git-svn: trunk@1740
Tomasz Kojm authored on 2005/11/04 06:34:54... | ... |
@@ -1,3 +1,8 @@ |
1 |
+Thu Nov 3 22:33:20 CET 2005 (tk) |
|
2 |
+--------------------------------- |
|
3 |
+ * libclamav/fsg.c: fix buffer size calculation in unfsg_133 |
|
4 |
+ Reported by Zero Day Initiative (ZDI-CAN-004) |
|
5 |
+ |
|
1 | 6 |
Mon Oct 31 21:21:38 GMT 2005 (njh) |
2 | 7 |
---------------------------------- |
3 | 8 |
* libclamav/mbox.c: Scan attachments that have no filename |
... | ... |
@@ -235,7 +235,7 @@ int unfsg_133(char *source, char *dest, int ssize, int dsize, struct SECTION *se |
235 | 235 |
|
236 | 236 |
for (i = 0 ; i <= sectcount ; i++) { |
237 | 237 |
char *startd=tdst; |
238 |
- if ( unfsg(tsrc, tdst, tsrc - source + ssize, tdst - dest + dsize, &tsrc, &tdst) == -1 ) |
|
238 |
+ if ( unfsg(tsrc, tdst, ssize - (tsrc - source), dsize - (tdst - dest), &tsrc, &tdst) == -1 ) |
|
239 | 239 |
return -1; |
240 | 240 |
|
241 | 241 |
/* RVA has been filled already in pe.c */ |