rpms/clamav/FC-6 clamav-0.88.7-bz-582.patch, NONE, 1.1 clamav.spec, 1.47, 1.48
Enrico Scholz (ensc)
fedora-extras-commits at redhat.com
Sat Aug 25 09:11:24 UTC 2007
Author: ensc
Update of /cvs/extras/rpms/clamav/FC-6
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv2214
Modified Files:
clamav.spec
Added Files:
clamav-0.88.7-bz-582.patch
Log Message:
fixed DOS in HTML normalizer (backported from 0.91.2)
clamav-0.88.7-bz-582.patch:
--- NEW FILE clamav-0.88.7-bz-582.patch ---
--- clamav-0.88.7/libclamav/htmlnorm.c.bz-582
+++ clamav-0.88.7/libclamav/htmlnorm.c
@@ -1042,33 +1042,37 @@ static int cli_html_normalise(int fd, m_
}
break;
case HTML_RFC2397_INIT:
- file_tmp_o1 = (file_buff_t *) cli_malloc(sizeof(file_buff_t));
- if (!file_tmp_o1) {
- goto abort;
- }
- snprintf(filename, 1024, "%s/rfc2397", dirname);
- tmp_file = cli_gentemp(filename);
- cli_dbgmsg("RFC2397 data file: %s\n", tmp_file);
- file_tmp_o1->fd = open(tmp_file, O_WRONLY|O_CREAT|O_TRUNC, S_IWUSR|S_IRUSR);
- free(tmp_file);
- if (!file_tmp_o1->fd) {
- cli_dbgmsg("open failed: %s\n", filename);
- free(file_tmp_o1);
- goto abort;
- }
- file_tmp_o1->length = 0;
+ if (dirname) {
+ file_tmp_o1 = (file_buff_t *) cli_malloc(sizeof(file_buff_t));
+ if (!file_tmp_o1) {
+ goto abort;
+ }
+ snprintf(filename, 1024, "%s/rfc2397", dirname);
+ tmp_file = cli_gentemp(filename);
+ cli_dbgmsg("RFC2397 data file: %s\n", tmp_file);
+ file_tmp_o1->fd = open(tmp_file, O_WRONLY|O_CREAT|O_TRUNC, S_IWUSR|S_IRUSR);
+ free(tmp_file);
+ if (!file_tmp_o1->fd) {
+ cli_dbgmsg("open failed: %s\n", filename);
+ free(file_tmp_o1);
+ goto abort;
+ }
+ file_tmp_o1->length = 0;
- html_output_str(file_tmp_o1, "From html-normalise\n", 20);
- html_output_str(file_tmp_o1, "Content-type: ", 14);
- if ((tag_val_length == 0) && (*tag_val == ';')) {
+ html_output_str(file_tmp_o1, "From html-normalise\n", 20);
+ html_output_str(file_tmp_o1, "Content-type: ", 14);
+ if ((tag_val_length == 0) && (*tag_val == ';')) {
html_output_str(file_tmp_o1, "text/plain\n", 11);
+ }
+ html_output_str(file_tmp_o1, tag_val, tag_val_length);
+ html_output_c(file_tmp_o1, NULL, '\n');
+ if (strstr(tag_val, ";base64") != NULL) {
+ html_output_str(file_tmp_o1, "Content-transfer-encoding: base64\n", 34);
+ }
+ html_output_c(file_tmp_o1, NULL, '\n');
+ } else {
+ file_tmp_o1 = NULL;
}
- html_output_str(file_tmp_o1, tag_val, tag_val_length);
- html_output_c(file_tmp_o1, NULL, '\n');
- if (strstr(tag_val, ";base64") != NULL) {
- html_output_str(file_tmp_o1, "Content-transfer-encoding: base64\n", 34);
- }
- html_output_c(file_tmp_o1, NULL, '\n');
state = HTML_RFC2397_DATA;
binary = TRUE;
break;
@@ -1118,9 +1122,11 @@ static int cli_html_normalise(int fd, m_
}
break;
case HTML_RFC2397_FINISH:
- html_output_flush(file_tmp_o1);
- close(file_tmp_o1->fd);
- free(file_tmp_o1);
+ if(file_tmp_o1) {
+ html_output_flush(file_tmp_o1);
+ close(file_tmp_o1->fd);
+ free(file_tmp_o1);
+ }
state = HTML_SKIP_WS;
escape = FALSE;
quoted = NOT_QUOTED;
Index: clamav.spec
===================================================================
RCS file: /cvs/extras/rpms/clamav/FC-6/clamav.spec,v
retrieving revision 1.47
retrieving revision 1.48
diff -u -r1.47 -r1.48
--- clamav.spec 31 May 2007 19:09:41 -0000 1.47
+++ clamav.spec 25 Aug 2007 09:10:51 -0000 1.48
@@ -19,7 +19,7 @@
Summary: End-user tools for the Clam Antivirus scanner
Name: clamav
Version: 0.88.7
-Release: %release_func 3
+Release: %release_func 4
License: GPL
Group: Applications/File
@@ -44,6 +44,7 @@
Patch52: clamav-0.88.7-CVE-2007-0899.patch
Patch53: clamav-0.88.7-CVE-2007-2650.patch
Patch54: clamav-0.88.7-bz-515.patch
+Patch55: clamav-0.88.7-bz-582.patch
BuildRoot: %_tmppath/%name-%version-%release-root
Requires: clamav-lib = %version-%release
Requires: data(clamav)
@@ -190,6 +191,7 @@
%patch52 -p1 -b .cve-2007-0899
%patch53 -p1 -b .cve-2007-2650
%patch54 -p1 -b .bz-515
+%patch55 -p1 -b .bz-582
%patch0 -p1 -b '.guys,please-read-the-compiler-warnings-before-doing-a-release.patch'
%patch1 -p1 -b .strncpy
@@ -459,6 +461,9 @@
%changelog
+* Sat Aug 25 2007 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 0.88.7-4
+- fixed DOS in HTML normalizer (backported from 0.91.2)
+
* Thu May 31 2007 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 0.88.7-3
- [SECURITY] fixed CVE-2007-2650 (OLE2 list loop) and Clamav bug #515
(broken OOM handling)
More information about the fedora-extras-commits
mailing list