mirror/upx
1
0
Fork 0
mirror of https://github.com/upx/upx synced 2025-10-12 20:59:43 +08:00
Code Issues Releases Wiki Activity

find_overlay_offset() did not check carefully enough

Browse Source 
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65518
https://github.com/upx/upx/issues/760
	modified:   p_unix.cpp
This commit is contained in:
John Reiser 2024-01-10 10:05:28 -08:00 committed by Markus F.X.J. Oberhumer
parent 3dca1175e5
commit 6dde9f7dc0
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/p_unix.cpp
View File

@ -581,7 +581,7 @@ int PackUnix::find_overlay_offset(MemBuffer const &buf)
return false; return false;
int l = ph.buf_offset + ph.getPackHeaderSize(); int l = ph.buf_offset + ph.getPackHeaderSize();
if (l < 0 || l + 4 > bufsize) if (l < 0 || i + l + 4 > bufsize)
throwCantUnpack("file corrupted"); throwCantUnpack("file corrupted");
overlay_offset = get_te32(buf + i + l); overlay_offset = get_te32(buf + i + l);
if ((off_t)overlay_offset >= file_size) if ((off_t)overlay_offset >= file_size)