open-dsi
/
clamav
mirror of https://github.com/Cisco-Talos/clamav
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Rename clamav memory allocation functions

Browse Source 
We have some special functions to wrap malloc, calloc, and realloc to
make sure we don't allocate more than some limit, similar to the
max-filesize and max-scansize limits. Our wrappers are really only
needed when allocating memory for scans based on untrusted user input,
where a scan file could have bytes that claim you need to allocate
some ridiculous amount of memory. Right now they're named:
- cli_malloc
- cli_calloc
- cli_realloc
- cli_realloc2

... and these names do not convey their purpose

This commit renames them to:
- cli_max_malloc
- cli_max_calloc
- cli_max_realloc
- cli_max_realloc2

The realloc ones also have an additional feature in that they will not
free your pointer if you try to realloc to 0 bytes. Freeing the memory
is undefined by the C spec, and only done with some realloc
implementations, so this stabilizes on the behavior of not doing that,
which should prevent accidental double-free's.

So for the case where you may want to realloc and do not need to have a
maximum, this commit adds the following functions:
- cli_safer_realloc
- cli_safer_realloc2

These are used for the MPOOL_REALLOC and MPOOL_REALLOC2 macros when
MPOOL is disabled (e.g. because mmap-support is not found), so as to
match the behavior in the mpool_realloc/2 functions that do not make use
of the allocation-limit.
pull/859/head^2
Micah Snyder 3 years ago committed by Micah Snyder
parent 6d6e04ddf8
commit 8e04c25fec
88 changed files with 667 additions and 558 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      clambc/bcrun.c
  2. 4
      clamonacc/inotif/hash.c
  3. 10
      clamonacc/inotif/inotif.c
  4. 2
      clamonacc/misc/utils.c
  5. 2
      common/scanmem.c
  6. 6
      freshclam/freshclam.c
  7. 2
      libclamav/7z_iface.c
  8. 4
      libclamav/aspack.c
  9. 26
      libclamav/autoit.c
  10. 14
      libclamav/blob.c
  11. 72
      libclamav/bytecode.c
  12. 32
      libclamav/bytecode_api.c
  13. 4
      libclamav/bytecode_vm.c
  14. 4
      libclamav/cvd.c
  15. 4
      libclamav/dmg.c
  16. 2
      libclamav/dsig.c
  17. 110
      libclamav/egg.c
  18. 12
      libclamav/elf.c
  19. 22
      libclamav/entconv.c
  20. 8
      libclamav/events.c
  21. 4
      libclamav/fmap.c
  22. 18
      libclamav/hashtab.c
  23. 6
      libclamav/hfsplus.c
  24. 18
      libclamav/htmlnorm.c
  25. 8
      libclamav/hwp.c
  26. 2
      libclamav/inflate64.c
  27. 2
      libclamav/ishield.c
  28. 2
      libclamav/json_api.c
  29. 8
      libclamav/jsparse/js-norm.c
  30. 2
      libclamav/jsparse/textbuf.h
  31. 7
      libclamav/libclamav.map
  32. 2
      libclamav/line.c
  33. 2
      libclamav/lzma_iface.c
  34. 4
      libclamav/lzw/lzwdec.c
  35. 2
      libclamav/macho.c
  36. 38
      libclamav/matcher-ac.c
  37. 4
      libclamav/matcher-bm.c
  38. 6
      libclamav/matcher-byte-comp.c
  39. 4
      libclamav/matcher-pcre.c
  40. 18
      libclamav/mbox.c
  41. 14
      libclamav/message.c
  42. 2
      libclamav/mew.c
  43. 4
      libclamav/mpool.h
  44. 12
      libclamav/msdoc.c
  45. 2
      libclamav/nsis/bzlib.c
  46. 20
      libclamav/ole2_extract.c
  47. 12
      libclamav/others.c
  48. 123
      libclamav/others.h
  49. 110
      libclamav/others_common.c
  50. 32
      libclamav/pdf.c
  51. 20
      libclamav/pdfdecode.c
  52. 29
      libclamav/pdfng.c
  53. 48
      libclamav/pe.c
  54. 8
      libclamav/pe_icons.c
  55. 2
      libclamav/petite.c
  56. 6
      libclamav/phishcheck.c
  57. 48
      libclamav/readdb.c
  58. 2
      libclamav/rebuildpe.c
  59. 6
      libclamav/regex/engine.c
  60. 14
      libclamav/regex/regcomp.c
  61. 2
      libclamav/regex/regexec.c
  62. 12
      libclamav/regex_list.c
  63. 6
      libclamav/regex_pcre.c
  64. 2
      libclamav/regex_suffix.c
  65. 6
      libclamav/rtf.c
  66. 14
      libclamav/scanners.c
  67. 12
      libclamav/sis.c
  68. 12
      libclamav/spin.c
  69. 16
      libclamav/str.c
  70. 4
      libclamav/tnef.c
  71. 12
      libclamav/udf.c
  72. 12
      libclamav/unarj.c
  73. 2
      libclamav/uniq.c
  74. 2
      libclamav/unsp.c
  75. 2
      libclamav/unzip.c
  76. 4
      libclamav/upx.c
  77. 24
      libclamav/vba_extract.c
  78. 2
      libclamav/wwunpack.c
  79. 4
      libclamav/www.c
  80. 4
      libclamav/xar.c
  81. 4
      libclamav/xlm_extract.c
  82. 2
      libclamav/xz_iface.c
  83. 4
      libclamav/yara_clam.h
  84. 2
      libfreshclam/libfreshclam.c
  85. 18
      sigtool/sigtool.c
  86. 8
      unit_tests/check_bytecode.c
  87. 12
      unit_tests/check_clamav.c
  88. 8
      unit_tests/check_matchers.c

2
clambc/bcrun.c
Unescape View File

@ -399,7 +399,7 @@ int main(int argc, char *argv[])
cctx.evidence = evidence_new();
cctx.recursion_stack_size = cctx.engine->max_recursion_level;
cctx.recursion_stack = cli_calloc(sizeof(recursion_level_t), cctx.recursion_stack_size);
cctx.recursion_stack = cli_max_calloc(sizeof(recursion_level_t), cctx.recursion_stack_size);
if (!cctx.recursion_stack) {
fprintf(stderr, "Out of memory\n");
exit(3);

4
clamonacc/inotif/hash.c
Unescape View File

@ -145,7 +145,7 @@ int onas_ht_init(struct onas_ht **ht, uint32_t size)
.nbckts = 0,
};
if (!((*ht)->htable = (struct onas_bucket **)cli_calloc(size, sizeof(struct onas_bucket *)))) {
if (!((*ht)->htable = (struct onas_bucket **)cli_max_calloc(size, sizeof(struct onas_bucket *)))) {
onas_free_ht(*ht);
return CL_EMEM;
}
@ -794,7 +794,7 @@ int onas_ht_rm_hierarchy(struct onas_ht *ht, const char *pathname, size_t len, i
curr = curr->next;
size_t size = len + strlen(curr->dirname) + 2;
char *child_path = (char *)cli_malloc(size);
char *child_path = (char *)cli_max_malloc(size);
if (child_path == NULL)
return CL_EMEM;
if (hnode->pathname[len - 1] == '/')

10
clamonacc/inotif/inotif.c
Unescape View File

@ -105,7 +105,7 @@ static int onas_ddd_init_wdlt(uint64_t nwatches)
if (nwatches <= 0) return CL_EARG;
wdlt = (char **)cli_calloc(nwatches << 1, sizeof(char *));
wdlt = (char **)cli_max_calloc(nwatches << 1, sizeof(char *));
if (!wdlt) return CL_EMEM;
wdlt_len = nwatches << 1;
@ -121,7 +121,7 @@ static int onas_ddd_grow_wdlt(void)
char **ptr = NULL;
ptr = (char **)cli_realloc(wdlt, wdlt_len << 1);
ptr = (char **)cli_max_realloc(wdlt, wdlt_len << 1);
if (ptr) {
wdlt = ptr;
memset(&ptr[wdlt_len], 0, sizeof(char *) * (wdlt_len - 1));
@ -243,7 +243,7 @@ static int onas_ddd_watch_hierarchy(const char *pathname, size_t len, int fd, ui
curr = curr->next;
size_t size = len + strlen(curr->dirname) + 2;
char *child_path = (char *)cli_malloc(size);
char *child_path = (char *)cli_max_malloc(size);
if (child_path == NULL) {
logg(LOGG_ERROR, "ClamInotif: out of memory when adding child for %s\n", hnode->pathname);
return CL_EMEM;
@ -330,7 +330,7 @@ static int onas_ddd_unwatch_hierarchy(const char *pathname, size_t len, int fd,
curr = curr->next;
size_t size = len + strlen(curr->dirname) + 2;
char *child_path = (char *)cli_malloc(size);
char *child_path = (char *)cli_max_malloc(size);
if (child_path == NULL)
return CL_EMEM;
if (hnode->pathname[len - 1] == '/')
@ -679,7 +679,7 @@ void *onas_ddd_th(void *arg)
} else {
len = strlen(path);
size_t size = strlen(child) + len + 2;
char *child_path = (char *)cli_malloc(size);
char *child_path = (char *)cli_max_malloc(size);
if (child_path == NULL) {
logg(LOGG_DEBUG, "ClamInotif: could not allocate space for child path ... aborting\n");
return NULL;

2
clamonacc/misc/utils.c
Unescape View File

@ -206,7 +206,7 @@ char **onas_get_opt_list(const char *fname, int *num_entries, cl_error_t *err)
}
(*num_entries)++;
rlc_ptr = cli_realloc(opt_list, sizeof(char *) * (*num_entries + 1));
rlc_ptr = cli_max_realloc(opt_list, sizeof(char *) * (*num_entries + 1));
if (rlc_ptr) {
opt_list = rlc_ptr;
opt_list[*num_entries] = NULL;

2
common/scanmem.c
Unescape View File

@ -101,7 +101,7 @@ static inline char *wc2mb(const wchar_t *wc, DWORD flags)
return NULL;
}
mb = cli_malloc(len + 1);
mb = cli_max_malloc(len + 1);
if (!mb) return NULL;
res = WideCharToMultiByte(CP_ACP, flags, wc, -1, mb, len, NULL, &invalid);

6
freshclam/freshclam.c
Unescape View File

@ -535,7 +535,7 @@ static fc_error_t string_list_add(const char *item, char ***stringList, uint32_t
}
nItems = *nListItems + 1;
newList = (char **)cli_realloc(*stringList, nItems * sizeof(char *));
newList = (char **)cli_max_realloc(*stringList, nItems * sizeof(char *));
if (newList == NULL) {
mprintf(LOGG_ERROR, "string_list_add: Failed to allocate memory for optional database list entry.\n");
status = FC_EMEM;
@ -1142,7 +1142,7 @@ fc_error_t select_from_official_databases(
goto done;
}
selectedDatabases = cli_calloc(nStandardDatabases + nOptionalDatabases, sizeof(char *));
selectedDatabases = cli_max_calloc(nStandardDatabases + nOptionalDatabases, sizeof(char *));
/*
* Select desired standard databases.
@ -1261,7 +1261,7 @@ fc_error_t select_specific_databases(
*databaseList = NULL;
*nDatabases = 0;
selectedDatabases = cli_calloc(nSpecificDatabases, sizeof(char *));
selectedDatabases = cli_max_calloc(nSpecificDatabases, sizeof(char *));
/*
* Get lists of available databases.

