Hello!
libclamav/message.c has bug (in fact, two bugs) in uudecoding code.
- it assumes uuencoded data is correct, which is not true since it's data
from external sources
- '&' operation was used instead of '%' (just a typo)
Attached patch turns off "fast" decoding mode completely since this mode
can be easily compromised by incorrect input.
Anyway, this doesn't lead to slowdown since second bug results in not
using "fast" mode on full uuencoded lines. :)
Maxim Dounin
Rambler
Index: message.c
===================================================================
RCS file: /cvsroot/clamav/clamav-devel/libclamav/message.c,v
retrieving revision 1.55
diff -u -r1.55 message.c
--- message.c 10 May 2004 11:24:18 -0000 1.55
+++ message.c 17 May 2004 17:16:48 -0000
@@ -1460,7 +1460,7 @@
*/
cli_warnmsg("uudecode: buffer overflow stopped,
attempting to ignore but decoding may fail");
else
- buf = decode(line, buf, uudecode, (len & 3) == 0);
+ buf = decode(line, buf, uudecode, FALSE);
break;
}
