From 2a9f61d4844615c03af05086a6a6ab55f586e6e4 Mon Sep 17 00:00:00 2001
From: "Victor M. Alvarez" <vmalvarez@virustotal.com>
Date: Thu, 1 Aug 2024 11:42:01 +0200
Subject: [PATCH] Mitigate stack overflow when scanning very deep directory
 trees.

Closes #2088.
---
 cli/yara.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/cli/yara.c b/cli/yara.c
index 34e88eda6e..cf913eb12c 100644
--- a/cli/yara.c
+++ b/cli/yara.c
@@ -667,12 +667,14 @@ static int scan_dir(const char* dir, SCAN_OPTIONS* scan_opts)
   {
     struct dirent* de = readdir(dp);
 
+    char* full_path = calloc(YR_MAX_PATH, sizeof(char));
+    const size_t full_path_size = YR_MAX_PATH * sizeof(char);
+
     while (de && result != ERROR_SCAN_TIMEOUT)
     {
-      char full_path[YR_MAX_PATH];
       struct stat st;
 
-      snprintf(full_path, sizeof(full_path), "%s/%s", dir, de->d_name);
+      snprintf(full_path, full_path_size, "%s/%s", dir, de->d_name);
 
       int err = lstat(full_path, &st);
 
@@ -731,6 +733,7 @@ static int scan_dir(const char* dir, SCAN_OPTIONS* scan_opts)
       de = readdir(dp);
     }
 
+    free(full_path);
     closedir(dp);
   }