[Forensics-changes] [yara] 198/407: Improve sanitation in PE module to avoid segfaults
Hilko Bengen
bengen at moszumanska.debian.org
Sat Jul 1 10:28:25 UTC 2017
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to annotated tag v3.3.0
in repository yara.
commit 6832b36452336cafdf7d780db654f5d3b9ddb8e1
Author: Victor M. Alvarez <plusvic at gmail.com>
Date: Thu Nov 6 17:35:28 2014 +0100
Improve sanitation in PE module to avoid segfaults
---
libyara/modules/pe.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/libyara/modules/pe.c b/libyara/modules/pe.c
index 7cb2722..751d612 100644
--- a/libyara/modules/pe.c
+++ b/libyara/modules/pe.c
@@ -794,6 +794,7 @@ void pe_parse_certificates(
// directory->VirtualAddress is a file offset. Don't call pe_rva_to_offset().
if (directory->VirtualAddress == 0 ||
+ directory->VirtualAddress > pe->data_size ||
directory->Size > pe->data_size ||
directory->VirtualAddress + directory->Size > pe->data_size)
{
@@ -1648,6 +1649,7 @@ int module_load(
pe_parse_header(pe, block->base, context->flags);
pe_parse_rich_signature(pe);
+
#if defined(HAVE_LIBCRYPTO)
pe_parse_certificates(pe);
#endif
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list