{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":7037996,"defaultBranch":"master","name":"yara","ownerLogin":"VirusTotal","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2012-12-06T15:33:08.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/7701252?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1714639407.0","currentOid":""},"activityList":{"items":[{"before":"48502da720de879d1de11ae952410f845994d0a8","after":null,"ref":"refs/heads/ci","pushedAt":"2024-05-02T08:43:27.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"}},{"before":"41aa1e7ccce34dd4bd5465b0c70c602e2ca76df5","after":"2479a7104ece35916aa49869a5cdd90e78994340","ref":"refs/heads/master","pushedAt":"2024-05-02T08:39:50.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"},"commit":{"message":"fix several bugs in array type handling in dotnet module (#2064)\n\nSeveral bugs were present in the parsing and generation of a string to\r\nrepresent an array type, notably when the \"lo_bound\" value is set.\r\n\r\n- The \"read_blob_signed\" was buggy for values outside the\r\n  [-2**6, 2**6-1], the sign edition did not use the right bitmask,\r\n  and the type used was unsigned.\r\n\r\n- The display when lo_bound != 0 was buggy:\r\n\r\n  - size=5, lobound=0 => should be `5`, this was ok\r\n  - size=5, lobound=1 => should be `1...5`, this was buggy and displayed\r\n    `1...6`. The \"range format\" is inclusive.\r\n\r\n- 0 should still be displayed if size is 0. Only when size is unset\r\n  should it be left out. So an array declared as `[5,0,3]` should be\r\n  displayed the same way, and not as `[5,,3]`.","shortMessageHtmlLink":"fix several bugs in array type handling in dotnet module (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2230004338\" data-permission-text=\"Title is private\" data-url=\"https://github.com/VirusTotal/yara/issues/2064\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/VirusTotal/yara/pull/2064/hovercard\" href=\"https://github.com/VirusTotal/yara/pull/2064\">#2064</a>)"}},{"before":"3c93989a5d594adb0c9c7f69272ba9c730aab8a1","after":"41aa1e7ccce34dd4bd5465b0c70c602e2ca76df5","ref":"refs/heads/master","pushedAt":"2024-05-02T08:38:17.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"},"commit":{"message":"Fix dex module inconsistencies (#2069)\n\n* fix signature and magic strings in dex module\r\n\r\nSeveral bytestring values in the dex module were not set properly,\r\nand were cut short due to the presence of a nul byte.\r\n\r\nThis happened on:\r\n- all the dex.DEX_FILE_MAGIC_* constants, which were cut short by one\r\n  byte (the last one is the nul byte).\r\n- the magic and signature field in the \"header\" object of the module.\r\n\r\nFor all of those, the size is fixed and known, so use the right length\r\nand do not cut it short if a nul byte is present.\r\n\r\n* fix declared fields in the dex module\r\n\r\nThere was some mismatch between the declared fields and the ones filled\r\nby the module:\r\n\r\n- `dex.field[*].static` and `dex.field[*].instance` were defined, but\r\n  not declared, making their use impossible. They are now properly\r\n  declared.\r\n\r\n- several fields in `dex.method[*].code_item` were declared but never\r\n  defined: `padding`, `tries` and `handlers`. Those are removed since\r\n  they couldn't have been used.","shortMessageHtmlLink":"Fix dex module inconsistencies (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2262353460\" data-permission-text=\"Title is private\" data-url=\"https://github.com/VirusTotal/yara/issues/2069\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/VirusTotal/yara/pull/2069/hovercard\" href=\"https://github.com/VirusTotal/yara/pull/2069\">#2069</a>)"}},{"before":"4b9b4c0bdb3d18f9a82e8b9ab19e73a6d7a69e00","after":"3c93989a5d594adb0c9c7f69272ba9c730aab8a1","ref":"refs/heads/master","pushedAt":"2024-04-30T17:16:22.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"},"commit":{"message":"Try using a specific MacOS version for fixing issue in CI (#2073)\n\nFor some reason the jansson library is not being found in the latest MacOS version, even though brew seems to be installing it.","shortMessageHtmlLink":"Try using a specific MacOS version for fixing issue in CI (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2271913953\" data-permission-text=\"Title is private\" data-url=\"https://github.com/VirusTotal/yara/issues/2073\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/VirusTotal/yara/pull/2073/hovercard\" href=\"https://github.com/VirusTotal/yara/pull/2073\">#2073</a>)"}},{"before":null,"after":"48502da720de879d1de11ae952410f845994d0a8","ref":"refs/heads/ci","pushedAt":"2024-04-30T15:36:17.