Revert previous commit and fix issue introduced in 67cccf0.

Author: plusvic

libyara/exec.c

@@ -470,9 +470,10 @@ int yr_execute_code(YR_SCAN_CONTEXT* context)
       yr_arena_create(1, 512 * sizeof(YR_OBJECT*), &obj_arena),
       yr_free(stack.items));
 
-  FAIL_ON_ERROR_WITH_CLEANUP(yr_notebook_create(1048576, &it_notebook),
-                             yr_arena_release(obj_arena);
-                             yr_free(stack.items));
+  FAIL_ON_ERROR_WITH_CLEANUP(
+      yr_notebook_create(512 * sizeof(YR_ITERATOR), &it_notebook),
+      yr_arena_release(obj_arena);
+      yr_free(stack.items));
 
 #ifdef YR_PROFILING_ENABLED
   start_time = yr_stopwatch_elapsed_ns(&context->stopwatch);
@@ -651,6 +652,11 @@ int yr_execute_code(YR_SCAN_CONTEXT* context)
           it_notebook,
           sizeof(YR_ITERATOR) + sizeof(SIZED_STRING*) * (size_t) r1.i);
 
+      memset(
+          r3.p,
+          0xcc,
+          sizeof(YR_ITERATOR) + sizeof(SIZED_STRING*) * (size_t) r1.i);
+
       if (r3.p == NULL)
       {
         result = ERROR_INSUFFICIENT_MEMORY;

libyara/notebook.c

@@ -48,19 +48,17 @@ typedef struct YR_NOTEBOOK_PAGE YR_NOTEBOOK_PAGE;
 // all the buffers allocated via yr_notebook_alloc().
 struct YR_NOTEBOOK
 {
-  // Size of pages in the notebook. Most pages are this size, but some
-  // of them can be 2x, 3x, or in general Nx this size. This happens when
-  // yr_notebook_alloc is called with a size that is larger than page_size,
-  // which means that the notebook needs to allocate a page that is larger
-  // than the rest for accomodating the requested buffer.
-  size_t page_size;
+  // The mininum size of each page in the notebook.
+  size_t min_page_size;
   // Pointer to the first page in the book, this is also the most recently
   // created page, the one that is being filled.
   YR_NOTEBOOK_PAGE* page_list_head;
 };
 
 struct YR_NOTEBOOK_PAGE
 {
+  // Size of this page.
+  size_t size;
   // Amount of bytes in the page that are actually used.
   size_t used;
   // Pointer to next page.
@@ -81,23 +79,24 @@ struct YR_NOTEBOOK_PAGE
 //   ERROR_SUCCESS
 //   ERROR_INSUFFICIENT_MEMORY
 //
-int yr_notebook_create(size_t page_size, YR_NOTEBOOK** notebook)
+int yr_notebook_create(size_t min_page_size, YR_NOTEBOOK** notebook)
 {
   YR_NOTEBOOK* new_notebook = yr_malloc(sizeof(YR_NOTEBOOK));
 
   if (new_notebook == NULL)
     return ERROR_INSUFFICIENT_MEMORY;
 
   new_notebook->page_list_head = yr_malloc(
-      sizeof(YR_NOTEBOOK_PAGE) + page_size);
+      sizeof(YR_NOTEBOOK_PAGE) + min_page_size);
 
   if (new_notebook->page_list_head == NULL)
   {
     yr_free(new_notebook);
     return ERROR_INSUFFICIENT_MEMORY;
   }
 
-  new_notebook->page_size = page_size;
+  new_notebook->min_page_size = min_page_size;
+  new_notebook->page_list_head->size = min_page_size;
   new_notebook->page_list_head->used = 0;
   new_notebook->page_list_head->next = NULL;
 
@@ -151,20 +150,26 @@ void* yr_notebook_alloc(YR_NOTEBOOK* notebook, size_t size)
   // deferrencing pointers to types larger than a byte.
   size = (size + 7) & ~0x7;
 
+  YR_NOTEBOOK_PAGE* current_page = notebook->page_list_head;
+
   // If the requested size doesn't fit in current page's free space, allocate
   // a new page.
-  if (notebook->page_size - notebook->page_list_head->used < size)
+  if (current_page->size - current_page->used < size)
   {
+    size_t min_size = notebook->min_page_size;
+
     // The new page must be able to fit the requested buffer, so find the
-    // multiple of notebook->page_size that is larger than size.
-    size_t page_size = (size / notebook->page_size + 1) * notebook->page_size;
+    // multiple of notebook->min_page_size that is larger or equal than than
+    // size.
+    size_t page_size = (size / min_size) * min_size + min_size;
 
     YR_NOTEBOOK_PAGE* new_page = yr_malloc(
         sizeof(YR_NOTEBOOK_PAGE) + page_size);
 
     if (new_page == NULL)
       return NULL;
 
+    new_page->size = page_size;
     new_page->used = 0;
     new_page->next = notebook->page_list_head;
     notebook->page_list_head = new_page;