[Forensics-changes] [yara] 77/368: Fix potential stack overflow
Hilko Bengen
bengen at moszumanska.debian.org
Sat Jul 1 10:30:13 UTC 2017
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to annotated tag v3.5.0
in repository yara.
commit d522a891d2723df229705df4eb1113fa4753cade
Author: Victor M. Alvarez <plusvic at gmail.com>
Date: Fri Sep 25 10:11:04 2015 +0200
Fix potential stack overflow
---
libyara/scan.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/libyara/scan.c b/libyara/scan.c
index ac1f18b..9d6787f 100644
--- a/libyara/scan.c
+++ b/libyara/scan.c
@@ -293,6 +293,9 @@ int _yr_scan_fast_hex_re_exec(
//
// The opcode following the ANY is located at ip + 4
+ if (sp >= MAX_FAST_HEX_RE_STACK)
+ return -4;
+
code_stack[sp] = ip + 4;
input_stack[sp] = current_input;
matches_stack[sp] = matches;
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list