Browse code
* libclamav/chmunpack.c: relax over stringent offset checks. Explicitly cast some long long constants.
* libclamav/ole2_extract.c: remove variable size array declaration.
git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@1207 77e5149b-7576-45b1-b177-96237e5ba77b
Trog authored on 2004/12/20 23:55:11Showing 3 changed files
| ... | ... |
@@ -1,3 +1,10 @@ |
| 1 |
+Mon Dec 20 14:52:03 GMT 2004 (trog) |
|
| 2 |
+----------------------------------- |
|
| 3 |
+ * libclamav/chmunpack.c: relax over stringent offset checks. |
|
| 4 |
+ Explicitly cast some long long constants. |
|
| 5 |
+ |
|
| 6 |
+ * libclamav/ole2_extract.c: remove variable size array declaration. |
|
| 7 |
+ |
|
| 1 | 8 |
Mon Dec 20 02:57:29 CET 2004 (tk) |
| 2 | 9 |
--------------------------------- |
| 3 | 10 |
* libclamav/others.c: added cli_filecopy() |
| ... | ... |
@@ -173,12 +173,12 @@ static uint32_t chm_endian_convert_32(uint32_t v) |
| 173 | 173 |
#else |
| 174 | 174 |
static uint64_t chm_endian_convert_64(uint64_t v) |
| 175 | 175 |
{
|
| 176 |
- return ((v >> 56) | ((v & 0x00FF000000000000) >> 40) | |
|
| 177 |
- ((v & 0x0000FF0000000000) >> 24) | |
|
| 178 |
- ((v & 0x000000FF00000000) >> 8) | |
|
| 179 |
- ((v & 0x00000000FF000000) << 8) | |
|
| 180 |
- ((v & 0x0000000000FF0000) << 24) | |
|
| 181 |
- ((v & 0x000000000000FF00) << 40) | |
|
| 176 |
+ return ((v >> 56) | ((v & 0x00FF000000000000LL) >> 40) | |
|
| 177 |
+ ((v & 0x0000FF0000000000LL) >> 24) | |
|
| 178 |
+ ((v & 0x000000FF00000000LL) >> 8) | |
|
| 179 |
+ ((v & 0x00000000FF000000LL) << 8) | |
|
| 180 |
+ ((v & 0x0000000000FF0000LL) << 24) | |
|
| 181 |
+ ((v & 0x000000000000FF00LL) << 40) | |
|
| 182 | 182 |
(v << 56)); |
| 183 | 183 |
} |
| 184 | 184 |
#endif |
| ... | ... |
@@ -643,7 +643,7 @@ static lzx_control_t *read_sys_control(int fd, itsf_header_t *itsf_hdr, file_lis |
| 643 | 643 |
return NULL; |
| 644 | 644 |
} |
| 645 | 645 |
offset = itsf_hdr->data_offset + file_e->offset; |
| 646 |
- if ((offset < 0) || (offset < itsf_hdr->sec0_offset)) {
|
|
| 646 |
+ if (offset < 0) {
|
|
| 647 | 647 |
return NULL; |
| 648 | 648 |
} |
| 649 | 649 |
|
| ... | ... |
@@ -761,7 +761,7 @@ static lzx_reset_table_t *read_sys_reset_table(int fd, itsf_header_t *itsf_hdr, |
| 761 | 761 |
/* Skip past unknown entry in offset calc */ |
| 762 | 762 |
offset = itsf_hdr->data_offset + file_e->offset + 4; |
| 763 | 763 |
|
| 764 |
- if ((offset < 0) || (offset < itsf_hdr->sec0_offset)) {
|
|
| 764 |
+ if (offset < 0) {
|
|
| 765 | 765 |
return NULL; |
| 766 | 766 |
} |
| 767 | 767 |
|
| ... | ... |
@@ -568,7 +568,7 @@ static void ole2_walk_property_tree(int fd, ole2_header_t *hdr, const char *dir, |
| 568 | 568 |
