nhyatt/osslsigncode
1
0
Fork 0
mirror of https://github.com/mtrojnar/osslsigncode.git synced 2025-04-04 17:00:11 -05:00
Code Issues Projects Releases Wiki Activity

Check stream data length, CID 1519393

Browse Source
This commit is contained in:
olszomal 2023-01-18 13:57:43 +01:00 committed by Michał Trojnara
parent c197d7727c
commit 95a8a9d9c1
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
msi.c
View File

@ -683,12 +683,14 @@ int msi_hash_dir(MSI_FILE *msi, MSI_DIRENT *dirent, BIO *hash, int is_root)
MSI_DIRENT *child = sk_MSI_DIRENT_value(children, i); MSI_DIRENT *child = sk_MSI_DIRENT_value(children, i);
if (is_root && (!memcmp(child->name, digital_signature, MIN(child->nameLen, sizeof digital_signature)) if (is_root && (!memcmp(child->name, digital_signature, MIN(child->nameLen, sizeof digital_signature))
|| !memcmp(child->name, digital_signature_ex, MIN(child->nameLen, sizeof digital_signature_ex)))) { || !memcmp(child->name, digital_signature_ex, MIN(child->nameLen, sizeof digital_signature_ex)))) {
/* Skip DigitalSignature and MsiDigitalSignatureEx streams */
continue; continue;
} }
if (child->type == DIR_STREAM) { if (child->type == DIR_STREAM) {
char *indata; char *indata;
uint32_t inlen = GET_UINT32_LE(child->entry->size); uint32_t inlen = GET_UINT32_LE(child->entry->size);
if (inlen == 0) { if (inlen == 0 || inlen >= MAXREGSECT) {
/* Skip null and corrupted streams */
continue; continue;
} }
indata = (char *)OPENSSL_malloc(inlen); indata = (char *)OPENSSL_malloc(inlen);