From 2192b9ef18d8056d2461c04ee6764348f28fe1af Mon Sep 17 00:00:00 2001 From: Andy Ragusa Date: Tue, 27 Feb 2024 13:43:14 -0800 Subject: [PATCH] When we find an error in a yara file, exit instead of continuing to parse The yara parser can potentially overwrite heap buffers parsing invalid yara files. Exit on error to avoid this. These overwrites are only observed when running with address sanitization and mpool disabled. --- libclamav/yara_grammar.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libclamav/yara_grammar.c b/libclamav/yara_grammar.c index 2f896c2382..1a31398681 100644 --- a/libclamav/yara_grammar.c +++ b/libclamav/yara_grammar.c @@ -3649,6 +3649,8 @@ YYSTYPE yylval YY_INITIAL_VALUE (= yyval_default); } # undef YYSYNTAX_ERROR #endif + /*Exit out, no reason to continue parsing, since we have already found errors.*/ + goto yyreturn; }