From 87e4a34207a739d784b2ad95afd0f1210ce35841 Mon Sep 17 00:00:00 2001
From: Andy Ragusa <aragusa@cisco.com>
Date: Wed, 22 May 2024 13:54:12 -0700
Subject: [PATCH 1/2] Added error checking for null/empty strings to prevent
 bad reads

---
 libclamav_rust/src/scanners.rs | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/libclamav_rust/src/scanners.rs b/libclamav_rust/src/scanners.rs
index ecdd804d14..aa4c7d133f 100644
--- a/libclamav_rust/src/scanners.rs
+++ b/libclamav_rust/src/scanners.rs
@@ -49,8 +49,12 @@ pub fn magic_scan(ctx: *mut cli_ctx, buf: &[u8], name: Option<String>) -> cl_err
     let ptr = buf.as_ptr();
     let len = buf.len();
 
+    if 0 == len{
+        return cl_error_t_CL_SUCCESS ;
+    }
+
     match &name {
-        Some(name) => debug!("Scanning {}-byte file named {}.", len, name),
+        Some(name) => debug!("Scanning {}-byte file named {:?}.", len, name),
         None => debug!("Scanning {}-byte unnamed file.", len),
     }
 
@@ -70,13 +74,14 @@ pub fn magic_scan(ctx: *mut cli_ctx, buf: &[u8], name: Option<String>) -> cl_err
     };
 
     let ret = unsafe { cli_magic_scan_buff(ptr as *const c_void, len, ctx, name_ptr, 0) };
-
     if ret != cl_error_t_CL_SUCCESS {
         debug!("cli_magic_scan_buff returned error: {}", ret);
     }
 
     // Okay now safe to drop the name CString.
-    let _ = unsafe { CString::from_raw(name_ptr) };
+    if !name_ptr.is_null(){
+        let _ = unsafe { CString::from_raw(name_ptr) };
+    }
 
     ret
 }

From 16fadc2eab8929e41b15600f64e80778fbe938e4 Mon Sep 17 00:00:00 2001
From: Andy Ragusa <aragusa@cisco.com>
Date: Wed, 22 May 2024 14:54:08 -0700
Subject: [PATCH 2/2] Added check for empty data

---
 libclamav_rust/src/alz.rs      | 4 +++-
 libclamav_rust/src/scanners.rs | 6 +++---
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/libclamav_rust/src/alz.rs b/libclamav_rust/src/alz.rs
index 56674fb9c6..fef676a0db 100644
--- a/libclamav_rust/src/alz.rs
+++ b/libclamav_rust/src/alz.rs
@@ -358,7 +358,9 @@ impl AlzLocalFileHeader {
             data: buffer.to_vec(),
         };
 
-        files.push(extracted_file);
+        if 0 != extracted_file.data.len() {
+            files.push(extracted_file);
+        }
     }
 
     fn extract_file_nocomp(
diff --git a/libclamav_rust/src/scanners.rs b/libclamav_rust/src/scanners.rs
index aa4c7d133f..2b47667bcd 100644
--- a/libclamav_rust/src/scanners.rs
+++ b/libclamav_rust/src/scanners.rs
@@ -49,8 +49,8 @@ pub fn magic_scan(ctx: *mut cli_ctx, buf: &[u8], name: Option<String>) -> cl_err
     let ptr = buf.as_ptr();
     let len = buf.len();
 
-    if 0 == len{
-        return cl_error_t_CL_SUCCESS ;
+    if 0 == len {
+        return cl_error_t_CL_SUCCESS;
     }
 
     match &name {
@@ -79,7 +79,7 @@ pub fn magic_scan(ctx: *mut cli_ctx, buf: &[u8], name: Option<String>) -> cl_err
     }
 
     // Okay now safe to drop the name CString.
-    if !name_ptr.is_null(){
+    if !name_ptr.is_null() {
         let _ = unsafe { CString::from_raw(name_ptr) };
     }