rpms
/
clamav
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

merge of ff339dd not deleted the files

This commit is contained in:
Sérgio M. Basto 2021-02-26 22:47:35 +00:00
parent c4db197bd1
commit f03e0f2266
1 changed files with 0 additions and 89 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

89
0e865c4f0e5ea5c4879681d843a9b93fc871fd90.patch
View File

@ -1,89 +0,0 @@
From 0e865c4f0e5ea5c4879681d843a9b93fc871fd90 Mon Sep 17 00:00:00 2001
From: "Micah Snyder (micasnyd)" <micasnyd@cisco.com>
Date: Mon, 6 Apr 2020 15:03:20 -0700
Subject: [PATCH] PDF: Fix error Attempt to allocate 0 bytes
The PDF parser currently prints verbose error messages when attempting
to shrink a buffer down to actual data length after decoding if it turns
out that the decoded stream was empty (0 bytes). With exception to the
verbose error messages, there's no real behavior issue.
This commit fixes the issue by checking if any bytes were decoded before
attempting to shrink the buffer.
---
libclamav/pdfdecode.c | 27 ++++++++++++++++++---------
1 file changed, 18 insertions(+), 9 deletions(-)
diff --git a/libclamav/pdfdecode.c b/libclamav/pdfdecode.c
index 8315f3a761..d63f7b1cd4 100644
--- a/libclamav/pdfdecode.c
+++ b/libclamav/pdfdecode.c
@@ -638,8 +638,11 @@ static cl_error_t filter_rldecode(struct pdf_struct *pdf, struct pdf_obj *obj, s
}
if (rc == CL_SUCCESS) {
- /* Shrink output buffer to final the decoded data length to minimize RAM usage */
- if (!(temp = cli_realloc(decoded, declen))) {
+ if (declen == 0) {
+ cli_dbgmsg("cli_pdf: empty stream after inflation completed.\n");
+ rc = CL_BREAK;
+ } else if (!(temp = cli_realloc(decoded, declen))) {
+ /* Shrink output buffer to final the decoded data length to minimize RAM usage */
cli_errmsg("cli_pdf: cannot reallocate memory for decoded output\n");
rc = CL_EMEM;
} else {
@@ -647,7 +650,7 @@ static cl_error_t filter_rldecode(struct pdf_struct *pdf, struct pdf_obj *obj, s
}
}
- if (rc == CL_SUCCESS) {
+ if (rc == CL_SUCCESS || rc == CL_BREAK) {
free(token->content);
cli_dbgmsg("cli_pdf: decoded %lu bytes from %lu total bytes\n",
@@ -817,8 +820,11 @@ static cl_error_t filter_flatedecode(struct pdf_struct *pdf, struct pdf_obj *obj
(void)inflateEnd(&stream);
if (rc == CL_SUCCESS) {
- /* Shrink output buffer to final the decoded data length to minimize RAM usage */
- if (!(temp = cli_realloc(decoded, declen))) {
+ if (declen == 0) {
+ cli_dbgmsg("cli_pdf: empty stream after inflation completed.\n");
+ rc = CL_BREAK;
+ } else if (!(temp = cli_realloc(decoded, declen))) {
+ /* Shrink output buffer to final the decoded data length to minimize RAM usage */
cli_errmsg("cli_pdf: cannot reallocate memory for decoded output\n");
rc = CL_EMEM;
} else {
@@ -826,7 +832,7 @@ static cl_error_t filter_flatedecode(struct pdf_struct *pdf, struct pdf_obj *obj
}
}
- if (rc == CL_SUCCESS) {
+ if (rc == CL_SUCCESS || rc == CL_BREAK) {
free(token->content);
token->content = decoded;
@@ -1099,8 +1105,11 @@ static cl_error_t filter_lzwdecode(struct pdf_struct *pdf, struct pdf_obj *obj,
(void)lzwInflateEnd(&stream);
if (rc == CL_SUCCESS) {
- /* Shrink output buffer to final the decoded data length to minimize RAM usage */
- if (!(temp = cli_realloc(decoded, declen))) {
+ if (declen == 0) {
+ cli_dbgmsg("cli_pdf: empty stream after inflation completed.\n");
+ rc = CL_BREAK;
+ } else if (!(temp = cli_realloc(decoded, declen))) {
+ /* Shrink output buffer to final the decoded data length to minimize RAM usage */
cli_errmsg("cli_pdf: cannot reallocate memory for decoded output\n");
rc = CL_EMEM;
} else {
@@ -1108,7 +1117,7 @@ static cl_error_t filter_lzwdecode(struct pdf_struct *pdf, struct pdf_obj *obj,
}
}
- if (rc == CL_SUCCESS) {
+ if (rc == CL_SUCCESS || rc == CL_BREAK) {
free(token->content);
token->content = decoded;