Your message dated Thu, 15 Jan 2015 21:17:06 +0000
with message-id <[email protected]>
and subject line Bug#774766: fixed in clamav 0.98.5+dfsg-0+deb7u3
has caused the Debian Bug report #774766,
regarding libmspack: CHM decompression: division by zero
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
774766: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774766
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: libmspack0
Version: 0.4-2
Severity: grave
Tags: security patch
Usertags: afl
libmspack crashes with SIGFPE on the attached CHM file:
$ gpg -d < sigfpe.chm.asc > sigfpe.chm
$ test/chmd_md5 sigfpe.chm
*** sigfpe.chm
d41d8cd98f00b204e9800998ecf8427e /#ITBITS
Floating point exception
Backtrace:
#0 0x5655d37b in __divdi3 ()
#1 0x56559ebb in chmd_init_decomp (file=0x56563378, self=0x56562008) at
mspack/chmd.c:1132
#2 chmd_extract (base=0x56562008, file=0x56563378, filename=0x0) at
mspack/chmd.c:996
#3 0x56555c40 in main (argc=2, argv=0xffffd888) at test/chmd_md5.c:44
This bug does affect ClamAV.
The attached patch should fix the problem. (But I'm not familiar with
the code base, so please double-check it.)
This bug was found using American fuzzy lop:
https://packages.debian.org/experimental/afl
-- System Information:
Debian Release: 8.0
APT prefers unstable
APT policy: (990, 'unstable'), (500, 'experimental')
Architecture: i386 (x86_64)
Foreign Architectures: amd64
Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages libmspack0 depends on:
ii libc6 2.19-13
ii multiarch-support 2.19-13
--
Jakub Wilk
--- a/mspack/chmd.c
+++ b/mspack/chmd.c
@@ -1125,7 +1125,7 @@
}
/* validate reset_interval */
- if (reset_interval % LZX_FRAME_SIZE) {
+ if (reset_interval % LZX_FRAME_SIZE || !reset_interval) {
D(("bad controldata reset interval"))
return self->error = MSPACK_ERR_DATAFORMAT;
}
-----BEGIN PGP MESSAGE-----
Version: GnuPG v1
owHtmH1MG3UYx5/r2GhL2QoSNpOpbJ2IydproVvbvcTBHdDG62i42wTDXo72oCXt
ld2dcchkw7csIo3Rf8yiDswCAZyJ/rEZNFmcWXRzRHCJODAuYQb+kLeg4gsw/F1f
Mjc1myaamPw+lyfP7/k9z/P7Pbn7676nTVytXg7V1zUKFn8wwr3t/M7DsWUrAOAg
MgJZ3Uldly4NwLhEHOltHsx60wAdFzeOT2bdFqv1KuuS/nDSc8aEv5z0N4iEp01w
C+hen5rikOnVDVSvSc6wjEjVqWt1T52p4RXNPsuGwaw3fknMwCXzKXzecuZK5s2+
eC+JAi1p8tBVbrqSaGU64hFXggZQjyVNLFfp2V3OEp1HCJRhq1mu1AutqzqeQhFX
4fNQKMUYUbCnkkG1RGcwJxFwJQzRWWPIIENiQDhsCSqRMAGtTM62bTSv8Gwj7xfI
3XxEYEKyArCj4Pf7rBKV+HqB9LJUNNIoCbIsBEgqKiqCqMBb8Ix7811VS9GwWgUN
6x++Yz1KiR6xLgq1WvKOxZzEi3JdVIqQ8el35B/4Gy3NjjKq0OmyW80uushmttlo
