[Forensics-changes] [yara] 108/192: Fix issue #516

Hilko Bengen bengen at moszumanska.debian.org
Sat Jul 1 10:31:53 UTC 2017


This is an automated email from the git hooks/post-receive script.

bengen pushed a commit to annotated tag v3.6.0
in repository yara.

commit 2a36c168bb2097c0831d4ddf24a6c04bafe28dca
Author: plusvic <plusvic at gmail.com>
Date:   Wed Mar 8 16:56:17 2017 +0100

    Fix issue  #516
---
 libyara/compiler.c           |  7 +++++++
 libyara/hash.c               |  3 +++
 libyara/include/yara/error.h |  1 +
 libyara/parser.c             | 21 +++++++++++++++++----
 4 files changed, 28 insertions(+), 4 deletions(-)

diff --git a/libyara/compiler.c b/libyara/compiler.c
index b8227ec..4ab1c4a 100644
--- a/libyara/compiler.c
+++ b/libyara/compiler.c
@@ -945,6 +945,13 @@ YR_API char* yr_compiler_get_error_message(
           "unknown module \"%s\"",
           compiler->last_error_extra_info);
       break;
+    case ERROR_INVALID_MODULE_NAME:
+      snprintf(
+          buffer,
+          buffer_size,
+          "invalid module name \"%s\"",
+          compiler->last_error_extra_info);
+      break;
     case ERROR_DUPLICATED_STRUCTURE_MEMBER:
       snprintf(buffer,
           buffer_size,
diff --git a/libyara/hash.c b/libyara/hash.c
index 10140d3..b515677 100644
--- a/libyara/hash.c
+++ b/libyara/hash.c
@@ -27,6 +27,7 @@ ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 
+#include <assert.h>
 #include <string.h>
 
 #include <yara/integers.h>
@@ -90,6 +91,8 @@ uint32_t hash(
   uint32_t result = seed;
   size_t i;
 
+  assert(len > 0);
+
   for (i = len - 1; i > 0; i--)
   {
     result ^= ROTATE_INT32(byte_to_int32[*b], i);
diff --git a/libyara/include/yara/error.h b/libyara/include/yara/error.h
index 4928ca3..6010d80 100644
--- a/libyara/include/yara/error.h
+++ b/libyara/include/yara/error.h
@@ -88,6 +88,7 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 #define ERROR_COULD_NOT_READ_PROCESS_MEMORY     47
 #define ERROR_INVALID_EXTERNAL_VARIABLE_TYPE    48
 #define ERROR_REGULAR_EXPRESSION_TOO_COMPLEX    49
+#define ERROR_INVALID_MODULE_NAME               50
 
 
 #define FAIL_ON_ERROR(x) { \
diff --git a/libyara/parser.c b/libyara/parser.c
index 9c99e17..95f5b37 100644
--- a/libyara/parser.c
+++ b/libyara/parser.c
@@ -963,6 +963,19 @@ YR_META* yr_parser_reduce_meta_declaration(
 }
 
 
+int _yr_parser_valid_module_name(
+    SIZED_STRING* module_name)
+{
+  if (module_name->length == 0)
+    return FALSE;
+
+  if (strlen(module_name->c_string) != module_name->length)
+    return FALSE;
+
+  return TRUE;
+}
+
+
 int yr_parser_reduce_import(
     yyscan_t yyscanner,
     SIZED_STRING* module_name)
@@ -972,12 +985,12 @@ int yr_parser_reduce_import(
 
   char* name;
 
-  if (module_name->length == 0)
+  if (!_yr_parser_valid_module_name(module_name))
   {
-    compiler->last_result = ERROR_UNKNOWN_MODULE;
-    yr_compiler_set_error_extra_info(compiler, "");
+    compiler->last_result = ERROR_INVALID_MODULE_NAME;
+    yr_compiler_set_error_extra_info(compiler, module_name->c_string);
 
-    return ERROR_UNKNOWN_MODULE;
+    return ERROR_INVALID_MODULE_NAME;
   }
 
   module_structure = (YR_OBJECT*) yr_hash_table_lookup(

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git



More information about the forensics-changes mailing list