[Pkg-clamav-commits] [SCM] Debian repository for ClamAV branch, debian/etch-security, updated. debian/0.90.1dfsg-4etch16-4-g13fceb6

Michael Tautschnig mt at debian.org
Fri Apr 10 13:35:25 UTC 2009 

The following commit has been merged in the debian/etch-security branch:
commit ed2256a91bd93eab278e8f834c4ad47525939b21
Author: Michael Tautschnig <mt at debian.org>
Date:   Fri Apr 10 15:31:32 2009 +0200

    Backported bugfix for CVE-2009-1270

diff --git a/debian/patches/00list b/debian/patches/00list
index 31d99ea..807c9db 100644
--- a/debian/patches/00list
+++ b/debian/patches/00list
@@ -26,3 +26,4 @@
 48.vba_unicode.c.dpatch
 49.special.c.dpatch
 50.pe.c.CVE-2008-6680.dpatch
+51.untar.c.CVE-2009-1270.dpatch
diff --git a/debian/patches/51.untar.c.CVE-2009-1270.dpatch b/debian/patches/51.untar.c.CVE-2009-1270.dpatch
new file mode 100644
index 0000000..9d3c9ef
--- /dev/null
+++ b/debian/patches/51.untar.c.CVE-2009-1270.dpatch
@@ -0,0 +1,22 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 51.untar.c.CVE-2009-1270.dpatch
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: clamd and clamscan hang up fix
+
+ at DPATCH@
+diff --git a/libclamav/untar.c b/libclamav/untar.c
+index 6d0257c..a4225b8 100644
+--- a/libclamav/untar.c
++++ b/libclamav/untar.c
+@@ -182,6 +182,10 @@ cli_untar(const char *dir, int desc, unsigned int posix, const struct cl_limits
+ 			if(skipEntry) {
+ 				const int nskip = (size % BLOCKSIZE || !size) ? size + BLOCKSIZE - (size % BLOCKSIZE) : size;
+ 
++        if(nskip < 0) {
++          cli_dbgmsg("cli_untar: got nagative skip size, giving up\n");
++          return CL_CLEAN;
++        }
+ 				cli_dbgmsg("cli_untar: skipping entry\n");
+ 				lseek(desc, nskip, SEEK_CUR);
+ 				continue;
diff --git a/libclamav/untar.c b/libclamav/untar.c
index 6d0257c..a4225b8 100644
--- a/libclamav/untar.c
+++ b/libclamav/untar.c
@@ -182,6 +182,10 @@ cli_untar(const char *dir, int desc, unsigned int posix, const struct cl_limits
 			if(skipEntry) {
 				const int nskip = (size % BLOCKSIZE || !size) ? size + BLOCKSIZE - (size % BLOCKSIZE) : size;
 
+        if(nskip < 0) {
+          cli_dbgmsg("cli_untar: got nagative skip size, giving up\n");
+          return CL_CLEAN;
+        }
 				cli_dbgmsg("cli_untar: skipping entry\n");
 				lseek(desc, nskip, SEEK_CUR);
 				continue;

-- 
Debian repository for ClamAV

More information about the Pkg-clamav-commits mailing list