未验证 提交 35eb9063 编写于 作者: I Icy99 提交者: Gitee

rename demo/sectest/static_patch_scan/2022-07/OpenHarmony-SA-2022-0702.yara.

Signed-off-by: NIcy99 <chaoyaxin99@bupt.edu.cn>
上级 20f6c211
...@@ -26,21 +26,9 @@ affected_files = "libupdateservice.z.so" //OpenHarmony-v3.0-LTS到OpenHarmony-v3 ...@@ -26,21 +26,9 @@ affected_files = "libupdateservice.z.so" //OpenHarmony-v3.0-LTS到OpenHarmony-v3
strings: strings:
/*
.text:0028DEC2 38 F0 46 ED
.text:0028DEC2 38 F0 46 ED
.text:0028DEC2 39 F0 2E E9
.text:0028EDC2 39 F0 5E EA
.text:0028EDC2 39 F0 6E EA
.text:0028EDC2 39 F0 6E EA
*/
$fix={39 F0 ?E EA}
$fix={DD E9 05 20 07 99}
condition: condition:
(elf.machine == elf.EM_ARM) and $fix and console.log("OpenHarmony-SA-2022-0702 testcase pass") (elf.machine == elf.EM_ARM) and (not $fix) and console.log("OpenHarmony-SA-2022-0702 testcase pass")
} }
\ No newline at end of file
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册