From 562c0f82f3b683abd82f61269d3c8610f776b905 Mon Sep 17 00:00:00 2001
From: "Victor M. Alvarez" <plusvic@gmail.com>
Date: Wed, 15 Nov 2023 10:30:01 +0100
Subject: [PATCH] fix: limit the number of resources extracted from a PE file

---
 yara-x/src/modules/pe/parser.rs | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/yara-x/src/modules/pe/parser.rs b/yara-x/src/modules/pe/parser.rs
index 960966e6b..1da3075b5 100644
--- a/yara-x/src/modules/pe/parser.rs
+++ b/yara-x/src/modules/pe/parser.rs
@@ -402,6 +402,7 @@ impl<'a> PE<'a> {
 
     const MAX_PE_SECTIONS: usize = 96;
     const MAX_PE_IMPORTS: usize = 16384;
+    const MAX_PE_RESOURCES: usize = 65535;
     const MAX_DIR_ENTRIES: usize = 16;
 
     fn parse_dos_header(input: &[u8]) -> IResult<&[u8], DOSHeader> {
@@ -1233,6 +1234,10 @@ impl<'a> PE<'a> {
                     } else if let Ok((_, rsrc_entry)) =
                         Self::parse_rsrc_entry(entry_data)
                     {
+                        if resources.len() == Self::MAX_PE_RESOURCES {
+                            return Some(resources);
+                        }
+
                         resources.push(Resource {
                             type_id: ids.0,
                             rsrc_id: ids.1,