open-dsi
/
clamav
mirror of https://github.com/Cisco-Talos/clamav
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Switch the engine to using cli_strlcat instead of strcat

Browse Source
pull/18/head
Shawn Webb 11 years ago
parent 96ff19a19e
commit 1f271616be
4 changed files with 25 additions and 18 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 10
      libclamav/matcher-ac.c
  2. 15
      libclamav/mbox.c
  3. 9
      libclamav/message.c
  4. 9
      libclamav/readdb.c

10
libclamav/matcher-ac.c
Unescape View File

@ -1577,6 +1577,7 @@ int cli_ac_addsig(struct cli_matcher *root, const char *virname, const char *hex
if(strchr(hexsig, '(')) { if(strchr(hexsig, '(')) {
char *hexnew, *start, *h, *c; char *hexnew, *start, *h, *c;
size_t hexnewsz;
if(hex) { if(hex) {
hexcpy = hex; hexcpy = hex;
@ -1585,7 +1586,8 @@ int cli_ac_addsig(struct cli_matcher *root, const char *virname, const char *hex
return CL_EMEM; return CL_EMEM;
} }
if(!(hexnew = (char *) cli_calloc(strlen(hexsig) + 1, 1))) { hexnewsz = strlen(hexsig) + 1;
if(!(hexnew = (char *) cli_calloc(1, hexnewsz))) {
free(new); free(new);
free(hexcpy); free(hexcpy);
return CL_EMEM; return CL_EMEM;
@ -1611,7 +1613,7 @@ int cli_ac_addsig(struct cli_matcher *root, const char *virname, const char *hex
pt[-2] = 0; pt[-2] = 0;
} }
} }
strcat(hexnew, start); cli_strlcat(hexnew, start, hexnewsz);
if(!(start = strchr(pt, ')'))) { if(!(start = strchr(pt, ')'))) {
mpool_free(root->mempool, newspecial); mpool_free(root->mempool, newspecial);
@ -1654,7 +1656,7 @@ int cli_ac_addsig(struct cli_matcher *root, const char *virname, const char *hex
continue; continue;
} }
} }
strcat(hexnew, "()"); cli_strlcat(hexnew, "()", hexnewsz);
new->special++; new->special++;
newtable = (struct cli_ac_special **) mpool_realloc(root->mempool, new->special_table, new->special * sizeof(struct cli_ac_special *)); newtable = (struct cli_ac_special **) mpool_realloc(root->mempool, new->special_table, new->special * sizeof(struct cli_ac_special *));
if(!newtable) { if(!newtable) {
@ -1746,7 +1748,7 @@ int cli_ac_addsig(struct cli_matcher *root, const char *virname, const char *hex
} }
if(start) if(start)
strcat(hexnew, start); cli_strlcat(hexnew, start, hexnewsz);
hex = hexnew; hex = hexnew;
free(hexcpy); free(hexcpy);

15
libclamav/mbox.c
Unescape View File

@ -697,12 +697,12 @@ parseEmailFile(fmap_t *map, size_t *at, const table_t *rfc821, const char *first
break; break;
} }
} else if(line != NULL) { } else if(line != NULL) {
fulllinelength += strlen(line); fulllinelength += strlen(line) + 1;
ptr = cli_realloc(fullline, fulllinelength); ptr = cli_realloc(fullline, fulllinelength);
if(ptr == NULL) if(ptr == NULL)
continue; continue;
fullline = ptr; fullline = ptr;
strcat(fullline, line); cli_strlcat(fullline, line, fulllinelength);
} }
assert(fullline != NULL); assert(fullline != NULL);
@ -902,12 +902,12 @@ parseEmailHeaders(message *m, const table_t *rfc821)
fullline = cli_strdup(line); fullline = cli_strdup(line);
fulllinelength = strlen(line) + 1; fulllinelength = strlen(line) + 1;
} else if(line) { } else if(line) {
fulllinelength += strlen(line); fulllinelength += strlen(line) + 1;
ptr = cli_realloc(fullline, fulllinelength); ptr = cli_realloc(fullline, fulllinelength);
if(ptr == NULL) if(ptr == NULL)
continue; continue;
fullline = ptr; fullline = ptr;
strcat(fullline, line); cli_strlcat(fullline, line, fulllinelength);
} }
assert(fullline != NULL); assert(fullline != NULL);
@ -1456,6 +1456,7 @@ parseEmailBody(message *messageIn, text *textIn, mbox_ctx *mctx, unsigned int re
*/ */
while(t_line && next_is_folded_header(t_line)) { while(t_line && next_is_folded_header(t_line)) {
const char *data; const char *data;
size_t datasz;
t_line = t_line->t_next; t_line = t_line->t_next;
@ -1474,14 +1475,14 @@ parseEmailBody(message *messageIn, text *textIn, mbox_ctx *mctx, unsigned int re
break; break;
} }
ptr = cli_realloc(fullline, datasz = strlen(fullline) + strlen(data) + 1;
strlen(fullline) + strlen(data) + 1); ptr = cli_realloc(fullline, datasz);
if(ptr == NULL) if(ptr == NULL)
break; break;
fullline = ptr; fullline = ptr;
strcat(fullline, data); cli_strlcat(fullline, data, datasz);
/*quotes = count_quotes(data);*/ /*quotes = count_quotes(data);*/
} }

