Hello,
I'm new here, so please forgive me if I'm posting to the wrong list!
I think have found a bug in fmap.c which causes a crash when scanning a
large file in a 64 bit build.
The function cl_fmap_open_handle uses an unsigned for mapsz (line 213),
and then calculates the size (line 232) with
mapsz = pages * pgsz + hdrsz;
Where I had a crash, pages was 1047561, pgsz was 4096 and hdrsz was
4194304, so the result (4,295,004,160) overflowed an unsigned.
These variables should be size_t (the correct size type for mmap).
--
Ian.
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
I'm new here, so please forgive me if I'm posting to the wrong list!
I think have found a bug in fmap.c which causes a crash when scanning a
large file in a 64 bit build.
The function cl_fmap_open_handle uses an unsigned for mapsz (line 213),
and then calculates the size (line 232) with
mapsz = pages * pgsz + hdrsz;
Where I had a crash, pages was 1047561, pgsz was 4096 and hdrsz was
4194304, so the result (4,295,004,160) overflowed an unsigned.
These variables should be size_t (the correct size type for mmap).
--
Ian.
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net