bb #1570: partition typing and HFS+

12 years ago · 1d1c4b154f
parent 39b6afcdae
commit 1d1c4b154f
16 changed files with 207 additions and 38 deletions
--- a/2
+++ b/2
@ -3423,7 +3423,7 @@ $as_echo "#define PACKAGE PACKAGE_NAME" >>confdefs.h
 VERSION="devel-`date +%Y%m%d`"

 LC_CURRENT=7
-LC_REVISION=11
+LC_REVISION=19
 LC_AGE=1
 LIBCLAMAV_VERSION="$LC_CURRENT":"$LC_REVISION":"$LC_AGE"

--- a/configure.ac
+++ b/configure.ac
@ -46,7 +46,7 @@ VERSION="devel-`date +%Y%m%d`"
 dnl VERSION="0.94rc1"

 LC_CURRENT=7
-LC_REVISION=11
+LC_REVISION=19
 LC_AGE=1
 LIBCLAMAV_VERSION="$LC_CURRENT":"$LC_REVISION":"$LC_AGE"
 AC_SUBST([LIBCLAMAV_VERSION])
--- a/libclamav/Makefile.am
+++ b/libclamav/Makefile.am
@ -377,6 +377,8 @@ libclamav_la_SOURCES = \
 	xar.h \
 	sf_base64decode.c \
 	sf_base64decode.h \
+	hfsplus.c \
+	hfsplus.h \
 	swf.c \
 	swf.h \
 	jpeg.c \
--- a/libclamav/Makefile.in
+++ b/libclamav/Makefile.in
@ -186,8 +186,8 @@ am_libclamav_la_OBJECTS = libclamav_la-matcher-ac.lo \
 	libclamav_la-bytecode_api_decl.lo libclamav_la-cache.lo \
 	libclamav_la-bytecode_detect.lo libclamav_la-events.lo \
 	libclamav_la-dmg.lo libclamav_la-xar.lo \
-	libclamav_la-sf_base64decode.lo libclamav_la-swf.lo \
-	libclamav_la-jpeg.lo libclamav_la-png.lo \
+	libclamav_la-sf_base64decode.lo libclamav_la-hfsplus.lo \
+	libclamav_la-swf.lo libclamav_la-jpeg.lo libclamav_la-png.lo \
 	libclamav_la-iso9660.lo libclamav_la-arc4.lo \
 	libclamav_la-rijndael.lo libclamav_la-crtmgr.lo \
 	libclamav_la-asn1.lo libclamav_la-fp_add.lo \
@ -713,12 +713,12 @@ libclamav_la_SOURCES = clamav.h matcher-ac.c matcher-ac.h matcher-bm.c \
 	bytecode_api_impl.h bytecode_hooks.h cache.c cache.h \
 	bytecode_detect.c bytecode_detect.h builtin_bytecodes.h \
 	events.c events.h dmg.c dmg.h xar.c xar.h sf_base64decode.c \
-	sf_base64decode.h swf.c swf.h jpeg.c jpeg.h png.c png.h \
-	iso9660.c iso9660.h arc4.c arc4.h rijndael.c rijndael.h \
-	crtmgr.c crtmgr.h asn1.c asn1.h bignum.h bignum_fast.h \
-	tomsfastmath/addsub/fp_add.c tomsfastmath/addsub/fp_add_d.c \
-	tomsfastmath/addsub/fp_addmod.c tomsfastmath/addsub/fp_cmp.c \
-	tomsfastmath/addsub/fp_cmp_d.c \
+	sf_base64decode.h hfsplus.c hfsplus.h swf.c swf.h jpeg.c \
+	jpeg.h png.c png.h iso9660.c iso9660.h arc4.c arc4.h \
+	rijndael.c rijndael.h crtmgr.c crtmgr.h asn1.c asn1.h bignum.h \
+	bignum_fast.h tomsfastmath/addsub/fp_add.c \
+	tomsfastmath/addsub/fp_add_d.c tomsfastmath/addsub/fp_addmod.c \
+	tomsfastmath/addsub/fp_cmp.c tomsfastmath/addsub/fp_cmp_d.c \
 	tomsfastmath/addsub/fp_cmp_mag.c tomsfastmath/addsub/fp_sub.c \
 	tomsfastmath/addsub/fp_sub_d.c tomsfastmath/addsub/fp_submod.c \
 	tomsfastmath/addsub/s_fp_add.c tomsfastmath/addsub/s_fp_sub.c \
@ -1028,6 +1028,7 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-fp_unsigned_bin_size.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-fsg.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-hashtab.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-hfsplus.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-htmlnorm.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-infblock.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-inflate64.Plo@am__quote@
@ -1869,6 +1870,13 @@ libclamav_la-sf_base64decode.lo: sf_base64decode.c
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libclamav_la_CFLAGS) $(CFLAGS) -c -o libclamav_la-sf_base64decode.lo `test -f 'sf_base64decode.c' || echo '$(srcdir)/'`sf_base64decode.c

