improve scanning of zip files

git-svn: trunk@1702
20 years ago · 09d86d5739
parent a7282c2fae
commit 09d86d5739
6 changed files with 20 additions and 7 deletions
--- a/clamav-devel/AUTHORS
+++ b/clamav-devel/AUTHORS
@ -108,6 +108,7 @@ James P. Dugal <jpd*louisiana.edu>
 Magnus Ekdahl <magnus*debian.org>
 Jens Elkner <elkner*linofee.org>
 Jason Englander <jason*englanders.cc>
+Daniel Fahlgren <fahlgren*ardendo.se>
 Andy Fiddaman <clam*fiddaman.net>
 Tony Finch <dot*dotat.at>
 David Ford <david+cert*blue-labs.org>
--- a/clamav-devel/ChangeLog
+++ b/clamav-devel/ChangeLog
@ -1,3 +1,8 @@
+Sun Aug 21 03:19:15 CEST 2005 (tk)
+----------------------------------
+  * libclamav: improve scanning of zip files (patch by Daniel Fahlgren
+	       <fahlgren*ardendo.se>)
+
 Sun Aug 21 01:06:54 CEST 2005 (tk)
 ----------------------------------
  * clamd: use reentrant version of gethostbyname when available
--- a/clamav-devel/libclamav/scanners.c
+++ b/clamav-devel/libclamav/scanners.c
@ -314,7 +314,7 @@ static int cli_scanzip(int desc, const char **virname, long int *scanned, const
 	 */
 	encrypted = (zdirent.d_flags & 0x2041 != 0);

-	cli_dbgmsg("Zip: %s, crc32: 0x%x, encrypted: %d, compressed: %u, normal: %u, method: %d, ratio: %d (max: %d)\n", zdirent.d_name, zdirent.d_crc32, encrypted, zdirent.d_csize, zdirent.st_size, zdirent.d_compr, zdirent.d_csize ? (zdirent.st_size / zdirent.d_csize) : 0, limits ? limits->maxratio : 0);
+	cli_dbgmsg("Zip: %s, crc32: 0x%x, offset: %d, encrypted: %d, compressed: %u, normal: %u, method: %d, ratio: %d (max: %d)\n", zdirent.d_name, zdirent.d_crc32, zdirent.d_off, encrypted, zdirent.d_csize, zdirent.st_size, zdirent.d_compr, zdirent.d_csize ? (zdirent.st_size / zdirent.d_csize) : 0, limits ? limits->maxratio : 0);

 	if(!zdirent.st_size) {
 	    if(zdirent.d_crc32) {
@ -425,7 +425,7 @@ static int cli_scanzip(int desc, const char **virname, long int *scanned, const
 	    }
 	}

-	if((zfp = zzip_file_open(zdir, zdirent.d_name, 0)) == NULL) {
+	if((zfp = zzip_file_open(zdir, zdirent.d_name, 0, zdirent.d_off)) == NULL) {
 	    cli_dbgmsg("Zip: Can't open file %s\n", zdirent.d_name);
 	    ret = CL_EZIP;
 	    break;
--- a/clamav-devel/libclamav/zziplib/zzip-file.c
+++ b/clamav-devel/libclamav/zziplib/zzip-file.c
@ -153,7 +153,7 @@ static int zzip_inflate_init(ZZIP_FILE *, struct zzip_dir_hdr *);
 *       memchunk here... just to be safe.
 */
 ZZIP_FILE * 
-zzip_file_open(ZZIP_DIR * dir, zzip_char_t* name, int o_mode)
+zzip_file_open(ZZIP_DIR * dir, zzip_char_t* name, int o_mode, int d_off)
 {
    zzip_error_t err = 0;
    struct zzip_file * fp = 0;
@ -185,7 +185,7 @@ zzip_file_open(ZZIP_DIR * dir, zzip_char_t* name, int o_mode)
 	      hdr->d_name, hdr->d_compr, hdr->d_usize);
 	*/

-        if (!cmp(hdr_name, name))
+        if (!cmp(hdr_name, name) && (d_off == -1 || d_off == hdr->d_off))
        {
            switch (hdr->d_compr)
            {
@ -744,7 +744,7 @@ zzip_open_shared_io (ZZIP_FILE* stream,
 	      filename[len] == '/' && filename[len+1])
 	  {
 	      ZZIP_FILE* fp = 
-		  zzip_file_open (stream->dir, filename+len+1, o_modes);
+		  zzip_file_open (stream->dir, filename+len+1, o_modes, -1); // XXX d_off
 	      if (! fp) { errno = zzip_errno (stream->dir->errcode); }
 	      return fp;
 	  }
@ -767,7 +767,7 @@ zzip_open_shared_io (ZZIP_FILE* stream,
          if (e) { errno = zzip_errno(e); io->close(fd); return 0; }

          /* (p - basename) is the lenghtof zzip_dir part of the filename */
-          fp = zzip_file_open(dir, filename + (p - basename) +1, o_modes);
+          fp = zzip_file_open(dir, filename + (p - basename) +1, o_modes, -1); // XXX d_off
          if (! fp) { errno = zzip_errno(dir->errcode); }
 	  else { if (! dir->realname) dir->realname = strdup (basename); }

--- a/clamav-devel/libclamav/zziplib/zzip-zip.c
+++ b/clamav-devel/libclamav/zziplib/zzip-zip.c
@ -418,6 +418,11 @@ __zzip_parse_root_directory(int fd,
        hdr->d_csize = ZZIP_GET32(d->z_csize); 
        hdr->d_usize = ZZIP_GET32(d->z_usize); 
        hdr->d_off   = ZZIP_GET32(d->z_off);
+        if(hdr->d_off < 0)
+        {
+                free(hdr0);
+                return ZZIP_DIR_READ;
+        }
        hdr->d_compr = (uint8_t)ZZIP_GET16(d->z_compr);
 	hdr->d_flags = u_flags;

@ -731,6 +736,7 @@ zzip_dir_read(ZZIP_DIR * dir, ZZIP_DIRENT * d )
    d->st_size = dir->hdr->d_usize;
    d->d_name  = dir->hdr->d_name;
    d->d_flags = dir->hdr->d_flags;
+    d->d_off   = dir->hdr->d_off;
    d->d_crc32 = (int) dir->hdr->d_crc32;

    if (! dir->hdr->d_reclen) 
--- a/clamav-devel/libclamav/zziplib/zziplib.h
+++ b/clamav-devel/libclamav/zziplib/zziplib.h
@ -102,6 +102,7 @@ struct zzip_dirent
    unsigned short d_flags;	/* general purpose flags */
    char * 	d_name;		/* file name / strdupped name */
    int	        d_crc32;        /* the adler32-checksum */
+    int	        d_off;          /* the offset in the file */
 };

 /*
@ -187,7 +188,7 @@ void	 	zzip_seekdir(ZZIP_DIR * dir, zzip_off_t offset);
 * zzip/file.c
 */
 _zzip_export
-ZZIP_FILE * 	zzip_file_open(ZZIP_DIR * dir, zzip_char_t* name, int modes);
+ZZIP_FILE * 	zzip_file_open(ZZIP_DIR * dir, zzip_char_t* name, int modes, int d_off);
 _zzip_export
 int  		zzip_file_close(ZZIP_FILE * fp);
 _zzip_export