[Forensics-changes] [yara] 41/407: Use IMAGE_FILE_MACHINE_AMD64 appropriately.
Hilko Bengen
bengen at moszumanska.debian.org
Sat Jul 1 10:28:07 UTC 2017
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to annotated tag v3.3.0
in repository yara.
commit 55c6c83fa19e6641578772b9b77d8774f017258b
Author: Wesley Shields <wxs at atarininja.org>
Date: Thu Sep 18 12:16:26 2014 -0400
Use IMAGE_FILE_MACHINE_AMD64 appropriately.
---
libyara/modules/pe.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libyara/modules/pe.c b/libyara/modules/pe.c
index a935309..fc7b087 100644
--- a/libyara/modules/pe.c
+++ b/libyara/modules/pe.c
@@ -234,7 +234,7 @@ PIMAGE_DATA_DIRECTORY pe_get_directory_entry(
{
PIMAGE_DATA_DIRECTORY result;
- if (pe->header->FileHeader.Machine == 0x8664) // is a 64-bit PE ?
+ if (pe->header->FileHeader.Machine == IMAGE_FILE_MACHINE_AMD64)
result = &((PIMAGE_NT_HEADERS64) pe->header)->
OptionalHeader.DataDirectory[entry];
else
@@ -511,7 +511,7 @@ void pe_parse(
size_t str_size;
#define OptionalHeader(field) \
- (pe->header->FileHeader.Machine == 0x8664 ? \
+ (pe->header->FileHeader.Machine == IMAGE_FILE_MACHINE_AMD64 ? \
((PIMAGE_NT_HEADERS64) pe->header)->OptionalHeader.field : \
pe->header->OptionalHeader.field)
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list