[Forensics-changes] [yara] 162/192: Fix wrong endianness conversion.
Hilko Bengen
bengen at moszumanska.debian.org
Sat Jul 1 10:31:59 UTC 2017
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to annotated tag v3.6.0
in repository yara.
commit dc503542aeec3f2542a6ce04d65d0ec75a9a64e4
Author: plusvic <plusvic at gmail.com>
Date: Fri May 5 19:13:36 2017 +0200
Fix wrong endianness conversion.
section->flags is 64bit or 32bit for ELF64 and ELF32 files respectively. Different endianness conversion functions must be called for each case.
---
libyara/modules/elf.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libyara/modules/elf.c b/libyara/modules/elf.c
index 21cd9bf..e4fb8f8 100644
--- a/libyara/modules/elf.c
+++ b/libyara/modules/elf.c
@@ -220,7 +220,7 @@ void parse_elf_header_##bits##_##bo( \
{ \
set_integer(yr_##bo##32toh(section->type), elf_obj, \
"sections[%i].type", i); \
- set_integer(yr_##bo##32toh(section->flags), elf_obj, \
+ set_integer(yr_##bo##bits##toh(section->flags), elf_obj, \
"sections[%i].flags", i); \
set_integer(yr_##bo##bits##toh(section->addr), elf_obj, \
"sections[%i].address", i); \
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list