summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--src/file_ab.c5
-rw-r--r--src/file_bld.c5
-rw-r--r--src/file_crw.c2
-rw-r--r--src/file_emf.c5
-rw-r--r--src/file_evt.c5
-rw-r--r--src/file_m2ts.c3
-rw-r--r--src/file_mov.c5
-rw-r--r--src/file_mp3.c6
-rw-r--r--src/file_ogg.c5
9 files changed, 25 insertions, 16 deletions
diff --git a/src/file_ab.c b/src/file_ab.c
index 489d118..00c8696 100644
--- a/src/file_ab.c
+++ b/src/file_ab.c
@@ -2,7 +2,7 @@
File: file_addressbook.c
- Copyright (C) 2007 Christophe GRENIER <grenier@cgsecurity.org>
+ Copyright (C) 2007-2008 Christophe GRENIER <grenier@cgsecurity.org>
This software is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -68,7 +68,8 @@ static int header_check_addressbook(const unsigned char *buffer, const unsigned
static int data_check_addressbook(const unsigned char *buffer, const unsigned int buffer_size, file_recovery_t *file_recovery)
{
- while(file_recovery->calculated_file_size + 8 < file_recovery->file_size + buffer_size/2)
+ while(file_recovery->calculated_file_size + buffer_size/2 >= file_recovery->file_size &&
+ file_recovery->calculated_file_size + 8 < file_recovery->file_size + buffer_size/2)
{
unsigned int i=file_recovery->calculated_file_size - file_recovery->file_size + buffer_size/2;
#ifdef DEBUG_AB
diff --git a/src/file_bld.c b/src/file_bld.c
index fdf42b8..ce3b8a8 100644
--- a/src/file_bld.c
+++ b/src/file_bld.c
@@ -2,7 +2,7 @@
File: file_bld.c
- Copyright (C) 2006-2007 Christophe GRENIER <grenier@cgsecurity.org>
+ Copyright (C) 2006-2008 Christophe GRENIER <grenier@cgsecurity.org>
This software is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -85,7 +85,8 @@ static int header_check_blend(const unsigned char *buffer, const unsigned int bu
static int data_check_blend4le(const unsigned char *buffer, const unsigned int buffer_size, file_recovery_t *file_recovery)
{
- while(file_recovery->calculated_file_size + 0x14 < file_recovery->file_size + buffer_size/2)
+ while(file_recovery->calculated_file_size + buffer_size/2 >= file_recovery->file_size &&
+ file_recovery->calculated_file_size + 0x14 < file_recovery->file_size + buffer_size/2)
{
unsigned int len;
unsigned int i=file_recovery->calculated_file_size - file_recovery->file_size + buffer_size/2;
diff --git a/src/file_crw.c b/src/file_crw.c
index a05875c..c38735d 100644
--- a/src/file_crw.c
+++ b/src/file_crw.c
@@ -2,7 +2,7 @@
File: file_crw.c
- Copyright (C) 1998-2005,2007 Christophe GRENIER <grenier@cgsecurity.org>
+ Copyright (C) 1998-2005,2007-2008 Christophe GRENIER <grenier@cgsecurity.org>
This software is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
diff --git a/src/file_emf.c b/src/file_emf.c
index 9eb365b..60c3175 100644
--- a/src/file_emf.c
+++ b/src/file_emf.c
@@ -180,11 +180,11 @@ static int header_check_emf(const unsigned char *buffer, const unsigned int buff
memcmp(&buffer[0x28],emf_sign,sizeof(emf_sign))==0)
{
unsigned int atom_size;
+ atom_size=buffer[4]+(buffer[5]<<8)+(buffer[6]<<16)+(buffer[7]<<24);
reset_file_recovery(file_recovery_new);
file_recovery_new->extension=file_hint_emf.extension;
file_recovery_new->data_check=data_check_emf;
file_recovery_new->file_check=&file_check_size;
- atom_size=buffer[4]+(buffer[5]<<8)+(buffer[6]<<16)+(buffer[7]<<24);
file_recovery_new->calculated_file_size=atom_size;
return 1;
}
@@ -193,7 +193,8 @@ static int header_check_emf(const unsigned char *buffer, const unsigned int buff
static int data_check_emf(const unsigned char *buffer, const unsigned int buffer_size, file_recovery_t *file_recovery)
{
- while(file_recovery->calculated_file_size + 8 < file_recovery->file_size + buffer_size/2)
+ while(file_recovery->calculated_file_size + buffer_size/2 >= file_recovery->file_size &&
+ file_recovery->calculated_file_size + 8 < file_recovery->file_size + buffer_size/2)
{
unsigned int atom_size;
unsigned int itype;
diff --git a/src/file_evt.c b/src/file_evt.c
index 9764fbe..9dbab1f 100644
--- a/src/file_evt.c
+++ b/src/file_evt.c
@@ -2,7 +2,7 @@
File: file_evt.c
- Copyright (C) 2007 Christophe GRENIER <grenier@cgsecurity.org>
+ Copyright (C) 2007-2008 Christophe GRENIER <grenier@cgsecurity.org>
This software is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -69,7 +69,8 @@ static int header_check_evt(const unsigned char *buffer, const unsigned int buff
static int data_check_evt(const unsigned char *buffer, const unsigned int buffer_size, file_recovery_t *file_recovery)
{