+libclamav_la-hfsplus.lo: hfsplus.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libclamav_la_CFLAGS) $(CFLAGS) -MT libclamav_la-hfsplus.lo -MD -MP -MF $(DEPDIR)/libclamav_la-hfsplus.Tpo -c -o libclamav_la-hfsplus.lo `test -f 'hfsplus.c' || echo '$(srcdir)/'`hfsplus.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libclamav_la-hfsplus.Tpo $(DEPDIR)/libclamav_la-hfsplus.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='hfsplus.c' object='libclamav_la-hfsplus.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libclamav_la_CFLAGS) $(CFLAGS) -c -o libclamav_la-hfsplus.lo `test -f 'hfsplus.c' || echo '$(srcdir)/'`hfsplus.c
+
 libclamav_la-swf.lo: swf.c
@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libclamav_la_CFLAGS) $(CFLAGS) -MT libclamav_la-swf.lo -MD -MP -MF $(DEPDIR)/libclamav_la-swf.Tpo -c -o libclamav_la-swf.lo `test -f 'swf.c' || echo '$(srcdir)/'`swf.c
@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libclamav_la-swf.Tpo $(DEPDIR)/libclamav_la-swf.Plo
--- a/libclamav/dconf.c
+++ b/libclamav/dconf.c
@ -98,6 +98,7 @@ static struct dconf_module modules[] = {
    { "ARCHIVE",    "ISO9660",	    ARCH_CONF_ISO9660,	    1 },
    { "ARCHIVE",    "DMG",	    ARCH_CONF_DMG,	    1 },
    { "ARCHIVE",    "XAR",	    ARCH_CONF_XAR,	    1 },
+    { "ARCHIVE",    "HFSPLUS",	    ARCH_CONF_HFSPLUS,	    1 },

    { "DOCUMENT",   "HTML",	    DOC_CONF_HTML,	    1 },
    { "DOCUMENT",   "RTF",	    DOC_CONF_RTF,	    1 },
--- a/libclamav/dconf.h
+++ b/libclamav/dconf.h
@ -84,6 +84,7 @@ struct cli_dconf {
 #define ARCH_CONF_ISO9660   0x20000
 #define ARCH_CONF_DMG       0x40000
 #define ARCH_CONF_XAR       0x80000
+#define ARCH_CONF_HFSPLUS   0x100000

 /* Document flags */
 #define DOC_CONF_HTML		0x1
--- a/libclamav/dmg.c
+++ b/libclamav/dmg.c
@ -1007,7 +1007,7 @@ static int dmg_handle_mish(cli_ctx *ctx, unsigned int mishblocknum, char *dir,

