Browse code
bb11314: YARA macro FAIL_ON_COMPILER_ERROR now terminates YARA rule parsing if there is a memory allocation error and additional check/exit in cli_loadyara preventing the segfault.
Steven Morgan authored on 2015/07/29 06:21:23Showing 2 changed files
| ... | ... |
@@ -4020,15 +4020,22 @@ static int cli_loadyara(FILE *fs, struct cl_engine *engine, unsigned int *signo, |
| 4020 | 4020 |
if (rc > 0) { /* rc = number of errors */
|
| 4021 | 4021 |
/* TODO - handle the various errors? */ |
| 4022 | 4022 |
cli_errmsg("cli_loadyara: failed to parse rules file %s, error count %i\n", filename, rc);
|
| 4023 |
- yr_arena_destroy(compiler.sz_arena); |
|
| 4024 |
- yr_arena_destroy(compiler.rules_arena); |
|
| 4025 |
- yr_arena_destroy(compiler.code_arena); |
|
| 4026 |
- yr_arena_destroy(compiler.strings_arena); |
|
| 4027 |
- yr_arena_destroy(compiler.metas_arena); |
|
| 4023 |
+ if (compiler.sz_arena != NULL) |
|
| 4024 |
+ yr_arena_destroy(compiler.sz_arena); |
|
| 4025 |
+ if (compiler.rules_arena != NULL) |
|
| 4026 |
+ yr_arena_destroy(compiler.rules_arena); |
|
| 4027 |
+ if (compiler.code_arena != NULL) |
|
| 4028 |
+ yr_arena_destroy(compiler.code_arena); |
|
| 4029 |
+ if (compiler.strings_arena != NULL) |
|
| 4030 |
+ yr_arena_destroy(compiler.strings_arena); |
|
| 4031 |
+ if (compiler.metas_arena != NULL) |
|
| 4032 |
+ yr_arena_destroy(compiler.metas_arena); |
|
| 4028 | 4033 |
_yr_compiler_pop_file_name(&compiler); |
| 4029 | 4034 |
#ifdef YARA_FINISHED |
| 4030 | 4035 |
return CL_EMALFDB; |
| 4031 | 4036 |
#else |
| 4037 |
+ if (rc == ERROR_INSUFICIENT_MEMORY) |
|
| 4038 |
+ return CL_EMEM; |
|
| 4032 | 4039 |
return CL_SUCCESS; |
| 4033 | 4040 |
#endif |
| 4034 | 4041 |
} |
| ... | ... |
@@ -188,8 +188,6 @@ typedef struct _YR_OBJECT_ARRAY |
| 188 | 188 |
|
| 189 | 189 |
} YR_OBJECT_ARRAY; |
| 190 | 190 |
|
| 191 |
-#if 1 |
|
| 192 |
-//TDB TEMP for exec.c compile |
|
| 193 | 191 |
typedef struct _YR_SCAN_CONTEXT |
| 194 | 192 |
{
|
| 195 | 193 |
uint64_t file_size; |
| ... | ... |
@@ -203,7 +201,6 @@ typedef struct _YR_SCAN_CONTEXT |
| 203 | 203 |
//YR_CALLBACK_FUNC callback; |
| 204 | 204 |
fmap_t * fmap; |
| 205 | 205 |
} YR_SCAN_CONTEXT; |
| 206 |
-#endif |
|
| 207 | 206 |
|
| 208 | 207 |
struct _YR_OBJECT_FUNCTION; |
| 209 | 208 |
|
| ... | ... |
@@ -219,9 +216,7 @@ typedef struct _YR_OBJECT_FUNCTION |
| 219 | 219 |
const char* arguments_fmt; |
| 220 | 220 |
|
| 221 | 221 |
YR_OBJECT* return_obj; |
| 222 |
- //#if REAL_YARA |
|
| 223 | 222 |
YR_MODULE_FUNC code; |
| 224 |
- //#endif |
|
| 225 | 223 |
|
| 226 | 224 |
} YR_OBJECT_FUNCTION; |
| 227 | 225 |
|
| ... | ... |
@@ -298,8 +293,11 @@ typedef struct _SIZED_STRING |
| 298 | 298 |
|
| 299 | 299 |
#define FAIL_ON_COMPILER_ERROR(x) { \
|
| 300 | 300 |
compiler->last_result = (x); \ |
| 301 |
- if (compiler->last_result != ERROR_SUCCESS) \ |
|
| 301 |
+ if (compiler->last_result != ERROR_SUCCESS) { \
|
|
| 302 |
+ if (compiler->last_result == ERROR_INSUFICIENT_MEMORY) \ |
|
| 303 |
+ yyfatal(yyscanner, "YARA fatal error: terminating rule parse\n"); \ |
|
| 302 | 304 |
return compiler->last_result; \ |
| 305 |
+ } \ |
|
| 303 | 306 |
} |
| 304 | 307 |
|
| 305 | 308 |
/* From libyara/include/yara/re.h */ |