CVE-2015-2170: clamav: crash on crafted upx packed file

[Sebastian Andrzej Siewior <cve-announce () ml breakpoint cc>]

UPX [0] is a executable file compressor which is able to compress various
executable formats including PE and ELF files. Clamav [1] is a virus scanning
tool which is able to unpack such files during scanning.

During unpacking there are two range checks which are implemented "manually".
Those checks lack the detection of overflows which are considered by the
CLI_ISCONTAINED() macro. This has been fixed [2] and is part of the 0.98.7
release.
This bug has been discovered by AFL [3], american fuzzy lop.

[0] http://upx.sourceforge.net/
[1] http://www.clamav.net/
[2] https://github.com/vrtadmin/clamav-devel/commit/625f5a9b8f008b8714850e4aa064dee1de06e534
[3] http://lcamtuf.coredump.cx/afl/

Sebastian