Stowage/clamav
2
0
Fork 0
mirror of https://github.com/Cisco-Talos/clamav.git synced 2025-10-19 10:23:17 +00:00
Code Issues Projects Releases Packages Wiki Activity

libclamav: Fix PDF scan crash on some platforms with optimization enabled (#1572)

Browse source 
Compiler optimization results in invalid memory access on some 
systems with the PDF `pdfname_action` pointer dereference. 

This fix changes the logic so that rather than assign the pointer to
the struct containing the callback, the string that would result in
the pointer assignment later on is changed to result in the same
assignment. This fixes the issue on all tested platforms.

Resolves: https://github.com/Cisco-Talos/clamav/issues/1566

CLAM-2859
This commit is contained in:
John Humlick 2025-09-26 11:14:25 -07:00 committed by GitHub
parent a77a271fb5
commit a5cdc7faf7
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 7 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

6
libclamav/pdf.c
View file

@ -2018,16 +2018,16 @@ static void handle_pdfname(struct pdf_struct *pdf, struct pdf_obj *obj, const ch
// Check to see if this object was observed to be a reference to a URI
if (obj->flags & (1 << OBJ_URI)) {
act = &(struct pdfname_action){"URI", OBJ_DICT, STATE_ANY, STATE_URI, NAMEFLAG_NONE, URI_cb};
// Forcing URI here, so we run the pdf_stats_cb for a URI.
pdfname = "URI";
}
if (!act) {
for (j = 0; j < sizeof(pdfname_actions) / sizeof(pdfname_actions[0]); j++) {
if (!strcmp(pdfname, pdfname_actions[j].pdfname)) {
act = &pdfname_actions[j];
break;
}
}
}
if (!act) {
/* these are digital signature objects, filter doesn't matter,