1. clamav-devel
  2. Commit 218cc3e1f0b24465a052f148436849ad9e5ea46e
Browse code

fix handling of MSZIP compressed folders (bb#882)

git-svn: trunk@3717

Tomasz Kojm authored on 2008/03/18 20:13:55
Showing 2 changed files
ChangeLog
History View file @ 218cc3e
... ... 
@@ -1,3 +1,7 @@
1 
+Tue Mar 18 11:25:00 CET 2008 (tk)
2 
+---------------------------------
3 
+  * libclamav/mspack.c: fix handling of MSZIP compressed folders (bb#882)
4 
+
1 5 
 Mon Mar 17 17:25:44 EET 2008 (edwin)
2 6 
 ------------------------------------
3 7 
   * libclamav/message.c: degrade some warning messages to debug (bb #880).
libclamav/mspack.c
History View file @ 218cc3e
... ... 
@@ -104,6 +104,7 @@ static const unsigned short mszip_bit_mask_tab[17] = {
104 104 
       if (mszip_read_input(zip)) return zip->error;                      \
105 105 
       i_ptr = zip->i_ptr;                                               \
106 106 
       i_end = zip->i_end;                                               \
107 
+      if(i_ptr == i_end) break;						\
107 108 
     }                                                                   \
108 109 
     bit_buffer |= *i_ptr++ << bits_left; bits_left  += 8;               \
109 110 
   }                                                                     \
... ... 
@@ -126,18 +127,6 @@ static int mszip_read_input(struct mszip_stream *zip) {
126 126 
   int read = zip->read ? zip->read(zip->file, zip->inbuf, (int)zip->inbuf_size) : cli_readn(zip->fd, zip->inbuf, (int)zip->inbuf_size);
127 127 
   if (read < 0) return zip->error = CL_EIO;
128 128
129 
-  if (read == 0) {
130 
-    if (zip->input_end) {
131 
-      cli_dbgmsg("mszip_read_input: out of input bytes\n");
132 
-      return zip->error = CL_EIO;
133 
-    }
134 
-    else {
135 
-      read = 1;
136 
-      zip->inbuf[0] = 0;
137 
-      zip->input_end = 1;
138 
-    }
139 
-  }
140 
-
141 129 
   zip->i_ptr = &zip->inbuf[0];
142 130 
   zip->i_end = &zip->inbuf[read];
143 131
... ... 
@@ -391,9 +380,11 @@ static int mszip_inflate(struct mszip_stream *zip) {
391 391 
 	  if (mszip_read_input(zip)) return zip->error;
392 392 
 	  i_ptr = zip->i_ptr;
393 393 
 	  i_end = zip->i_end;
394 
+	  if(i_ptr == i_end) break;
394 395 
 	}
395 396 
 	lens_buf[i++] = *i_ptr++;
396 397 
       }
398 
+      if (i < 4) return INF_ERR_BITBUF;
397 399
398 400 
       /* get the length and its complement */
399 401 
       length = lens_buf[0] | (lens_buf[1] << 8);
... ... 
@@ -406,6 +397,7 @@ static int mszip_inflate(struct mszip_stream *zip) {
406 406 
 	  if (mszip_read_input(zip)) return zip->error;
407 407 
 	  i_ptr = zip->i_ptr;
408 408 
 	  i_end = zip->i_end;
409 
+	  if(i_ptr == i_end) break;
409 410 
 	}
410 411
411 412 
 	this_run = length;