hivex: Fix calculation of block size for vk data blocks.

author Richard Jones <rjones@redhat.com>

Thu, 21 Jan 2010 17:07:42 +0000 (17:07 +0000)

committer Richard Jones <rjones@redhat.com>

Thu, 28 Jan 2010 11:25:31 +0000 (11:25 +0000)
author Richard Jones <rjones@redhat.com>
Thu, 21 Jan 2010 17:07:42 +0000 (17:07 +0000)
committer Richard Jones <rjones@redhat.com>
Thu, 28 Jan 2010 11:25:31 +0000 (11:25 +0000)
diff --git a/hivex/hivex.c b/hivex/hivex.c

index 81767ad..71d9c29 100644 (file)
--- a/hivex/hivex.c
+++ b/hivex/hivex.c
@@ -1187,7 +1187,7 @@ hivex_value_value (hive_h *h, hive_value_h value,
  
    /* Check that the declared size isn't larger than the block its in. */
    size_t blen = block_len (h, data_offset, NULL);
  
    /* Check that the declared size isn't larger than the block its in. */
    size_t blen = block_len (h, data_offset, NULL);
-  if (len > blen) {
+  if (len > blen - 4 /* subtract 4 for block header */) {
      if (h->msglvl >= 2)
        fprintf (stderr, "hivex_value_value: returning EFAULT because data is longer than its block (data 0x%zx, data len %zu, block len %zu)\n",
                 data_offset, len, blen);
      if (h->msglvl >= 2)
        fprintf (stderr, "hivex_value_value: returning EFAULT because data is longer than its block (data 0x%zx, data len %zu, block len %zu)\n",
                 data_offset, len, blen);
author	Richard Jones <rjones@redhat.com>
	Thu, 21 Jan 2010 17:07:42 +0000 (17:07 +0000)
committer	Richard Jones <rjones@redhat.com>
	Thu, 28 Jan 2010 11:25:31 +0000 (11:25 +0000)