From 5025967e6da6ab735f76696020e0af8c0aeaa62a Mon Sep 17 00:00:00 2001 From: Tomasz Kojm Date: Fri, 22 Feb 2008 00:26:25 +0000 Subject: [PATCH] use limits->maxfiles instead of MAX_EMBEDDED_OBJ for ZIP-SFX git-svn: trunk@3668 --- ChangeLog | 4 ++++ libclamav/filetypes.c | 6 +++--- libclamav/matcher-ac.c | 17 ++++++++++------- libclamav/matcher-ac.h | 2 +- libclamav/matcher.c | 8 ++++---- libclamav/regex_list.c | 2 +- 6 files changed, 23 insertions(+), 16 deletions(-) diff --git a/ChangeLog b/ChangeLog index 227550386..7b8cfe73d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +Fri Feb 22 00:24:41 CET 2008 (tk) +--------------------------------- + * libclamav: use limits->maxfiles instead of MAX_EMBEDDED_OBJ for ZIP-SFX + Thu Feb 21 19:00:45 CET 2008 (tk) --------------------------------- * freshclam/manager.c: keep proper file order when building .cld file diff --git a/libclamav/filetypes.c b/libclamav/filetypes.c index 6c593b246..8dc2fe4f0 100644 --- a/libclamav/filetypes.c +++ b/libclamav/filetypes.c @@ -167,7 +167,7 @@ cli_file_t cli_filetype2(int desc, const struct cl_engine *engine) if(cli_ac_initdata(&mdata, root->ac_partsigs, AC_DEFAULT_TRACKLEN)) return ret; - sret = cli_ac_scanbuff(smallbuff, bread, NULL, engine->root[0], &mdata, 0, ret, desc, NULL, AC_SCAN_FT); + sret = cli_ac_scanbuff(smallbuff, bread, NULL, engine->root[0], &mdata, 0, ret, desc, NULL, AC_SCAN_FT, NULL); cli_ac_freedata(&mdata); @@ -179,7 +179,7 @@ cli_file_t cli_filetype2(int desc, const struct cl_engine *engine) decoded = (unsigned char *) cli_utf16toascii((char *) smallbuff, bread); if(decoded) { - sret = cli_ac_scanbuff(decoded, strlen((char *) decoded), NULL, engine->root[0], &mdata, 0, CL_TYPE_TEXT_ASCII, desc, NULL, AC_SCAN_FT); + sret = cli_ac_scanbuff(decoded, strlen((char *) decoded), NULL, engine->root[0], &mdata, 0, CL_TYPE_TEXT_ASCII, desc, NULL, AC_SCAN_FT, NULL); free(decoded); if(sret == CL_TYPE_HTML) ret = CL_TYPE_HTML_UTF16; @@ -213,7 +213,7 @@ cli_file_t cli_filetype2(int desc, const struct cl_engine *engine) return ret; if(out_area.length > 0) { - sret = cli_ac_scanbuff(decodedbuff, out_area.length, NULL, engine->root[0], &mdata, 0, 0, desc, NULL, AC_SCAN_FT); /* FIXME: can we use CL_TYPE_TEXT_ASCII instead of 0? */ + sret = cli_ac_scanbuff(decodedbuff, out_area.length, NULL, engine->root[0], &mdata, 0, 0, desc, NULL, AC_SCAN_FT, NULL); /* FIXME: can we use CL_TYPE_TEXT_ASCII instead of 0? */ if(sret == CL_TYPE_HTML) { cli_dbgmsg("cli_filetype2: detected HTML signature in Unicode file\n"); /* htmlnorm is able to handle any unicode now, since it skips null chars */ diff --git a/libclamav/matcher-ac.c b/libclamav/matcher-ac.c index e81d911fa..7ef56a75e 100644 --- a/libclamav/matcher-ac.c +++ b/libclamav/matcher-ac.c @@ -539,12 +539,15 @@ void cli_ac_freedata(struct cli_ac_data *data) } } -inline static int ac_addtype(struct cli_matched_type **list, cli_file_t type, off_t offset) +inline static int ac_addtype(struct cli_matched_type **list, cli_file_t type, off_t offset, const cli_ctx *ctx) { struct cli_matched_type *tnode, *tnode_last; - if(*list && (*list)->cnt >= MAX_EMBEDDED_OBJ) + if(type == CL_TYPE_ZIPSFX) { + if(*list && ctx && ctx->limits && ctx->limits->maxfiles && (*list)->cnt > ctx->limits->maxfiles) + return CL_SUCCESS; + } else if(*list && (*list)->cnt >= MAX_EMBEDDED_OBJ) return CL_SUCCESS; if(!