summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorChristophe Grenier <grenier@cgsecurity.org>2018-12-08 09:23:59 +0100
committerChristophe Grenier <grenier@cgsecurity.org>2018-12-08 09:23:59 +0100
commitd3e1bb0d2d97936c91b2a3401f61f970a76b6683 (patch)
treef15a9a825c748a5a2a4dbfdb421a1892e57eb63b
parent605f620edc2a11c4c2905d4dabf55b9af55ab2a5 (diff)
PhotoRec: avoid too large .lnk files
-rw-r--r--src/file_lnk.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/src/file_lnk.c b/src/file_lnk.c
index 31a35ff..3624623 100644
--- a/src/file_lnk.c
+++ b/src/file_lnk.c
@@ -208,6 +208,9 @@ static unsigned int lnk_get_size(const unsigned char *buffer, const unsigned int
#ifdef DEBUG_LNK
log_debug("LNK extra stuff at 0x%04x=%04x\n", i, len);
#endif
+ /* Discard too big files */
+ if(len >= 0x10000000)
+ return 0;
i+=4;
i+=len;
#ifdef DEBUG_LNK
@@ -223,7 +226,7 @@ static int header_check_lnk(const unsigned char *buffer, const unsigned int buff
if(memcmp(&buffer[0x42], lnk_reserved, sizeof(lnk_reserved))!=0)
return 0;
len=lnk_get_size(buffer, buffer_size);
- if(len == 0)
+ if(len < 0x4c || len > 1048576)
return 0;
reset_file_recovery(file_recovery_new);
file_recovery_new->extension=file_hint_lnk.extension;