open-dsi
/
clamav
mirror of https://github.com/Cisco-Talos/clamav
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

bb11601 - check array boundaries in unrarvm rarvm_getbits().

Browse Source
pull/60/head
Steven Morgan 9 years ago
parent 64f9b9b5dd
commit da520c34b0
1 changed files with 8 additions and 5 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 13
      libclamunrar/unrarvm.c

13
libclamunrar/unrarvm.c
Unescape View File

@ -215,12 +215,15 @@ unsigned int rarvm_getbits(rarvm_input_t *rarvm_input)
{ {
unsigned int bit_field; unsigned int bit_field;
bit_field = (unsigned int) rarvm_input->in_buf[rarvm_input->in_addr] << 16; if (rarvm_input->in_addr+2 < rarvm_input->buf_size) {
bit_field |= (unsigned int) rarvm_input->in_buf[rarvm_input->in_addr+1] << 8; bit_field = (unsigned int) rarvm_input->in_buf[rarvm_input->in_addr] << 16;
bit_field |= (unsigned int) rarvm_input->in_buf[rarvm_input->in_addr+2]; bit_field |= (unsigned int) rarvm_input->in_buf[rarvm_input->in_addr+1] << 8;
bit_field >>= (8-rarvm_input->in_bit); bit_field |= (unsigned int) rarvm_input->in_buf[rarvm_input->in_addr+2];
bit_field >>= (8-rarvm_input->in_bit);
return (bit_field & 0xffff); return (bit_field & 0xffff);
}
return 0;
} }
unsigned int rarvm_read_data(rarvm_input_t *rarvm_input) unsigned int rarvm_read_data(rarvm_input_t *rarvm_input)

Write Preview
Loading…
Cancel
Save