[Forensics-changes] [yara] 112/368: Fix bug introduced in 4a532176bd1c973954cf859591b3747f7f76a096
Hilko Bengen
bengen at moszumanska.debian.org
Sat Jul 1 10:30:18 UTC 2017
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to annotated tag v3.5.0
in repository yara.
commit 9fbb20ac2fcaefc333973f8e409b8c50e3310ab2
Author: Victor Manuel Alvarez <vmalvarez at virustotal.com>
Date: Wed Nov 11 18:43:38 2015 +0100
Fix bug introduced in 4a532176bd1c973954cf859591b3747f7f76a096
Mistakenly assumed that RE_OPCODE_SPLIT wasn't necessary.
---
libyara/scan.c | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/libyara/scan.c b/libyara/scan.c
index 7c2bab0..9817f6a 100644
--- a/libyara/scan.c
+++ b/libyara/scan.c
@@ -284,6 +284,23 @@ int _yr_scan_fast_hex_re_exec(
break;
+ case RE_OPCODE_SPLIT_B:
+
+ // This is how the code looks like after the SPLIT:
+ // split L3, L4 (3 bytes long)
+ // L3: any (1 byte long)
+ // L4: ...
+ //
+ // The opcode following the ANY is located at ip + 4
+
+ code_stack[sp] = ip + 4;
+ input_stack[sp] = current_input;
+ matches_stack[sp] = matches;
+ sp++;
+ ip += 3;
+
+ break;
+
case RE_OPCODE_PUSH:
// A PUSH operation indicates the begining of a code sequence
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list