From: Justin Viiret <justin.viiret@intel.com>
Date: Mon, 9 May 2016 23:32:13 +0000 (+1000)
Subject: fdr: ensure 16 bytes of pre-history in block mode
X-Git-Tag: v4.2.0^2~19
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=95f35aad0e3372e3fcc5cd2bf0b734c0f6af0c0d;p=thirdparty%2Fvectorscan.git

fdr: ensure 16 bytes of pre-history in block mode
---

diff --git a/src/fdr/fdr.c b/src/fdr/fdr.c
index 51a041cc..ff69853e 100644
--- a/src/fdr/fdr.c
+++ b/src/fdr/fdr.c
@@ -800,12 +800,16 @@ static const u8 fake_history[FAKE_HISTORY_SIZE];
 hwlm_error_t fdrExec(const struct FDR *fdr, const u8 *buf, size_t len,
                      size_t start, HWLMCallback cb, void *ctxt,
                      hwlm_group_t groups) {
+    // We guarantee (for safezone construction) that it is safe to read 16
+    // bytes before the end of the history buffer.
+    const u8 *hbuf = fake_history + FAKE_HISTORY_SIZE;
+
     const struct FDR_Runtime_Args a = {
         buf,
         len,
-        fake_history,
+        hbuf,
         0,
-        fake_history, // nocase
+        hbuf, // nocase
         0,
         start,
         cb,