open-dsi
/
clamav
mirror of https://github.com/Cisco-Talos/clamav
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

bb11446 - fixing autoit OOB bufferread

Browse Source
remotes/push_mirror/msola
Mickey Sola 10 years ago
parent 41e8fd628f
commit 3072cef1f9
1 changed files with 13 additions and 3 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 16
      libclamav/autoit.c

16
libclamav/autoit.c
Unescape View File

@ -261,6 +261,11 @@ static int ea05(cli_ctx *ctx, const uint8_t *base, char *tmpd) {
continue;
}
if (UNP.csize < sizeof(union unaligned_32)) {
cli_dbgmsg("autoit: compressed size too small, skipping\n");
continue;
}
if (!(UNP.inputbuf = cli_malloc(UNP.csize)))
return CL_EMEM;
if (!fmap_need_ptr_once(map, base, UNP.csize)) {
@ -581,6 +586,11 @@ static int ea06(cli_ctx *ctx, const uint8_t *base, char *tmpd) {
continue;
}
if (UNP.csize < sizeof(union unaligned_32)) {
cli_dbgmsg("autoit: compressed size too small, skipping\n");
continue;
}
files++;
if (!(UNP.inputbuf = cli_malloc(UNP.csize)))
return CL_EMEM;
@ -596,9 +606,9 @@ static int ea06(cli_ctx *ctx, const uint8_t *base, char *tmpd) {
if (comp == 1) {
cli_dbgmsg("autoit: file is compressed\n");
if (cli_readint32(UNP.inputbuf)!=0x36304145) {
cli_dbgmsg("autoit: bad magic or unsupported version\n");
free(UNP.inputbuf);
continue;
cli_dbgmsg("autoit: bad magic or unsupported version\n");
free(UNP.inputbuf);
continue;
}
if(!(UNP.usize = be32_to_host(*(uint32_t *)(UNP.inputbuf+4))))

Write Preview
Loading…
Cancel
Save