Skip to content
This repository was archived by the owner on May 16, 2025. It is now read-only.

Commit 809b5d7

Browse files
atcunoatcuno
authored
Merge pull request #559 from demoray/master
prevent infinite looping handling fops
2 parents a767173 + d2bdef1 commit 809b5d7

File tree

2 files changed

+8
-0
lines changed

2 files changed

+8
-0
lines changed

volatility/plugins/linux/check_fops.py

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -121,6 +121,8 @@ def _walk_proc_old(self, cur, f_op_members, modules, parent):
121121
if cur.obj_offset == last_cur:
122122
break
123123

124+
if cur == cur.next:
125+
break
124126
cur = cur.next
125127
if cur.obj_offset in self.seen_proc:
126128
break
@@ -142,6 +144,8 @@ def _walk_proc_old(self, cur, f_op_members, modules, parent):
142144
subdir = subdir.next
143145

144146
last_cur = cur.obj_offset
147+
if cur == cur.next:
148+
break
145149
cur = cur.next
146150

147151
def _walk_rb(self, rb):

volatility/plugins/linux/check_inline_kernel.py

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -170,6 +170,8 @@ def check_proc_fop(self, f_op_members, modules):
170170
def walk_proc(self, cur, f_op_members, modules, parent = ""):
171171
while cur:
172172
if cur.obj_offset in self.seen_proc:
173+
if cur == cur.next:
174+
break
173175
cur = cur.next
174176
continue
175177

@@ -192,6 +194,8 @@ def walk_proc(self, cur, f_op_members, modules, parent = ""):
192194
yield (sub_name, hooked_member, hook_type, hook_address)
193195
subdir = subdir.next
194196

197+
if cur == cur.next:
198+
break
195199
cur = cur.next
196200

197201
def check_proc_root_fops(self, f_op_members, modules):

0 commit comments

Comments
 (0)