2
libclamav/7z_iface.c
Unescape View File

@ -144,7 +144,7 @@ int cli_7unz(cli_ctx *ctx, size_t offset)
if (newnamelen > namelen) {
if (namelen > UTFBUFSZ)
free(utf16name);
utf16name = cli_malloc(newnamelen * 2);
utf16name = cli_max_malloc(newnamelen * 2);
if (!utf16name) {
found = CL_EMEM;
break;

4
libclamav/aspack.c
Unescape View File

@ -426,7 +426,7 @@ int unaspack(uint8_t *image, unsigned int size, struct cli_exe_section *sections
while (CLI_ISCONTAINED(image, size, blocks, 8) && (block_rva = cli_readint32(blocks)) && (block_size = cli_readint32(blocks + 4)) && CLI_ISCONTAINED(image, size, image + block_rva, block_size)) {
cli_dbgmsg("Aspack: unpacking block rva:%x - sz:%x\n", block_rva, block_size);
wrkbuf = (uint8_t *)cli_calloc(block_size + 0x10e, sizeof(uint8_t));
wrkbuf = (uint8_t *)cli_max_calloc(block_size + 0x10e, sizeof(uint8_t));
if (!wrkbuf) {
cli_dbgmsg("Aspack: Null work buff\n");
@ -484,7 +484,7 @@ int unaspack(uint8_t *image, unsigned int size, struct cli_exe_section *sections
if (sectcount > 2 && ep == sections[sectcount - 2].rva && !sections[sectcount - 1].rsz) {
sectcount -= 2;
}
if (!(outsects = cli_malloc(sizeof(struct cli_exe_section) * sectcount))) {
if (!(outsects = cli_max_malloc(sizeof(struct cli_exe_section) * sectcount))) {
cli_dbgmsg("Aspack: OOM - rebuild failed\n");
cli_writen(f, image, size);
return 1; /* No whatsoheader - won't infloop in pe.c */

26
libclamav/autoit.c
Unescape View File

@ -741,7 +741,7 @@ static cl_error_t ea05(cli_ctx *ctx, const uint8_t *base, char *tmpd)
continue;
}
if (!(UNP.inputbuf = cli_malloc(UNP.csize))) {
if (!(UNP.inputbuf = cli_max_malloc(UNP.csize))) {
status = CL_EMEM;
goto done;
}
@ -780,7 +780,7 @@ static cl_error_t ea05(cli_ctx *ctx, const uint8_t *base, char *tmpd)
continue;
}
if (!(UNP.outputbuf = cli_malloc(UNP.usize))) {
if (!(UNP.outputbuf = cli_max_malloc(UNP.usize))) {
status = CL_EMEM;
goto done;
}
@ -1144,7 +1144,7 @@ static int ea06(cli_ctx *ctx, const uint8_t *base, char *tmpd)
files++;
if (!(UNP.inputbuf = cli_malloc(UNP.csize))) {
if (!(UNP.inputbuf = cli_max_malloc(UNP.csize))) {
return CL_EMEM;
}
@ -1177,7 +1177,7 @@ static int ea06(cli_ctx *ctx, const uint8_t *base, char *tmpd)
continue;
}
if (!(UNP.outputbuf = cli_malloc(UNP.usize))) {
if (!(UNP.outputbuf = cli_max_malloc(UNP.usize))) {
free(UNP.inputbuf);
return CL_EMEM;
}
@ -1256,7 +1256,7 @@ static int ea06(cli_ctx *ctx, const uint8_t *base, char *tmpd)
/* From here on, we'll reuse csize to be the size of the
* output buffer */
UNP.csize = UNP.usize;
if (!(buf = cli_malloc(UNP.csize))) {
if (!(buf = cli_max_malloc(UNP.csize))) {
free(UNP.outputbuf);
return CL_EMEM;
}
@ -1294,7 +1294,7 @@ static int ea06(cli_ctx *ctx, const uint8_t *base, char *tmpd)
if (UNP.cur_output + keyword_len + 2 >= UNP.csize) {
uint8_t *newout;
UNP.csize += 512;
if (!(newout = cli_realloc(buf, UNP.csize))) {
if (!(newout = cli_max_realloc(buf, UNP.csize))) {
UNP.error = 1;
break;
}
@ -1333,7 +1333,7 @@ static int ea06(cli_ctx *ctx, const uint8_t *base, char *tmpd)
if (UNP.cur_output + function_len + 2 >= UNP.csize) {
uint8_t *newout;
UNP.csize += 512;
if (!(newout = cli_realloc(buf, UNP.csize))) {
if (!(newout = cli_max_realloc(buf, UNP.csize))) {
UNP.error = 1;
break;
}
@ -1360,7 +1360,7 @@ static int ea06(cli_ctx *ctx, const uint8_t *base, char *tmpd)
if (UNP.cur_output + 12 >= UNP.csize) {
uint8_t *newout;
UNP.csize += 512;
if (!(newout = cli_realloc(buf, UNP.csize))) {
if (!(newout = cli_max_realloc(buf, UNP.csize))) {
UNP.error = 1;
break;
}
@ -1384,7 +1384,7 @@ static int ea06(cli_ctx *ctx, const uint8_t *base, char *tmpd)
if (UNP.cur_output + 20 >= UNP.csize) {
uint8_t *newout;
UNP.csize += 512;
if (!(newout = cli_realloc(buf, UNP.csize))) {
if (!(newout = cli_max_realloc(buf, UNP.csize))) {
UNP.error = 1;
break;
}
@ -1410,7 +1410,7 @@ static int ea06(cli_ctx *ctx, const uint8_t *base, char *tmpd)
if (UNP.cur_output + 40 >= UNP.csize) {
uint8_t *newout;
UNP.csize += 512;
if (!(newout = cli_realloc(buf, UNP.csize))) {
if (!(newout = cli_max_realloc(buf, UNP.csize))) {
UNP.error = 1;
break;
}
@ -1467,7 +1467,7 @@ static int ea06(cli_ctx *ctx, const uint8_t *base, char *tmpd)
if (UNP.cur_output + chars + 3 >= UNP.csize) {
uint8_t *newout;
UNP.csize += chars + 512;
if (!(newout = cli_realloc(buf, UNP.csize))) {
if (!(newout = cli_max_realloc(buf, UNP.csize))) {
UNP.error = 1;
break;
}
@ -1526,7 +1526,7 @@ static int ea06(cli_ctx *ctx, const uint8_t *base, char *tmpd)
if (UNP.cur_output + 4 >= UNP.csize) {
uint8_t *newout;
UNP.csize += 512;
if (!(newout = cli_realloc(buf, UNP.csize))) {
if (!(newout = cli_max_realloc(buf, UNP.csize))) {
UNP.error = 1;
break;
}
@ -1547,7 +1547,7 @@ static int ea06(cli_ctx *ctx, const uint8_t *base, char *tmpd)
if (UNP.cur_output + 1 >= UNP.csize) {
uint8_t *newout;
UNP.csize += 512;
if (!(newout = cli_realloc(buf, UNP.csize))) {
if (!(newout = cli_max_realloc(buf, UNP.csize))) {
UNP.error = 1;
break;
}

14
libclamav/blob.c
Unescape View File

@ -225,13 +225,13 @@ int blobAddData(blob *b, const unsigned char *data, size_t len)
assert(b->size == 0);
b->size = growth;
b->data = cli_malloc(growth);
b->data = cli_max_malloc(growth);
if (NULL == b->data) {
b->size = 0;
return -1;
}
} else if (b->size < b->len + (off_t)len) {
unsigned char *p = cli_realloc(b->data, b->size + growth);
unsigned char *p = cli_max_realloc(b->data, b->size + growth);
if (p == NULL)
return -1;
@ -245,13 +245,13 @@ int blobAddData(blob *b, const unsigned char *data, size_t len)
assert(b->size == 0);
b->size = (off_t)len * 4;
b->data = cli_malloc(b->size);
b->data = cli_max_malloc(b->size);
if (NULL == b->data) {
b->size = 0;
return -1;
}
} else if (b->size < b->len + (off_t)len) {
unsigned char *p = cli_realloc(b->data, b->size + (len * 4));
unsigned char *p = cli_max_realloc(b->data, b->size + (len * 4));
if (p == NULL)
return -1;
@ -319,7 +319,7 @@ void blobClose(blob *b)
(unsigned long)b->size);
b->size = 0;
} else {
unsigned char *ptr = cli_realloc(b->data, b->len);
unsigned char *ptr = cli_max_realloc(b->data, b->len);
if (ptr == NULL) {
return;
@ -385,11 +385,11 @@ int blobGrow(blob *b, size_t len)
assert(b->len == 0);
assert(b->size == 0);
b->data = cli_malloc(len);
b->data = cli_max_malloc(len);
if (b->data)
b->size = (off_t)len;
} else {
unsigned char *ptr = cli_realloc(b->data, b->size + len);
unsigned char *ptr = cli_max_realloc(b->data, b->size + len);
if (ptr) {
b->size += (off_t)len;

