open-dsi
/
clamav
mirror of https://github.com/Cisco-Talos/clamav
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix fd leak in chm_decompress_stream (CVE-2007-1745)

Browse Source 
git-svn: trunk@3020
remotes/push_mirror/metadata
Tomasz Kojm 18 years ago
parent 7e727361e7
commit 630d154a20
2 changed files with 9 additions and 1 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 4
      ChangeLog
  2. 6
      libclamav/chmunpack.c

4
ChangeLog
Unescape View File

@ -1,3 +1,7 @@
Sun Apr 15 21:16:08 CEST 2007 (tk)
----------------------------------
* libclamav/chmunpack.c: fix fd leak in chm_decompress_stream (CVE-2007-1745)
Sun Apr 15 21:14:06 CEST 2007 (tk)
----------------------------------
* libclamav/cab.c: fix buffer overflow, reported through iDefense

6
libclamav/chmunpack.c
Unescape View File

@ -831,7 +831,7 @@ static int chm_decompress_stream(int fd, const char *dirname, itsf_header_t *its
snprintf(filename, 1024, "%s/clamav-unchm.bin", dirname);
tmpfd = open(filename, O_WRONLY|O_CREAT|O_TRUNC|O_BINARY, S_IRWXU);
if (!tmpfd) {
if (tmpfd<0) {
cli_dbgmsg("open failed for %s\n", filename);
return FALSE;
}
@ -943,9 +943,13 @@ static int chm_decompress_stream(int fd, const char *dirname, itsf_header_t *its
count++;
}
close(tmpfd);
tmpfd=-1;
retval = TRUE;
abort:
if (tmpfd>=0) {
close(tmpfd);
}
if (lzx_content) {
free(lzx_content);
}

Write Preview
Loading…
Cancel
Save