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"},"commit":{"message":"Try using a specific MacOS version for fixing issue in CI","shortMessageHtmlLink":"Try using a specific MacOS version for fixing issue in CI"}},{"before":"adf3ddeaeebd41d66da09c7ddcb9866ab665276f","after":"4b9b4c0bdb3d18f9a82e8b9ab19e73a6d7a69e00","ref":"refs/heads/master","pushedAt":"2024-04-30T09:42:16.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"},"commit":{"message":"Add sanity check that prevents OOM errors.\n\nThe `pe_parse_delayed_imports` function didn't take into account that `pe_rva_to_offset` could return -1 when the RVA can't be translated into a file offset.","shortMessageHtmlLink":"Add sanity check that prevents OOM errors."}},{"before":"1be9811ad91c8d2113130e7274bd532a9c784c81","after":"adf3ddeaeebd41d66da09c7ddcb9866ab665276f","ref":"refs/heads/master","pushedAt":"2024-04-30T06:50:06.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"},"commit":{"message":"Updated writingmodules.rst - replaced fetch_data by the new func (#2071)","shortMessageHtmlLink":"Updated writingmodules.rst - replaced fetch_data by the new func (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2268462669\" data-permission-text=\"Title is private\" data-url=\"https://github.com/VirusTotal/yara/issues/2071\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/VirusTotal/yara/pull/2071/hovercard\" href=\"https://github.com/VirusTotal/yara/pull/2071\">#2071</a>)"}},{"before":"1242223b04f28ec88629ab1d0b2c18d0aeec16a8","after":"1be9811ad91c8d2113130e7274bd532a9c784c81","ref":"refs/heads/master","pushedAt":"2024-04-23T07:20:02.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"},"commit":{"message":"Add sanity check that prevents to much memory consumption with corrupted files\n\nWith this change ordinal numbers in imports are limited to 65535, larger ordinal numbers are ignored because they are sign of file corruption.","shortMessageHtmlLink":"Add sanity check that prevents to much memory consumption with corrup…"}},{"before":"5317a2b3499f1e3a583377dcc1b8be84725034ac","after":"1242223b04f28ec88629ab1d0b2c18d0aeec16a8","ref":"refs/heads/master","pushedAt":"2024-04-19T15:21:53.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"},"commit":{"message":"Ignore resource directory entries that with offset == 0.","shortMessageHtmlLink":"Ignore resource directory entries that with offset == 0."}},{"before":"620963092c42b95da9fa124727f25455e0beae5d","after":"5317a2b3499f1e3a583377dcc1b8be84725034ac","ref":"refs/heads/master","pushedAt":"2024-04-08T13:49:14.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"},"commit":{"message":"Fix endianness issue.","shortMessageHtmlLink":"Fix endianness issue."}},{"before":"80972f0b4c9939ddbf83d3c1b4cbd218d6b389d1","after":"620963092c42b95da9fa124727f25455e0beae5d","ref":"refs/heads/master","pushedAt":"2024-04-08T13:33:41.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"},"commit":{"message":"Better sanitation while parsing corrupted resources.","shortMessageHtmlLink":"Better sanitation while parsing corrupted resources."}},{"before":"9c26038171edcdc084370562703f22e649067125","after":"80972f0b4c9939ddbf83d3c1b4cbd218d6b389d1","ref":"refs/heads/master","pushedAt":"2024-04-08T10:04:33.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"},"commit":{"message":"Populate `dotnet.resources[x].offset` and `dotnet.resources[x].length` even if falling outside of the file\n\nUntil now, these two fields were populated only when the offset and offset + length were within the file boundaries. This meant that the fields were undefined for some files that were truncated. For instance, 3323480fc4e35f73a8e93c4a0658c818d7e517df7ba15ba4cbb5cd2b6058cb0f.","shortMessageHtmlLink":"Populate <code>dotnet.resources[x].offset</code> and `dotnet.resources[x].length…"}},{"before":"3395fee53c12d2a9e59b1f72405bc3602c4ce90d","after":"9c26038171edcdc084370562703f22e649067125","ref":"refs/heads/master","pushedAt":"2024-04-08T09:57:17.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"},"commit":{"message":"Fix alignment check in 32-bits.","shortMessageHtmlLink":"Fix alignment check in 32-bits."}},{"before":"924fa58ce9a985301ee25e2a95924b9b412023ae","after":"3395fee53c12d2a9e59b1f72405bc3602c4ce90d","ref":"refs/heads/master","pushedAt":"2024-04-08T08:53:38.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"},"commit":{"message":"Remove assertion from `test-aligment.c`\n\n`off_t` is not 64 bits in all platforms (like Win32)","shortMessageHtmlLink":"Remove assertion from <code>test-aligment.c</code>"}},{"before":"833a580430abe0fbc9bc17a21fb95bf36dacf367","after":"924fa58ce9a985301ee25e2a95924b9b412023ae","ref":"refs/heads/master","pushedAt":"2024-04-08T08:28:38.