72
libclamav/bytecode.c
Unescape View File

@ -102,22 +102,6 @@ static void context_safe(struct cli_bc_ctx *ctx)
ctx->hooks.pedata = &nopedata;
}
void cli_bytecode_context_destroy(struct cli_bc_ctx *ctx)
{
cli_bytecode_context_clear(ctx);
free(ctx);
}
int cli_bytecode_context_getresult_file(struct cli_bc_ctx *ctx, char **tempfilename)
{
int fd;
*tempfilename = ctx->tempfile;
fd = ctx->outfd;
ctx->tempfile = NULL;
ctx->outfd = 0;
return fd;
}
/**
* @brief Reset bytecode state, so you can run another bytecode with same ctx.
*
@ -125,7 +109,7 @@ int cli_bytecode_context_getresult_file(struct cli_bc_ctx *ctx, char **tempfilen
*
* @param ctx
*/
static int bytecode_context_reset(struct cli_bc_ctx *ctx)
static void bytecode_context_reset(struct cli_bc_ctx *ctx)
{
unsigned i;
@ -356,12 +340,12 @@ cl_error_t cli_bytecode_context_setfuncid(struct cli_bc_ctx *ctx, const struct c
ctx->numParams = func->numArgs;
ctx->funcid = funcid;
if (func->numArgs) {
ctx->operands = cli_malloc(sizeof(*ctx->operands) * func->numArgs);
ctx->operands = cli_max_malloc(sizeof(*ctx->operands) * func->numArgs);
if (!ctx->operands) {
cli_errmsg("bytecode: error allocating memory for parameters\n");
return CL_EMEM;
}
ctx->opsizes = cli_malloc(sizeof(*ctx->opsizes) * func->numArgs);
ctx->opsizes = cli_max_malloc(sizeof(*ctx->opsizes) * func->numArgs);
if (!ctx->opsizes) {
cli_errmsg("bytecode: error allocating memory for opsizes\n");
return CL_EMEM;
@ -375,7 +359,7 @@ cl_error_t cli_bytecode_context_setfuncid(struct cli_bc_ctx *ctx, const struct c
}
s += 8; /* return value */
ctx->bytes = s;
ctx->values = cli_malloc(s);
ctx->values = cli_max_malloc(s);
if (!ctx->values) {
cli_errmsg("bytecode: error allocating memory for parameters\n");
return CL_EMEM;
@ -523,7 +507,7 @@ static inline operand_t readOperand(struct cli_bc_func *func, unsigned char *p,
uint16_t ty;
p[*off] |= 0x20;
/* TODO: unique constants */
func->constants = cli_realloc2(func->constants, (func->numConstants + 1) * sizeof(*func->constants));
func->constants = cli_max_realloc2(func->constants, (func->numConstants + 1) * sizeof(*func->constants));
if (!func->constants) {
*ok = false;
return MAX_OP;
@ -581,7 +565,7 @@ static inline char *readData(const unsigned char *p, unsigned *off, unsigned len
*ok = false;
return 0;
}
dat = cli_malloc(l);
dat = cli_max_malloc(l);
if (!dat) {
cli_errmsg("Cannot allocate memory for data\n");
*ok = false;
@ -695,12 +679,12 @@ static cl_error_t parseHeader(struct cli_bc *bc, unsigned char *buffer, unsigned
return CL_EMALFDB;
}
bc->funcs = cli_calloc(bc->num_func, sizeof(*bc->funcs));
bc->funcs = cli_max_calloc(bc->num_func, sizeof(*bc->funcs));
if (!bc->funcs) {
cli_errmsg("Out of memory allocating %u functions\n", bc->num_func);
return CL_EMEM;
}
bc->types = cli_calloc(bc->num_types, sizeof(*bc->types));
bc->types = cli_max_calloc(bc->num_types, sizeof(*bc->types));
if (!bc->types) {
cli_errmsg("Out of memory allocating %u types\n", bc->num_types);
return CL_EMEM;
@ -753,7 +737,7 @@ static void parseType(struct cli_bc *bc, struct cli_bc_type *ty,
*ok = false;
return;
}
ty->containedTypes = cli_malloc(sizeof(*ty->containedTypes) * ty->numElements);
ty->containedTypes = cli_max_malloc(sizeof(*ty->containedTypes) * ty->numElements);
if (!ty->containedTypes) {
cli_errmsg("Out of memory allocating %u types\n", ty->numElements);
*ok = false;
@ -942,7 +926,7 @@ static cl_error_t parseApis(struct cli_bc *bc, unsigned char *buffer)
cli_errmsg("Out of memory allocating apis bitset\n");
return CL_EMEM;
}
apity2ty = cli_calloc(cli_apicall_maxtypes, sizeof(*cli_apicall_types));
apity2ty = cli_max_calloc(cli_apicall_maxtypes, sizeof(*cli_apicall_types));
if (!apity2ty) {
cli_errmsg("Out of memory allocating apity2ty\n");
return CL_EMEM;
@ -1057,12 +1041,12 @@ static cl_error_t parseGlobals(struct cli_bc *bc, unsigned char *buffer)
return CL_BREAK;
}
numglobals = readNumber(buffer, &offset, len, &ok);
bc->globals = cli_calloc(numglobals, sizeof(*bc->globals));
bc->globals = cli_max_calloc(numglobals, sizeof(*bc->globals));
if (!bc->globals) {
cli_errmsg("bytecode: OOM allocating memory for %u globals\n", numglobals);
return CL_EMEM;
}
bc->globaltys = cli_calloc(numglobals, sizeof(*bc->globaltys));
bc->globaltys = cli_max_calloc(numglobals, sizeof(*bc->globaltys));
if (!bc->globaltys) {
cli_errmsg("bytecode: OOM allocating memory for %u global types\n", numglobals);
return CL_EMEM;
@ -1076,7 +1060,7 @@ static cl_error_t parseGlobals(struct cli_bc *bc, unsigned char *buffer)
comp = type_components(bc, bc->globaltys[i], &ok);
if (!ok)
return CL_EMALFDB;
bc->globals[i] = cli_malloc(sizeof(*bc->globals[0]) * comp);
bc->globals[i] = cli_max_malloc(sizeof(*bc->globals[0]) * comp);
if (!bc->globals[i])
return CL_EMEM;
readConstant(bc, i, comp, buffer, &offset, len, &ok);
@ -1105,7 +1089,7 @@ static cl_error_t parseMD(struct cli_bc *bc, unsigned char *buffer)
}
b = bc->dbgnode_cnt;
bc->dbgnode_cnt += numMD;
bc->dbgnodes = cli_realloc(bc->dbgnodes, bc->dbgnode_cnt * sizeof(*bc->dbgnodes));
bc->dbgnodes = cli_max_realloc(bc->dbgnodes, bc->dbgnode_cnt * sizeof(*bc->dbgnodes));
if (!bc->dbgnodes)
return CL_EMEM;
for (i = 0; i < numMD; i++) {
@ -1117,7 +1101,7 @@ static cl_error_t parseMD(struct cli_bc *bc, unsigned char *buffer)
return CL_EMALFDB;
}
bc->dbgnodes[b + i].numelements = el;
bc->dbgnodes[b + i].elements = elts = cli_calloc(el, sizeof(*elts));
bc->dbgnodes[b + i].elements = elts = cli_max_calloc(el, sizeof(*elts));
if (!elts)
return CL_EMEM;
for (j = 0; j < el; j++) {
@ -1177,7 +1161,7 @@ static cl_error_t parseFunctionHeader(struct cli_bc *bc, unsigned fn, unsigned c
if (!all_locals) {
func->types = NULL;
} else {
func->types = cli_calloc(all_locals, sizeof(*func->types));
func->types = cli_max_calloc(all_locals, sizeof(*func->types));
if (!func->types) {
cli_errmsg("Out of memory allocating function arguments\n");
return CL_EMEM;
@ -1205,7 +1189,7 @@ static cl_error_t parseFunctionHeader(struct cli_bc *bc, unsigned fn, unsigned c
func->numValues = func->numArgs + func->numLocals;
func->insn_idx = 0;
func->numConstants = 0;
func->allinsts = cli_calloc(func->numInsts, sizeof(*func->allinsts));
func->allinsts = cli_max_calloc(func->numInsts, sizeof(*func->allinsts));
if (!func->allinsts) {
cli_errmsg("Out of memory allocating instructions\n");
return CL_EMEM;
@ -1215,7 +1199,7 @@ static cl_error_t parseFunctionHeader(struct cli_bc *bc, unsigned fn, unsigned c
cli_errmsg("Invalid basic block count\n");
return CL_EMALFDB;
}
func->BB = cli_calloc(func->numBB, sizeof(*func->BB));
func->BB = cli_max_calloc(func->numBB, sizeof(*func->BB));
if (!func->BB) {
cli_errmsg("Out of memory allocating basic blocks\n");
return CL_EMEM;
@ -1319,7 +1303,7 @@ static cl_error_t parseBB(struct cli_bc *bc, unsigned func, unsigned bb, unsigne
if (!numOp) {
inst.u.ops.ops = NULL;
} else {
inst.u.ops.ops = cli_calloc(numOp, sizeof(*inst.u.ops.ops));
inst.u.ops.ops = cli_max_calloc(numOp, sizeof(*inst.u.ops.ops));
if (!inst.u.ops.ops) {
cli_errmsg("Out of memory allocating operands\n");
return CL_EMEM;
@ -1364,7 +1348,7 @@ static cl_error_t parseBB(struct cli_bc *bc, unsigned func, unsigned bb, unsigne
if (ok) {
inst.u.ops.numOps = numOp + 2;
inst.u.ops.opsizes = NULL;
inst.u.ops.ops = cli_calloc(numOp + 2, sizeof(*inst.u.ops.ops));
inst.u.ops.ops = cli_max_calloc(numOp + 2, sizeof(*inst.u.ops.ops));
if (!inst.u.ops.ops) {
cli_errmsg("Out of memory allocating operands\n");
return CL_EMEM;
@ -1484,7 +1468,7 @@ static cl_error_t parseBB(struct cli_bc *bc, unsigned func, unsigned bb, unsigne
cli_errmsg("invalid number of dbg nodes, expected: %u, got: %u\n", bcfunc->numInsts, num);
return CL_EMALFDB;
}
bcfunc->dbgnodes = cli_malloc(num * sizeof(*bcfunc->dbgnodes));
bcfunc->dbgnodes = cli_max_malloc(num * sizeof(*bcfunc->dbgnodes));
if (!bcfunc->dbgnodes) {
cli_errmsg("Unable to allocate memory for dbg nodes: %u\n", num * (uint32_t)sizeof(*bcfunc->dbgnodes));
return CL_EMEM;
@ -1675,7 +1659,7 @@ cl_error_t cli_bytecode_load(struct cli_bc *bc, FILE *f, struct cli_dbio *dbio,
cli_errmsg("Error at bytecode line %u\n", row);
return rc;
}
buffer = cli_malloc(linelength);
buffer = cli_max_malloc(linelength);
if (!buffer) {
cli_errmsg("Out of memory allocating line of length %u\n", linelength);
return CL_EMEM;
@ -2151,7 +2135,7 @@ static cl_error_t cli_bytecode_prepare_interpreter(struct cli_bc *bc)
unsigned bcglobalid = cli_apicall_maxglobal - _FIRST_GLOBAL + 2;
cl_error_t ret = CL_SUCCESS;
bc->numGlobalBytes = 0;
gmap = cli_malloc(bc->num_globals * sizeof(*gmap));
gmap = cli_max_malloc(bc->num_globals * sizeof(*gmap));
if (!gmap) {
cli_errmsg("interpreter: Unable to allocate memory for global map: %zu\n", bc->num_globals * sizeof(*gmap));
return CL_EMEM;
@ -2165,7 +2149,7 @@ static cl_error_t cli_bytecode_prepare_interpreter(struct cli_bc *bc)
bc->numGlobalBytes += typesize(bc, ty);
}
if (bc->numGlobalBytes) {
bc->globalBytes = cli_calloc(1, bc->numGlobalBytes);
bc->globalBytes = cli_max_calloc(1, bc->numGlobalBytes);
if (!bc->globalBytes) {
cli_errmsg("interpreter: Unable to allocate memory for globalBytes: %u\n", bc->numGlobalBytes);
free(gmap);
@ -2231,7 +2215,7 @@ static cl_error_t cli_bytecode_prepare_interpreter(struct cli_bc *bc)
for (i = 0; i < bc->num_func && ret == CL_SUCCESS; i++) {
struct cli_bc_func *bcfunc = &bc->funcs[i];
unsigned totValues = bcfunc->numValues + bcfunc->numConstants + bc->num_globals;
unsigned *map = cli_malloc(sizeof(*map) * (size_t)totValues);
unsigned *map = cli_max_malloc(sizeof(*map) * (size_t)totValues);
if (!map) {
cli_errmsg("interpreter: Unable to allocate memory for map: %zu\n", sizeof(*map) * (size_t)totValues);
free(gmap);
@ -2327,7 +2311,7 @@ static cl_error_t cli_bytecode_prepare_interpreter(struct cli_bc *bc)
if (ret != CL_SUCCESS)
break;
if (inst->u.ops.numOps > 0) {
inst->u.ops.opsizes = cli_malloc(sizeof(*inst->u.ops.opsizes) * inst->u.ops.numOps);
inst->u.ops.opsizes = cli_max_malloc(sizeof(*inst->u.ops.opsizes) * inst->u.ops.numOps);
if (!inst->u.ops.opsizes) {
cli_errmsg("Out of memory when allocating operand sizes\n");
ret = CL_EMEM;
@ -2423,7 +2407,7 @@ static cl_error_t add_selfcheck(struct cli_all_bc *bcs)
struct cli_bc_inst *inst;
struct cli_bc *bc;
bcs->all_bcs = cli_realloc2(bcs->all_bcs, sizeof(*bcs->all_bcs) * (bcs->count + 1));
bcs->all_bcs = cli_max_realloc2(bcs->all_bcs, sizeof(*bcs->all_bcs) * (bcs->count + 1));
if (!bcs->all_bcs) {
cli_errmsg("cli_loadcbc: Can't allocate memory for bytecode entry\n");
return CL_EMEM;
@ -2624,7 +2608,7 @@ static cl_error_t run_builtin_or_loaded(struct cli_all_bc *bcs, uint8_t kind, co
if (!bc) {
/* no loaded bytecode found, load the builtin one! */
struct cli_dbio dbio;
bc = cli_calloc(1, sizeof(*bc));
bc = cli_max_calloc(1, sizeof(*bc));
if (!bc) {
cli_errmsg("Out of memory allocating bytecode\n");
return CL_EMEM;

