[Forensics-changes] [yara] 125/407: Fix a NULL ptr deref.
Hilko Bengen
bengen at moszumanska.debian.org
Sat Jul 1 10:28:17 UTC 2017
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to annotated tag v3.3.0
in repository yara.
commit 37971073b89f068cf15c283a36ed97a0ea22ac6d
Author: Wesley Shields <wxs at atarininja.org>
Date: Fri Oct 17 15:43:05 2014 -0400
Fix a NULL ptr deref.
While testing authenticode parsing I came across a binary which does
not have a rich signature. Calling pe.rich_signature.hash() caused
a NULL pointer dereference.
---
libyara/modules/pe.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/libyara/modules/pe.c b/libyara/modules/pe.c
index b784ba5..4a36aef 100644
--- a/libyara/modules/pe.c
+++ b/libyara/modules/pe.c
@@ -2659,6 +2659,9 @@ define_function(richhash)
SIZED_STRING *clear_data = get_string(parent, "clear_data");
+ if (!clear_data)
+ return_string(UNDEFINED);
+
SHA256_Init(&ctx);
SHA256_Update(&ctx, clear_data->c_string, clear_data->length);
SHA256_Final(digest, &ctx);
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list