Open basicDaveDev opened 3 years ago
At the file Eventlogedit-evtx--Evolution/DeleteRecordofFile.cpp
Eventlogedit-evtx--Evolution/DeleteRecordofFile.cpp
unsigned char *ChecksumBuf1 = new unsigned char[currentChunk->FreeSpaceOffset - 512]; memcpy(ChecksumBuf1, (PBYTE)currentChunk + 512, currentChunk->FreeSpaceOffset - 512); crc32 = GetCRC32(ChecksumBuf1, currentChunk->FreeSpaceOffset - 512);
In this portion of code, you may have a bug/untreated case if there is the value of FreeSpaceOffset is 0.
FreeSpaceOffset
the same problem (
vklymchuk
commented
3 years ago vklymchuk
commented
3 years ago
At the file
Eventlogedit-evtx--Evolution/DeleteRecordofFile.cppIn this portion of code, you may have a bug/untreated case if there is the value of
FreeSpaceOffsetis 0.