open-dsi
/
clamav
mirror of https://github.com/Cisco-Talos/clamav
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Patch for integer overflow checks for petite unpack code supplied by Sebastian Andrzej Siewior.

Browse Source
remotes/push_mirror/klin/msxml
Steven Morgan 10 years ago
parent fe0f7c3845
commit 602eef695d
1 changed files with 10 additions and 0 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 10
      libclamav/petite.c

10
libclamav/petite.c
Unescape View File

@ -393,6 +393,11 @@ int petite_inflate2x_1to9(char *buf, uint32_t minrva, uint32_t bufsz, struct cli
free(usects);
return 1;
}
if (backbytes >= INT_MAX / 2) {
free(usects);
cli_dbgmsg("Petite: probably invalid file\n");
return 1;
}
backbytes = backbytes*2 + oob;
if ( (oob = doubledl(&ssrc, &mydl, buf, bufsz)) == -1 ) {
free(usects);
@ -409,6 +414,11 @@ int petite_inflate2x_1to9(char *buf, uint32_t minrva, uint32_t bufsz, struct cli
free(usects);
return 1;
}
if (backbytes >= INT_MAX / 2) {
free(usects);
cli_dbgmsg("Petite: probably invalid file\n");
return 1;
}
backbytes = backbytes*2 + oob;
backsize--;
} while (backsize);

Write Preview
Loading…
Cancel
Save