packages/clamav
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix int64 overflow check

Browse Source
This commit is contained in:
lingsheng 2020-10-09 17:45:15 +08:00
parent 9c0d64098f
commit 1081cd8581
2 changed files with 46 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
clamav-Fix-int64-overflow-check.patch Normal file
View File

@ -0,0 +1,41 @@
From 38622da97fb6fcb2d43d5676ac75cb5ac7896359 Mon Sep 17 00:00:00 2001
From: lutianxiong <lutianxiong@huawei.com>
Date: Tue, 16 Jun 2020 11:15:10 +0800
Subject: [PATCH] Fix int64 overflow check
Overflow check "(value >> 32) * 10 < INT32_MAX" may not work in
certain conditions, e.g. value is 0xcccccccdbcdc9cc
Note: This fixes oss-fuzz bug 16117.
---
libclamav/htmlnorm.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/libclamav/htmlnorm.c b/libclamav/htmlnorm.c
index d0be15b..4ac4948 100644
--- a/libclamav/htmlnorm.c
+++ b/libclamav/htmlnorm.c
@@ -1459,9 +1459,9 @@ static int cli_html_normalise(int fd, m_area_t *m_area, const char *dirname, tag
next_state = HTML_BAD_STATE;
ptr++;
} else if (isdigit(*ptr) || (hex && isxdigit(*ptr))) {
- if (hex && (value >> 32) * 16 < INT32_MAX) {
+ if (hex && value < INT64_MAX / 16) {
value *= 16;
- } else if ((value >> 32) * 10 < INT32_MAX) {
+ } else if (value < INT64_MAX / 10) {
value *= 10;
} else {
html_output_c(file_buff_o2, value);
@@ -1727,7 +1727,7 @@ static int cli_html_normalise(int fd, m_area_t *m_area, const char *dirname, tag
state = HTML_RFC2397_DATA;
break;
case HTML_ESCAPE_CHAR:
- if ((value >> 32) * 16 < INT32_MAX) {
+ if (value < INT64_MAX / 16) {
value *= 16;
} else {
state = next_state;
--
2.23.0

6
clamav.spec
View File

@ -1,7 +1,7 @@
Name: clamav Name: clamav
Summary: End-user tools for the Clam Antivirus scanner Summary: End-user tools for the Clam Antivirus scanner
Version: 0.101.4 Version: 0.101.4
Release: 6 Release: 7
License: GPLv2 License: GPLv2
URL: https://www.clamav.net/ URL: https://www.clamav.net/
Source0: https://www.clamav.net/downloads/production/clamav-%version.tar.gz Source0: https://www.clamav.net/downloads/production/clamav-%version.tar.gz
@ -25,6 +25,7 @@ Patch0002: clamav-0.100.1-defaults_locations.patch
Patch0003: clamav-0.99-private.patch Patch0003: clamav-0.99-private.patch
Patch0004: clamav-0.100.0-umask.patch Patch0004: clamav-0.100.0-umask.patch
Patch0005: llvm-glibc.patch Patch0005: llvm-glibc.patch
Patch0006: clamav-Fix-int64-overflow-check.patch
BuildRequires: autoconf automake gettext-devel libtool libtool-ltdl-devel BuildRequires: autoconf automake gettext-devel libtool libtool-ltdl-devel
BuildRequires: gcc-c++ zlib-devel bzip2-devel gmp-devel curl-devel json-c-devel BuildRequires: gcc-c++ zlib-devel bzip2-devel gmp-devel curl-devel json-c-devel
@ -404,6 +405,9 @@ test -e %_var/log/clamav-milter.log || {
%changelog %changelog
* Fri Oct 09 2020 lingsheng <lingsheng@huawei.com> - 0.101.4-7
- Fix int64 overflow check
* Tue Sep 21 2020 chengzihan <chengzihan2@huawei.com> - 0.101.4-6 * Tue Sep 21 2020 chengzihan <chengzihan2@huawei.com> - 0.101.4-6
- Drop clamd@scann.service file, change /var/run to /run - Drop clamd@scann.service file, change /var/run to /run