From 50d244022a7429d62a1d90217fe48c0a93923637 Mon Sep 17 00:00:00 2001
From: Tomasz Kojm <tkojm@clamav.net>
Date: Thu, 6 Dec 2007 15:08:05 +0000
Subject: [PATCH] fix possible integer overflow in MEW related code

git-svn: trunk@3376
---
 ChangeLog      | 5 +++++
 libclamav/pe.c | 1 +
 2 files changed, 6 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 8ad8f8f3b..4001cec5d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+Thu Dec  6 15:22:27 CET 2007 (tk)
+---------------------------------
+  * libclamav/pe.c: fix possible integer overflow in MEW related code
+		    Reported by iDefense [IDEF2842]
+
 Thu Dec  6 15:19:53 CET 2007 (tk)
 ---------------------------------
   * libclamav/sis.c: fix error path descriptor leak (bb#704)
diff --git a/libclamav/pe.c b/libclamav/pe.c
index 9acd697f9..a4a935809 100644
--- a/libclamav/pe.c
+++ b/libclamav/pe.c
@@ -1116,6 +1116,7 @@ int cli_scanpe(int desc, cli_ctx *ctx)
 
 	    cli_dbgmsg("MEW: ssize %08x dsize %08x offdiff: %08x\n", ssize, dsize, offdiff);
 
+	    CLI_UNPSIZELIMITS("MEW", MAX(ssize, dsize));
 	    CLI_UNPSIZELIMITS("MEW", MAX(ssize + dsize, exe_sections[i + 1].rsz));
 
 	    /* allocate needed buffer */