@@ -15,6 +15,12 @@ ClamAV 0.102.3 is a bug patch release to address the following issues.

   Special thanks to Daehui Chang and Fady Othman for helping identify the ARJ

   parsing vulnerability.

+- [CVE-2020-3341](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3341):

+  Fix a vulnerability in the PDF parsing module in ClamAV 0.101 - 0.102.2 that

+  could cause a Denial-of-Service (DoS) condition. Improper size checking of

+  a buffer used to initialize AES decryption routines results in an out-of-

+  bounds read which may cause a crash. Bug found by OSS-Fuzz.

+

 - Fix "Attempt to allocate 0 bytes" error when parsing some PDF documents.

 - Fix a couple of minor memory leaks.

@@ -27,11 +27,16 @@

 #include "arc4.h"

 #include <string.h>

-void arc4_init(struct arc4_state *a, const uint8_t *key, unsigned keylength)

+bool arc4_init(struct arc4_state *a, const uint8_t *key, unsigned keylength)

 {

     unsigned i;

     uint8_t j;

-    uint32_t *S = &a->S[0];

+    uint32_t *S;

+

+    if (NULL == a || NULL == key || 0 == keylength)

+        return false;

+

+    S = &a->S[0];

     for (i = 0; i < 256; i++)

         S[i] = i;

@@ -42,6 +47,7 @@ void arc4_init(struct arc4_state *a, const uint8_t *key, unsigned keylength)

         S[j]        = tmp;

     }

     a->i = a->j = 0;

+    return true;

 }

 void arc4_apply(struct arc4_state *s, uint8_t *data, unsigned len)

@@ -19,6 +19,8 @@

  *  MA 02110-1301, USA.

  */

+#include <stdbool.h>

+

 #include "clamav-types.h"

 struct arc4_state {

     /* really just 8 bit, but it is faster if reads are aligned */

@@ -26,5 +28,5 @@ struct arc4_state {

     uint8_t i, j;

 };

-void arc4_init(struct arc4_state *a, const uint8_t *key, unsigned keylength);

+bool arc4_init(struct arc4_state *a, const uint8_t *key, unsigned keylength);

 void arc4_apply(struct arc4_state *s, uint8_t *data, unsigned len);

@@ -1089,8 +1089,9 @@ static void aes_decrypt(const unsigned char *in, size_t *length, unsigned char *

     int nrounds;

     cli_dbgmsg("aes_decrypt: key length: %d, data length: %zu\n", key_n, *length);

-    if (key_n > 32) {

-        cli_dbgmsg("aes_decrypt: key length is %d!\n", key_n * 8);

+    if (!(key_n == 16 || key_n == 24 || key_n == 32)) {

+        cli_dbgmsg("aes_decrypt: invalid key length: %u!\n", key_n * 8);

+        noisy_warnmsg("aes_decrypt: invalid key length: %u!\n", key_n * 8);

         return;

     }

@@ -1166,7 +1167,12 @@ char *decrypt_any(struct pdf_struct *pdf, uint32_t id, const char *in, size_t *l

     struct arc4_state arc4;

     if (!length || !*length || !in) {

-        noisy_warnmsg("decrypt_any: decrypt failed for obj %u %u\n", id >> 8, id & 0xff);

+        noisy_warnmsg("decrypt_any: decrypt failed for obj %u %u:  Invalid arguments.\n", id >> 8, id & 0xff);

+        return NULL;

+    }

+

+    if (NULL == pdf->key || 0 == pdf->keylen) {

+        noisy_warnmsg("decrypt_any: decrypt failed for obj %u %u:  PDF key never identified.\n", id >> 8, id & 0xff);

         return NULL;

     }

@@ -1207,7 +1213,10 @@ char *decrypt_any(struct pdf_struct *pdf, uint32_t id, const char *in, size_t *l

         case ENC_V2:

             cli_dbgmsg("cli_pdf: enc is v2\n");

             memcpy(q, in, *length);

-            arc4_init(&arc4, result, n);

+            if (false == arc4_init(&arc4, result, n)) {

+                noisy_warnmsg("decrypt_any: failed to init arc4\n");

+                return NULL;

+            }

             arc4_apply(&arc4, q, (unsigned)*length); /* TODO: may truncate for very large lengths */

             noisy_msg(pdf, "decrypt_any: decrypted ARC4 data\n");

@@ -2802,7 +2811,10 @@ static void check_user_password(struct pdf_struct *pdf, int R, const char *O,

         if (R == 2) {

             /* 7.6.3.3 Algorithm 4 */

             memcpy(data, key_padding, 32);

-            arc4_init(&arc4, (const uint8_t *)(pdf->key), pdf->keylen);

+            if (false == arc4_init(&arc4, (const uint8_t *)(pdf->key), pdf->keylen)) {

+                noisy_warnmsg("decrypt_any: failed to init arc4\n");

+                return;

+            }

             arc4_apply(&arc4, (uint8_t *)data, 32);

             dbg_printhex("computed U (R2)", data, 32);

             if (!memcmp(data, U, 32))

@@ -2821,7 +2833,10 @@ static void check_user_password(struct pdf_struct *pdf, int R, const char *O,

             cl_hash_data("md5", d, 32 + pdf->fileIDlen, result, NULL);

             memcpy(data, pdf->key, len);

-            arc4_init(&arc4, (const uint8_t *)data, len);

+            if (false == arc4_init(&arc4, (const uint8_t *)data, len)) {

+                noisy_warnmsg("decrypt_any: failed to init arc4\n");

+                return;

+            }

             arc4_apply(&arc4, result, 16);

             for (i = 1; i <= 19; i++) {

                 unsigned j;

@@ -2829,7 +2844,10 @@ static void check_user_password(struct pdf_struct *pdf, int R, const char *O,

                 for (j = 0; j < len; j++)

                     data[j] = pdf->key[j] ^ i;

-                arc4_init(&arc4, (const uint8_t *)data, len);

+                if (false == arc4_init(&arc4, (const uint8_t *)data, len)) {

+                    noisy_warnmsg("decrypt_any: failed to init arc4\n");

+                    return;

+                }

                 arc4_apply(&arc4, result, 16);

             }