git-svn: trunk@3376
Tomasz Kojm authored on 2007/12/07 00:08:05... | ... |
@@ -1,3 +1,8 @@ |
1 |
+Thu Dec 6 15:22:27 CET 2007 (tk) |
|
2 |
+--------------------------------- |
|
3 |
+ * libclamav/pe.c: fix possible integer overflow in MEW related code |
|
4 |
+ Reported by iDefense [IDEF2842] |
|
5 |
+ |
|
1 | 6 |
Thu Dec 6 15:19:53 CET 2007 (tk) |
2 | 7 |
--------------------------------- |
3 | 8 |
* libclamav/sis.c: fix error path descriptor leak (bb#704) |
... | ... |
@@ -1116,6 +1116,7 @@ int cli_scanpe(int desc, cli_ctx *ctx) |
1116 | 1116 |
|
1117 | 1117 |
cli_dbgmsg("MEW: ssize %08x dsize %08x offdiff: %08x\n", ssize, dsize, offdiff); |
1118 | 1118 |
|
1119 |
+ CLI_UNPSIZELIMITS("MEW", MAX(ssize, dsize)); |
|
1119 | 1120 |
CLI_UNPSIZELIMITS("MEW", MAX(ssize + dsize, exe_sections[i + 1].rsz)); |
1120 | 1121 |
|
1121 | 1122 |
/* allocate needed buffer */ |