nhyatt/osslsigncode
1
0
Fork 0
mirror of https://github.com/mtrojnar/osslsigncode.git synced 2025-04-04 17:00:11 -05:00
Code Issues Projects Releases Wiki Activity

Fix out-of-bounds read, CID 1519383

Browse Source
This commit is contained in:
olszomal 2023-01-12 12:28:52 +01:00 committed by Michał Trojnara
parent fef65536f6
commit efbe570f27
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
msi.c
View File

@ -319,7 +319,8 @@ static MSI_ENTRY *parse_entry(MSI_FILE *msi, const u_char *data, int is_root)
memcpy(entry->name, data + DIRENT_NAME, entry->nameLen);
/* The root directory entry's Name field MUST contain the null-terminated
* string "Root Entry" in Unicode UTF-16. */
if (is_root && memcmp(entry->name, msi_root_entry, entry->nameLen)) {
if (is_root && (entry->nameLen != sizeof msi_root_entry
|| memcmp(entry->name, msi_root_entry, entry->nameLen))) {
printf("Corrupted Root Directory Entry's Name\n");
OPENSSL_free(entry);
return NULL; /* FAILED */