summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorChristophe Grenier <grenier@cgsecurity.org>2020-09-14 18:37:11 +0200
committerChristophe Grenier <grenier@cgsecurity.org>2020-09-14 18:37:11 +0200
commita60c71823e5bff4c42a5ae6b487cfa2672727cee (patch)
tree8f1a5f19bc420f55c371bc03925a083fe883f660
parent9710d356fe534a0cc7bb592c646e9b1db874ea10 (diff)
PhotoRec - src/file_icns.c: better check
-rw-r--r--src/file_icns.c10
1 files changed, 6 insertions, 4 deletions
diff --git a/src/file_icns.c b/src/file_icns.c
index d7f6063..2216369 100644
--- a/src/file_icns.c
+++ b/src/file_icns.c
@@ -101,17 +101,19 @@ static int header_check_icns(const unsigned char *buffer, const unsigned int buf
{
const struct icns_header *hdr=(const struct icns_header *)buffer;
const struct icon_data *icon=(const struct icon_data *)&buffer[8];
- if(be32(hdr->size) < sizeof(struct icns_header))
+ const unsigned int hdr_size=be32(hdr->size);
+ const unsigned int icon_size=be32(icon->size);
+ if(hdr_size < sizeof(struct icns_header))
return 0;
- if(be32(icon->size) < sizeof(struct icon_data))
+ if(icon_size < sizeof(struct icon_data))
return 0;
- if(8 + be32(icon->size) > be32(hdr->size))
+ if(icon_size > hdr_size - 8)
return 0;
if(!check_icon_type(icon->type))
return 0;
reset_file_recovery(file_recovery_new);
file_recovery_new->extension=file_hint_icns.extension;
- file_recovery_new->calculated_file_size=be32(hdr->size);
+ file_recovery_new->calculated_file_size=hdr_size;
file_recovery_new->data_check=&data_check_size;
file_recovery_new->file_check=&file_check_size;
return 1;