[Forensics-changes] [yara] 302/368: Fix out-of-bounds accesses

[Hilko Bengen]

This is an automated email from the git hooks/post-receive script.

bengen pushed a commit to annotated tag v3.5.0
in repository yara.

commit 4536079c788687ef8b8c1f22747eb61c4b653aa4
Author: plusvic <plusvic at gmail.com>
Date:   Mon Jun 6 22:40:52 2016 +0200

    Fix out-of-bounds accesses
---
 libyara/object.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libyara/object.c b/libyara/object.c
index f162cd6..ae1e31f 100644
--- a/libyara/object.c
+++ b/libyara/object.c
@@ -435,7 +435,7 @@ YR_OBJECT* _yr_object_lookup(
   {
     i = 0;
 
-    while(*p != '\0' && *p != '.' && *p != '[' && i < sizeof(str))
+    while(*p != '\0' && *p != '.' && *p != '[' && i < sizeof(str) - 1)
     {
       str[i++] = *p++;
     }
@@ -1086,7 +1086,7 @@ YR_API void yr_object_print_data(
   char indent_spaces[32];
   int i;
 
-  indent = yr_min(indent, sizeof(indent_spaces));
+  indent = yr_min(indent, sizeof(indent_spaces) - 1);
 
   memset(indent_spaces, '\t', indent);
   indent_spaces[indent] = '\0';

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git