tCopdJit1mIr5bKVuigH9TTpEWWFF/2Ceq76lUL/8hWVgiwoHF8bFuCU2woYDAaD
wWAwGAwGg/m/0Ue8CNvBCPeDBgywB0TwQxQi0AgSCCCjR4AAqjOAF1ig/jTXDA4o
Q7lCcIIL7GAFM/I0FIENrWzoodHeUlLVWIWMebyK0iQnSCkXKqqaooc0eLWph9NB
LrjdxXl7BUkORcU8u8Vhtzgd1kKU3xTXNG4nf6e2iy4YTB2GTs6Am/oCunglKAL6
IzdAojkTwMiZWO/QdFt8AuKPR94V/7QPg8FgMBgMBoPBYDAYzH/DmqQWoM3TQsMI
fAFg18CWLRBbvbgxlp53zKhbLz3HOI+nr2zecLH/y9CF0c1n0j94YLxl8NKhNCfs
Alg3QEBxe0vwrG9M31Zz6Pns7crYr+fXMGldrdPvbxKyj1bMXYuLHBCEU3rfigH+
WvW5eX+L/Wr+8P7FQA8/HZsq/7Q3o/vbnBhT3uc83nu9qefKcNte80P7206E58mR
wKWG+bXW769ePt8+3DfzrCczXJ/94HBu/32fvXaudO6Fj5YmM7ptP4zOfnz9vUnX
wX1bV6/dqXtyKtL0xNF7e2N9Xe2js1Nnfmxii6bemThwul+3PLHAf7Vsr36seuvn
M59kVuQukjPzQ90/z767UCuOXDg5+U0MXgaYeGRoYHxs7qcPFxe+PvHS3OszUuTR
G/csn4Wqv36bu2pSao4WWQGylOrjTokkx27t+A0=
=lYiV
-----END PGP MESSAGE-----
--- End Message ---
--- Begin Message ---
Source: clamav
Source-Version: 0.98.5+dfsg-0+deb7u3
We believe that the bug you reported is fixed in the latest version of
clamav, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Sebastian Andrzej Siewior <[email protected]> (supplier of updated clamav
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 07 Jan 2015 21:56:21 +0100
Source: clamav
Binary: clamav-base clamav-docs clamav-dbg clamav libclamav-dev libclamav6
clamav-daemon clamav-testfiles clamav-freshclam clamav-milter
Architecture: source all
Version: 0.98.5+dfsg-0+deb7u3
Distribution: stable
Urgency: medium
Maintainer: ClamAV Team <[email protected]>
Changed-By: Sebastian Andrzej Siewior <[email protected]>
Description:
clamav - anti-virus utility for Unix - command-line interface
clamav-base - anti-virus utility for Unix - base package
clamav-daemon - anti-virus utility for Unix - scanner daemon
clamav-dbg - debug symbols for ClamAV
clamav-docs - anti-virus utility for Unix - documentation
clamav-freshclam - anti-virus utility for Unix - virus database update utility
clamav-milter - anti-virus utility for Unix - sendmail integration
clamav-testfiles - anti-virus utility for Unix - test files
libclamav-dev - anti-virus utility for Unix - development files
libclamav6 - anti-virus utility for Unix - library
Closes: 774766 774767
Changes:
clamav (0.98.5+dfsg-0+deb7u3) stable; urgency=medium
.
* add "mspack-fix-division-by-zero-in-chm-format-handling" to fix divide
by zero in the chm unpacked. Found & patch by Jakub Wilk (Closes: #774766).
* add "mspack-fix-overflow-in-pointer-arithmetic-on-32bit" to avoid overflow
in pointer arithmetic causing a segfault on 32bit (Closes: #774767).
