diff options
| author | Ladislav Zezula <E:\Ladik\Mail> | 2015-11-17 11:34:18 +0100 |
|---|---|---|
| committer | Ladislav Zezula <E:\Ladik\Mail> | 2015-11-17 11:34:18 +0100 |
| commit | f608c0798420fd0d7a472a831ecef00bbdf4c7f0 (patch) | |
| tree | 14be04870671eebb1f70862ea2382a39a38cf729 /src | |
| parent | dae6c5e315445b0c25d6a500deb7e7e625d8df90 (diff) | |
+ Fixed possible buffer overflow in the patching process
Diffstat (limited to 'src')
| -rw-r--r-- | src/SFilePatchArchives.cpp | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/SFilePatchArchives.cpp b/src/SFilePatchArchives.cpp index 840f86c..e2c59b4 100644 --- a/src/SFilePatchArchives.cpp +++ b/src/SFilePatchArchives.cpp @@ -277,6 +277,8 @@ static int ApplyFilePatch_BSD0( // Get the longest block that we can combine
dwCombineSize = ((dwOldOffset + dwAddDataLength) >= dwOldSize) ? (dwOldSize - dwOldOffset) : dwAddDataLength;
+ if((dwNewOffset + dwCombineSize) > dwNewSize || (dwNewOffset + dwCombineSize) < dwNewOffset)
+ return ERROR_FILE_CORRUPT;
// Now combine the patch data with the original file
for(i = 0; i < dwCombineSize; i++)
|