[Forensics-changes] [yara] 01/04: New upstream version 3.6.3+dfsg
Hilko Bengen
bengen at moszumanska.debian.org
Wed Jul 12 07:28:27 UTC 2017
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to branch master
in repository yara.
commit 854738e9cf4028dd7ca70cbb01e415fbac90286b
Author: Hilko Bengen <bengen at debian.org>
Date: Wed Jul 5 19:05:04 2017 +0200
New upstream version 3.6.3+dfsg
---
configure.ac | 2 +-
libyara/Makefile.am | 2 +-
libyara/include/yara/libyara.h | 2 +-
libyara/modules/cuckoo.c | 4 ++++
libyara/modules/dotnet.c | 11 ++++++-----
libyara/modules/tests.c | 1 +
libyara/object.c | 13 ++++++++++---
tests/test-rules.c | 7 +++++++
8 files changed, 31 insertions(+), 11 deletions(-)
diff --git a/configure.ac b/configure.ac
index 18fd276..86acbc7 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,4 @@
-AC_INIT([yara], [3.6.2], [vmalvarez at virustotal.com])
+AC_INIT([yara], [3.6.3], [vmalvarez at virustotal.com])
AC_CONFIG_SRCDIR([yara.c])
diff --git a/libyara/Makefile.am b/libyara/Makefile.am
index 638c364..1c0ea3a 100644
--- a/libyara/Makefile.am
+++ b/libyara/Makefile.am
@@ -82,7 +82,7 @@ yarainclude_HEADERS = \
lib_LTLIBRARIES = libyara.la
-libyara_la_LDFLAGS = -version-number 3:6:2
+libyara_la_LDFLAGS = -version-number 3:6:3
libyara_la_SOURCES = \
$(MODULES) \
diff --git a/libyara/include/yara/libyara.h b/libyara/include/yara/libyara.h
index b2c3314..3d78464 100644
--- a/libyara/include/yara/libyara.h
+++ b/libyara/include/yara/libyara.h
@@ -34,7 +34,7 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#define YR_MAJOR_VERSION 3
#define YR_MINOR_VERSION 6
-#define YR_MICRO_VERSION 2
+#define YR_MICRO_VERSION 3
#define version_str(s) _version_str(s)
#define _version_str(s) #s
diff --git a/libyara/modules/cuckoo.c b/libyara/modules/cuckoo.c
index c179cdf..da15f9f 100644
--- a/libyara/modules/cuckoo.c
+++ b/libyara/modules/cuckoo.c
@@ -299,7 +299,11 @@ int module_load(
json = json_loadb(
(const char*) module_data,
module_data_size,
+ #if JANSSON_VERSION_HEX >= 0x020600
+ JSON_ALLOW_NUL,
+ #else
0,
+ #endif
&json_error);
if (json == NULL)
diff --git a/libyara/modules/dotnet.c b/libyara/modules/dotnet.c
index 51f7dbd..bc37053 100644
--- a/libyara/modules/dotnet.c
+++ b/libyara/modules/dotnet.c
@@ -1002,7 +1002,7 @@ void dotnet_parse_tilde_2(
if (name != NULL)
{
- set_string(name, pe->object, "modulerefs[%i]", i);
+ set_string(name, pe->object, "modulerefs[%i]", counter);
counter++;
}
@@ -1276,17 +1276,17 @@ void dotnet_parse_tilde_2(
// Add 4 to skip the size.
set_integer(resource_base + resource_offset + 4,
- pe->object, "resources[%i].offset", i);
+ pe->object, "resources[%i].offset", counter);
set_integer(resource_size,
- pe->object, "resources[%i].length", i);
+ pe->object, "resources[%i].length", counter);
name = pe_get_dotnet_string(pe,
string_offset,
DOTNET_STRING_INDEX(manifestresource_table->Name));
if (name != NULL)
- set_string(name, pe->object, "resources[%i].name", i);
+ set_string(name, pe->object, "resources[%i].name", counter);
row_ptr += row_size;
counter++;
@@ -1409,7 +1409,8 @@ void dotnet_parse_tilde(
continue;
#define ROW_CHECK(name) \
- rows.name = *(row_offset + matched_bits);
+ if (fits_in_pe(pe, row_offset, (matched_bits + 1) * sizeof(uint32_t))) \
+ rows.name = *(row_offset + matched_bits);
#define ROW_CHECK_WITH_INDEX(name) \
ROW_CHECK(name); \
diff --git a/libyara/modules/tests.c b/libyara/modules/tests.c
index a152638..4eacc36 100644
--- a/libyara/modules/tests.c
+++ b/libyara/modules/tests.c
@@ -176,6 +176,7 @@ int module_load(
set_integer(0, module_object, "integer_array[%i]", 0);
set_integer(1, module_object, "integer_array[%i]", 1);
set_integer(2, module_object, "integer_array[%i]", 2);
+ set_integer(256, module_object, "integer_array[%i]", 256);
set_string("foo", module_object, "string_array[%i]", 0);
set_string("bar", module_object, "string_array[%i]", 1);
diff --git a/libyara/object.c b/libyara/object.c
index b130278..1522182 100644
--- a/libyara/object.c
+++ b/libyara/object.c
@@ -442,7 +442,7 @@ YR_OBJECT* _yr_object_lookup(
{
i = 0;
- while(*p != '\0' && *p != '.' && *p != '[' && i < sizeof(str) - 1)
+ while (*p != '\0' && *p != '.' && *p != '[' && i < sizeof(str) - 1)
{
str[i++] = *p++;
}
@@ -487,7 +487,7 @@ YR_OBJECT* _yr_object_lookup(
i = 0;
p++; // skip the opening quotation mark
- while (*p != '"' && *p != '\0' && i < sizeof(str))
+ while (*p != '"' && *p != '\0' && i < sizeof(str) - 1)
str[i++] = *p++;
str[i] = '\0';
@@ -725,7 +725,10 @@ int yr_object_array_set_item(
if (array->items == NULL)
{
- count = yr_max(64, (index + 1) * 2);
+ count = 64;
+
+ while (count <= index)
+ count *= 2;
array->items = (YR_ARRAY_ITEMS*) yr_malloc(
sizeof(YR_ARRAY_ITEMS) + count * sizeof(YR_OBJECT*));
@@ -740,6 +743,10 @@ int yr_object_array_set_item(
else if (index >= array->items->count)
{
count = array->items->count * 2;
+
+ while (count <= index)
+ count *= 2;
+
array->items = (YR_ARRAY_ITEMS*) yr_realloc(
array->items,
sizeof(YR_ARRAY_ITEMS) + count * sizeof(YR_OBJECT*));
diff --git a/tests/test-rules.c b/tests/test-rules.c
index cb15c68..27a1d64 100644
--- a/tests/test-rules.c
+++ b/tests/test-rules.c
@@ -1389,6 +1389,13 @@ static void test_modules()
assert_true_rule(
"import \"tests\" \
rule test { \
+ condition: tests.integer_array[256] == 256 \
+ }",
+ NULL);
+
+ assert_true_rule(
+ "import \"tests\" \
+ rule test { \
condition: tests.string_array[0] == \"foo\" \
}",
NULL);
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/yara.git
More information about the forensics-changes
mailing list