* Scott Kitterman | 2014-05-31 12:42:26 [-0400]:

>That also resulted in a stack of conflicts when I pulled from Alioth that I 
git reset --hard origin/wheezy should fix this.
>don't have time to sort out right now.  Please make a debdiff and attach it to 
>the bug.

No problem.

>Scott K

Sebastian
diff -Nru clamav-0.98.1+dfsg/debian/changelog clamav-0.98.1+dfsg/debian/changelog
--- clamav-0.98.1+dfsg/debian/changelog	2014-05-31 21:00:42.000000000 +0200
+++ clamav-0.98.1+dfsg/debian/changelog	2014-05-31 21:00:43.000000000 +0200
@@ -1,3 +1,11 @@
+clamav (0.98.1+dfsg-1+deb7u4) UNRELEASED; urgency=medium
+
+  * cherry pick upstream patches to fix a crash while using clamscan. Added
+    patches: c6f5ef98d ("bb #10970 - Force a filesize limit of UINT_MAX - 2")
+    and 99ee2138c ("Key off INT_MAX") (Closes: #749715).
+
+ -- Sebastian Andrzej Siewior <sebast...@breakpoint.cc>  Fri, 30 May 2014 20:46:42 +0200
+
 clamav (0.98.1+dfsg-1+deb7u3) stable; urgency=medium
 
   [ Sebastian Andrzej Siewior ]
diff -Nru clamav-0.98.1+dfsg/libclamav/scanners.c clamav-0.98.1+dfsg/libclamav/scanners.c
--- clamav-0.98.1+dfsg/libclamav/scanners.c	2014-01-13 18:02:34.000000000 +0100
+++ clamav-0.98.1+dfsg/libclamav/scanners.c	2014-05-31 21:00:43.000000000 +0200
@@ -3107,6 +3107,19 @@
 {
     cli_ctx ctx;
     int rc;
+    STATBUF sb;
+
+    /* We have a limit of around 2.17GB (INT_MAX - 2). Enforce it here. */
+    if (map != NULL) {
+        if ((size_t)(map->real_len) > (size_t)(INT_MAX - 2))
+            return CL_CLEAN;
+    } else {
+        if (FSTAT(desc, &sb))
+            return CL_ESTAT;
+
+        if ((size_t)(sb.st_size) > (size_t)(INT_MAX - 2))
+            return CL_CLEAN;
+    }
 
     memset(&ctx, '\0', sizeof(cli_ctx));
     ctx.engine = engine;

Reply via email to