[Forensics-changes] [yara] 340/368: Fix references to block data. (#466)
Hilko Bengen
bengen at moszumanska.debian.org
Sat Jul 1 10:30:55 UTC 2017
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to annotated tag v3.5.0
in repository yara.
commit 924c4bb60c75c6a56156404aca398cfc10965b04
Author: Mike Wiacek <mike at iroot.net>
Date: Thu Jun 23 01:54:12 2016 -0700
Fix references to block data. (#466)
---
libyara/modules/magic.c | 26 ++++++++++++++++++--------
1 file changed, 18 insertions(+), 8 deletions(-)
diff --git a/libyara/modules/magic.c b/libyara/modules/magic.c
index 246e39f..2e072b0 100644
--- a/libyara/modules/magic.c
+++ b/libyara/modules/magic.c
@@ -35,6 +35,7 @@ define_function(magic_mime_type)
{
YR_MEMORY_BLOCK* block;
YR_SCAN_CONTEXT* context = scan_context();
+ YR_BLOCK_ITERATOR* iterator = context->iterator;
if (context->flags & SCAN_FLAGS_PROCESS_MEMORY)
return_string(UNDEFINED);
@@ -45,10 +46,14 @@ define_function(magic_mime_type)
magic_setflags(magic_cookie[context->tidx], MAGIC_MIME_TYPE);
- cached_mime_types[context->tidx] = magic_buffer(
- magic_cookie[context->tidx],
- block->data,
- block->size);
+ uint8_t* block_data = iterator->fetch_data(iterator);
+ if (block_data != NULL)
+ {
+ cached_mime_types[context->tidx] = magic_buffer(
+ block_data,
+ context->iterator->fetch_data((context)->iterator),
+ block->size);
+ }
}
if (cached_mime_types[context->tidx] == NULL)
@@ -62,6 +67,7 @@ define_function(magic_type)
{
YR_MEMORY_BLOCK* block;
YR_SCAN_CONTEXT* context = scan_context();
+ YR_BLOCK_ITERATOR* iterator = context->iterator;
if (context->flags & SCAN_FLAGS_PROCESS_MEMORY)
return_string(UNDEFINED);
@@ -72,10 +78,14 @@ define_function(magic_type)
magic_setflags(magic_cookie[context->tidx], 0);
- cached_types[context->tidx] = magic_buffer(
- magic_cookie[context->tidx],
- block->data,
- block->size);
+ uint8_t* block_data = iterator->fetch_data(iterator);
+ if (block_data != NULL)
+ {
+ cached_types[context->tidx] = magic_buffer(
+ magic_cookie[context->tidx],
+ block_data,
+ block->size);
+ }
}
if (cached_types[context->tidx] == NULL)
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list