From 01d69c1af57a35c9e74e83e1458e3fb2c7cdc6ff Mon Sep 17 00:00:00 2001
From: robi <robi>
Date: Wed, 1 Jun 2011 00:50:03 +0000
Subject: possible buffer overflow

---
 src/recover.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/recover.c b/src/recover.c
index eba48f5..1547fe9 100644
--- a/src/recover.c
+++ b/src/recover.c
@@ -404,8 +404,9 @@ int recover_file( char* des_dir,char* pathname, char* filename, struct ext2_inod
 //symbolic link	
 		case LINUX_S_IFLNK :
 			  if (ext2fs_inode_data_blocks(current_fs,inode)){
-				buf = malloc(current_fs->blocksize); 
+				buf = malloc(current_fs->blocksize + 1); 
 				if (buf) {
+					memset(buf,0,current_fs->blocksize + 1);
 					priv.buf = buf;
 					priv.error = 0;
 					
@@ -422,7 +423,7 @@ int recover_file( char* des_dir,char* pathname, char* filename, struct ext2_inod
 			else {
 				int i;
 			
-				if(! inode->i_size || (inode->i_size >= 60)) 
+				if((! inode->i_size) || (inode->i_size >= 60)) 
 					goto errout; 
 				buf = malloc(inode->i_size + 1);
 				linkname = (char*) &(inode->i_block[0]);
-- 
cgit v1.2.3