libpff_multi_value_get_number_of_values() returns 0 for variable-sized multi-valued props #10
Comments
|
Ok, found the bug. It's in libpff_record_entry.c, line 3039. Parameters of byte_stream_copy_from_uint32_little_endian() in wrong order. You need to copy TO internal_multi_value->number_of_values FROM internal_record_entry->value_data. |
|
Buf after I fixed it by replacing byte_stream_copy_from_uint32_little_endian() with byte_stream_copy_to_uint32_little_endian() (now MV_ props work flawless) I have heap corruption in libpff_record_entry.c, line 224: memory_free(internal_record_entry->value_data ); it looks like something wrong here with memory allocation |
|
I'll have a look. |
|
Seems like it tries to free internal_record_entry->value_data which points at this time to the actual MV data (not the beginning of the allocated block, look at line 3126: it increments value_data member depending on number of values). |
For LIBPFF_VALUE_TYPE_MULTI_VALUE_STRING_ASCII, LIBPFF_VALUE_TYPE_MULTI_VALUE_STRING_UNICODE and LIBPFF_VALUE_TYPE_MULTI_VALUE_BINARY_DATA value types libpff_multi_value_get_number_of_values() always returns 0.
The text was updated successfully, but these errors were encountered: