@@ -1,3 +1,6 @@

+Mon Feb 12 22:08:15 CET 2007 (acab)

+  * libclamav/packlibs: fix possible heap overflow (thanks Edvin)

+

 Mon Feb 12 21:59:49 CET 2007 (tk)

 ---------------------------------

   * change some URLs to comply with the new website, thanks to Luca

@@ -51,7 +51,7 @@ int cli_unfsg(char *source, char *dest, int ssize, int dsize, char **endsrc, cha

   char *csrc = source, *cdst = dest;

   int oob, lostbit = 1;

-  /* I assume buffers size is >0 - No checking! */

+  if (ssize<=0 || dsize<=0) return -1;

   *cdst++=*csrc++;

   while ( 1 ) {