[Forensics-changes] [yara] 82/160: Fix issues with PE files having a corrupt header with wrong number of sections

[Hilko Bengen]

This is an automated email from the git hooks/post-receive script.

bengen pushed a commit to annotated tag v3.4.0
in repository yara.

commit 45650077d3d3ca3ff37ab977091e6c0e5a5fd818
Author: Victor M. Alvarez <plusvic at gmail.com>
Date:   Tue Apr 21 12:12:18 2015 +0200

    Fix issues with PE files having a corrupt header with wrong number of sections
---
 libyara/modules/pe.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/libyara/modules/pe.c b/libyara/modules/pe.c
index 365d38f..400aad1 100644
--- a/libyara/modules/pe.c
+++ b/libyara/modules/pe.c
@@ -1339,7 +1339,7 @@ define_function(section_index_addr)
   int64_t addr = integer_argument(1);
   int64_t n = get_integer(module, "number_of_sections");
 
-  for (int64_t i = 0; i < n; i++)
+  for (int64_t i = 0; i < yr_min(n, MAX_PE_SECTIONS); i++)
   {
     if (context->flags & SCAN_FLAGS_PROCESS_MEMORY)
     {
@@ -1370,11 +1370,11 @@ define_function(section_index_name)
   char* name = string_argument(1);
   int64_t n = get_integer(module, "number_of_sections");
 
-  for (int64_t i = 0; i < n; i++)
+  for (int64_t i = 0; i < yr_min(n, MAX_PE_SECTIONS); i++)
   {
     SIZED_STRING* sect = get_string(module, "sections[%i].name", i);
 
-    if (strcmp(name, sect->c_string) == 0)
+    if (sect != NULL && strcmp(name, sect->c_string) == 0)
       return_integer(i);
   }
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git