Browse code
fix recursion level crash (bb #3706).
Thanks to Stephane Chazelas for the analysis.
Török Edvin authored on 2011/10/08 18:12:22Showing 3 changed files
| ... | ... |
@@ -1,3 +1,7 @@ |
| 1 |
+Sat Oct 8 12:10:13 EEST 2011 (edwin) |
|
| 2 |
+------------------------------------- |
|
| 3 |
+ * libclamav/bytecode.c,bytecode_api.c: fix recursion level crash (bb #3706). |
|
| 4 |
+ |
|
| 1 | 5 |
Mon Sep 19 13:44:36 CEST 2011 (tk) |
| 2 | 6 |
---------------------------------- |
| 3 | 7 |
* freshclam: re-enable short-time blacklisting of mirrors on |
| ... | ... |
@@ -2690,7 +2690,9 @@ int cli_bytecode_runhook(cli_ctx *cctx, const struct cl_engine *engine, struct c |
| 2690 | 2690 |
cli_dbgmsg("Bytecode %u unpacked file\n", bc->id);
|
| 2691 | 2691 |
lseek(fd, 0, SEEK_SET); |
| 2692 | 2692 |
cli_dbgmsg("***** Scanning unpacked file ******\n");
|
| 2693 |
+ cctx->recursion++; |
|
| 2693 | 2694 |
ret = cli_magic_scandesc(fd, cctx); |
| 2695 |
+ cctx->recursion--; |
|
| 2694 | 2696 |
if (!cctx || !cctx->engine->keeptmp) |
| 2695 | 2697 |
if (ftruncate(fd, 0) == -1) |
| 2696 | 2698 |
cli_dbgmsg("ftruncate failed on %d\n", fd);
|
| ... | ... |
@@ -506,7 +506,9 @@ int32_t cli_bcapi_extract_new(struct cli_bc_ctx *ctx, int32_t id) |
| 506 | 506 |
cli_file_t current = cctx->container_type; |
| 507 | 507 |
if (ctx->containertype != CL_TYPE_ANY) |
| 508 | 508 |
cctx->container_type = ctx->containertype; |
| 509 |
+ cctx->recursion++; |
|
| 509 | 510 |
res = cli_magic_scandesc(ctx->outfd, cctx); |
| 511 |
+ cctx->recursion--; |
|
| 510 | 512 |
cctx->container_type = current; |
| 511 | 513 |
if (res == CL_VIRUS) {
|
| 512 | 514 |
if (cctx->virname) |