    /* If okay so far, scan rebuilt partition */
    if (ret == CL_CLEAN) {
-        ; // ret = cli_magic_scandesc(ofd, ctx);
+        ret = cli_partition_scandesc(ofd, ctx);
    }

    close(ofd);
--- a/libclamav/filetypes.c
+++ b/libclamav/filetypes.c
@ -103,6 +103,8 @@ static const struct ftmap_s {
    { "CL_TYPE_JAVA",		CL_TYPE_JAVA		},
    { "CL_TYPE_DMG",		CL_TYPE_DMG		},
    { "CL_TYPE_XAR",		CL_TYPE_XAR		},
+    { "CL_TYPE_PART_ANY",	CL_TYPE_PART_ANY	},
+    { "CL_TYPE_PART_HFSPLUS",	CL_TYPE_PART_HFSPLUS	},
    { NULL,			CL_TYPE_IGNORED		}
 };

@ -139,6 +141,32 @@ void cli_ftfree(const struct cl_engine *engine)
 	mpool_free(engine->mempool, pt->tname);
 	mpool_free(engine->mempool, pt);
    }
+
+    ftypes = engine->ptypes;
+    while(ftypes) {
+	pt = ftypes;
+	ftypes = ftypes->next;
+	mpool_free(engine->mempool, pt->magic);
+	mpool_free(engine->mempool, pt->tname);
+	mpool_free(engine->mempool, pt);
+    }
+}
+
+cli_file_t cli_partitiontype(const unsigned char *buf, size_t buflen, const struct cl_engine *engine)
+{
+    struct cli_ftype *ptype = engine->ptypes;
+
+    while(ptype) {
+	if(ptype->offset + ptype->length <= buflen) {
+	    if(!memcmp(buf + ptype->offset, ptype->magic, ptype->length)) {
+		cli_dbgmsg("Recognized %s partition\n", ptype->tname);
+		return ptype->type;
+	    }
+	}
+	ptype = ptype->next;
+    }
+
+    return CL_TYPE_PART_ANY;
 }

 cli_file_t cli_filetype(const unsigned char *buf, size_t buflen, const struct cl_engine *engine)
@ -161,12 +189,12 @@ cli_file_t cli_filetype(const unsigned char *buf, size_t buflen, const struct cl

 int is_tar(const unsigned char *buf, unsigned int nbytes);

-cli_file_t cli_filetype2(fmap_t *map, const struct cl_engine *engine)
+cli_file_t cli_filetype2(fmap_t *map, const struct cl_engine *engine, cli_file_t basetype)
 {
 	unsigned char buffer[MAGIC_BUFFER_SIZE];
 	const unsigned char *buff;
 	unsigned char *decoded;
-	int bread = MIN(map->len, MAGIC_BUFFER_SIZE), sret;
+	int bread, sret;
 	cli_file_t ret = CL_TYPE_BINARY_DATA;
 	struct cli_matcher *root;
 	struct cli_ac_data mdata;
@ -177,6 +205,17 @@ cli_file_t cli_filetype2(fmap_t *map, const struct cl_engine *engine)
 	return CL_TYPE_ERROR;
    }

