git-svn: trunk@3717
Tomasz Kojm authored on 2008/03/18 20:13:55... | ... |
@@ -1,3 +1,7 @@ |
1 |
+Tue Mar 18 11:25:00 CET 2008 (tk) |
|
2 |
+--------------------------------- |
|
3 |
+ * libclamav/mspack.c: fix handling of MSZIP compressed folders (bb#882) |
|
4 |
+ |
|
1 | 5 |
Mon Mar 17 17:25:44 EET 2008 (edwin) |
2 | 6 |
------------------------------------ |
3 | 7 |
* libclamav/message.c: degrade some warning messages to debug (bb #880). |
... | ... |
@@ -104,6 +104,7 @@ static const unsigned short mszip_bit_mask_tab[17] = { |
104 | 104 |
if (mszip_read_input(zip)) return zip->error; \ |
105 | 105 |
i_ptr = zip->i_ptr; \ |
106 | 106 |
i_end = zip->i_end; \ |
107 |
+ if(i_ptr == i_end) break; \ |
|
107 | 108 |
} \ |
108 | 109 |
bit_buffer |= *i_ptr++ << bits_left; bits_left += 8; \ |
109 | 110 |
} \ |
... | ... |
@@ -126,18 +127,6 @@ static int mszip_read_input(struct mszip_stream *zip) { |
126 | 126 |
int read = zip->read ? zip->read(zip->file, zip->inbuf, (int)zip->inbuf_size) : cli_readn(zip->fd, zip->inbuf, (int)zip->inbuf_size); |
127 | 127 |
if (read < 0) return zip->error = CL_EIO; |
128 | 128 |
|
129 |
- if (read == 0) { |
|
130 |
- if (zip->input_end) { |
|
131 |
- cli_dbgmsg("mszip_read_input: out of input bytes\n"); |
|
132 |
- return zip->error = CL_EIO; |
|
133 |
- } |
|
134 |
- else { |
|
135 |
- read = 1; |
|
136 |
- zip->inbuf[0] = 0; |
|
137 |
- zip->input_end = 1; |
|
138 |
- } |
|
139 |
- } |
|
140 |
- |
|
141 | 129 |
zip->i_ptr = &zip->inbuf[0]; |
142 | 130 |
zip->i_end = &zip->inbuf[read]; |
143 | 131 |
|
... | ... |
@@ -391,9 +380,11 @@ static int mszip_inflate(struct mszip_stream *zip) { |
391 | 391 |
if (mszip_read_input(zip)) return zip->error; |
392 | 392 |
i_ptr = zip->i_ptr; |
393 | 393 |
i_end = zip->i_end; |
394 |
+ if(i_ptr == i_end) break; |
|
394 | 395 |
} |
395 | 396 |
lens_buf[i++] = *i_ptr++; |
396 | 397 |
} |
398 |
+ if (i < 4) return INF_ERR_BITBUF; |
|
397 | 399 |
|
398 | 400 |
/* get the length and its complement */ |
399 | 401 |
length = lens_buf[0] | (lens_buf[1] << 8); |
... | ... |
@@ -406,6 +397,7 @@ static int mszip_inflate(struct mszip_stream *zip) { |
406 | 406 |
if (mszip_read_input(zip)) return zip->error; |
407 | 407 |
i_ptr = zip->i_ptr; |
408 | 408 |
i_end = zip->i_end; |
409 |
+ if(i_ptr == i_end) break; |
|
409 | 410 |
} |
410 | 411 |
|
411 | 412 |
this_run = length; |