[Forensics-changes] [yara] 206/368: fix wrong pointer bug in linux get_process_blocks
Hilko Bengen
bengen at moszumanska.debian.org
Sat Jul 1 10:30:40 UTC 2017
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to annotated tag v3.5.0
in repository yara.
commit 6ab766c2244311c56ba427ddc9912783f6968533
Author: Kyle Reed <kallanreed at outlook.com>
Date: Mon Feb 29 00:16:40 2016 +0000
fix wrong pointer bug in linux get_process_blocks
---
libyara/proc.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/libyara/proc.c b/libyara/proc.c
index 34e2e10..fd2c87a 100644
--- a/libyara/proc.c
+++ b/libyara/proc.c
@@ -97,6 +97,7 @@ int _yr_get_process_blocks(
new_block->base = (size_t)mbi.BaseAddress;
new_block->size = mbi.RegionSize;
+ new_block->next = NULL;
if (*head == NULL)
*head = new_block;
@@ -338,7 +339,7 @@ int _yr_attach_process(
snprintf(buffer, sizeof(buffer), "/proc/%u/mem", pid);
ctx->mem_fd = open(buffer, O_RDONLY);
- if (ctx->mem_fd != -1)
+ if (ctx->mem_fd == -1)
return ERROR_COULD_NOT_ATTACH_TO_PROCESS;
if (ptrace(PTRACE_ATTACH, pid, NULL, 0) != -1)
@@ -396,6 +397,7 @@ int _yr_get_process_blocks(
new_block->base = begin;
new_block->size = end - begin;
+ new_block->next = NULL;
if (*head == NULL)
*head = new_block;
@@ -425,7 +427,7 @@ int _yr_read_process_block(
if (buffer == NULL)
return ERROR_INSUFICIENT_MEMORY;
- if (pread(ctx->mem_fd, data, block->size, block->base) == -1)
+ if (pread(ctx->mem_fd, buffer, block->size, block->base) == -1)
{
result = ERROR_COULD_NOT_READ_PROCESS_MEMORY;
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list