(tnode = cli_calloc(1, sizeof(struct cli_matched_type)))) { @@ -568,7 +571,7 @@ inline static int ac_addtype(struct cli_matched_type **list, cli_file_t type, of return CL_SUCCESS; } -int cli_ac_scanbuff(const unsigned char *buffer, uint32_t length, const char **virname, const struct cli_matcher *root, struct cli_ac_data *mdata, uint32_t offset, cli_file_t ftype, int fd, struct cli_matched_type **ftoffset, unsigned int mode) +int cli_ac_scanbuff(const unsigned char *buffer, uint32_t length, const char **virname, const struct cli_matcher *root, struct cli_ac_data *mdata, uint32_t offset, cli_file_t ftype, int fd, struct cli_matched_type **ftoffset, unsigned int mode, const cli_ctx *ctx) { struct cli_ac_node *current; struct cli_ac_patt *patt, *pt; @@ -687,10 +690,10 @@ int cli_ac_scanbuff(const unsigned char *buffer, uint32_t length, const char **v if((pt->type > type || pt->type >= CL_TYPE_SFX || pt->type == CL_TYPE_MSEXE) && (!pt->rtype || ftype == pt->rtype)) { cli_dbgmsg("Matched signature for file type %s\n", pt->virname); type = pt->type; - if(ftoffset && (!*ftoffset || (*ftoffset)->cnt < MAX_EMBEDDED_OBJ) && ((ftype == CL_TYPE_MSEXE && type >= CL_TYPE_SFX) || ((ftype == CL_TYPE_MSEXE || ftype == CL_TYPE_ZIP) && type == CL_TYPE_MSEXE))) { + if(ftoffset && (!*ftoffset || (*ftoffset)->cnt < MAX_EMBEDDED_OBJ || type == CL_TYPE_ZIPSFX) && ((ftype == CL_TYPE_MSEXE && type >= CL_TYPE_SFX) || ((ftype == CL_TYPE_MSEXE || ftype == CL_TYPE_ZIP) && type == CL_TYPE_MSEXE))) { /* FIXME: we don't know which offset of the first part is the correct one */ for(j = 1; j <= AC_DEFAULT_TRACKLEN && offmatrix[0][j] != -1; j++) { - if(ac_addtype(ftoffset, type, offmatrix[pt->parts - 1][j])) { + if(ac_addtype(ftoffset, type, offmatrix[pt->parts - 1][j], ctx)) { if(info.exeinfo.section) free(info.exeinfo.section); return CL_EMEM; @@ -725,9 +728,9 @@ int cli_ac_scanbuff(const unsigned char *buffer, uint32_t length, const char **v if((pt->type > type || pt->type >= CL_TYPE_SFX || pt->type == CL_TYPE_MSEXE) && (!pt->rtype || ftype == pt->rtype)) { cli_dbgmsg("Matched signature for file type %s at %u\n", pt->virname, realoff); type = pt->type; - if(ftoffset && (!*ftoffset || (*ftoffset)->cnt < MAX_EMBEDDED_OBJ) && ((ftype == CL_TYPE_MSEXE && type >= CL_TYPE_SFX) || ((ftype == CL_TYPE_MSEXE || ftype == CL_TYPE_ZIP) && type == CL_TYPE_MSEXE))) { + if(ftoffset && (!*ftoffset || (*ftoffset)->cnt < MAX_EMBEDDED_OBJ || type == CL_TYPE_ZIPSFX) && ((ftype == CL_TYPE_MSEXE && type >= CL_TYPE_SFX) || ((ftype == CL_TYPE_MSEXE || ftype == CL_TYPE_ZIP) && type == CL_TYPE_MSEXE))) { - if(ac_addtype(ftoffset, type, realoff)) { + if(ac_addtype(ftoffset, type, realoff, ctx)) { if(info.exeinfo.section) free(info.exeinfo.section); return CL_EMEM; diff --git a/libclamav/matcher-ac.h b/libclamav/matcher-ac.h index ebbce0feb..ae2e3a6a1 100644 --- a/libclamav/matcher-ac.h +++ b/libclamav/matcher-ac.h @@ -75,7 +75,7 @@ struct cli_ac_node { int cli_ac_addpatt(struct cli_matcher *root, struct cli_ac_patt *pattern); int cli_ac_initdata(struct cli_ac_data *data, uint32_t partsigs, uint8_t tracklen); void cli_ac_freedata(struct cli_ac_data *data); -int cli_ac_scanbuff(const unsigned