[Forensics-changes] [yara] 202/368: PE module to use iterator, change lost during merge

[Hilko Bengen]

This is an automated email from the git hooks/post-receive script.

bengen pushed a commit to annotated tag v3.5.0
in repository yara.

commit fc6ad5cac034c1750dbfce288dca53bc4359bf60
Author: Kyle Reed <kallanreed at outlook.com>
Date:   Sun Feb 28 12:13:43 2016 -0800

    PE module to use iterator, change lost during merge
    
    Signed-off-by: Kyle Reed <kallanreed at outlook.com>
---
 libyara/modules/pe.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/libyara/modules/pe.c b/libyara/modules/pe.c
index 4323b92..d74b3ab 100644
--- a/libyara/modules/pe.c
+++ b/libyara/modules/pe.c
@@ -2206,6 +2206,7 @@ int module_load(
     size_t module_data_size)
 {
   YR_MEMORY_BLOCK* block;
+  YR_BLOCK_ITERATOR* iterator = context->iterator;
 
   set_integer(
       IMAGE_FILE_MACHINE_UNKNOWN, module_object,
@@ -2446,9 +2447,14 @@ int module_load(
       RESOURCE_TYPE_MANIFEST, module_object,
       "RESOURCE_TYPE_MANIFEST");
 
-  foreach_memory_block(context, block)
+  foreach_memory_block(iterator, block)
   {
-    PIMAGE_NT_HEADERS32 pe_header = pe_get_header(block->data, block->size);
+    uint8_t* block_data = iterator->fetch_data(iterator);
+
+    if (block_data != NULL)
+      continue;
+
+    PIMAGE_NT_HEADERS32 pe_header = pe_get_header(block_data, block->size);
 
     if (pe_header != NULL)
     {
@@ -2462,7 +2468,7 @@ int module_load(
         if (pe == NULL)
           return ERROR_INSUFICIENT_MEMORY;
 
-        pe->data = block->data;
+        pe->data = block_data;
         pe->data_size = block->size;
         pe->header = pe_header;
         pe->object = module_object;

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git