From 6ad11828a8d9784777f50236930112f8d3360f1b Mon Sep 17 00:00:00 2001
From: "Victor M. Alvarez" <plusvic@gmail.com>
Date: Thu, 30 Jul 2015 19:17:59 +0200
Subject: [PATCH] Fix bug when section's name is IMAGE_SIZEOF_SHORT_NAME long

In those cases the name doesn't end in a null character and the section name reported by PE module contains spurious characters. This could also cause a buffer overrun.
---
 libyara/modules/pe.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/libyara/modules/pe.c b/libyara/modules/pe.c
index 848822d551..9577e7fabb 100644
--- a/libyara/modules/pe.c
+++ b/libyara/modules/pe.c
@@ -1304,7 +1304,12 @@ void pe_parse_header(
     if (!struct_fits_in_pe(pe, section, IMAGE_SECTION_HEADER))
       break;
 
-    strlcpy(section_name, (char*) section->Name, IMAGE_SIZEOF_SHORT_NAME + 1);
+    int n = 0;
+
+    for (; n < IMAGE_SIZEOF_SHORT_NAME && section->Name[n]; n++)
+      section_name[n] = section->Name[n];
+
+    section_name[n] = '\0';
 
     set_string(
         section_name,