mirror of https://github.com/Cisco-Talos/clamav
It is possible for bm->offset to be negative and (offset + bm->offset) to be positive, in which case the bounds check was incorrectly skipped, which could result in a segfault. Program terminated with signal SIGSEGV, Segmentation fault. #0 0x00007fea90598db0 in cli_bcomp_compare_check ( f_buffer=0x7fea5c9e3a3e <error: Cannot access memory at address 0x7fea5c9e3a3e>, f_buffer@entry=0x7fea5c98c1ba "\001\030\001\030", buffer_length=buffer_length@entry=2590, offset=<optimized out>, bm=bm@entry=0x7fea7289f9c8) at matcher-byte-comp.c:720pull/111/head
parent
1b5a59c416
commit
f5ca0ae757
Loading…
Reference in new issue