Skip to content

Commit c329eef

Browse files
author
jedwin
committed
Fix for latest iDefense security advisory.
1 parent 4040354 commit c329eef

File tree

2 files changed

+25
-61
lines changed

2 files changed

+25
-61
lines changed

configure.in

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -173,6 +173,8 @@ else
173173
INSTALL_STRIP="-s"
174174
fi
175175

176+
CFLAGS="$CFLAGS $CHM_MT $CHM_USE_PREAD $CHM_USE_IO64"
177+
176178
dnl AC_PROG_LIBTOOL
177179
dnl AC_SUBST(LIBTOOL)
178180

src/chm_lib.c

Lines changed: 23 additions & 61 deletions
Original file line numberDiff line numberDiff line change
@@ -66,13 +66,6 @@
6666
#include <strings.h>
6767
#endif
6868

69-
/* RWE 6/13/2003 */
70-
#ifdef _WIN32_WCE
71-
#define FREEBUF(x) free(x)
72-
#else
73-
#define FREEBUF(x) /* do nothing */
74-
#endif
75-
7669
#ifdef WIN32
7770
#include <windows.h>
7871
#include <malloc.h>
@@ -1262,16 +1255,10 @@ int chm_resolve_object(struct chmFile *h,
12621255
Int32 curPage;
12631256

12641257
/* buffer to hold whatever page we're looking at */
1265-
#ifdef WIN32
1266-
#ifdef _WIN32_WCE
12671258
/* RWE 6/12/2003 */
12681259
UChar *page_buf = malloc(h->block_len);
1269-
#else
1270-
UChar *page_buf = alloca(h->block_len);
1271-
#endif
1272-
#else
1273-
UChar page_buf[h->block_len];
1274-
#endif
1260+
if (page_buf == NULL)
1261+
return CHM_RESOLVE_FAILURE;
12751262

12761263
/* starting page */
12771264
curPage = h->index_root;
@@ -1285,7 +1272,7 @@ int chm_resolve_object(struct chmFile *h,
12851272
(UInt64)h->dir_offset + (UInt64)curPage*h->block_len,
12861273
h->block_len) != h->block_len)
12871274
{
1288-
FREEBUF(page_buf);
1275+
free(page_buf);
12891276
return CHM_RESOLVE_FAILURE;
12901277
}
12911278

@@ -1298,13 +1285,13 @@ int chm_resolve_object(struct chmFile *h,
12981285
objPath);
12991286
if (pEntry == NULL)
13001287
{
1301-
FREEBUF(page_buf);
1288+
free(page_buf);
13021289
return CHM_RESOLVE_FAILURE;
13031290
}
13041291

13051292
/* parse entry and return */
13061293
_chm_parse_PMGL_entry(&pEntry, ui);
1307-
FREEBUF(page_buf);
1294+
free(page_buf);
13081295
return CHM_RESOLVE_SUCCESS;
13091296
}
13101297

@@ -1315,13 +1302,13 @@ int chm_resolve_object(struct chmFile *h,
13151302
/* else, we are confused. give up. */
13161303
else
13171304
{
1318-
FREEBUF(page_buf);
1305+
free(page_buf);
13191306
return CHM_RESOLVE_FAILURE;
13201307
}
13211308
}
13221309

13231310
/* didn't find anything. fail. */
1324-
FREEBUF(page_buf);
1311+
free(page_buf);
13251312
return CHM_RESOLVE_FAILURE;
13261313
}
13271314

@@ -1396,16 +1383,7 @@ static Int64 _chm_decompress_block(struct chmFile *h,
13961383
UInt64 block,
13971384
UChar **ubuffer)
13981385
{
1399-
#ifdef WIN32
1400-
#ifdef _WIN32_WCE
1401-
/* RWE 6/12/2003 */
14021386
UChar *cbuffer = malloc(((unsigned int)h->reset_table.block_len + 6144));
1403-
#else
1404-
UChar *cbuffer = alloca(((unsigned int)h->reset_table.block_len + 6144));
1405-
#endif
1406-
#else
1407-
UChar cbuffer[h->reset_table.block_len + 6144]; /* compressed buffer */
1408-
#endif
14091387
UInt64 cmpStart; /* compressed start */
14101388
Int64 cmpLen; /* compressed len */
14111389
int indexSlot; /* cache index slot */
@@ -1458,7 +1436,7 @@ static Int64 _chm_decompress_block(struct chmFile *h,
14581436
#ifdef CHM_DEBUG
14591437
fprintf(stderr, " (DECOMPRESS FAILED!)\n");
14601438
#endif
1461-
FREEBUF(cbuffer);
1439+
free(cbuffer);
14621440
return (Int64)0;
14631441
}
14641442

@@ -1498,15 +1476,15 @@ static Int64 _chm_decompress_block(struct chmFile *h,
14981476
#ifdef CHM_DEBUG
14991477
fprintf(stderr, " (DECOMPRESS FAILED!)\n");
15001478
#endif
1501-
FREEBUF(cbuffer);
1479+
free(cbuffer);
15021480
return (Int64)0;
15031481
}
15041482
h->lzx_last_block = (int)block;
15051483

15061484
/* XXX: modify LZX routines to return the length of the data they
15071485
* decompressed and return that instead, for an extra sanity check.
15081486
*/
1509-
FREEBUF(cbuffer);
1487+
free(cbuffer);
15101488
return h->reset_table.block_len;
15111489
}
15121490

@@ -1631,16 +1609,8 @@ int chm_enumerate(struct chmFile *h,
16311609
Int32 curPage;
16321610