+    if(basetype == CL_TYPE_PART_ANY) {
+        bread = MIN(map->len, CL_PART_MBUFF_SIZE);
+    }
+    else {
+        bread = MIN(map->len, CL_FILE_MBUFF_SIZE);
+    }
+    if(bread > MAGIC_BUFFER_SIZE) {
+        /* Save anyone who tampered with the header */
+        bread = MAGIC_BUFFER_SIZE;
+    }
+
    buff = fmap_need_off_once(map, 0, bread);
    if(buff) {
        sret = cli_memcpy(buffer, buff, bread);
@ -188,16 +227,22 @@ cli_file_t cli_filetype2(fmap_t *map, const struct cl_engine *engine)
    } else {
        return CL_TYPE_ERROR;
    }
-    ret = cli_filetype(buff, bread, engine);
-
-    if(ret == CL_TYPE_BINARY_DATA) {
-	switch(is_tar(buff, bread)) {
-	    case 1:
-		cli_dbgmsg("Recognized old fashioned tar file\n");
-		return CL_TYPE_OLD_TAR;
-	    case 2:
-		cli_dbgmsg("Recognized POSIX tar file\n");
-		return CL_TYPE_POSIX_TAR;
+
+    if(basetype == CL_TYPE_PART_ANY) { /* typing a partition */
+        ret = cli_partitiontype(buff, bread, engine);
+    }
+    else { /* typing a file */
+        ret = cli_filetype(buff, bread, engine);
+
+	if(ret == CL_TYPE_BINARY_DATA) {
+	    switch(is_tar(buff, bread)) {
+		case 1:
+		    cli_dbgmsg("Recognized old fashioned tar file\n");
+		    return CL_TYPE_OLD_TAR;
+		case 2:
+		    cli_dbgmsg("Recognized POSIX tar file\n");
+		    return CL_TYPE_POSIX_TAR;
+	    }
 	}
    }

--- a/libclamav/filetypes.h
+++ b/libclamav/filetypes.h
@ -27,7 +27,11 @@
 #include "cltypes.h"
 #include "fmap.h"

-#define MAGIC_BUFFER_SIZE 1024
+#define CL_FILE_MBUFF_SIZE 1024
+#define CL_PART_MBUFF_SIZE 1026
+/* MAGIC_BUFFER_SIZE must be the bigger of the two sizes above */
+#define MAGIC_BUFFER_SIZE 1026
+
 #define CL_TYPENO 500
 #define MAX_EMBEDDED_OBJ 10

@ -76,6 +80,10 @@ typedef enum {
    CL_TYPE_JAVA,
    CL_TYPE_XAR,

+    /* Section for partition types */
+    CL_TYPE_PART_ANY, /* unknown partition type */
+    CL_TYPE_PART_HFSPLUS,
+
    /* bigger numbers have higher priority (in o-t-f detection) */
    CL_TYPE_HTML, /* on the fly */
    CL_TYPE_MAIL,  /* magic + on the fly */
@ -113,7 +121,7 @@ cli_file_t cli_ftcode(const char *name);
 const char *cli_ftname(cli_file_t code);
 void cli_ftfree(const struct cl_engine *engine);
 cli_file_t cli_filetype(const unsigned char *buf, size_t buflen, const struct cl_engine *engine);
-cli_file_t cli_filetype2(fmap_t *map, const struct cl_engine *engine);
+cli_file_t cli_filetype2(fmap_t *map, const struct cl_engine *engine, cli_file_t basetype);
 int cli_addtypesigs(struct cl_engine *engine);

 #endif
--- a/libclamav/filetypes_int.h
+++ b/libclamav/filetypes_int.h
@ -172,8 +172,9 @@ static const char *ftypes_int[] = {
  "1:0:cafebabe0000001?:Universal Binary:CL_TYPE_ANY:CL_TYPE_MACHO_UNIBIN:73",
  "1:0:cafebabe0000002?:Java class file:CL_TYPE_ANY:CL_TYPE_JAVA:73",
  "1:0:cafebabe0000003?:Java class file:CL_TYPE_ANY:CL_TYPE_JAVA:73",
-  "1:EOF-512:6b6f6c79:DMG container file:CL_TYPE_ANY:CL_TYPE_DMG:73",
-  "0:0:78617221:XAR container file:CL_TYPE_ANY:CL_TYPE_XAR:73",
+  "1:EOF-512:6b6f6c79:DMG container file:CL_TYPE_ANY:CL_TYPE_DMG:75",
+  "0:0:78617221:XAR container file:CL_TYPE_ANY:CL_TYPE_XAR:75",
+  "4:1024:482B:HFS+ partition:CL_TYPE_PART_ANY:CL_TYPE_PART_HFSPLUS:75",
  NULL
 };