32
libclamav/bytecode_api.c
Unescape View File

@ -474,7 +474,7 @@ uint8_t *cli_bcapi_malloc(struct cli_bc_ctx *ctx, uint32_t size)
#else
/* TODO: implement using a list of pointers we allocated! */
cli_errmsg("cli_bcapi_malloc not implemented for systems without mmap yet!\n");
v = cli_malloc(size);
v = cli_max_malloc(size);
#endif
if (!v)
cli_event_error_oom(EV, size);
@ -600,7 +600,7 @@ int32_t cli_bcapi_read_number(struct cli_bc_ctx *ctx, uint32_t radix)
int32_t cli_bcapi_hashset_new(struct cli_bc_ctx *ctx)
{
unsigned n = ctx->nhashsets + 1;
struct cli_hashset *s = cli_realloc(ctx->hashsets, sizeof(*ctx->hashsets) * n);
struct cli_hashset *s = cli_max_realloc(ctx->hashsets, sizeof(*ctx->hashsets) * n);
if (!s) {
cli_event_error_oom(EV, 0);
return -1;
@ -663,7 +663,7 @@ int32_t cli_bcapi_hashset_done(struct cli_bc_ctx *ctx, int32_t id)
free(ctx->hashsets);
ctx->hashsets = NULL;
} else {
s = cli_realloc(ctx->hashsets, ctx->nhashsets * sizeof(*s));
s = cli_max_realloc(ctx->hashsets, ctx->nhashsets * sizeof(*s));
if (s)
ctx->hashsets = s;
}
@ -677,10 +677,10 @@ int32_t cli_bcapi_buffer_pipe_new(struct cli_bc_ctx *ctx, uint32_t size)
struct bc_buffer *b;
unsigned n = ctx->nbuffers + 1;
data = cli_calloc(1, size);
data = cli_max_calloc(1, size);
if (!data)
return -1;
b = cli_realloc(ctx->buffers, sizeof(*ctx->buffers) * n);
b = cli_max_realloc(ctx->buffers, sizeof(*ctx->buffers) * n);
if (!b) {
free(data);
return -1;
@ -703,7 +703,7 @@ int32_t cli_bcapi_buffer_pipe_new_fromfile(struct cli_bc_ctx *ctx, uint32_t at)
if (at >= ctx->file_size)
return -1;
b = cli_realloc(ctx->buffers, sizeof(*ctx->buffers) * n);
b = cli_max_realloc(ctx->buffers, sizeof(*ctx->buffers) * n);
if (!b) {
return -1;
}
@ -830,7 +830,7 @@ int32_t cli_bcapi_inflate_init(struct cli_bc_ctx *ctx, int32_t from, int32_t to,
cli_dbgmsg("bytecode api: inflate_init: invalid buffers!\n");
return -1;
}
b = cli_realloc(ctx->inflates, sizeof(*ctx->inflates) * n);
b = cli_max_realloc(ctx->inflates, sizeof(*ctx->inflates) * n);
if (!b) {
return -1;
}
@ -961,7 +961,7 @@ int32_t cli_bcapi_lzma_init(struct cli_bc_ctx *ctx, int32_t from, int32_t to)
return -1;
}
b = cli_realloc(ctx->lzmas, sizeof(*ctx->lzmas) * n);
b = cli_max_realloc(ctx->lzmas, sizeof(*ctx->lzmas) * n);
if (!b) {
return -1;
}
@ -1049,7 +1049,7 @@ int32_t cli_bcapi_bzip2_init(struct cli_bc_ctx *ctx, int32_t from, int32_t to)
cli_dbgmsg("bytecode api: bzip2_init: invalid buffers!\n");
return -1;
}
b = cli_realloc(ctx->bzip2s, sizeof(*ctx->bzip2s) * n);
b = cli_max_realloc(ctx->bzip2s, sizeof(*ctx->bzip2s) * n);
if (!b) {
return -1;
}
@ -1168,7 +1168,7 @@ int32_t cli_bcapi_jsnorm_init(struct cli_bc_ctx *ctx, int32_t from)
state = cli_js_init();
if (!state)
return -1;
b = cli_realloc(ctx->jsnorms, sizeof(*ctx->jsnorms) * n);
b = cli_max_realloc(ctx->jsnorms, sizeof(*ctx->jsnorms) * n);
if (!b) {
cli_js_destroy(state);
return -1;
@ -1396,7 +1396,7 @@ int32_t cli_bcapi_map_new(struct cli_bc_ctx *ctx, int32_t keysize, int32_t value
struct cli_map *s;
if (!keysize)
return -1;
s = cli_realloc(ctx->maps, sizeof(*ctx->maps) * n);
s = cli_max_realloc(ctx->maps, sizeof(*ctx->maps) * n);
if (!s)
return -1;
ctx->maps = s;
@ -1523,7 +1523,7 @@ int32_t cli_bcapi_map_done(struct cli_bc_ctx *ctx, int32_t id)
free(ctx->maps);
ctx->maps = NULL;
} else {
s = cli_realloc(ctx->maps, ctx->nmaps * (sizeof(*s)));
s = cli_max_realloc(ctx->maps, ctx->nmaps * (sizeof(*s)));
if (s)
ctx->maps = s;
}
@ -2037,7 +2037,7 @@ static int32_t cli_bcapi_json_objs_init(struct cli_bc_ctx *ctx)
json_object **j, **jobjs = (json_object **)(ctx->jsonobjs);
cli_ctx *cctx = (cli_ctx *)ctx->ctx;
j = cli_realloc(jobjs, sizeof(json_object *) * n);
j = cli_max_realloc(jobjs, sizeof(json_object *) * n);
if (!j) { /* memory allocation failure */
cli_event_error_oom(EV, 0);
return -1;
@ -2085,7 +2085,7 @@ int32_t cli_bcapi_json_get_object(struct cli_bc_ctx *ctx, const int8_t *name, in
jobj = jobjs[objid];
if (!jobj) /* shouldn't be possible */
return -1;
namep = (char *)cli_malloc(sizeof(char) * (name_len + 1));
namep = (char *)cli_max_malloc(sizeof(char) * (name_len + 1));
if (!namep)
return -1;
strncpy(namep, (char *)name, name_len);
@ -2096,7 +2096,7 @@ int32_t cli_bcapi_json_get_object(struct cli_bc_ctx *ctx, const int8_t *name, in
return 0;
}
j = cli_realloc(jobjs, sizeof(json_object *) * n);
j = cli_max_realloc(jobjs, sizeof(json_object *) * n);
if (!j) { /* memory allocation failure */
free(namep);
cli_event_error_oom(EV, 0);
@ -2220,7 +2220,7 @@ int32_t cli_bcapi_json_get_array_idx(struct cli_bc_ctx *ctx, int32_t idx, int32_
return 0;
}
j = cli_realloc(jobjs, sizeof(json_object *) * n);
j = cli_max_realloc(jobjs, sizeof(json_object *) * n);
if (!j) { /* memory allocation failure */
cli_event_error_oom(EV, 0);
return -1;

4
libclamav/bytecode_vm.c
Unescape View File

@ -596,7 +596,7 @@ static inline int64_t ptr_register_stack(struct ptr_infos *infos,
uint32_t off, uint32_t size)
{
unsigned n = infos->nstacks + 1;
struct ptr_info *sinfos = cli_realloc(infos->stack_infos,
struct ptr_info *sinfos = cli_max_realloc(infos->stack_infos,
sizeof(*sinfos) * n);
if (!sinfos)
return 0;
@ -613,7 +613,7 @@ static inline int64_t ptr_register_glob_fixedid(struct ptr_infos *infos,
{
struct ptr_info *sinfos;
if (n > infos->nglobs) {
sinfos = cli_realloc(infos->glob_infos, sizeof(*sinfos) * n);
sinfos = cli_max_realloc(infos->glob_infos, sizeof(*sinfos) * n);
if (!sinfos)
return 0;
memset(sinfos + infos->nglobs, 0, (n - infos->nglobs) * sizeof(*sinfos));

4
libclamav/cvd.c
Unescape View File

@ -88,7 +88,7 @@ static int cli_untgz(int fd, const char *destdir)
return -1;
}
path = (char *)cli_calloc(sizeof(char), pathlen);
path = (char *)cli_max_calloc(sizeof(char), pathlen);
if (!path) {
cli_errmsg("cli_untgz: Can't allocate memory for path\n");
cli_untgz_cleanup(NULL, infile, NULL, fdd);
@ -259,7 +259,7 @@ static int cli_tgzload(int fd, struct cl_engine *engine, unsigned int *signo, un
}
dbio->bufsize = CLI_DEFAULT_DBIO_BUFSIZE;
dbio->buf = cli_malloc(dbio->bufsize);
dbio->buf = cli_max_malloc(dbio->bufsize);
if (!dbio->buf) {
cli_errmsg("cli_tgzload: Can't allocate memory for dbio->buf\n");
cli_tgzload_cleanup(compr, dbio, fdd);

4
libclamav/dmg.c
Unescape View File

@ -485,7 +485,7 @@ static int dmg_decode_mish(cli_ctx *ctx, unsigned int *mishblocknum, xmlChar *mi
/* speed vs memory, could walk the encoded data and skip whitespace in calculation */
buff_size = 3 * base64_len / 4 + 4;
dmg_parsemsg("dmg_decode_mish: buffer for mish block %u is %lu\n", *mishblocknum, (unsigned long)buff_size);
decoded = cli_malloc(buff_size);
decoded = cli_max_malloc(buff_size);
if (!decoded)
return CL_EMEM;
@ -1108,7 +1108,7 @@ static int dmg_extract_xml(cli_ctx *ctx, char *dir, struct dmg_koly_block *hdr)
}
namelen = strlen(dir) + 1 + 7 + 1;
if (!(xmlfile = cli_malloc(namelen))) {
if (!(xmlfile = cli_max_malloc(namelen))) {
return CL_EMEM;
}
snprintf(xmlfile, namelen, "%s" PATHSEP "toc.xml", dir);

2
libclamav/dsig.c
Unescape View File

@ -139,7 +139,7 @@ static unsigned char *cli_decodesig(const char *sig, unsigned int plen, BIGNUM *
bn_bytes, plen);
goto done;
}
plain = cli_calloc(plen, sizeof(unsigned char));
plain = cli_max_calloc(plen, sizeof(unsigned char));
if (!plain) {
cli_errmsg("cli_decodesig: Can't allocate memory for 'plain'\n");
goto done;

110
libclamav/egg.c
Unescape View File

@ -1221,10 +1221,10 @@ static cl_error_t egg_parse_file_extra_field(egg_handle* handle, egg_file* eggFi
/*
* Comment found. Add comment to our list.
*/
CLI_REALLOC(eggFile->comments,
sizeof(char*) * (eggFile->nComments + 1),
free(comment),
status = CL_EMEM);
CLI_SAFER_REALLOC(eggFile->comments,
sizeof(char*) * (eggFile->nComments + 1),
free(comment),
status = CL_EMEM);
eggFile->comments[eggFile->nComments] = comment;
eggFile->nComments++;
}
@ -1667,10 +1667,10 @@ cl_error_t cli_egg_open(fmap_t* map, void** hArchive, char*** comments, uint32_t
goto done;
} else {
/* Add file to list. */
CLI_REALLOC(handle->files,
sizeof(egg_file*) * (handle->nFiles + 1),
egg_free_egg_file(found_file),
status = CL_EMEM);
CLI_SAFER_REALLOC(handle->files,
sizeof(egg_file*) * (handle->nFiles + 1),
egg_free_egg_file(found_file),
status = CL_EMEM);
handle->files[handle->nFiles] = found_file;
handle->nFiles++;
}
@ -1689,10 +1689,10 @@ cl_error_t cli_egg_open(fmap_t* map, void** hArchive, char*** comments, uint32_t
} else {
/* Add block to list. */
if (handle->bSolid) {
CLI_REALLOC(handle->blocks,
sizeof(egg_block*) * (handle->nBlocks + 1),
egg_free_egg_block(found_block),
status = CL_EMEM);
CLI_SAFER_REALLOC(handle->blocks,
sizeof(egg_block*) * (handle->nBlocks + 1),
egg_free_egg_block(found_block),
status = CL_EMEM);
handle->blocks[handle->nBlocks] = found_block;
handle->nBlocks++;
} else {
@ -1707,10 +1707,10 @@ cl_error_t cli_egg_open(fmap_t* map, void** hArchive, char*** comments, uint32_t
} else {
eggFile = handle->files[handle->nFiles - 1];
CLI_REALLOC(eggFile->blocks,
sizeof(egg_block*) * (eggFile->nBlocks + 1),
egg_free_egg_block(found_block),
status = CL_EMEM);
CLI_SAFER_REALLOC(eggFile->blocks,
sizeof(egg_block*) * (eggFile->nBlocks + 1),
egg_free_egg_block(found_block),
status = CL_EMEM);
eggFile->blocks[eggFile->nBlocks] = found_block;
eggFile->nBlocks++;
}
@ -1785,10 +1785,10 @@ cl_error_t cli_egg_open(fmap_t* map, void** hArchive, char*** comments, uint32_t
/*
* Comment found. Add comment to our list.
*/
CLI_REALLOC(handle->comments,
sizeof(char*) * (handle->nComments + 1),
free(comment),
status = CL_EMEM);
CLI_SAFER_REALLOC(handle->comments,
sizeof(char*) * (handle->nComments + 1),
free(comment),
status = CL_EMEM);
handle->comments[handle->nComments] = comment;
handle->nComments++;
}
@ -1972,10 +1972,10 @@ cl_error_t cli_egg_deflate_decompress(char* compressed, size_t compressed_size,
while (zstat == Z_OK && stream.avail_in) {
/* extend output capacity if needed,*/
if (stream.avail_out == 0) {
CLI_REALLOC(decoded,
capacity + BUFSIZ,
cli_errmsg("cli_egg_deflate_decompress: cannot reallocate memory for decompressed output\n"),
status = CL_EMEM);
CLI_SAFER_REALLOC(decoded,
capacity + BUFSIZ,
cli_errmsg("cli_egg_deflate_decompress: cannot reallocate memory for decompressed output\n"),
status = CL_EMEM);
stream.next_out = decoded + capacity;
stream.avail_out = BUFSIZ;
declen += BUFSIZ;
@ -2094,10 +2094,10 @@ cl_error_t cli_egg_bzip2_decompress(char* compressed, size_t compressed_size, ch
while (bzstat == BZ_OK && stream.avail_in) {
/* extend output capacity if needed,*/
if (stream.avail_out == 0) {
CLI_REALLOC(decoded,
capacity + BUFSIZ,
cli_errmsg("cli_egg_bzip2_decompress: cannot reallocate memory for decompressed output\n");
status = CL_EMEM);
CLI_SAFER_REALLOC(decoded,
capacity + BUFSIZ,
cli_errmsg("cli_egg_bzip2_decompress: cannot reallocate memory for decompressed output\n");
status = CL_EMEM);
stream.next_out = decoded + capacity;
stream.avail_out = BUFSIZ;
declen += BUFSIZ;
@ -2211,10 +2211,10 @@ cl_error_t cli_egg_lzma_decompress(char* compressed, size_t compressed_size, cha
while (lzmastat == LZMA_RESULT_OK && stream.avail_in) {
/* extend output capacity if needed,*/
if (stream.avail_out == 0) {
CLI_REALLOC(decoded,
capacity + BUFSIZ,
cli_errmsg("cli_egg_lzma_decompress: cannot reallocate memory for decompressed output\n");
status = CL_EMEM);
CLI_SAFER_REALLOC(decoded,
capacity + BUFSIZ,
cli_errmsg("cli_egg_lzma_decompress: cannot reallocate memory for decompressed output\n");
status = CL_EMEM);
stream.next_out = decoded + capacity;
stream.avail_out = BUFSIZ;
declen += BUFSIZ;
@ -2361,11 +2361,11 @@ cl_error_t cli_egg_extract_file(void* hArchive, const char** filename, const cha
break;
}
CLI_REALLOC(decompressed,
(size_t)decompressed_size + currBlock->blockHeader->compress_size,
cli_errmsg("cli_egg_extract_file: Failed to allocate %" PRIu64 " bytes for decompressed file!\n",
decompressed_size),
status = CL_EMEM);
CLI_SAFER_REALLOC(decompressed,
(size_t)decompressed_size + currBlock->blockHeader->compress_size,
cli_errmsg("cli_egg_extract_file: Failed to allocate %" PRIu64 " bytes for decompressed file!\n",
decompressed_size),
status = CL_EMEM);
memcpy(decompressed + decompressed_size, currBlock->compressedData, currBlock->blockHeader->compress_size);
decompressed_size += currBlock->blockHeader->compress_size;
@ -2386,12 +2386,12 @@ cl_error_t cli_egg_extract_file(void* hArchive, const char** filename, const cha
goto done;
}
/* Decompressed block. Add it to the file data */
CLI_REALLOC(decompressed,
(size_t)decompressed_size + decompressed_block_size,
cli_errmsg("cli_egg_extract_file: Failed to allocate %" PRIu64 " bytes for decompressed file!\n",
decompressed_size),
free(decompressed_block),
status = CL_EMEM);
CLI_SAFER_REALLOC(decompressed,
(size_t)decompressed_size + decompressed_block_size,
cli_errmsg("cli_egg_extract_file: Failed to allocate %" PRIu64 " bytes for decompressed file!\n",
decompressed_size),
free(decompressed_block),
status = CL_EMEM);
memcpy(decompressed + decompressed_size, decompressed_block, decompressed_block_size);
decompressed_size += decompressed_block_size;
@ -2415,12 +2415,12 @@ cl_error_t cli_egg_extract_file(void* hArchive, const char** filename, const cha
goto done;
}
/* Decompressed block. Add it to the file data */
CLI_REALLOC(decompressed,
(size_t)decompressed_size + decompressed_block_size,
cli_errmsg("cli_egg_extract_file: Failed to allocate %" PRIu64 " bytes for decompressed file!\n",
decompressed_size),
free(decompressed_block),
status = CL_EMEM);
CLI_SAFER_REALLOC(decompressed,
(size_t)decompressed_size + decompressed_block_size,
cli_errmsg("cli_egg_extract_file: Failed to allocate %" PRIu64 " bytes for decompressed file!\n",
decompressed_size),
free(decompressed_block),
status = CL_EMEM);
memcpy(decompressed + decompressed_size, decompressed_block, decompressed_block_size);
decompressed_size += decompressed_block_size;
@ -2454,12 +2454,12 @@ cl_error_t cli_egg_extract_file(void* hArchive, const char** filename, const cha
// goto done;
// }
// /* Decompressed block. Add it to the file data */
// CLI_REALLOC(decompressed,
// (size_t)decompressed_size + decompressed_block_size,
// cli_errmsg("cli_egg_extract_file: Failed to allocate %" PRIu64 " bytes for decompressed file!\n",
// decompressed_size),
// free(decompressed_block),
// status = CL_EMEM);
// CLI_SAFER_REALLOC(decompressed,
// (size_t)decompressed_size + decompressed_block_size,
// cli_errmsg("cli_egg_extract_file: Failed to allocate %" PRIu64 " bytes for decompressed file!\n",
// decompressed_size),
// free(decompressed_block),
// status = CL_EMEM);
// memcpy(decompressed + decompressed_size, decompressed_block, decompressed_block_size);
// decompressed_size += decompressed_block_size;

