[Forensics-changes] [yara] 43/160: Avoid integer overflows in fits_in_pe macro (issue #277)
Hilko Bengen
bengen at moszumanska.debian.org
Sat Jul 1 10:29:16 UTC 2017
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to annotated tag v3.4.0
in repository yara.
commit 223daaf9c4d335b87805654466fba32f3988ad5a
Author: Victor M. Alvarez <plusvic at gmail.com>
Date: Thu Mar 12 11:14:31 2015 +0100
Avoid integer overflows in fits_in_pe macro (issue #277)
---
libyara/modules/pe.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/libyara/modules/pe.c b/libyara/modules/pe.c
index a9edd9d..ee225bf 100644
--- a/libyara/modules/pe.c
+++ b/libyara/modules/pe.c
@@ -92,7 +92,9 @@ limitations under the License.
#define fits_in_pe(pe, pointer, size) \
- ((uint8_t*)(pointer) + size <= pe->data + pe->data_size)
+ (size <= pe->data_size && \
+ (uint8_t*)(pointer) >= pe->data && \
+ (uint8_t*)(pointer) + size <= pe->data + pe->data_size)
#define struct_fits_in_pe(pe, pointer, struct_type) \
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list