Checksums-Sha1:
4bdf99e7c8bb0340ff24c47544aa4d881b8e6e32 2906 clamav_0.98.5+dfsg-0+deb7u3.dsc
1131d5c41f60ebb5babb128d0b0d82cadf04b8c6 846419
clamav_0.98.5+dfsg-0+deb7u3.debian.tar.gz
df19152a09dc95e11df5e3f15b78cd6148670c3a 277496
clamav-base_0.98.5+dfsg-0+deb7u3_all.deb
b8160fde4996367a2c0e2e65405ca80603ffc428 929876
clamav-docs_0.98.5+dfsg-0+deb7u3_all.deb
7657eda2e12e14a9762552bbbd375259a3e01c95 5281818
clamav-testfiles_0.98.5+dfsg-0+deb7u3_all.deb
Checksums-Sha256:
23c3d34e431fd0a0aa6f303e2e1f37b0500a1942efa949201e3c8ff9d96e1b17 2906
clamav_0.98.5+dfsg-0+deb7u3.dsc
7d8099bf47d6a5ab5fcc04609fceee532d82e6c71f83749f9ba81ec3169c4f8a 846419
clamav_0.98.5+dfsg-0+deb7u3.debian.tar.gz
ee2fa95d147de5b59e4584e6c4882e01b4c360cd0780ff4ef0f38af362a64191 277496
clamav-base_0.98.5+dfsg-0+deb7u3_all.deb
a472fa72a42b06bea8017790d123f4cce0dff983cf1d25580251e3270c114ec6 929876
clamav-docs_0.98.5+dfsg-0+deb7u3_all.deb
66e66db26c117a8264e21728180696b9c84f76d42bd9911b189b5d5095f63bec 5281818
clamav-testfiles_0.98.5+dfsg-0+deb7u3_all.deb
Files:
50a105fb129c374869de1e7642ae4a74 2906 utils optional
clamav_0.98.5+dfsg-0+deb7u3.dsc
a88b6107ff0b690634a1f6aee7179da8 846419 utils optional
clamav_0.98.5+dfsg-0+deb7u3.debian.tar.gz
8dd9a85bb378358170f491fee933e148 277496 utils optional
clamav-base_0.98.5+dfsg-0+deb7u3_all.deb
2eb033ba0881ca8c3aecd0276c7caa4f 929876 doc optional
clamav-docs_0.98.5+dfsg-0+deb7u3_all.deb
fbb126bbe5f2da77fe1df00144328308 5281818 utils optional
clamav-testfiles_0.98.5+dfsg-0+deb7u3_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJUttaEAAoJEHuW6BYqjPXRaoAP/1Sggk08QI7MOEAMiAVFF1jK
A5qa28ZVGkjNiEo7HqAsI76hfq/1We7XMPe9ZFf9WpEFczs4dObeWcbAG/dyhWtq
PHp3G63aqp0E3mKGVj42HFUdbj34QtBqtFs7isHwp1fQbJERFcgCrlMiNYaep5R9
vbcJ0+Q6LcJpUnM1dArj0uKcv+lsnKRDVGykW6TrKObjoLAvfm4wa9BbIYXSirWI
mYL8OFiDGjRaZnpxBX44fb5qkQVNlPQ8PsNV4TjQWrnt5lj3/h1zzycvPMXjrIOk
tFOd/R46ayAx8zLBNohlPEd1vaIvbfS2BqEle6OYLtf/y8sV29A6DxdjVxDKaoNL
FiWAwErAXBj/3T4/V4haIu+eHV4qw+6gbwK8BP+/GGexPsoRkxI4l0X77szUTQWW
PBL80yKYfZxXKoMxRun2bbJ8OfgZAdMgRbdLYbFpKpJakjEIqzJEccKn9aQR/CQw
5GnyH9Tnepp+brX68JN+X5WlTvN2lsiBk7G7pZQ28V9oOxWVeNDumGAxcEqorVSF
FHmFFNLRtFCUPoVNWj+cs0sHZ6leVEYbjGMruIuki8vxvH4aLc3yNmUrUlRpT96P
QJZKn2cm2hFZKbTrpa5kIJ+IfG5hoxTFtYZpYP820Eiv4c3opKo9grFhoAZBYNHP
qu382hi17ivvu5+lHKJ9
=9LMJ
-----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________
Pkg-clamav-devel mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-clamav-devel
