Ladislav Zezula

icon indicating a website link http://www.zezula.net

icon location Czech Republic

Results 8 issues of Ladislav Zezula

"Job Management / Delete Job" only works on the first page

3 comment

If you make enough KLARA jobs that the job list goes to second (third, fourth, ...) page, then on any page except the first one, you cannot delete job. I...

bug

The "pe_get_directory_entry" doesn't take NumberOfRvaAndSizes into account

5 comment

@wxsBSD: The condition in [pe_utils.c(133)](https://github.com/VirusTotal/yara/blob/0c84e37e248d2b0aa329d78881c6d539c7488dc8/libyara/modules/pe/pe_utils.c#L133) is wrong. ### Explanation for Resources In Windows, any access to data directories is controlled by the `RtlImageDirectoryEntryToData` function. This one first checks whether the...

Both AddressOfRawData and PointerToRawData can be present in IMAGE_DEBUG_DIRECTORY

1 comment

Sample: 735f72b3fcd72789f01e923c9de2a9ab5b5ffbece23633da81d976ad0ad159e3 This sample has debug info present (IMAGE_DEBUG_DIRECTORY): ``` 00 00 00 00 .... (00000000) - Characteristics BA 03 C8 57 ...W (57C803BA) - TimeDateStamp (2016-09-01 12-32-26) 00 00...

Bug: Yara PE module "pe.number_of_signatures" doesn't check hash

4 comment

Hi, I found that YARA's `pe.number_of_signatures` ignores whether the signatures are valid (i.e. whether the hash matches). As a result, YARA doesn't have a way to check number of signatures...

ImageLoader::Save doesn't save Rich Header and section data

When `ImageLoader::Save()` is called, it produces skeleton of the PE file, containing mere PE headers. All section data are filled with zeros. I'll prepare pull request for this.

T-format-pe
C-pelib

Exception while downloading Warcraft III 1.30.0.9900

Steps to reproduce: Win32 Debug build in Visual Studio 2017 (probably will happen in any other Visual Studio) 1) Run BlizzGet 2) Program Code: w3, Region: US 3) Click "Next"...

Invalid computation of block hash in Blizzget

The function `void DataStorage::writeIndex()` improperly calculates the Jenkins hash of the index data Function: https://github.com/d07RiV/blizzget/blob/2764ef6a378a1a3e85bf002d946898b417d747d2/src/ngdp.cpp#L451 This is how Blizzard Downloader does it: https://github.com/ladislav-zezula/CascLib/blob/be1f076e4fcfccab0f2eb00368d458e6576f0bbb/src/CascIndexFiles.cpp#L185 This is how Blizzget does it: https://github.com/ladislav-zezula/CascLib/blob/be1f076e4fcfccab0f2eb00368d458e6576f0bbb/src/CascIndexFiles.cpp#L202

Using of the CMF key generation functions in CascLib

2 comment

Hello, I'd like to add some support of Overwatch into [CascLib](https://github.com/ladislav-zezula/CascLib). Because basically each build has its own key+IV generation, I would take the [CMF sources](https://github.com/overtools/TACTLib/tree/master/TACTLib/Core/Product/Tank/CMF) from TACTLib, convert them...