git-svn: trunk@3107
Tomasz Kojm authored on 2007/06/24 23:30:46... | ... |
@@ -1,3 +1,8 @@ |
1 |
+Sun Jun 24 15:09:10 CEST 2007 (tk) |
|
2 |
+---------------------------------- |
|
3 |
+ * libclamav/upx.c: properly initialize realstuffsz (patch from aCaB, stable |
|
4 |
+ not affected) |
|
5 |
+ |
|
1 | 6 |
Sun Jun 24 14:38:49 CEST 2007 (tk) |
2 | 7 |
---------------------------------- |
3 | 8 |
* libclamav/unrar/unrar.c: fix typo (bb#527) |
... | ... |
@@ -94,33 +94,20 @@ |
94 | 94 |
\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\ |
95 | 95 |
" |
96 | 96 |
|
97 |
-static char *checkpe(char *dst, uint32_t dsize, char *pehdr, uint32_t *valign, unsigned int *sectcnt) { |
|
97 |
+static char *checkpe(char *dst, uint32_t dsize, char *pehdr, uint32_t *valign, unsigned int *sectcnt) |
|
98 |
+{ |
|
98 | 99 |
char *sections; |
99 |
- if (!CLI_ISCONTAINED(dst, dsize, pehdr, 0xf8)) { |
|
100 |
- cli_dbgmsg("UPX: sections out of bounds\n"); |
|
101 |
- return NULL; |
|
102 |
- } |
|
103 |
- |
|
104 |
- if (cli_readint32(pehdr) != 0x4550 ) { |
|
105 |
- cli_dbgmsg("UPX: No magic for PE\n"); |
|
106 |
- return NULL; |
|
107 |
- } |
|
100 |
+ if (!CLI_ISCONTAINED(dst, dsize, pehdr, 0xf8)) return NULL; |
|
101 |
+ |
|
102 |
+ if (cli_readint32(pehdr) != 0x4550 ) return NULL; |
|
108 | 103 |
|
109 |
- if (!(*valign=cli_readint32(pehdr+0x38))) { |
|
110 |
- cli_dbgmsg("UPX: Cant align to a NULL bound\n"); |
|
111 |
- return NULL; |
|
112 |
- } |
|
104 |
+ if (!(*valign=cli_readint32(pehdr+0x38))) return NULL; |
|
113 | 105 |
|
114 | 106 |
sections = pehdr+0xf8; |
115 |
- if (!(*sectcnt = (unsigned char)pehdr[6] + (unsigned char)pehdr[7]*256)) { |
|
116 |
- cli_dbgmsg("UPX: No sections?\n"); |
|
117 |
- return NULL; |
|
118 |
- } |
|
107 |
+ if (!(*sectcnt = (unsigned char)pehdr[6] + (unsigned char)pehdr[7]*256)) return NULL; |
|
119 | 108 |
|
120 |
- if (!CLI_ISCONTAINED(dst, dsize, sections, *sectcnt*0x28)) { |
|
121 |
- cli_dbgmsg("UPX: Not enough space for all sects\n"); |
|
122 |
- return NULL; |
|
123 |
- } |
|
109 |
+ if (!CLI_ISCONTAINED(dst, dsize, sections, *sectcnt*0x28)) return NULL; |
|
110 |
+ |
|
124 | 111 |
return sections; |
125 | 112 |
} |
126 | 113 |
|
... | ... |
@@ -130,7 +117,7 @@ static int pefromupx (char *src, uint32_t ssize, char *dst, uint32_t *dsize, uin |
130 | 130 |
{ |
131 | 131 |
char *imports, *sections, *pehdr=NULL, *newbuf; |
132 | 132 |
unsigned int sectcnt=0, upd=1; |
133 |
- uint32_t realstuffsz, valign=0; |
|
133 |
+ uint32_t realstuffsz=0, valign=0; |
|
134 | 134 |
uint32_t foffset=0xd0+0xf8; |
135 | 135 |
|
136 | 136 |
if((dst == NULL) || (src == NULL)) |
... | ... |
@@ -190,7 +177,7 @@ static int pefromupx (char *src, uint32_t ssize, char *dst, uint32_t *dsize, uin |
190 | 190 |
break; |
191 | 191 |
pehdr--; |
192 | 192 |
} |
193 |
- if (pehdr==dst) pehdr=NULL; |
|
193 |
+ if (!(realstuffsz = pehdr-dst)) pehdr=NULL; |
|
194 | 194 |
} |
195 | 195 |
|
196 | 196 |
if (!pehdr) { |