12
libclamav/elf.c
Unescape View File

@ -244,7 +244,7 @@ static int cli_elf_ph32(cli_ctx *ctx, fmap_t *map, struct cli_exe_info *elfinfo,
}
if (phnum) {
program_hdr = (struct elf_program_hdr32 *)cli_calloc(phnum, sizeof(struct elf_program_hdr32));
program_hdr = (struct elf_program_hdr32 *)cli_max_calloc(phnum, sizeof(struct elf_program_hdr32));
if (!program_hdr) {
cli_errmsg("ELF: Can't allocate memory for program headers\n");
return CL_EMEM;
@ -344,7 +344,7 @@ static cl_error_t cli_elf_ph64(cli_ctx *ctx, fmap_t *map, struct cli_exe_info *e
}
if (phnum) {
program_hdr = (struct elf_program_hdr64 *)cli_calloc(phnum, sizeof(struct elf_program_hdr64));
program_hdr = (struct elf_program_hdr64 *)cli_max_calloc(phnum, sizeof(struct elf_program_hdr64));
if (!program_hdr) {
cli_errmsg("ELF: Can't allocate memory for program headers\n");
return CL_EMEM;
@ -445,7 +445,7 @@ static int cli_elf_sh32(cli_ctx *ctx, fmap_t *map, struct cli_exe_info *elfinfo,
cli_dbgmsg("ELF: Section header table offset: %d\n", shoff);
if (elfinfo) {
elfinfo->sections = (struct cli_exe_section *)cli_calloc(shnum, sizeof(struct cli_exe_section));
elfinfo->sections = (struct cli_exe_section *)cli_max_calloc(shnum, sizeof(struct cli_exe_section));
if (!elfinfo->sections) {
cli_dbgmsg("ELF: Can't allocate memory for section headers\n");
return CL_EMEM;
@ -453,7 +453,7 @@ static int cli_elf_sh32(cli_ctx *ctx, fmap_t *map, struct cli_exe_info *elfinfo,
}
if (shnum) {
section_hdr = (struct elf_section_hdr32 *)cli_calloc(shnum, shentsize);
section_hdr = (struct elf_section_hdr32 *)cli_max_calloc(shnum, shentsize);
if (!section_hdr) {
cli_errmsg("ELF: Can't allocate memory for section headers\n");
return CL_EMEM;
@ -544,7 +544,7 @@ static int cli_elf_sh64(cli_ctx *ctx, fmap_t *map, struct cli_exe_info *elfinfo,
cli_dbgmsg("ELF: Section header table offset: " STDu64 "\n", shoff);
if (elfinfo) {
elfinfo->sections = (struct cli_exe_section *)cli_calloc(shnum, sizeof(struct cli_exe_section));
elfinfo->sections = (struct cli_exe_section *)cli_max_calloc(shnum, sizeof(struct cli_exe_section));
if (!elfinfo->sections) {
cli_dbgmsg("ELF: Can't allocate memory for section headers\n");
return CL_EMEM;
@ -552,7 +552,7 @@ static int cli_elf_sh64(cli_ctx *ctx, fmap_t *map, struct cli_exe_info *elfinfo,
}
if (shnum) {
section_hdr = (struct elf_section_hdr64 *)cli_calloc(shnum, shentsize);
section_hdr = (struct elf_section_hdr64 *)cli_max_calloc(shnum, shentsize);
if (!section_hdr) {
cli_errmsg("ELF: Can't allocate memory for section headers\n");
return CL_EMEM;

22
libclamav/entconv.c
Unescape View File

@ -495,7 +495,7 @@ static char* normalize_encoding(const unsigned char* enc)
if (!encname_chars[enc[i]])
return NULL;
}
norm = cli_malloc(len + 1);
norm = cli_max_malloc(len + 1);
if (!norm)
return NULL;
for (i = 0; i < len; i++)
@ -656,7 +656,7 @@ static iconv_t iconv_open_cached(const char* fromcode)
idx = cache->last++;
if (idx >= cache->len) {
cache->len += 16;
cache->tab = cli_realloc2(cache->tab, cache->len * sizeof(cache->tab[0]));
cache->tab = cli_max_realloc2(cache->tab, cache->len * sizeof(cache->tab[0]));
if (!cache->tab) {
cli_dbgmsg(MODULE_NAME "!Out of mem in iconv-pool\n");
errno = ENOMEM;
@ -803,7 +803,7 @@ cl_error_t cli_codepage_to_utf8(char* in, size_t in_size, uint16_t codepage, cha
int byte_count, sigbit_count;
out_utf8_size = in_size;
out_utf8 = cli_calloc(1, out_utf8_size + 1);
out_utf8 = cli_max_calloc(1, out_utf8_size + 1);
if (NULL == out_utf8) {
cli_errmsg("cli_codepage_to_utf8: Failure allocating buffer for utf8 filename.\n");
status = CL_EMEM;
@ -863,7 +863,7 @@ cl_error_t cli_codepage_to_utf8(char* in, size_t in_size, uint16_t codepage, cha
uint16_t* pCodeUnits = (uint16_t*)in;
cchWideChar = (int)in_size / 2;
lpWideCharStr = cli_malloc((cchWideChar) * sizeof(WCHAR)); /* No need for a null terminator here, we'll deal with the exact size */
lpWideCharStr = cli_max_malloc((cchWideChar) * sizeof(WCHAR)); /* No need for a null terminator here, we'll deal with the exact size */
if (NULL == lpWideCharStr) {
cli_dbgmsg("cli_codepage_to_utf8: failed to allocate memory for wide char string.\n");
status = CL_EMEM;
@ -892,7 +892,7 @@ cl_error_t cli_codepage_to_utf8(char* in, size_t in_size, uint16_t codepage, cha
goto done;
}
lpWideCharStr = cli_malloc((cchWideChar) * sizeof(WCHAR)); /* No need for a null terminator here, we'll deal with the exact size */
lpWideCharStr = cli_max_malloc((cchWideChar) * sizeof(WCHAR)); /* No need for a null terminator here, we'll deal with the exact size */
if (NULL == lpWideCharStr) {
cli_dbgmsg("cli_codepage_to_utf8: failed to allocate memory for wide char string.\n");
status = CL_EMEM;
@ -935,7 +935,7 @@ cl_error_t cli_codepage_to_utf8(char* in, size_t in_size, uint16_t codepage, cha
goto done;
}
out_utf8 = cli_malloc(out_utf8_size + 1); /* Add a null terminator to this string */
out_utf8 = cli_max_malloc(out_utf8_size + 1); /* Add a null terminator to this string */
if (NULL == out_utf8) {
cli_dbgmsg("cli_codepage_to_utf8: failed to allocate memory for wide char to utf-8 string.\n");
status = CL_EMEM;
@ -994,7 +994,7 @@ cl_error_t cli_codepage_to_utf8(char* in, size_t in_size, uint16_t codepage, cha
outbytesleft = out_utf8_size;
out_utf8 = cli_calloc(1, out_utf8_size + 1);
out_utf8 = cli_max_calloc(1, out_utf8_size + 1);
if (NULL == out_utf8) {
cli_errmsg("cli_codepage_to_utf8: Failure allocating buffer for utf8 data.\n");
status = CL_EMEM;
@ -1037,9 +1037,9 @@ cl_error_t cli_codepage_to_utf8(char* in, size_t in_size, uint16_t codepage, cha
}
/* iconv succeeded, but probably didn't use the whole buffer. Free up the extra memory. */
out_utf8_tmp = cli_realloc(out_utf8, out_utf8_size - outbytesleft + 1);
out_utf8_tmp = cli_max_realloc(out_utf8, out_utf8_size - outbytesleft + 1);
if (NULL == out_utf8_tmp) {
cli_errmsg("cli_codepage_to_utf8: failure cli_realloc'ing converted filename.\n");
cli_errmsg("cli_codepage_to_utf8: failure cli_max_realloc'ing converted filename.\n");
status = CL_EMEM;
goto done;
}
@ -1100,7 +1100,7 @@ char* cli_utf16toascii(const char* str, unsigned int length)
if (length % 2)
length--;
if (!(decoded = cli_calloc(length / 2 + 1, sizeof(char))))
if (!(decoded = cli_max_calloc(length / 2 + 1, sizeof(char))))
return NULL;
for (i = 0, j = 0; i < length; i += 2, j++) {
@ -1127,7 +1127,7 @@ char* cli_utf16_to_utf8(const char* utf16, size_t length, encoding_t type)
length--;
}
s2 = cli_malloc(needed);
s2 = cli_max_malloc(needed);
if (!s2)
return NULL;

