[Forensics-changes] [yara] 368/407: Fix an off-by-one memory access

[Hilko Bengen]

This is an automated email from the git hooks/post-receive script.

bengen pushed a commit to annotated tag v3.3.0
in repository yara.

commit 88f2ed77809543e6ac50b1c694ac6f12d7e51c8f
Author: Victor M. Alvarez <plusvic at gmail.com>
Date:   Mon Feb 2 21:49:21 2015 +0100

    Fix an off-by-one memory access
---
 libyara/re.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/libyara/re.c b/libyara/re.c
index 12d5b13..f903c04 100644
--- a/libyara/re.c
+++ b/libyara/re.c
@@ -1556,6 +1556,13 @@ int yr_re_exec(
     input -= character_size;
 
   max_count = min(input_size, RE_SCAN_LIMIT);
+
+  // round down max_count to a multiple of character size, this way if
+  // character_size is 2 and the input size is impair we are ignoring the
+  // extra byte which can't match anyways.
+
+  max_count = max_count - max_count % character_size;
+
   count = 0;
 
   fiber = _yr_re_fiber_create(&storage->fiber_pool);
@@ -1771,7 +1778,7 @@ int yr_re_exec(
       }
     }
 
-    if (flags & RE_FLAGS_WIDE && count + 1 < max_count && *(input + 1) != 0)
+    if (flags & RE_FLAGS_WIDE && *(input + 1) != 0)
       _yr_re_fiber_kill_all(&fibers, &storage->fiber_pool);
 
     if (flags & RE_FLAGS_BACKWARDS)

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git