16331611
/* buffer to hold whatever page we're looking at */
1634-
#ifdef WIN32
1635-
#ifdef _WIN32_WCE
16361612
/* RWE 6/12/2003 */
16371613
UChar *page_buf = malloc((unsigned int)h->block_len);
1638-
#else
1639-
UChar *page_buf = alloca((unsigned int)h->block_len);
1640-
#endif
1641-
#else
1642-
UChar page_buf[h->block_len];
1643-
#endif
16441614
struct chmPmglHeader header;
16451615
UChar *end;
16461616
UChar *cur;
@@ -1665,7 +1635,7 @@ int chm_enumerate(struct chmFile *h,
16651635
(UInt64)h->dir_offset + (UInt64)curPage*h->block_len,
16661636
h->block_len) != h->block_len)
16671637
{
1668-
FREEBUF(page_buf);
1638+
free(page_buf);
16691639
return 0;
16701640
}
16711641

@@ -1674,7 +1644,7 @@ int chm_enumerate(struct chmFile *h,
16741644
lenRemain = _CHM_PMGL_LEN;
16751645
if (! _unmarshal_pmgl_header(&cur, &lenRemain, &header))
16761646
{
1677-
FREEBUF(page_buf);
1647+
free(page_buf);
16781648
return 0;
16791649
}
16801650
end = page_buf + h->block_len - (header.free_space);
@@ -1686,7 +1656,7 @@ int chm_enumerate(struct chmFile *h,
16861656

16871657
if (! _chm_parse_PMGL_entry(&cur, &ui))
16881658
{
1689-
FREEBUF(page_buf);
1659+
free(page_buf);
16901660
return 0;
16911661
}
16921662

@@ -1726,12 +1696,12 @@ int chm_enumerate(struct chmFile *h,
17261696
switch (status)
17271697
{
17281698
case CHM_ENUMERATOR_FAILURE:
1729-
FREEBUF(page_buf);
1699+
free(page_buf);
17301700
return 0;
17311701
case CHM_ENUMERATOR_CONTINUE:
17321702
break;
17331703
case CHM_ENUMERATOR_SUCCESS:
1734-
FREEBUF(page_buf);
1704+
free(page_buf);
17351705
return 1;
17361706
default:
17371707
break;
@@ -1743,7 +1713,7 @@ int chm_enumerate(struct chmFile *h,
17431713
curPage = header.block_next;
17441714
}
17451715

1746-
FREEBUF(page_buf);
1716+
free(page_buf);
17471717
return 1;
17481718
}
17491719

@@ -1760,16 +1730,8 @@ int chm_enumerate_dir(struct chmFile *h,
17601730
Int32 curPage;
17611731

17621732
/* buffer to hold whatever page we're looking at */
1763-
#ifdef WIN32
1764-
#ifdef _WIN32_WCE
17651733
/* RWE 6/12/2003 */
17661734
UChar *page_buf = malloc((unsigned int)h->block_len);
1767-
#else
1768-
UChar *page_buf = alloca((unsigned int)h->block_len);
1769-
#endif
1770-
#else
1771-
UChar page_buf[h->block_len];
1772-
#endif
17731735
struct chmPmglHeader header;
17741736
UChar *end;
17751737
UChar *cur;
@@ -1819,7 +1781,7 @@ int chm_enumerate_dir(struct chmFile *h,
18191781
(UInt64)h->dir_offset + (UInt64)curPage*h->block_len,
18201782
h->block_len) != h->block_len)
18211783
{
1822-
FREEBUF(page_buf);
1784+
free(page_buf);
18231785
return 0;
18241786
}
18251787

@@ -1828,7 +1790,7 @@ int chm_enumerate_dir(struct chmFile *h,
18281790
lenRemain = _CHM_PMGL_LEN;
18291791
if (! _unmarshal_pmgl_header(&cur, &lenRemain, &header))
18301792
{
1831-
FREEBUF(page_buf);
1793+
free(page_buf);
18321794
return 0;
18331795
}
18341796
end = page_buf + h->block_len - (header.free_space);
@@ -1840,7 +1802,7 @@ int chm_enumerate_dir(struct chmFile *h,
18401802

18411803
if (! _chm_parse_PMGL_entry(&cur, &ui))
18421804
{
1843-
FREEBUF(page_buf);
1805+
free(page_buf);
18441806
return 0;
18451807
}
18461808

@@ -1861,7 +1823,7 @@ int chm_enumerate_dir(struct chmFile *h,
18611823
{
18621824
if (strncasecmp(ui.path, prefixRectified, prefixLen) != 0)
18631825
{
1864-
FREEBUF(page_buf);
1826+
free(page_buf);
18651827
return 1;
18661828
}
18671829
}
@@ -1912,12 +1874,12 @@ int chm_enumerate_dir(struct chmFile *h,
19121874
switch (status)
19131875
{
19141876
case CHM_ENUMERATOR_FAILURE:
1915-
FREEBUF(page_buf);
1877+
free(page_buf);
19161878
return 0;
19171879
case CHM_ENUMERATOR_CONTINUE:
19181880
break;
19191881
case CHM_ENUMERATOR_SUCCESS:
1920-
FREEBUF(page_buf);
1882+
free(page_buf);
19211883
return 1;
19221884
default:
19231885
break;
@@ -1929,6 +1891,6 @@ int chm_enumerate_dir(struct chmFile *h,
19291891
curPage = header.block_next;
19301892
}
19311893

1932-
FREEBUF(page_buf);
1894+
free(page_buf);
19331895
return 1;
19341896
}

0 commit comments

Comments
 (0)