9
libclamav/message.c
Unescape View File

@ -480,6 +480,7 @@ messageAddArguments(message *m, const char *s)
while(*string) { while(*string) {
const char *key, *cptr; const char *key, *cptr;
char *data, *field; char *data, *field;
size_t datasz=0;
if(isspace(*string & 0xff) || (*string == ';')) { if(isspace(*string & 0xff) || (*string == ';')) {
string++; string++;
@ -592,12 +593,14 @@ messageAddArguments(message *m, const char *s)
*ptr = '\0'; *ptr = '\0';
datasz = strlen(kcopy) + strlen(data) + 2;
field = cli_realloc(kcopy, strlen(kcopy) + strlen(data) + 2); field = cli_realloc(kcopy, strlen(kcopy) + strlen(data) + 2);
if(field) { if(field) {
strcat(field, "="); cli_strlcat(field, "=", datasz);
strcat(field, data); cli_strlcat(field, data, datasz);
} else } else {
free(kcopy); free(kcopy);
}
free(data); free(data);
} else { } else {
size_t len; size_t len;

9
libclamav/readdb.c
Unescape View File

@ -117,7 +117,7 @@ int cli_parse_add(struct cli_matcher *root, const char *virname, const char *hex
int ret, asterisk = 0, range; int ret, asterisk = 0, range;
unsigned int i, j, hexlen, parts = 0; unsigned int i, j, hexlen, parts = 0;
int mindist = 0, maxdist = 0, error = 0; int mindist = 0, maxdist = 0, error = 0;
size_t hexcpysz;
hexlen = strlen(hexsig); hexlen = strlen(hexsig);
if (hexsig[0] == '$') { if (hexsig[0] == '$') {
@ -165,18 +165,19 @@ int cli_parse_add(struct cli_matcher *root, const char *virname, const char *hex
} }
if((wild = strchr(hexsig, '{'))) { if((wild = strchr(hexsig, '{'))) {
if(sscanf(wild, "%c%u%c", &l, &range, &r) == 3 && l == '{' && r == '}' && range > 0 && range < 128) { if(sscanf(wild, "%c%u%c", &l, &range, &r) == 3 && l == '{' && r == '}' && range > 0 && range < 128) {
hexcpy = cli_calloc(hexlen + 2 * range, sizeof(char)); hexcpysz = hexlen + 2 * range;
hexcpy = cli_calloc(1, hexcpysz);
if(!hexcpy) if(!hexcpy)
return CL_EMEM; return CL_EMEM;
strncpy(hexcpy, hexsig, wild - hexsig); strncpy(hexcpy, hexsig, wild - hexsig);
for(i = 0; i < (unsigned int) range; i++) for(i = 0; i < (unsigned int) range; i++)
strcat(hexcpy, "??"); cli_strlcat(hexcpy, "??", hexcpysz);
if(!(wild = strchr(wild, '}'))) { if(!(wild = strchr(wild, '}'))) {
cli_errmsg("cli_parse_add(): Problem adding signature: missing bracket\n"); cli_errmsg("cli_parse_add(): Problem adding signature: missing bracket\n");
free(hexcpy); free(hexcpy);
return CL_EMALFDB; return CL_EMALFDB;
} }
strcat(hexcpy, ++wild); cli_strlcat(hexcpy, ++wild, hexcpysz);
ret = cli_parse_add(root, virname, hexcpy, rtype, type, offset, target, lsigid, options); ret = cli_parse_add(root, virname, hexcpy, rtype, type, offset, target, lsigid, options);
free(hexcpy); free(hexcpy);
return ret; return ret;

Write Preview
Loading…
Cancel
Save