[Forensics-changes] [yara] 74/407: Avoid stack overflow

[Hilko Bengen]

This is an automated email from the git hooks/post-receive script.

bengen pushed a commit to annotated tag v3.3.0
in repository yara.

commit e5369ca3eacb8b9f5ca4b818caff20a76ce42c99
Author: Victor Manuel Alvarez <vmalvarez at virustotal.com>
Date:   Tue Sep 30 13:39:40 2014 +0200

    Avoid stack overflow
    
    PE files can contain loops in the resources structure causing stack overflows while calling _pe_iterate_resources recursively.
---
 libyara/modules/pe.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libyara/modules/pe.c b/libyara/modules/pe.c
index 5ec06fb..54a4cfd 100644
--- a/libyara/modules/pe.c
+++ b/libyara/modules/pe.c
@@ -232,7 +232,7 @@ int _pe_iterate_resources(
         break;
     }
 
-    if (IS_RESOURCE_SUBDIRECTORY(entry))
+    if (IS_RESOURCE_SUBDIRECTORY(entry) && rsrc_tree_level < 2)
     {
       PIMAGE_RESOURCE_DIRECTORY directory = (PIMAGE_RESOURCE_DIRECTORY) \
           (rsrc_data + RESOURCE_OFFSET(entry));

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git