8
libclamav/events.c
Unescape View File

@ -54,7 +54,7 @@ cli_events_t *cli_events_new(unsigned max_event)
if (!ev)
return NULL;
ev->max = max_event;
ev->events = cli_calloc(max_event, sizeof(*ev->events));
ev->events = cli_max_calloc(max_event, sizeof(*ev->events));
if (!ev->events) {
free(ev);
return NULL;
@ -132,7 +132,7 @@ static inline void ev_chain(cli_events_t *ctx, struct cli_event *ev, union ev_va
union ev_val *chain;
uint32_t siz = sizeof(*chain) * (ev->count + 1);
chain = cli_realloc(ev->u.v_chain, siz);
chain = cli_max_realloc(ev->u.v_chain, siz);
if (!chain) {
cli_event_error_oom(ctx, siz);
return;
@ -294,7 +294,7 @@ void cli_event_data(cli_events_t *ctx, unsigned id, const void *data, uint32_t l
}
switch (ev->multiple) {
case multiple_last: {
void *v_data = cli_realloc2(ev->u.v_data, len);
void *v_data = cli_max_realloc2(ev->u.v_data, len);
if (v_data) {
ev->u.v_data = v_data;
memcpy(v_data, data, len);
@ -305,7 +305,7 @@ void cli_event_data(cli_events_t *ctx, unsigned id, const void *data, uint32_t l
break;
}
case multiple_concat: {
void *v_data = cli_realloc2(ev->u.v_data, ev->count + len);
void *v_data = cli_max_realloc2(ev->u.v_data, ev->count + len);
if (v_data) {
ev->u.v_data = v_data;
memcpy((char *)v_data + ev->count, data, len);

4
libclamav/fmap.c
Unescape View File

@ -381,7 +381,7 @@ extern cl_fmap_t *cl_fmap_open_handle(void *handle, size_t offset, size_t len,
goto done;
}
m->bitmap = cli_calloc(1, bitmap_size);
m->bitmap = cli_max_calloc(1, bitmap_size);
if (!m->bitmap) {
cli_warnmsg("fmap: map header allocation failed\n");
goto done;
@ -408,7 +408,7 @@ extern cl_fmap_t *cl_fmap_open_handle(void *handle, size_t offset, size_t len,
}
#endif /* ANONYMOUS_MAP */
if (!use_aging) {
m->data = (fmap_t *)cli_malloc(mapsz);
m->data = (fmap_t *)cli_max_malloc(mapsz);
}
if (!m->data) {
cli_warnmsg("fmap: map allocation failed\n");

18
libclamav/hashtab.c
Unescape View File

@ -180,7 +180,7 @@ cl_error_t cli_hashtab_init(struct cli_hashtable *s, size_t capacity)
PROFILE_INIT(s);
capacity = nearest_power(capacity);
s->htable = cli_calloc(capacity, sizeof(*s->htable));
s->htable = cli_max_calloc(capacity, sizeof(*s->htable));
if (!s->htable) {
return CL_EMEM;
}
@ -332,7 +332,7 @@ static cl_error_t cli_hashtab_grow(struct cli_hashtable *s)
cli_errmsg("hashtab.c: capacity problem growing from: %zu\n", s->capacity);
return CL_EMEM;
}
htable = cli_calloc(new_capacity, sizeof(*s->htable));
htable = cli_max_calloc(new_capacity, sizeof(*s->htable));
if (!htable) {
return CL_EMEM;
}
@ -451,7 +451,7 @@ const struct cli_element *cli_hashtab_insert(struct cli_hashtable *s, const char
} else {
PROFILE_INSERT(s, tries);
}
thekey = cli_malloc(len + 1);
thekey = cli_max_malloc(len + 1);
if (!thekey) {
cli_errmsg("hashtab.c: Unable to allocate memory for thekey\n");
return NULL;
@ -652,13 +652,13 @@ cl_error_t cli_hashset_init(struct cli_hashset *hs, size_t initial_capacity, uin
hs->capacity = initial_capacity;
hs->mask = initial_capacity - 1;
hs->count = 0;
hs->keys = cli_malloc(initial_capacity * sizeof(*hs->keys));
hs->keys = cli_max_malloc(initial_capacity * sizeof(*hs->keys));
hs->mempool = NULL;
if (!hs->keys) {
cli_errmsg("hashtab.c: Unable to allocate memory for hs->keys\n");
return CL_EMEM;
}
hs->bitmap = cli_calloc(initial_capacity >> 5, sizeof(*hs->bitmap));
hs->bitmap = cli_max_calloc(initial_capacity >> 5, sizeof(*hs->bitmap));
if (!hs->bitmap) {
free(hs->keys);
cli_errmsg("hashtab.c: Unable to allocate memory for hs->bitmap\n");
@ -818,7 +818,7 @@ ssize_t cli_hashset_toarray(const struct cli_hashset *hs, uint32_t **array)
return -1;
}
*array = arr = cli_malloc(hs->count * sizeof(*arr));
*array = arr = cli_max_malloc(hs->count * sizeof(*arr));
if (!arr) {
cli_errmsg("hashtab.c: Unable to allocate memory for array\n");
return -1;
@ -889,7 +889,7 @@ cl_error_t cli_map_addkey(struct cli_map *m, const void *key, int32_t keysize)
if (m->valuesize) {
void *v;
v = cli_realloc(m->u.sized_values, n * m->valuesize);
v = cli_max_realloc(m->u.sized_values, n * m->valuesize);
if (!v) {
return CL_EMEM;
}
@ -899,7 +899,7 @@ cl_error_t cli_map_addkey(struct cli_map *m, const void *key, int32_t keysize)
} else {
struct cli_map_value *v;
v = cli_realloc(m->u.unsized_values, n * sizeof(*m->u.unsized_values));
v = cli_max_realloc(m->u.unsized_values, n * sizeof(*m->u.unsized_values));
if (!v) {
return CL_EMEM;
}
@ -965,7 +965,7 @@ cl_error_t cli_map_setvalue(struct cli_map *m, const void *value, int32_t values
free(v->value);
}
v->value = cli_malloc(valuesize);
v->value = cli_max_malloc(valuesize);
if (!v->value) {
cli_errmsg("hashtab.c: Unable to allocate memory for v->value\n");
return CL_EMEM;

6
libclamav/hfsplus.c
Unescape View File

@ -523,7 +523,7 @@ static cl_error_t hfsplus_check_attribute(cli_ctx *ctx, hfsPlusVolumeHeader *vol
nodeSize = attrHeader->nodeSize;
/* Need to buffer current node, map will keep moving */
nodeBuf = cli_malloc(nodeSize);
nodeBuf = cli_max_malloc(nodeSize);
if (!nodeBuf) {
cli_dbgmsg("hfsplus_check_attribute: failed to acquire node buffer, "
"size " STDu32 "\n",
@ -894,7 +894,7 @@ static cl_error_t hfsplus_read_block_table(int fd, uint32_t *numBlocks, hfsPlusR
}
*numBlocks = le32_to_host(*numBlocks); // Let's do a little little endian just for fun, shall we?
*table = cli_malloc(sizeof(hfsPlusResourceBlockTable) * *numBlocks);
*table = cli_max_malloc(sizeof(hfsPlusResourceBlockTable) * *numBlocks);
if (!*table) {
cli_dbgmsg("hfsplus_read_block_table: Failed to allocate memory for block table\n");
status = CL_EMEM;
@ -948,7 +948,7 @@ static cl_error_t hfsplus_walk_catalog(cli_ctx *ctx, hfsPlusVolumeHeader *volHea
nodeSize = catHeader->nodeSize;
/* Need to buffer current node, map will keep moving */
nodeBuf = cli_malloc(nodeSize);
nodeBuf = cli_max_malloc(nodeSize);
if (!nodeBuf) {
cli_dbgmsg("hfsplus_walk_catalog: failed to acquire node buffer, "
"size " STDu32 "\n",

18
libclamav/htmlnorm.c
Unescape View File

@ -182,7 +182,7 @@ static unsigned char *cli_readchunk(FILE *stream, m_area_t *m_area, unsigned int
unsigned char *chunk, *start, *ptr, *end;
unsigned int chunk_len, count;
chunk = (unsigned char *)cli_malloc(max_len);
chunk = (unsigned char *)cli_max_malloc(max_len);
if (!chunk) {
cli_errmsg("readchunk: Unable to allocate memory for chunk\n");
return NULL;
@ -371,18 +371,18 @@ void html_tag_arg_add(tag_arguments_t *tags,
{
int len, i;
tags->count++;
tags->tag = (unsigned char **)cli_realloc2(tags->tag,
tags->tag = (unsigned char **)cli_max_realloc2(tags->tag,
tags->count * sizeof(char *));
if (!tags->tag) {
goto done;
}
tags->value = (unsigned char **)cli_realloc2(tags->value,
tags->value = (unsigned char **)cli_max_realloc2(tags->value,
tags->count * sizeof(char *));
if (!tags->value) {
goto done;
}
if (tags->scanContents) {
tags->contents = (unsigned char **)cli_realloc2(tags->contents,
tags->contents = (unsigned char **)cli_max_realloc2(tags->contents,
tags->count * sizeof(*tags->contents));
if (!tags->contents) {
goto done;
@ -527,7 +527,7 @@ static inline void html_tag_contents_done(tag_arguments_t *tags, int idx, struct
{
unsigned char *p;
cont->contents[cont->pos++] = '\0';
p = cli_malloc(cont->pos);
p = cli_max_malloc(cont->pos);
if (!p) {
cli_errmsg("html_tag_contents_done: Unable to allocate memory for p\n");
return;
@ -1201,9 +1201,9 @@ static bool cli_html_normalise(cli_ctx *ctx, int fd, m_area_t *m_area, const cha
chunk_size = style_end - style_begin;
if (style_buff == NULL) {
CLI_MALLOC(style_buff, chunk_size + 1);
CLI_MAX_MALLOC(style_buff, chunk_size + 1);
} else {
CLI_REALLOC(style_buff, style_buff_size + chunk_size + 1);
CLI_MAX_REALLOC(style_buff, style_buff_size + chunk_size + 1);
}
memcpy(style_buff + style_buff_size, style_begin, chunk_size);
@ -1837,9 +1837,9 @@ static bool cli_html_normalise(cli_ctx *ctx, int fd, m_area_t *m_area, const cha
size_t chunk_size = ptr - style_begin;
if (style_buff == NULL) {
CLI_MALLOC(style_buff, chunk_size + 1);
CLI_MAX_MALLOC(style_buff, chunk_size + 1);
} else {
CLI_REALLOC(style_buff, style_buff_size + chunk_size + 1);
CLI_MAX_REALLOC(style_buff, style_buff_size + chunk_size + 1);
}
memcpy(style_buff + style_buff_size, style_begin, chunk_size);

8
libclamav/hwp.c
Unescape View File

@ -206,14 +206,14 @@ static char *convert_hstr_to_utf8(const char *begin, size_t sz, const char *pare
iconv_t cd;
do {
p1 = inbuf = cli_calloc(1, sz + 1);
p1 = inbuf = cli_max_calloc(1, sz + 1);
if (!inbuf) {
cli_errmsg("%s: Failed to allocate memory for encoding conversion buffer\n", parent);
rc = CL_EMEM;
break;
}
memcpy(inbuf, begin, sz);
p2 = outbuf = cli_calloc(1, sz + 1);
p2 = outbuf = cli_max_calloc(1, sz + 1);
if (!outbuf) {
cli_errmsg("%s: Failed to allocate memory for encoding conversion buffer\n", parent);
rc = CL_EMEM;
@ -254,7 +254,7 @@ static char *convert_hstr_to_utf8(const char *begin, size_t sz, const char *pare
if (!res && (rc == CL_SUCCESS)) {
char *tmpbuf;
tmpbuf = cli_calloc(1, sz + 1);
tmpbuf = cli_max_calloc(1, sz + 1);
if (tmpbuf) {
memcpy(tmpbuf, begin, sz);
@ -626,7 +626,7 @@ static inline cl_error_t parsehwp3_docsummary(cli_ctx *ctx, size_t offset)
if (iret == CL_VIRUS) {
char *b64;
size_t b64len = strlen(hwp3_docsummary_fields[i].name) + 8;
b64 = cli_calloc(1, b64len);
b64 = cli_max_calloc(1, b64len);
if (!b64) {
cli_errmsg("HWP3.x: Failed to allocate memory for b64 boolean\n");
free(str);