char *buffer, uint32_t length, const char **virname, const struct cli_matcher *root, struct cli_ac_data *mdata, uint32_t offset, cli_file_t ftype, int fd, struct cli_matched_type **ftoffset, unsigned int mode); +int cli_ac_scanbuff(const unsigned char *buffer, uint32_t length, const char **virname, const struct cli_matcher *root, struct cli_ac_data *mdata, uint32_t offset, cli_file_t ftype, int fd, struct cli_matched_type **ftoffset, unsigned int mode, const cli_ctx *ctx); int cli_ac_buildtrie(struct cli_matcher *root); int cli_ac_init(struct cli_matcher *root, uint8_t mindepth, uint8_t maxdepth); void cli_ac_free(struct cli_matcher *root); diff --git a/libclamav/matcher.c b/libclamav/matcher.c index 47052d952..febd56e7e 100644 --- a/libclamav/matcher.c +++ b/libclamav/matcher.c @@ -77,7 +77,7 @@ int cli_scanbuff(const unsigned char *buffer, uint32_t length, cli_ctx *ctx, cli return ret; if(troot->ac_only || (ret = cli_bm_scanbuff(buffer, length, virname, troot, 0, ftype, -1)) != CL_VIRUS) - ret = cli_ac_scanbuff(buffer, length, virname, troot, &mdata, 0, ftype, -1, NULL, AC_SCAN_VIR); + ret = cli_ac_scanbuff(buffer, length, virname, troot, &mdata, 0, ftype, -1, NULL, AC_SCAN_VIR, NULL); cli_ac_freedata(&mdata); @@ -89,7 +89,7 @@ int cli_scanbuff(const unsigned char *buffer, uint32_t length, cli_ctx *ctx, cli return ret; if(groot->ac_only || (ret = cli_bm_scanbuff(buffer, length, virname, groot, 0, ftype, -1)) != CL_VIRUS) - ret = cli_ac_scanbuff(buffer, length, virname, groot, &mdata, 0, ftype, -1, NULL, AC_SCAN_VIR); + ret = cli_ac_scanbuff(buffer, length, virname, groot, &mdata, 0, ftype, -1, NULL, AC_SCAN_VIR, NULL); cli_ac_freedata(&mdata); @@ -325,7 +325,7 @@ int cli_scandesc(int desc, cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struc if(troot) { if(troot->ac_only || (ret = cli_bm_scanbuff(upt, length, ctx->virname, troot, offset, ftype, desc)) != CL_VIRUS) - ret = cli_ac_scanbuff(upt, length, ctx->virname, troot, &tdata, offset, ftype, desc, ftoffset, acmode); + ret = cli_ac_scanbuff(upt, length, ctx->virname, troot, &tdata, offset, ftype, desc, ftoffset, acmode, NULL); if(ret == CL_VIRUS) { free(buffer); @@ -343,7 +343,7 @@ int cli_scandesc(int desc, cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struc if(!ftonly) { if(groot->ac_only || (ret = cli_bm_scanbuff(upt, length, ctx->virname, groot, offset, ftype, desc)) != CL_VIRUS) - ret = cli_ac_scanbuff(upt, length, ctx->virname, groot, &gdata, offset, ftype, desc, ftoffset, acmode); + ret = cli_ac_scanbuff(upt, length, ctx->virname, groot, &gdata, offset, ftype, desc, ftoffset, acmode, NULL); if(ret == CL_VIRUS) { free(buffer); diff --git a/libclamav/regex_list.c b/libclamav/regex_list.c index 08f733406..41c77d13c 100644 --- a/libclamav/regex_list.c +++ b/libclamav/regex_list.c @@ -287,7 +287,7 @@ int regex_list_match(struct regex_matcher* matcher,char* real_url,const char* di for(i = 0; i < matcher->root_hosts_cnt; i++) { /* doesn't need to match terminating \0*/ - rc = cli_ac_scanbuff((unsigned char*)buffer,buffer_len,info, &matcher->root_hosts[i] ,&mdata,0,0,-1,NULL,AC_SCAN_VIR); + rc = cli_ac_scanbuff((unsigned char*)buffer,buffer_len,info, &matcher->root_hosts[i] ,&mdata,0,0,-1,NULL,AC_SCAN_VIR,NULL); cli_ac_freedata(&mdata); if(rc) { char c;