summaryrefslogtreecommitdiffstats
path: root/src/file_abr.c
diff options
context:
space:
mode:
authorChristophe Grenier <grenier@cgsecurity.org>2018-02-26 10:08:48 +0100
committerChristophe Grenier <grenier@cgsecurity.org>2018-02-26 10:08:48 +0100
commit8fd273959816b12b60a1093e1037bc2a6a26d3d2 (patch)
tree536efbbf90cc0d66e8bbf081db91bcf605fd440b /src/file_abr.c
parentd13e22df20f5111548e1438a6e832b42a2283182 (diff)
PhotoRec: fix potential endless loop/crash when parsing abr files,
use uint64_t when parsing exe, gpg, hdf, indd files fix calculate_packet_size() prototype
Diffstat (limited to 'src/file_abr.c')
-rw-r--r--src/file_abr.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/src/file_abr.c b/src/file_abr.c
index 29aef9a..5d07f92 100644
--- a/src/file_abr.c
+++ b/src/file_abr.c
@@ -27,6 +27,7 @@
#include <string.h>
#endif
#include <stdio.h>
+#include <assert.h>
#include "types.h"
#include "filegen.h"
#include "common.h"
@@ -65,8 +66,9 @@ static data_check_t data_check_abr(const unsigned char *buffer, const unsigned i
static int header_check_abr(const unsigned char *buffer, const unsigned int buffer_size, const unsigned int safe_header_only, const file_recovery_t *file_recovery, file_recovery_t *file_recovery_new)
{
const struct abr_header *hdr=(const struct abr_header*)&buffer[4];
- unsigned int i=4;
- while(i + 12 < buffer_size && i + 12 < 512)
+ uint64_t i=4;
+ assert(buffer_size >= 12);
+ while(i < buffer_size - 12 && i < 512 - 12)
{
const struct abr_header *h=(const struct abr_header*)&buffer[i];
if(memcmp(h->magic, "8BIM", 4)!=0)