Mac - check file header address and dyld info address before processing them

Author: atcuno

volatility/plugins/overlays/mac/mac.py

@@ -1061,6 +1061,8 @@ def get_macho(self, exe_address):
         proc_as = self.get_process_address_space()
 
         m = obj.Object("macho_header", offset = exe_address, vm = proc_as)
+        if not m.is_valid():
+            return
 
         buffer = ""
 
@@ -1117,6 +1119,8 @@ def get_dyld_maps(self):
             return
 
         info_addr = struct.unpack(self.pack_fmt, info_buf)[0] 
+        if not proc_as.is_valid_address(info_addr):
+            return
 
         cnt = infos.infoArrayCount
         if cnt > 4096: