From 9a6bb57f89721db637f4ddb5b233c1c4e23d223a Mon Sep 17 00:00:00 2001
From: Micah Snyder <micasnyd@cisco.com>
Date: Wed, 15 Sep 2021 15:51:53 -0700
Subject: [PATCH] OOXML: Fix invalid pointer dereference

The OOXML parser in libclamav may try to extract an entry that is
missing a file name. This results in an invalid 0x1 pointer dereference
in the ZIP parser that is likely to crash the scanning application.

This commit fixes the issue by requiring both the PartName (PN) *and*
the ContentType (CT) variables to be non-NULL or else the entry will be
skipped.

Thank you Laurent Delosieres for reporting this issue.
---
 libclamav/ooxml.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libclamav/ooxml.c b/libclamav/ooxml.c
index 16c436f1a5..644779432c 100644
--- a/libclamav/ooxml.c
+++ b/libclamav/ooxml.c
@@ -245,7 +245,7 @@ static cl_error_t ooxml_content_cb(int fd, const char *filepath, cli_ctx *ctx, c
             cli_dbgmsg("%s: %s\n", localname, value);
         }
 
-        if (!CT && !PN) continue;
+        if (!CT || !PN) continue;
 
         if (!xmlStrcmp(CT, (const xmlChar *)"application/vnd.openxmlformats-package.core-properties+xml")) {
             /* default: /docProps/core.xml*/