Browse code
properly initialize realstuffsz
| ... | ... |
@@ -1,3 +1,8 @@ |
| 1 |
+Sun Jun 24 15:09:10 CEST 2007 (tk) |
|
| 2 |
+---------------------------------- |
|
| 3 |
+ * libclamav/upx.c: properly initialize realstuffsz (patch from aCaB, stable |
|
| 4 |
+ not affected) |
|
| 5 |
+ |
|
| 1 | 6 |
Sun Jun 24 14:38:49 CEST 2007 (tk) |
| 2 | 7 |
---------------------------------- |
| 3 | 8 |
* libclamav/unrar/unrar.c: fix typo (bb#527) |
| ... | ... |
@@ -94,33 +94,20 @@ |
| 94 | 94 |
\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\ |
| 95 | 95 |
" |
| 96 | 96 |
|
| 97 |
-static char *checkpe(char *dst, uint32_t dsize, char *pehdr, uint32_t *valign, unsigned int *sectcnt) {
|
|
| 97 |
+static char *checkpe(char *dst, uint32_t dsize, char *pehdr, uint32_t *valign, unsigned int *sectcnt) |
|
| 98 |
+{
|
|
| 98 | 99 |
char *sections; |
| 99 |
- if (!CLI_ISCONTAINED(dst, dsize, pehdr, 0xf8)) {
|
|
| 100 |
- cli_dbgmsg("UPX: sections out of bounds\n");
|
|
| 101 |
- return NULL; |
|
| 102 |
- } |
|
| 103 |
- |
|
| 104 |
- if (cli_readint32(pehdr) != 0x4550 ) {
|
|
| 105 |
- cli_dbgmsg("UPX: No magic for PE\n");
|
|
| 106 |
- return NULL; |
|
| 107 |
- } |
|
| 100 |
+ if (!CLI_ISCONTAINED(dst, dsize, pehdr, 0xf8)) return NULL; |
|
| 101 |
+ |
|
| 102 |
+ if (cli_readint32(pehdr) != 0x4550 ) return NULL; |
|
| 108 | 103 |
|
| 109 |
- if (!(*valign=cli_readint32(pehdr+0x38))) {
|
|
| 110 |
- cli_dbgmsg("UPX: Cant align to a NULL bound\n");
|
|
| 111 |
- return NULL; |
|
| 112 |
- } |
|
| 104 |
+ if (!(*valign=cli_readint32(pehdr+0x38))) return NULL; |
|
| 113 | 105 |
|
| 114 | 106 |
sections = pehdr+0xf8; |
| 115 |
- if (!(*sectcnt = (unsigned char)pehdr[6] + (unsigned char)pehdr[7]*256)) {
|
|
| 116 |
- cli_dbgmsg("UPX: No sections?\n");
|
|
| 117 |
- return NULL; |
|
| 118 |
- } |
|
| 107 |
+ if (!(*sectcnt = (unsigned char)pehdr[6] + (unsigned char)pehdr[7]*256)) return NULL; |
|
| 119 | 108 |
|
| 120 |
- if (!CLI_ISCONTAINED(dst, dsize, sections, *sectcnt*0x28)) {
|
|
| 121 |
- cli_dbgmsg("UPX: Not enough space for all sects\n");
|
|
| 122 |
- return NULL; |
|
| 123 |
- } |
|
| 109 |
+ if (!CLI_ISCONTAINED(dst, dsize, sections, *sectcnt*0x28)) return NULL; |
|
| 110 |
+ |
|
| 124 | 111 |
return sections; |
| 125 | 112 |
} |
| 126 | 113 |
|
| ... | ... |
@@ -130,7 +117,7 @@ static int pefromupx (char *src, uint32_t ssize, char *dst, uint32_t *dsize, uin |
| 130 | 130 |
{
|
| 131 | 131 |
char *imports, *sections, *pehdr=NULL, *newbuf; |
| 132 | 132 |
unsigned int sectcnt=0, upd=1; |
| 133 |
- uint32_t realstuffsz, valign=0; |
|
| 133 |
+ uint32_t realstuffsz=0, valign=0; |
|
| 134 | 134 |
uint32_t foffset=0xd0+0xf8; |
| 135 | 135 |
|
| 136 | 136 |
if((dst == NULL) || (src == NULL)) |
| ... | ... |
@@ -190,7 +177,7 @@ static int pefromupx (char *src, uint32_t ssize, char *dst, uint32_t *dsize, uin |
| 190 | 190 |
break; |
| 191 | 191 |
pehdr--; |
| 192 | 192 |
} |
| 193 |
- if (pehdr==dst) pehdr=NULL; |
|
| 193 |
+ if (!(realstuffsz = pehdr-dst)) pehdr=NULL; |
|
| 194 | 194 |
} |
| 195 | 195 |
|
| 196 | 196 |
if (!pehdr) {
|