[Forensics-changes] [yara] 72/407: Add some sanity checks to resources iteration routine in PE module

[Hilko Bengen]

This is an automated email from the git hooks/post-receive script.

bengen pushed a commit to annotated tag v3.3.0
in repository yara.

commit 21cc6170d42f990cf0d5fa1a5e7b4b8c857ce6c6
Author: Victor Manuel Alvarez <vmalvarez at virustotal.com>
Date:   Fri Sep 26 09:41:23 2014 +0200

    Add some sanity checks to resources iteration routine in PE module
---
 libyara/modules/pe.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/libyara/modules/pe.c b/libyara/modules/pe.c
index 9318cfb..5ec06fb 100644
--- a/libyara/modules/pe.c
+++ b/libyara/modules/pe.c
@@ -199,6 +199,16 @@ int _pe_iterate_resources(
     void* callback_data)
 {
   int result = RESOURCE_ITERATOR_FINISHED;
+
+  // A few sanity checks to avoid corrupt files
+
+  if (resource_dir->Characteristics != 0 ||
+      resource_dir->NumberOfNamedEntries > 32768 ||
+      resource_dir->NumberOfIdEntries > 32768)
+  {
+    return result;
+  }
+
   int total_entries = resource_dir->NumberOfNamedEntries +
                       resource_dir->NumberOfIdEntries;
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git