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"},"commit":{"message":"Fix issue #2065\n\nThe issue was causing false negative with certain patterns.","shortMessageHtmlLink":"Fix issue <a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2230566512\" data-permission-text=\"Title is private\" data-url=\"https://github.com/VirusTotal/yara/issues/2065\" data-hovercard-type=\"issue\" data-hovercard-url=\"/VirusTotal/yara/issues/2065/hovercard\" href=\"https://github.com/VirusTotal/yara/issues/2065\">#2065</a>"}},{"before":"2a9bc0d5e6637e61e5dbedf3dff292efe319917d","after":"833a580430abe0fbc9bc17a21fb95bf36dacf367","ref":"refs/heads/master","pushedAt":"2024-04-07T15:56:54.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"},"commit":{"message":"Fix issue #2050.\n\nSee also PR #2048.","shortMessageHtmlLink":"Fix issue <a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2167208867\" data-permission-text=\"Title is private\" data-url=\"https://github.com/VirusTotal/yara/issues/2050\" data-hovercard-type=\"issue\" data-hovercard-url=\"/VirusTotal/yara/issues/2050/hovercard\" href=\"https://github.com/VirusTotal/yara/issues/2050\">#2050</a>."}},{"before":"fedee98f9df1591c1f23abc8c1286da56b2486bc","after":"2a9bc0d5e6637e61e5dbedf3dff292efe319917d","ref":"refs/heads/master","pushedAt":"2024-04-05T16:49:35.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"},"commit":{"message":"Prevent assert in MSVC debug version of isprint() (#2062)","shortMessageHtmlLink":"Prevent assert in MSVC debug version of isprint() (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2228300311\" data-permission-text=\"Title is private\" data-url=\"https://github.com/VirusTotal/yara/issues/2062\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/VirusTotal/yara/pull/2062/hovercard\" href=\"https://github.com/VirusTotal/yara/pull/2062\">#2062</a>)"}},{"before":"7fa7465675cdc82a47dcdb47addf611b3757d1e7","after":"fedee98f9df1591c1f23abc8c1286da56b2486bc","ref":"refs/heads/master","pushedAt":"2024-03-26T18:21:15.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"},"commit":{"message":"Fix syntax error in `.readthedocs.yaml`","shortMessageHtmlLink":"Fix syntax error in <code>.readthedocs.yaml</code>"}},{"before":"2570c1f9314b4a83eac0be2b13811ad9a0ec5922","after":"7fa7465675cdc82a47dcdb47addf611b3757d1e7","ref":"refs/heads/master","pushedAt":"2024-03-26T18:19:53.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"},"commit":{"message":"Add requirements.txt for documentation.","shortMessageHtmlLink":"Add requirements.txt for documentation."}},{"before":"94b7da931c3126066376fbefdfca9da1b773270c","after":"2570c1f9314b4a83eac0be2b13811ad9a0ec5922","ref":"refs/heads/master","pushedAt":"2024-03-26T18:07:56.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"},"commit":{"message":"Create .readthedocs.yaml\n\nThis file allows ReadTheDocs to build the documentation, generating the HTML for it.","shortMessageHtmlLink":"Create .readthedocs.yaml"}},{"before":"07e46fa305b5fee077f2a5044a0a357e9b477017","after":"94b7da931c3126066376fbefdfca9da1b773270c","ref":"refs/heads/master","pushedAt":"2024-03-25T09:49:21.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"},"commit":{"message":"Add test case for `math.entropy` where input is an empty string.","shortMessageHtmlLink":"Add test case for <code>math.entropy</code> where input is an empty string."}},{"before":"c6d16301e43f1abcf9511ac420acb248e49fdfee","after":"07e46fa305b5fee077f2a5044a0a357e9b477017","ref":"refs/heads/master","pushedAt":"2024-03-23T20:22:40.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"},"commit":{"message":"Add Tenzir to the list of Users (#2051)\n\nAs documented in https://docs.tenzir.com/blog/matching-yara-rules-in-byte-pipelines.","shortMessageHtmlLink":"Add Tenzir to the list of Users (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2173357500\" data-permission-text=\"Title is private\" data-url=\"https://github.com/VirusTotal/yara/issues/2051\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/VirusTotal/yara/pull/2051/hovercard\" href=\"https://github.com/VirusTotal/yara/pull/2051\">#2051</a>)"}},{"before":"ff959e562a2e423bd8d41e9fd5861a0173bff3a9","after":"c6d16301e43f1abcf9511ac420acb248e49fdfee","ref":"refs/heads/master","pushedAt":"2024-03-23T20:22:08.