2
libclamav/inflate64.c
Unescape View File

@ -181,7 +181,7 @@ unsigned out;
/* if it hasn't been done already, allocate space for the window */
if (state->window == Z_NULL) {
state->window = (unsigned char FAR *)cli_calloc(1U << state->wbits, sizeof(unsigned char));
state->window = (unsigned char FAR *)cli_max_calloc(1U << state->wbits, sizeof(unsigned char));
if (state->window == Z_NULL) return 1;
}

2
libclamav/ishield.c
Unescape View File

@ -432,7 +432,7 @@ cl_error_t cli_scanishield(cli_ctx *ctx, off_t off, size_t sz)
}
if (i == c.cabcnt) {
c.cabcnt++;
if (!(c.cabs = cli_realloc2(c.cabs, sizeof(struct CABARRAY) * c.cabcnt))) {
if (!(c.cabs = cli_max_realloc2(c.cabs, sizeof(struct CABARRAY) * c.cabcnt))) {
ret = CL_EMEM;
break;
}

2
libclamav/json_api.c
Unescape View File

@ -487,7 +487,7 @@ cl_error_t cli_jsonstr_nojson(const char* key, const char* s)
cl_error_t cli_jsonstrlen_nojson(const char* key, const char* s, int len)
{
char* sp = cli_malloc(len + 1);
char* sp = cli_max_malloc(len + 1);
if (NULL == sp) {
cli_errmsg("json: no memory for json strlen object.\n");
return CL_EMEM;

8
libclamav/jsparse/js-norm.c
Unescape View File

@ -287,7 +287,7 @@ static cl_error_t tokens_ensure_capacity(struct tokens *tokens, size_t cap)
yystype *data;
cap += 1024;
/* Keep old data if OOM */
data = cli_realloc(tokens->data, cap * sizeof(*tokens->data));
data = cli_max_realloc(tokens->data, cap * sizeof(*tokens->data));
if (!data)
return CL_EMEM;
tokens->data = data;
@ -516,7 +516,7 @@ static const char *de_packer_2[] = {"p", "a", "c", "k", "e", "d"};
static inline char *textbuffer_done(yyscan_t scanner)
{
char *str = cli_realloc(scanner->buf.data, scanner->buf.pos);
char *str = cli_max_realloc(scanner->buf.data, scanner->buf.pos);
if (!str) {
str = scanner->buf.data;
}
@ -1181,7 +1181,7 @@ void cli_js_process_buffer(struct parser_state *state, const char *buf, size_t n
/* delete TOK_PLUS */
free_token(&state->tokens.data[--state->tokens.cnt]);
str = cli_realloc(str, str_len + leng + 1);
str = cli_max_realloc(str, str_len + leng + 1);
if (!str)
break;
strncpy(str + str_len, text, leng);
@ -1553,7 +1553,7 @@ static const enum char_class id_ctype[256] = {
static void textbuf_clean(struct text_buffer *buf)
{
if (buf->capacity > BUF_KEEP_SIZE) {
char *data = cli_realloc(buf->data, BUF_KEEP_SIZE);
char *data = cli_max_realloc(buf->data, BUF_KEEP_SIZE);
if (data)
buf->data = data;
buf->capacity = BUF_KEEP_SIZE;

2
libclamav/jsparse/textbuf.h
Unescape View File

@ -44,7 +44,7 @@ static inline int textbuffer_ensure_capacity(struct text_buffer *txtbuf, size_t
if (txtbuf->pos + len > txtbuf->capacity) {
char *d;
unsigned capacity = MAX(txtbuf->pos + len, txtbuf->capacity + 4096);
d = cli_realloc(txtbuf->data, capacity);
d = cli_max_realloc(txtbuf->data, capacity);
if (!d)
return -1;
txtbuf->capacity = capacity;

7
libclamav/libclamav.map
Unescape View File

@ -107,7 +107,6 @@ CLAMAV_PRIVATE {
cli_chomp;
cli_rndnum;
cli_calloc;
cli_ole2_extract;
cli_errmsg;
cli_debug_flag;
@ -127,10 +126,12 @@ CLAMAV_PRIVATE {
html_normalise_map;
cli_utf16toascii;
cli_malloc;
cli_memstr;
cli_strdup;
cli_realloc;
cli_max_calloc;
cli_max_malloc;
cli_max_realloc;
cli_safer_realloc;
cli_ctime;
tableCreate;
tableDestroy;

2
libclamav/line.c
Unescape View File

@ -70,7 +70,7 @@ line_t *
lineCreate(const char *data)
{
const size_t size = strlen(data);
line_t *ret = (line_t *)cli_malloc(size + 2);
line_t *ret = (line_t *)cli_max_malloc(size + 2);
if (ret == NULL) {
cli_errmsg("lineCreate: Unable to allocate memory for ret\n");

2
libclamav/lzma_iface.c
Unescape View File

@ -41,7 +41,7 @@ void *__lzma_wrap_alloc(void *unused, size_t size)
return NULL;
}
return cli_calloc(1, size);
return cli_max_calloc(1, size);
}
void __lzma_wrap_free(void *unused, void *freeme)
{

4
libclamav/lzw/lzwdec.c
Unescape View File

@ -172,7 +172,7 @@ int lzwInit(lzw_streamp strm)
state->nextbits = 0;
/* dictionary setup */
state->dec_codetab = cli_calloc(CSIZE, sizeof(code_t));
state->dec_codetab = cli_max_calloc(CSIZE, sizeof(code_t));
if (state->dec_codetab == NULL) {
free(state);
strm->msg = "failed to allocate code table";
@ -431,7 +431,7 @@ static void code_print(code_t *code)
uint8_t *string;
int i = 0;
string = cli_calloc(code->length + 1, sizeof(uint8_t));
string = cli_max_calloc(code->length + 1, sizeof(uint8_t));
if (!string)
return;

2
libclamav/macho.c
Unescape View File

@ -375,7 +375,7 @@ cl_error_t cli_scanmacho(cli_ctx *ctx, struct cli_exe_info *fileinfo)
cli_dbgmsg("MACHO: ------------------\n");
continue;
}
sections = (struct cli_exe_section *)cli_realloc2(sections, (sect + nsects) * sizeof(struct cli_exe_section));
sections = (struct cli_exe_section *)cli_max_realloc2(sections, (sect + nsects) * sizeof(struct cli_exe_section));
if (!sections) {
cli_errmsg("cli_scanmacho: Can't allocate memory for 'sections'\n");
return CL_EMEM;

38
libclamav/matcher-ac.c
Unescape View File

@ -1412,7 +1412,7 @@ cl_error_t cli_ac_initdata(struct cli_ac_data *data, uint32_t partsigs, uint32_t
data->reloffsigs = reloffsigs;
if (reloffsigs) {
data->offset = (uint32_t *)cli_malloc(reloffsigs * 2 * sizeof(uint32_t));
data->offset = (uint32_t *)cli_max_malloc(reloffsigs * 2 * sizeof(uint32_t));
if (!data->offset) {
cli_errmsg("cli_ac_init: Can't allocate memory for data->offset\n");
return CL_EMEM;
@ -1423,7 +1423,7 @@ cl_error_t cli_ac_initdata(struct cli_ac_data *data, uint32_t partsigs, uint32_t
data->partsigs = partsigs;
if (partsigs) {
data->offmatrix = (uint32_t ***)cli_calloc(partsigs, sizeof(uint32_t **));
data->offmatrix = (uint32_t ***)cli_max_calloc(partsigs, sizeof(uint32_t **));
if (!data->offmatrix) {
cli_errmsg("cli_ac_init: Can't allocate memory for data->offmatrix\n");
@ -1436,7 +1436,7 @@ cl_error_t cli_ac_initdata(struct cli_ac_data *data, uint32_t partsigs, uint32_t
data->lsigs = lsigs;
if (lsigs) {
data->lsigcnt = (uint32_t **)cli_malloc(lsigs * sizeof(uint32_t *));
data->lsigcnt = (uint32_t **)cli_max_malloc(lsigs * sizeof(uint32_t *));
if (!data->lsigcnt) {
if (partsigs)
free(data->offmatrix);
@ -1447,7 +1447,7 @@ cl_error_t cli_ac_initdata(struct cli_ac_data *data, uint32_t partsigs, uint32_t
cli_errmsg("cli_ac_init: Can't allocate memory for data->lsigcnt\n");
return CL_EMEM;
}
data->lsigcnt[0] = (uint32_t *)cli_calloc(lsigs * 64, sizeof(uint32_t));
data->lsigcnt[0] = (uint32_t *)cli_max_calloc(lsigs * 64, sizeof(uint32_t));
if (!data->lsigcnt[0]) {
free(data->lsigcnt);
if (partsigs)
@ -1461,7 +1461,7 @@ cl_error_t cli_ac_initdata(struct cli_ac_data *data, uint32_t partsigs, uint32_t
}
for (i = 1; i < lsigs; i++)
data->lsigcnt[i] = data->lsigcnt[0] + 64 * i;
data->yr_matches = (uint8_t *)cli_calloc(lsigs, sizeof(uint8_t));
data->yr_matches = (uint8_t *)cli_max_calloc(lsigs, sizeof(uint8_t));
if (data->yr_matches == NULL) {
free(data->lsigcnt[0]);
free(data->lsigcnt);
@ -1474,7 +1474,7 @@ cl_error_t cli_ac_initdata(struct cli_ac_data *data, uint32_t partsigs, uint32_t
}
/* subsig offsets */
data->lsig_matches = (struct cli_lsig_matches **)cli_calloc(lsigs, sizeof(struct cli_lsig_matches *));
data->lsig_matches = (struct cli_lsig_matches **)cli_max_calloc(lsigs, sizeof(struct cli_lsig_matches *));
if (!data->lsig_matches) {
free(data->yr_matches);
free(data->lsigcnt[0]);
@ -1488,8 +1488,8 @@ cl_error_t cli_ac_initdata(struct cli_ac_data *data, uint32_t partsigs, uint32_t
cli_errmsg("cli_ac_init: Can't allocate memory for data->lsig_matches\n");
return CL_EMEM;
}
data->lsigsuboff_last = (uint32_t **)cli_malloc(lsigs * sizeof(uint32_t *));
data->lsigsuboff_first = (uint32_t **)cli_malloc(lsigs * sizeof(uint32_t *));
data->lsigsuboff_last = (uint32_t **)cli_max_malloc(lsigs * sizeof(uint32_t *));
data->lsigsuboff_first = (uint32_t **)cli_max_malloc(lsigs * sizeof(uint32_t *));
if (!data->lsigsuboff_last || !data->lsigsuboff_first) {
free(data->lsig_matches);
free(data->lsigsuboff_last);
@ -1506,8 +1506,8 @@ cl_error_t cli_ac_initdata(struct cli_ac_data *data, uint32_t partsigs, uint32_t
cli_errmsg("cli_ac_init: Can't allocate memory for data->lsigsuboff_(last|first)\n");
return CL_EMEM;
}
data->lsigsuboff_last[0] = (uint32_t *)cli_calloc(lsigs * 64, sizeof(uint32_t));
data->lsigsuboff_first[0] = (uint32_t *)cli_calloc(lsigs * 64, sizeof(uint32_t));
data->lsigsuboff_last[0] = (uint32_t *)cli_max_calloc(lsigs * 64, sizeof(uint32_t));
data->lsigsuboff_first[0] = (uint32_t *)cli_max_calloc(lsigs * 64, sizeof(uint32_t));
if (!data->lsigsuboff_last[0] || !data->lsigsuboff_first[0]) {
free(data->lsig_matches);
free(data->lsigsuboff_last[0]);
@ -1704,10 +1704,10 @@ cl_error_t lsig_sub_matched(const struct cli_matcher *root, struct cli_ac_data *
ls_matches = mdata->lsig_matches[lsig_id];
if (ls_matches == NULL) { /* allocate cli_lsig_matches */
ls_matches = mdata->lsig_matches[lsig_id] = (struct cli_lsig_matches *)cli_calloc(1, sizeof(struct cli_lsig_matches) +
ls_matches = mdata->lsig_matches[lsig_id] = (struct cli_lsig_matches *)cli_max_calloc(1, sizeof(struct cli_lsig_matches) +
(ac_lsig->tdb.subsigs - 1) * sizeof(struct cli_subsig_matches *));
if (ls_matches == NULL) {
cli_errmsg("lsig_sub_matched: cli_calloc failed for cli_lsig_matches\n");
cli_errmsg("lsig_sub_matched: cli_max_calloc failed for cli_lsig_matches\n");
return CL_EMEM;
}
ls_matches->subsigs = ac_lsig->tdb.subsigs;
@ -1716,16 +1716,16 @@ cl_error_t lsig_sub_matched(const struct cli_matcher *root, struct cli_ac_data *
if (ss_matches == NULL) { /* allocate cli_subsig_matches */
ss_matches = ls_matches->matches[subsig_id] = malloc(sizeof(struct cli_subsig_matches));
if (ss_matches == NULL) {
cli_errmsg("lsig_sub_matched: cli_malloc failed for cli_subsig_matches struct\n");
cli_errmsg("lsig_sub_matched: cli_max_malloc failed for cli_subsig_matches struct\n");
return CL_EMEM;
}
ss_matches->next = 0;
ss_matches->last = sizeof(ss_matches->offsets) / sizeof(uint32_t) - 1;
}
if (ss_matches->next > ss_matches->last) { /* cli_matches out of space? realloc */
ss_matches = ls_matches->matches[subsig_id] = cli_realloc(ss_matches, sizeof(struct cli_subsig_matches) + sizeof(uint32_t) * ss_matches->last * 2);
ss_matches = ls_matches->matches[subsig_id] = cli_max_realloc(ss_matches, sizeof(struct cli_subsig_matches) + sizeof(uint32_t) * ss_matches->last * 2);
if (ss_matches == NULL) {
cli_errmsg("lsig_sub_matched: cli_realloc failed for cli_subsig_matches struct\n");
cli_errmsg("lsig_sub_matched: cli_max_realloc failed for cli_subsig_matches struct\n");
return CL_EMEM;
}
ss_matches->last = sizeof(ss_matches->offsets) / sizeof(uint32_t) + ss_matches->last * 2 - 1;
@ -1926,13 +1926,13 @@ cl_error_t cli_ac_scanbuff(
/* sparsely populated matrix, so allocate and initialize if NULL */
if (!mdata->offmatrix[pt->sigid - 1]) {
mdata->offmatrix[pt->sigid - 1] = cli_malloc(pt->parts * sizeof(int32_t *));
mdata->offmatrix[pt->sigid - 1] = cli_max_malloc(pt->parts * sizeof(int32_t *));
if (!mdata->offmatrix[pt->sigid - 1]) {
cli_errmsg("cli_ac_scanbuff: Can't allocate memory for mdata->offmatrix[%u]\n", pt->sigid - 1);
return CL_EMEM;
}
mdata->offmatrix[pt->sigid - 1][0] = cli_malloc(pt->parts * (CLI_DEFAULT_AC_TRACKLEN + 2) * sizeof(uint32_t));
mdata->offmatrix[pt->sigid - 1][0] = cli_max_malloc(pt->parts * (CLI_DEFAULT_AC_TRACKLEN + 2) * sizeof(uint32_t));
if (!mdata->offmatrix[pt->sigid - 1][0]) {
cli_errmsg("cli_ac_scanbuff: Can't allocate memory for mdata->offmatrix[%u][0]\n", pt->sigid - 1);
free(mdata->offmatrix[pt->sigid - 1]);
@ -2589,7 +2589,7 @@ inline static int ac_special_altstr(const char *hexpr, uint8_t sigopts, struct c
special->type = AC_SPECIAL_ALT_STR;
/* allocate reusable subexpr */
if (!(subexpr = cli_calloc(slen + 1, sizeof(char)))) {
if (!(subexpr = cli_max_calloc(slen + 1, sizeof(char)))) {
cli_errmsg("ac_special_altstr: Can't allocate subexpr container\n");
free(hexprcpy);
return CL_EMEM;
@ -2751,7 +2751,7 @@ cl_error_t cli_ac_addsig(struct cli_matcher *root, const char *virname, const ch
}
hexnewsz = strlen(hexsig) + 1;
if (!(hexnew = (char *)cli_calloc(1, hexnewsz))) {
if (!(hexnew = (char *)cli_max_calloc(1, hexnewsz))) {
MPOOL_FREE(root->mempool, new);
free(hexcpy);
return CL_EMEM;