--- a/libclamav/hfsplus.c
+++ b/libclamav/hfsplus.c
@ -0,0 +1,42 @@
+/*
+ *  Copyright (C) 2013 Sourcefire, Inc.
+ *
+ *  Authors: David Raynor <draynor@sourcefire.com>
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 2 as
+ *  published by the Free Software Foundation.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA 02110-1301, USA.
+ */
+
+#if HAVE_CONFIG_H
+#include "clamav-config.h"
+#endif
+
+#include "cltypes.h"
+#include "others.h"
+#include "hfsplus.h"
+#include "scanners.h"
+
+int cli_scanhfsplus(cli_ctx *ctx)
+{
+    int ret = CL_CLEAN;
+
+    if (!ctx || !ctx->fmap) {
+        cli_errmsg("cli_scanhfsplus: Invalid context\n");
+        return CL_ENULLARG;
+    }
+
+    cli_dbgmsg("cli_scanhfsplus: starting scan\n");
+
+    return ret;
+}
--- a/libclamav/hfsplus.h
+++ b/libclamav/hfsplus.h
@ -0,0 +1,32 @@
+/*
+ *  Copyright (C) 2013 Sourcefire, Inc.
+ *
+ *  Authors: David Raynor <draynor@sourcefire.com>
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 2 as
+ *  published by the Free Software Foundation.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA 02110-1301, USA.
+ */
+
+#ifndef __HFSPLUS_H
+#define __HFSPLUS_H
+
+#if HAVE_CONFIG_H
+#include "clamav-config.h"
+#endif
+
+#include "cltypes.h"
+
+int cli_scanhfsplus(cli_ctx *ctx);
+
+#endif
--- a/libclamav/others.h
+++ b/libclamav/others.h
@ -55,7 +55,7 @@
 * in re-enabling affected modules.
 */

-#define CL_FLEVEL 73
+#define CL_FLEVEL 75
 #define CL_FLEVEL_DCONF	CL_FLEVEL
 #define CL_FLEVEL_SIGTOOL CL_FLEVEL

@ -235,6 +235,7 @@ struct cl_engine {

    /* Filetype definitions */
    struct cli_ftype *ftypes;
+    struct cli_ftype *ptypes;

    /* Ignored signatures */
    struct cli_matcher *ignored;
--- a/libclamav/readdb.c
+++ b/libclamav/readdb.c
@ -1589,7 +1589,7 @@ static int cli_loadftm(FILE *fs, struct cl_engine *engine, unsigned int options,
 	struct cli_ftype *new;
 	cli_file_t rtype, type;
 	int ret;
-
+	int magictype;

    if((ret = cli_initroots(engine, options)))
 	return ret;
@ -1650,11 +1650,12 @@ static int cli_loadftm(FILE *fs, struct cl_engine *engine, unsigned int options,
 	    break;
 	}

-	if(atoi(tokens[0]) == 1) { /* A-C */
+        magictype = atoi(tokens[0]);
+	if(magictype == 1) { /* A-C */
 	    if((ret = cli_parse_add(engine->root[0], tokens[3], tokens[2], rtype, type, tokens[1], 0, NULL, options)))
 		break;

-	} else if(atoi(tokens[0]) == 0) { /* memcmp() */
+	} else if ((magictype == 0) || (magictype == 4)) { /* memcmp() */
 	    if(!cli_isnumber(tokens[1])) {
 		cli_errmsg("cli_loadftm: Invalid offset\n");
 		ret = CL_EMALFDB;
@ -1682,9 +1683,15 @@ static int cli_loadftm(FILE *fs, struct cl_engine *engine, unsigned int options,
 		ret = CL_EMEM;
 		break;
 	    }
-	    new->next = engine->ftypes;
-	    engine->ftypes = new;
-
+            /* files => ftypes, partitions => ptypes */
+	    if(magictype == 4) {
+		new->next = engine->ptypes;
+		engine->ptypes = new;
+	    }
+	    else {
+		new->next = engine->ftypes;
+		engine->ftypes = new;
+            }
 	} else {
 	    cli_dbgmsg("cli_loadftm: Unsupported mode %u\n", atoi(tokens[0]));
 	    continue;
--- a/libclamav/scanners.c
+++ b/libclamav/scanners.c
@ -2327,10 +2327,13 @@ static int magic_scandesc(cli_ctx *ctx, cli_file_t type)
        early_ret_from_magicscan(CL_CLEAN);
    }
    old_hook_lsig_matches = ctx->hook_lsig_matches;
+    if(type == CL_TYPE_PART_ANY) {
+	typercg = 0;
+    }

