[Forensics-changes] [yara] 119/407: Fix possible buffer overrun
Hilko Bengen
bengen at moszumanska.debian.org
Sat Jul 1 10:28:16 UTC 2017
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to annotated tag v3.3.0
in repository yara.
commit df87f7eeffc5c27bed75517a6adb26e4b9c9b3a8
Author: Victor M. Alvarez <plusvic at gmail.com>
Date: Thu Oct 16 13:14:40 2014 +0200
Fix possible buffer overrun
---
libyara/modules/pe.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/libyara/modules/pe.c b/libyara/modules/pe.c
index 0f25a82..63d4b73 100644
--- a/libyara/modules/pe.c
+++ b/libyara/modules/pe.c
@@ -2313,9 +2313,10 @@ IMPORTED_DLL* pe_parse_imports(
{
uint64_t offset = pe_rva_to_offset(pe, imports->Name);
- if (offset != 0)
+ if (offset != 0 && offset < pe->data_size)
{
- char* dll_name = yr_strdup((char *) (pe->data + offset));
+ char* dll_name = yr_strndup(
+ (char *) (pe->data + offset), pe->data_size - offset);
IMPORTED_FUNCTION* functions = pe_parse_import_descriptor(
pe, imports, dll_name);
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list