From 2912c833bd218a7ef00452c6218364235f02e5bf Mon Sep 17 00:00:00 2001
From: lingsheng <lingsheng@huawei.com>
Date: Thu, 17 Sep 2020 11:13:28 +0800
Subject: [PATCH] Fix int64 overflow check

---
 clamav-Fix-int64-overflow-check.patch | 41 +++++++++++++++++++++++++++
 clamav.spec                           |  6 +++-
 2 files changed, 46 insertions(+), 1 deletion(-)
 create mode 100644 clamav-Fix-int64-overflow-check.patch

diff --git a/clamav-Fix-int64-overflow-check.patch b/clamav-Fix-int64-overflow-check.patch
new file mode 100644
index 0000000..a27f398
--- /dev/null
+++ b/clamav-Fix-int64-overflow-check.patch
@@ -0,0 +1,41 @@
+From 38622da97fb6fcb2d43d5676ac75cb5ac7896359 Mon Sep 17 00:00:00 2001
+From: lutianxiong <lutianxiong@huawei.com>
+Date: Tue, 16 Jun 2020 11:15:10 +0800
+Subject: [PATCH] Fix int64 overflow check
+
+Overflow check "(value >> 32)  * 10  < INT32_MAX" may not work in
+certain conditions, e.g. value is 0xcccccccdbcdc9cc
+
+Note: This fixes oss-fuzz bug 16117.
+---
+ libclamav/htmlnorm.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/libclamav/htmlnorm.c b/libclamav/htmlnorm.c
+index d0be15b..4ac4948 100644
+--- a/libclamav/htmlnorm.c
++++ b/libclamav/htmlnorm.c
+@@ -1459,9 +1459,9 @@ static int cli_html_normalise(int fd, m_area_t *m_area, const char *dirname, tag
+ 					next_state = HTML_BAD_STATE;
+ 					ptr++;
+ 				} else if (isdigit(*ptr) || (hex && isxdigit(*ptr))) {
+-                        if (hex && (value >> 32) * 16 < INT32_MAX) {
++                        if (hex && value < INT64_MAX / 16) {
+ 						value *= 16;
+-                        } else if ((value >> 32) * 10 < INT32_MAX) {
++                        } else if (value < INT64_MAX / 10) {
+ 						value *= 10;
+                         } else {
+                             html_output_c(file_buff_o2, value);
+@@ -1727,7 +1727,7 @@ static int cli_html_normalise(int fd, m_area_t *m_area, const char *dirname, tag
+ 				state = HTML_RFC2397_DATA;
+ 				break;
+ 			case HTML_ESCAPE_CHAR:
+-                    if ((value >> 32) * 16 < INT32_MAX) {
++                    if (value < INT64_MAX / 16) {
+ 				value *= 16;
+                     } else {
+                         state = next_state;
+-- 
+2.23.0
+
diff --git a/clamav.spec b/clamav.spec
index d0ab7b9..0a959dc 100644
--- a/clamav.spec
+++ b/clamav.spec
@@ -1,7 +1,7 @@
 Name:           clamav
 Summary:        End-user tools for the Clam Antivirus scanner
 Version:        0.101.4
-Release:        5
+Release:        6
 License:        GPLv2
 URL:            https://www.clamav.net/
 Source0:        https://www.clamav.net/downloads/production/clamav-%version.tar.gz
@@ -26,6 +26,7 @@ Patch0002:      clamav-0.100.1-defaults_locations.patch
 Patch0003:      clamav-0.99-private.patch
 Patch0004:      clamav-0.100.0-umask.patch
 Patch0005:      llvm-glibc.patch
+Patch0006:      clamav-Fix-int64-overflow-check.patch
 
 BuildRequires:  autoconf automake gettext-devel libtool libtool-ltdl-devel
 BuildRequires:  gcc-c++ zlib-devel bzip2-devel gmp-devel curl-devel json-c-devel
@@ -408,6 +409,9 @@ test -e %_var/log/clamav-milter.log || {
 
 
 %changelog
+* Thu Sep 17 2020 lingsheng <lingsheng@huawei.com> - 0.101.4-6
+- Fix int64 overflow check
+
 * Thu Mar 12 2020 wutao <wutao61@huawei.com> - 0.101.4-5
 - Type:N/A
 - ID:N/A
-- 
Gitee