The namespace was freed before the pointer to it was provided to the yara API.
This leads to an invalid read, which in my tests did not crash, but ended up with a namespace named "" instead of the provided name.
the add_rules_str_with_namespace API does not have the issue, the namespace already has a as_ref() call.
Hugal31
commented
1 year ago
The namespace was freed before the pointer to it was provided to the yara API. This leads to an invalid read, which in my tests did not crash, but ended up with a namespace named "" instead of the provided name.
the add_rules_str_with_namespace API does not have the issue, the namespace already has a
as_ref()call.I added a regression test as well.