- while(file_recovery->calculated_file_size + 8 < file_recovery->file_size + buffer_size/2)
+ while(file_recovery->calculated_file_size + buffer_size/2 >= file_recovery->file_size &&
+ file_recovery->calculated_file_size + 8 < file_recovery->file_size + buffer_size/2)
{
unsigned int i=file_recovery->calculated_file_size - file_recovery->file_size + buffer_size/2;
if((buffer[i+4]=='L' && buffer[i+5]=='f' && buffer[i+6]=='L' && buffer[i+7]=='e') ||
diff --git a/src/file_m2ts.c b/src/file_m2ts.c
index 37fa38e..085ad9f 100644
--- a/src/file_m2ts.c
+++ b/src/file_m2ts.c
@@ -101,7 +101,8 @@ static int header_check_m2t(const unsigned char *buffer, const unsigned int buff
static int data_check_m2ts(const unsigned char *buffer, const unsigned int buffer_size, file_recovery_t *file_recovery)
{
- while(file_recovery->calculated_file_size + 5 < file_recovery->file_size + buffer_size/2)
+ while(file_recovery->calculated_file_size + buffer_size/2 >= file_recovery->file_size &&
+ file_recovery->calculated_file_size + 5 < file_recovery->file_size + buffer_size/2)
{
unsigned int i=file_recovery->calculated_file_size - file_recovery->file_size + buffer_size/2;
if(buffer[i+4]!=0x47) /* TS_SYNC_BYTE */
diff --git a/src/file_mov.c b/src/file_mov.c
index 8a12773..e2d3439 100644
--- a/src/file_mov.c
+++ b/src/file_mov.c
@@ -2,7 +2,7 @@
File: file_mov.c
- Copyright (C) 1998-2007 Christophe GRENIER <grenier@cgsecurity.org>
+ Copyright (C) 1998-2008 Christophe GRENIER <grenier@cgsecurity.org>
This software is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -174,7 +174,8 @@ static int header_check_mov(const unsigned char *buffer, const unsigned int buff
static int data_check_mov(const unsigned char *buffer, const unsigned int buffer_size, file_recovery_t *file_recovery)
{
- while(file_recovery->calculated_file_size + 8 < file_recovery->file_size + buffer_size/2)
+ while(file_recovery->calculated_file_size + buffer_size/2 >= file_recovery->file_size &&
+ file_recovery->calculated_file_size + 8 < file_recovery->file_size + buffer_size/2)
{
unsigned int atom_size;
unsigned int i;
diff --git a/src/file_mp3.c b/src/file_mp3.c
index 75b80d7..84fc7a5 100644
--- a/src/file_mp3.c
+++ b/src/file_mp3.c
@@ -235,7 +235,8 @@ static int header_check_mp3(const unsigned char *buffer, const unsigned int buff
static int data_check_id3(const unsigned char *buffer, const unsigned int buffer_size, file_recovery_t *file_recovery)
{
- while(file_recovery->calculated_file_size < file_recovery->file_size + buffer_size/2)
+ while(file_recovery->calculated_file_size + buffer_size/2 >= file_recovery->file_size &&
+ file_recovery->calculated_file_size + 1 < file_recovery->file_size + buffer_size/2)
{
unsigned int i=file_recovery->calculated_file_size - file_recovery->file_size + buffer_size/2;
if(buffer[i]==0)
@@ -254,7 +255,8 @@ static int data_check_id3(const unsigned char *buffer, const unsigned int buffer
static int data_check_mp3(const unsigned char *buffer, const unsigned int buffer_size, file_recovery_t *file_recovery)
{
- while(file_recovery->calculated_file_size + 16 < file_recovery->file_size + buffer_size/2)
+ while(file_recovery->calculated_file_size + buffer_size/2 >= file_recovery->file_size &&
+ file_recovery->calculated_file_size + 16 < file_recovery->file_size + buffer_size/2)
{
unsigned int MMT_size = 0;
unsigned int i=file_recovery->calculated_file_size - file_recovery->file_size + buffer_size/2;
diff --git a/src/file_ogg.c b/src/file_ogg.c
index 675603b..40e62d0 100644
--- a/src/file_ogg.c
+++ b/src/file_ogg.c
@@ -2,7 +2,7 @@
File: file_ogg.c
- Copyright (C) 1998-2005,2007 Christophe GRENIER <grenier@cgsecurity.org>
+ Copyright (C) 1998-2005,2007-2008 Christophe GRENIER <grenier@cgsecurity.org>
This software is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -71,7 +71,8 @@ static int header_check_ogg(const unsigned char *buffer, const unsigned int buff
/* http://www.ietf.org/rfc/rfc3533.txt */
static int data_check_ogg(const unsigned char *buffer, const unsigned int buffer_size, file_recovery_t *file_recovery)
{
- while(file_recovery->calculated_file_size + 27 + 255 < file_recovery->file_size + buffer_size/2)
+ while(file_recovery->calculated_file_size + buffer_size/2 >= file_recovery->file_size &&
+ file_recovery->calculated_file_size + 27 +255 < file_recovery->file_size + buffer_size/2)
{
unsigned int i=file_recovery->calculated_file_size - file_recovery->file_size + buffer_size/2;
if(memcmp(&buffer[i],ogg_header,sizeof(ogg_header))==0)