Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package yara for openSUSE:Factory checked in at 2023-07-18 22:09:14 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/yara (Old) and /work/SRC/openSUSE:Factory/.yara.new.3193 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "yara" Tue Jul 18 22:09:14 2023 rev:20 rq:1099319 version:4.3.2 Changes: -------- --- /work/SRC/openSUSE:Factory/yara/yara.changes 2023-06-20 16:47:32.531067123 +0200 +++ /work/SRC/openSUSE:Factory/.yara.new.3193/yara.changes 2023-07-18 22:09:57.199602482 +0200 @@ -1,0 +2,7 @@ +Sun Jul 16 13:28:01 UTC 2023 - Dirk Müller <[email protected]> + +- update to 4.3.2: + * BUGFIX: assertion triggered with certain hex patterns when + scanning arbitrary files + +------------------------------------------------------------------- Old: ---- yara-4.3.1.tar.gz New: ---- yara-4.3.2.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ yara.spec ++++++ --- /var/tmp/diff_new_pack.z6Kfta/_old 2023-07-18 22:09:57.847606105 +0200 +++ /var/tmp/diff_new_pack.z6Kfta/_new 2023-07-18 22:09:57.855606150 +0200 @@ -18,7 +18,7 @@ %global soname 10 Name: yara -Version: 4.3.1 +Version: 4.3.2 Release: 0 Summary: A malware identification and classification tool License: BSD-3-Clause ++++++ yara-4.3.1.tar.gz -> yara-4.3.2.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yara-4.3.1/configure.ac new/yara-4.3.2/configure.ac --- old/yara-4.3.1/configure.ac 2023-04-20 20:13:34.000000000 +0200 +++ new/yara-4.3.2/configure.ac 2023-06-12 11:29:26.000000000 +0200 @@ -1,4 +1,4 @@ -AC_INIT([yara], [4.3.1], [[email protected]]) +AC_INIT([yara], [4.3.2], [[email protected]]) AM_SILENT_RULES([yes]) AC_CONFIG_SRCDIR([cli/yara.c]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yara-4.3.1/docs/conf.py new/yara-4.3.2/docs/conf.py --- old/yara-4.3.1/docs/conf.py 2023-04-20 20:13:34.000000000 +0200 +++ new/yara-4.3.2/docs/conf.py 2023-06-12 11:29:26.000000000 +0200 @@ -53,7 +53,7 @@ # The short X.Y version. version = '4.3' # The full version, including alpha/beta/rc tags. -release = '4.3.1' +release = '4.3.2' # The language for content autogenerated by Sphinx. Refer to documentation # for a list of supported languages. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yara-4.3.1/libyara/include/yara/libyara.h new/yara-4.3.2/libyara/include/yara/libyara.h --- old/yara-4.3.1/libyara/include/yara/libyara.h 2023-04-20 20:13:34.000000000 +0200 +++ new/yara-4.3.2/libyara/include/yara/libyara.h 2023-06-12 11:29:26.000000000 +0200 @@ -34,7 +34,7 @@ #define YR_MAJOR_VERSION 4 #define YR_MINOR_VERSION 3 -#define YR_MICRO_VERSION 1 +#define YR_MICRO_VERSION 2 #define version_str(s) _version_str(s) #define _version_str(s) #s diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yara-4.3.1/libyara/re.c new/yara-4.3.2/libyara/re.c --- old/yara-4.3.1/libyara/re.c 2023-04-20 20:13:34.000000000 +0200 +++ new/yara-4.3.2/libyara/re.c 2023-06-12 11:29:26.000000000 +0200 @@ -2291,10 +2291,11 @@ break; case RE_OPCODE_REPEAT_ANY_UNGREEDY: - if (bytes_matched >= max_bytes_matched) + repeat_any_args = (RE_REPEAT_ANY_ARGS*) (ip + 1); + + if (bytes_matched + repeat_any_args->min >= max_bytes_matched) break; - repeat_any_args = (RE_REPEAT_ANY_ARGS*) (ip + 1); match = true; const uint8_t* next_opcode = ip + 1 + sizeof(RE_REPEAT_ANY_ARGS); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yara-4.3.1/tests/test-rules.c new/yara-4.3.2/tests/test-rules.c --- old/yara-4.3.1/tests/test-rules.c 2023-04-20 20:13:34.000000000 +0200 +++ new/yara-4.3.2/tests/test-rules.c 2023-06-12 11:29:26.000000000 +0200 @@ -1601,6 +1601,18 @@ condition: $a }", "123440004"); + assert_true_rule( + "rule test { \ + strings: $a = { 31[-][8-][-]30 } \ + condition: $a }", + "1234567890"); + + assert_false_rule( + "rule test { \ + strings: $a = { 31[-][9-][-]30 } \ + condition: $a }", + "1234567890"); + assert_error( "rule test { \ strings: $a = { 01 [0] 02 } \
