Skip to content

Commit 270e368

Browse files
committed
libclamav: bb #7055
1 parent 24ff855 commit 270e368

File tree

3 files changed

+24
-10
lines changed

3 files changed

+24
-10
lines changed

Diff for: NEWS

+4-4
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,8 @@
1-
0.97.7
1+
0.97.8
22
------
3-
ClamAV 0.97.7 addresses several reported potential security bugs. Thanks to
4-
Felix Groebert, Mateusz Jurczyk and Gynvael Coldwind of the Google Security
5-
Team for finding and reporting these issues.
3+
ClamAV 0.97.8 addresses several reported potential security bugs. Thanks to
4+
Felix Groebert of the Google Security Team for finding and reporting these
5+
issues.
66

77
--
88
The ClamAV team (http://www.clamav.net/team)

Diff for: README

+6
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,12 @@
11
Note: This README/NEWS file refers to the source tarball. Some things described
22
here may not be available in binary packages.
33
--
4+
0.97.8
5+
------
6+
ClamAV 0.97.8 addresses several reported potential security bugs. Thanks to
7+
Felix Groebert of the Google Security Team for finding and reporting these
8+
issues.
9+
410
0.97.7
511
------
612
ClamAV 0.97.7 addresses several reported potential security bugs. Thanks to

Diff for: libclamav/pe.c

+14-6
Original file line numberDiff line numberDiff line change
@@ -1868,13 +1868,21 @@ int cli_scanpe(cli_ctx *ctx)
18681868

18691869
if(epbuff[1] != '\xbe' || skew <= 0 || skew > 0xfff) { /* FIXME: legit skews?? */
18701870
skew = 0;
1871-
if(upxfn(src, ssize, dest, &dsize, exe_sections[i].rva, exe_sections[i + 1].rva, vep) >= 0)
1872-
upx_success = 1;
1873-
1874-
} else {
1871+
}
1872+
else if(skew > ssize) {
1873+
/* Ignore suggested skew larger than section size */
1874+
cli_dbgmsg("UPX: Ignoring bad skew of %d bytes\n", skew);
1875+
skew = 0;
1876+
}
1877+
else {
18751878
cli_dbgmsg("UPX: UPX1 seems skewed by %d bytes\n", skew);
1876-
if(upxfn(src + skew, ssize - skew, dest, &dsize, exe_sections[i].rva, exe_sections[i + 1].rva, vep-skew) >= 0 || upxfn(src, ssize, dest, &dsize, exe_sections[i].rva, exe_sections[i + 1].rva, vep) >= 0)
1877-
upx_success = 1;
1879+
}
1880+
1881+
if(upxfn(src + skew, ssize - skew, dest, &dsize, exe_sections[i].rva, exe_sections[i + 1].rva, vep-skew) >= 0 || upxfn(src, ssize, dest, &dsize, exe_sections[i].rva, exe_sections[i + 1].rva, vep) >= 0) {
1882+
upx_success = 1;
1883+
}
1884+
else if(skew && (upxfn(src, ssize, dest, &dsize, exe_sections[i].rva, exe_sections[i + 1].rva, vep) >= 0)) {
1885+
upx_success = 1;
18781886
}
18791887

18801888
if(upx_success)

0 commit comments

Comments
 (0)