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"},"commit":{"message":"Fix broken link (#2058)","shortMessageHtmlLink":"Fix broken link (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2202987943\" data-permission-text=\"Title is private\" data-url=\"https://github.com/VirusTotal/yara/issues/2058\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/VirusTotal/yara/pull/2058/hovercard\" href=\"https://github.com/VirusTotal/yara/pull/2058\">#2058</a>)"}},{"before":"c80cd9debf327c29bb824e9a107667d29714eaa7","after":"ff959e562a2e423bd8d41e9fd5861a0173bff3a9","ref":"refs/heads/master","pushedAt":"2024-03-20T14:49:20.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"},"commit":{"message":"Add more test cases.","shortMessageHtmlLink":"Add more test cases."}},{"before":"87485021cff0030e1ceb9cba47e375a7f6c67845","after":"c80cd9debf327c29bb824e9a107667d29714eaa7","ref":"refs/heads/master","pushedAt":"2024-03-20T14:48:03.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"},"commit":{"message":"Fix issue with `matches` operator not matching empty strings\n\nThe `matches` operator was returning false if the left operand was an empty strings. So, `\"\" matches <some regexp>` was returning false regardless of the regexp used. However, some regexp *do* match the empty strings, like for example `/foo|/`.","shortMessageHtmlLink":"Fix issue with <code>matches</code> operator not matching empty strings"}},{"before":"74c1a0c8a60c7efd9fac13ab0415c56f12eedb18","after":"87485021cff0030e1ceb9cba47e375a7f6c67845","ref":"refs/heads/master","pushedAt":"2024-03-20T08:23:06.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"},"commit":{"message":"Fix integer overflow causing issue when parsing directory table\n\nFile e64e806c6df76f245c9b1288f59198bc9478329cfdd2d7ddcb9490a57d0b3cf4 was not properly parsed because `NumberOfRvaAndSizes` overflowed and became negative.","shortMessageHtmlLink":"Fix integer overflow causing issue when parsing directory table"}},{"before":"5bf72f2fb04e5fd8eaad5ca4ee5c283314b9fd08","after":"74c1a0c8a60c7efd9fac13ab0415c56f12eedb18","ref":"refs/heads/master","pushedAt":"2024-03-19T14:45:12.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"},"commit":{"message":"Relax check in pe_get_directory_entry.\n\nSome PE files have a NumberOfRvaAndSizes equal to zero. Even if these files are not accepted by the Windows loader, they can be parsed, and useful information can be extracted from them. By relaxing the sanity check in pe_get_directory_entry we are no able to parse such files (like 0aa527fd26c8e7fa7f3476b6d7eb8f22c071ff4c0fd3ed3797fa90ceb80f24ce).","shortMessageHtmlLink":"Relax check in pe_get_directory_entry."}},{"before":"c009195c1e08da559600be94a78a14c2beb06d6b","after":"5bf72f2fb04e5fd8eaad5ca4ee5c283314b9fd08","ref":"refs/heads/master","pushedAt":"2024-03-18T19:21:18.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"},"commit":{"message":"Fix issue while parsing .NET resources\n\n.NET resources can be found outside the current file. Before this change those resources were being ignored, but now they are included in the `resources` array. The `name` and `length` fields are kept undefined though. So, external resources have only the `name` field set.","shortMessageHtmlLink":"Fix issue while parsing .NET resources"}},{"before":"a0241546df204fc61d87a81b26a323e004529f95","after":"c009195c1e08da559600be94a78a14c2beb06d6b","ref":"refs/heads/master","pushedAt":"2024-03-08T11:29:05.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"},"commit":{"message":"Apply stricter sanity checks while parsing PE resources.\n\nCorrupted file `c10a733e4899dbd03d537d7832efa71016f618e9fd1bffa35b8265df359a91f8` was producing tons of invalid resource entries.","shortMessageHtmlLink":"Apply stricter sanity checks while parsing PE resources."}},{"before":"9490a0c00c643e3044542c808d06df9bba812116","after":"a0241546df204fc61d87a81b26a323e004529f95","ref":"refs/heads/master","pushedAt":"2024-03-07T09:40:15.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"plusvic","name":"Victor M. Alvarez","path":"/plusvic","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/182937?s=80&v=4"},"commit":{"message":"Remove check in `dotnet_is_dotnet` that doesn't seem necessary.\n\nThis function was checking the first two bytes at the entrypoint of .NET files, if the bytes were not `FF 25` the file was not considered a .NET file. This check was overly restrictive, as some files like `8fa7fe73a65296e9ca8301734a0deaa298cda0b7a65f6b7d2ef6d1c8bbb8cd7a` don't have such files at the entrypoint.","shortMessageHtmlLink":"Remove check in <code>dotnet_is_dotnet</code> that doesn't seem necessary."}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAEP5RsoQA","startCursor":null,"endCursor":null}},"title":"Activity · VirusTotal/yara"}