    perf_start(ctx, PERFT_FT);
-    if(type == CL_TYPE_ANY)
-	type = cli_filetype2(*ctx->fmap, ctx->engine);
+    if((type == CL_TYPE_ANY) || type == CL_TYPE_PART_ANY)
+	type = cli_filetype2(*ctx->fmap, ctx->engine, type);
    perf_stop(ctx, PERFT_FT);
    if(type == CL_TYPE_ERROR) {
 	cli_dbgmsg("cli_magic_scandesc: cli_filetype2 returned CL_TYPE_ERROR\n");
@ -2651,6 +2654,12 @@ static int magic_scandesc(cli_ctx *ctx, cli_file_t type)
 		ret = cli_scanxar(ctx);
 	    break;

+	case CL_TYPE_PART_HFSPLUS:
+	    ctx->container_type = CL_TYPE_PART_HFSPLUS;
+	    if(SCAN_ARCHIVE && (DCONF_ARCH & ARCH_CONF_HFSPLUS))
+		ret = cli_scanhfsplus(ctx);
+	    break;
+
 	case CL_TYPE_BINARY_DATA:
 	case CL_TYPE_TEXT_UTF16BE:
 	    if(SCAN_ALGO && (DCONF_OTHER & OTHER_CONF_MYDOOMLOG))
@ -2793,7 +2802,7 @@ static int magic_scandesc(cli_ctx *ctx, cli_file_t type)
    }
 }

-int cli_magic_scandesc(int desc, cli_ctx *ctx)
+static int cli_base_scandesc(int desc, cli_ctx *ctx, cli_file_t type)
 {
    STATBUF sb;
    int ret;
@ -2821,13 +2830,24 @@ int cli_magic_scandesc(int desc, cli_ctx *ctx)
    }
    perf_stop(ctx, PERFT_MAP);

-    ret = magic_scandesc(ctx, CL_TYPE_ANY);
+    ret = magic_scandesc(ctx, type);

    funmap(*ctx->fmap);
    ctx->fmap--;
    return ret;
 }

+int cli_magic_scandesc(int desc, cli_ctx *ctx)
+{
+    return cli_base_scandesc(desc, ctx, CL_TYPE_ANY);
+}
+
+/* Have to keep partition typing separate */
+int cli_partition_scandesc(int desc, cli_ctx *ctx)
+{
+    return cli_base_scandesc(desc, ctx, CL_TYPE_PART_ANY);
+}
+
 int cli_magic_scandesc_type(cli_ctx *ctx, cli_file_t type)
 {
    return magic_scandesc(ctx, type);
--- a/libclamav/scanners.h
+++ b/libclamav/scanners.h
@ -26,6 +26,7 @@
 #include "filetypes.h"

 int cli_magic_scandesc(int desc, cli_ctx *ctx);
+int cli_partition_scandesc(int desc, cli_ctx *ctx);
 int cli_magic_scandesc_type(cli_ctx *ctx, cli_file_t type);
 int cli_map_scandesc(cl_fmap_t *map, off_t offset, size_t length, cli_ctx *ctx);
 int cli_mem_scandesc(const void *buffer, size_t length, cli_ctx *ctx);