[Forensics-changes] [yara] 74/407: Avoid stack overflow
Hilko Bengen
bengen at moszumanska.debian.org
Sat Jul 1 10:28:11 UTC 2017
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to annotated tag v3.3.0
in repository yara.
commit e5369ca3eacb8b9f5ca4b818caff20a76ce42c99
Author: Victor Manuel Alvarez <vmalvarez at virustotal.com>
Date: Tue Sep 30 13:39:40 2014 +0200
Avoid stack overflow
PE files can contain loops in the resources structure causing stack overflows while calling _pe_iterate_resources recursively.
---
libyara/modules/pe.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libyara/modules/pe.c b/libyara/modules/pe.c
index 5ec06fb..54a4cfd 100644
--- a/libyara/modules/pe.c
+++ b/libyara/modules/pe.c
@@ -232,7 +232,7 @@ int _pe_iterate_resources(
break;
}
- if (IS_RESOURCE_SUBDIRECTORY(entry))
+ if (IS_RESOURCE_SUBDIRECTORY(entry) && rsrc_tree_level < 2)
{
PIMAGE_RESOURCE_DIRECTORY directory = (PIMAGE_RESOURCE_DIRECTORY) \
(rsrc_data + RESOURCE_OFFSET(entry));
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list