/* Write file Handler - write the contents of the entry to a file */ |
| 569 | 569 |
static int handler_writefile(int fd, ole2_header_t *hdr, property_t *prop, const char *dir) |
| 570 | 570 |
{
|
| 571 |
- unsigned char buff[(1 << hdr->log2_big_block_size)]; |
|
| 571 |
+ unsigned char *buff; |
|
| 572 | 572 |
int32_t current_block, ofd, len, offset; |
| 573 | 573 |
char *name, *newname; |
| 574 | 574 |
|
| ... | ... |
@@ -626,18 +626,26 @@ static int handler_writefile(int fd, ole2_header_t *hdr, property_t *prop, const |
| 626 | 626 |
current_block = prop->start_block; |
| 627 | 627 |
len = prop->size; |
| 628 | 628 |
|
| 629 |
+ buff = (unsigned char *) cli_malloc(1 << hdr->log2_big_block_size); |
|
| 630 |
+ if (!buff) {
|
|
| 631 |
+ close(ofd); |
|
| 632 |
+ return FALSE; |
|
| 633 |
+ } |
|
| 634 |
+ |
|
| 629 | 635 |
while((current_block >= 0) && (len > 0)) {
|
| 630 | 636 |
if (prop->size < hdr->sbat_cutoff) {
|
| 631 | 637 |
/* Small block file */ |
| 632 |
- if (!ole2_get_sbat_data_block(fd, hdr, &buff, current_block)) {
|
|
| 638 |
+ if (!ole2_get_sbat_data_block(fd, hdr, buff, current_block)) {
|
|
| 633 | 639 |
cli_dbgmsg("ole2_get_sbat_data_block failed\n");
|
| 634 | 640 |
close(ofd); |
| 641 |
+ free(buff); |
|
| 635 | 642 |
return FALSE; |
| 636 | 643 |
} |
| 637 | 644 |
/* buff now contains the block with 8 small blocks in it */ |
| 638 | 645 |
offset = 64 * (current_block % 8); |
| 639 | 646 |
if (cli_writen(ofd, &buff[offset], MIN(len,64)) != MIN(len,64)) {
|
| 640 | 647 |
close(ofd); |
| 648 |
+ free(buff); |
|
| 641 | 649 |
return FALSE; |
| 642 | 650 |
} |
| 643 | 651 |
|
| ... | ... |
@@ -645,13 +653,15 @@ static int handler_writefile(int fd, ole2_header_t *hdr, property_t *prop, const |
| 645 | 645 |
current_block = ole2_get_next_sbat_block(fd, hdr, current_block); |
| 646 | 646 |
} else {
|
| 647 | 647 |
/* Big block file */ |
| 648 |
- if (!ole2_read_block(fd, hdr, &buff, current_block)) {
|
|
| 648 |
+ if (!ole2_read_block(fd, hdr, buff, current_block)) {
|
|
| 649 | 649 |
close(ofd); |
| 650 |
+ free(buff); |
|
| 650 | 651 |
return FALSE; |
| 651 | 652 |
} |
| 652 |
- if (cli_writen(ofd, &buff, MIN(len,(1 << hdr->log2_big_block_size))) != |
|
| 653 |
+ if (cli_writen(ofd, buff, MIN(len,(1 << hdr->log2_big_block_size))) != |
|
| 653 | 654 |
MIN(len,(1 << hdr->log2_big_block_size))) {
|
| 654 | 655 |
close(ofd); |
| 656 |
+ free(buff); |
|
| 655 | 657 |
return FALSE; |
| 656 | 658 |
} |
| 657 | 659 |
|
| ... | ... |
@@ -660,6 +670,7 @@ static int handler_writefile(int fd, ole2_header_t *hdr, property_t *prop, const |
| 660 | 660 |
} |
| 661 | 661 |
} |
| 662 | 662 |
close(ofd); |
| 663 |
+ free(buff); |
|
| 663 | 664 |
return TRUE; |
| 664 | 665 |
} |
| 665 | 666 |
|