open-dsi
/
clamav
mirror of https://github.com/Cisco-Talos/clamav
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

bb11314: YARA macro FAIL_ON_COMPILER_ERROR now terminates YARA rule parsing if there is a memory allocation error and additional check/exit in cli_loadyara preventing the segfault.

Browse Source
pull/8/merge
Steven Morgan 10 years ago
parent 1e3e56e702
commit 590a43e842
2 changed files with 16 additions and 11 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 17
      libclamav/readdb.c
  2. 10
      libclamav/yara_clam.h

17
libclamav/readdb.c
Unescape View File

@ -4020,15 +4020,22 @@ static int cli_loadyara(FILE *fs, struct cl_engine *engine, unsigned int *signo,
if (rc > 0) { /* rc = number of errors */ if (rc > 0) { /* rc = number of errors */
/* TODO - handle the various errors? */ /* TODO - handle the various errors? */
cli_errmsg("cli_loadyara: failed to parse rules file %s, error count %i\n", filename, rc); cli_errmsg("cli_loadyara: failed to parse rules file %s, error count %i\n", filename, rc);
yr_arena_destroy(compiler.sz_arena); if (compiler.sz_arena != NULL)
yr_arena_destroy(compiler.rules_arena); yr_arena_destroy(compiler.sz_arena);
yr_arena_destroy(compiler.code_arena); if (compiler.rules_arena != NULL)
yr_arena_destroy(compiler.strings_arena); yr_arena_destroy(compiler.rules_arena);
yr_arena_destroy(compiler.metas_arena); if (compiler.code_arena != NULL)
yr_arena_destroy(compiler.code_arena);
if (compiler.strings_arena != NULL)
yr_arena_destroy(compiler.strings_arena);
if (compiler.metas_arena != NULL)
yr_arena_destroy(compiler.metas_arena);
_yr_compiler_pop_file_name(&compiler); _yr_compiler_pop_file_name(&compiler);
#ifdef YARA_FINISHED #ifdef YARA_FINISHED
return CL_EMALFDB; return CL_EMALFDB;
#else #else
if (rc == ERROR_INSUFICIENT_MEMORY)
return CL_EMEM;
return CL_SUCCESS; return CL_SUCCESS;
#endif #endif
} }

10
libclamav/yara_clam.h
Unescape View File

@ -188,8 +188,6 @@ typedef struct _YR_OBJECT_ARRAY
} YR_OBJECT_ARRAY; } YR_OBJECT_ARRAY;
#if 1
//TDB TEMP for exec.c compile
typedef struct _YR_SCAN_CONTEXT typedef struct _YR_SCAN_CONTEXT
{ {
uint64_t file_size; uint64_t file_size;
@ -203,7 +201,6 @@ typedef struct _YR_SCAN_CONTEXT
//YR_CALLBACK_FUNC callback; //YR_CALLBACK_FUNC callback;
fmap_t * fmap; fmap_t * fmap;
} YR_SCAN_CONTEXT; } YR_SCAN_CONTEXT;
#endif
struct _YR_OBJECT_FUNCTION; struct _YR_OBJECT_FUNCTION;
@ -219,9 +216,7 @@ typedef struct _YR_OBJECT_FUNCTION
const char* arguments_fmt; const char* arguments_fmt;
YR_OBJECT* return_obj; YR_OBJECT* return_obj;
//#if REAL_YARA
YR_MODULE_FUNC code; YR_MODULE_FUNC code;
//#endif
} YR_OBJECT_FUNCTION; } YR_OBJECT_FUNCTION;
@ -298,8 +293,11 @@ typedef struct _SIZED_STRING
#define FAIL_ON_COMPILER_ERROR(x) { \ #define FAIL_ON_COMPILER_ERROR(x) { \
compiler->last_result = (x); \ compiler->last_result = (x); \
if (compiler->last_result != ERROR_SUCCESS) \ if (compiler->last_result != ERROR_SUCCESS) { \
if (compiler->last_result == ERROR_INSUFICIENT_MEMORY) \
yyfatal(yyscanner, "YARA fatal error: terminating rule parse\n"); \
return compiler->last_result; \ return compiler->last_result; \
} \
} }
/* From libyara/include/yara/re.h */ /* From libyara/include/yara/re.h */

Write Preview
Loading…
Cancel
Save