[Forensics-changes] [yara] 19/160: Avoid infinite loop with certain PE files
Hilko Bengen
bengen at moszumanska.debian.org
Sat Jul 1 10:29:13 UTC 2017
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to annotated tag v3.4.0
in repository yara.
commit aa0f6c43548414c103beac651add0ec23c9e0253
Author: Victor M. Alvarez <plusvic at gmail.com>
Date: Mon Feb 16 10:34:06 2015 +0100
Avoid infinite loop with certain PE files
---
libyara/modules/pe.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/libyara/modules/pe.c b/libyara/modules/pe.c
index 251de28..c038b36 100644
--- a/libyara/modules/pe.c
+++ b/libyara/modules/pe.c
@@ -628,7 +628,8 @@ void pe_parse_version_info(
string_file_info = ADD_OFFSET(version_info, sizeof(VERSION_INFO) + 86);
while(fits_in_pe(pe, string_file_info->Key, sizeof("StringFileInfo") * 2) &&
- strcmp_w(string_file_info->Key, "StringFileInfo") == 0)
+ strcmp_w(string_file_info->Key, "StringFileInfo") == 0 &&
+ string_file_info->Length != 0)
{
PVERSION_INFO string_table = ADD_OFFSET(
string_file_info,
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list