_FUNC) pe_find_version_info_cb,
       (void*) pe);
 
-  section = IMAGE_FIRST_SECTION(pe);
+  section = IMAGE_FIRST_SECTION(pe->header);
 
   int scount = min(pe->header->FileHeader.NumberOfSections, MAX_PE_SECTIONS);
 
   for (int i = 0; i < scount; i++)
   {
-    if ((uint8_t*) section -
-        (uint8_t*) pe + sizeof(IMAGE_SECTION_HEADER) >= pe->data_size)
-    {
+    if (!struct_fits_in_pe(pe, section, IMAGE_SECTION_HEADER))
       break;
-    }
 
     strlcpy(section_name, (char*) section->Name, IMAGE_SIZEOF_SHORT_NAME + 1);
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git