4
libclamav/matcher-bm.c
Unescape View File

@ -168,12 +168,12 @@ cl_error_t cli_bm_initoff(const struct cli_matcher *root, struct cli_bm_off *dat
}
data->cnt = data->pos = 0;
data->offtab = (uint32_t *)cli_malloc(root->bm_patterns * sizeof(uint32_t));
data->offtab = (uint32_t *)cli_max_malloc(root->bm_patterns * sizeof(uint32_t));
if (!data->offtab) {
cli_errmsg("cli_bm_initoff: Can't allocate memory for data->offtab\n");
return CL_EMEM;
}
data->offset = (uint32_t *)cli_malloc(root->bm_patterns * sizeof(uint32_t));
data->offset = (uint32_t *)cli_max_malloc(root->bm_patterns * sizeof(uint32_t));
if (!data->offset) {
cli_errmsg("cli_bm_initoff: Can't allocate memory for data->offset\n");
free(data->offtab);

6
libclamav/matcher-byte-comp.c
Unescape View File

@ -894,7 +894,7 @@ unsigned char *cli_bcomp_normalize_buffer(const unsigned char *buffer, uint32_t
}
/* keep in mind byte_len is a stack variable so this won't change byte_len in our calling functioning */
byte_len = byte_len - pad;
tmp_buffer = cli_calloc(byte_len + 1, sizeof(char));
tmp_buffer = cli_max_calloc(byte_len + 1, sizeof(char));
if (NULL == tmp_buffer) {
cli_errmsg("cli_bcomp_compare_check: unable to allocate memory for whitespace normalized temp buffer\n");
return NULL;
@ -912,13 +912,13 @@ unsigned char *cli_bcomp_normalize_buffer(const unsigned char *buffer, uint32_t
if (opt_val & CLI_BCOMP_HEX || opt_val & CLI_BCOMP_AUTO) {
unsigned char *hex_buffer;
norm_len = (byte_len % 2) == 0 ? byte_len : byte_len + 1;
tmp_buffer = cli_calloc(norm_len + 1, sizeof(char));
tmp_buffer = cli_max_calloc(norm_len + 1, sizeof(char));
if (NULL == tmp_buffer) {
cli_errmsg("cli_bcomp_compare_check: unable to allocate memory for normalized temp buffer\n");
return NULL;
}
hex_buffer = cli_calloc(norm_len + 1, sizeof(char));
hex_buffer = cli_max_calloc(norm_len + 1, sizeof(char));
if (NULL == hex_buffer) {
free(tmp_buffer);
cli_errmsg("cli_bcomp_compare_check: unable to reallocate memory for hex buffer\n");

4
libclamav/matcher-pcre.c
Unescape View File

@ -471,12 +471,12 @@ cl_error_t cli_pcre_recaloff(struct cli_matcher *root, struct cli_pcre_off *data
}
/* allocate data structures */
data->shift = (uint32_t *)cli_calloc(root->pcre_metas, sizeof(uint32_t));
data->shift = (uint32_t *)cli_max_calloc(root->pcre_metas, sizeof(uint32_t));
if (!data->shift) {
cli_errmsg("cli_pcre_initoff: cannot allocate memory for data->shift\n");
return CL_EMEM;
}
data->offset = (uint32_t *)cli_calloc(root->pcre_metas, sizeof(uint32_t));
data->offset = (uint32_t *)cli_max_calloc(root->pcre_metas, sizeof(uint32_t));
if (!data->offset) {
cli_errmsg("cli_pcre_initoff: cannot allocate memory for data->offset\n");
free(data->shift);

18
libclamav/mbox.c
Unescape View File

@ -654,7 +654,7 @@ getMallocedBufferFromList(const ReadStruct *head)
rs = rs->next;
}
CLI_MALLOC(working, bufferLen);
CLI_MAX_MALLOC(working, bufferLen);
rs = head;
bufferLen = 0;
@ -1230,7 +1230,7 @@ parseEmailHeaders(message *m, const table_t *rfc821, bool *heuristicFound)
fulllinelength = strlen(line) + 1;
} else if (line) {
fulllinelength += strlen(line) + 1;
ptr = cli_realloc(fullline, fulllinelength);
ptr = cli_max_realloc(fullline, fulllinelength);
if (ptr == NULL)
continue;
fullline = ptr;
@ -1875,7 +1875,7 @@ parseEmailBody(message *messageIn, text *textIn, mbox_ctx *mctx, unsigned int re
message **m;
mbox_status old_rc;
m = cli_realloc(messages, ((multiparts + 1) * sizeof(message *)));
m = cli_max_realloc(messages, ((multiparts + 1) * sizeof(message *)));
if (m == NULL)
break;
messages = m;
@ -2091,7 +2091,7 @@ parseEmailBody(message *messageIn, text *textIn, mbox_ctx *mctx, unsigned int re
}
datasz = strlen(fullline) + strlen(data) + 1;
ptr = cli_realloc(fullline, datasz);
ptr = cli_max_realloc(fullline, datasz);
if (ptr == NULL)
break;
@ -3199,7 +3199,7 @@ parseMimeHeader(message *m, const char *cmd, const table_t *rfc821Table, const c
else {
int i;
buf = cli_malloc(strlen(ptr) + 1);
buf = cli_max_malloc(strlen(ptr) + 1);
if (buf == NULL) {
cli_errmsg("parseMimeHeader: Unable to allocate memory for buf %llu\n", (long long unsigned)(strlen(ptr) + 1));
if (copy)
@ -3312,7 +3312,7 @@ parseMimeHeader(message *m, const char *cmd, const table_t *rfc821Table, const c
messageSetEncoding(m, ptr);
break;
case CONTENT_DISPOSITION:
buf = cli_malloc(strlen(ptr) + 1);
buf = cli_max_malloc(strlen(ptr) + 1);
if (buf == NULL) {
cli_errmsg("parseMimeHeader: Unable to allocate memory for buf %llu\n", (long long unsigned)(strlen(ptr) + 1));
if (copy)
@ -3392,7 +3392,7 @@ rfc822comments(const char *in, char *out)
}
if (out == NULL) {
out = cli_malloc(strlen(in) + 1);
out = cli_max_malloc(strlen(in) + 1);
if (out == NULL) {
cli_errmsg("rfc822comments: Unable to allocate memory for out %llu\n", (long long unsigned)(strlen(in) + 1));
return NULL;
@ -3460,7 +3460,7 @@ rfc2047(const char *in)
return cli_strdup(in);
cli_dbgmsg("rfc2047 '%s'\n", in);
out = cli_malloc(strlen(in) + 1);
out = cli_max_malloc(strlen(in) + 1);
if (out == NULL) {
cli_errmsg("rfc2047: Unable to allocate memory for out %llu\n", (long long unsigned)(strlen(in) + 1));
@ -3631,7 +3631,7 @@ rfc1341(mbox_ctx *mctx, message *m)
oldfilename = messageGetFilename(m);
arg = cli_malloc(10 + strlen(id) + strlen(number));
arg = cli_max_malloc(10 + strlen(id) + strlen(number));
if (arg) {
sprintf(arg, "filename=%s%s", id, number);
messageAddArgument(m, arg);

14
libclamav/message.c
Unescape View File

@ -430,7 +430,7 @@ void messageAddArgument(message *m, const char *arg)
char **q;
m->numberOfArguments++;
q = (char **)cli_realloc(m->mimeArguments, m->numberOfArguments * sizeof(char *));
q = (char **)cli_max_realloc(m->mimeArguments, m->numberOfArguments * sizeof(char *));
if (q == NULL) {
m->numberOfArguments--;
return;
@ -613,7 +613,7 @@ void messageAddArguments(message *m, const char *s)
*ptr = '\0';
datasz = strlen(kcopy) + strlen(data) + 2;
field = cli_realloc(kcopy, strlen(kcopy) + strlen(data) + 2);
field = cli_max_realloc(kcopy, strlen(kcopy) + strlen(data) + 2);
if (field) {
cli_strlcat(field, "=", datasz);
cli_strlcat(field, data, datasz);
@ -637,7 +637,7 @@ void messageAddArguments(message *m, const char *s)
string++;
len = (size_t)string - (size_t)key + 1;
field = cli_malloc(len);
field = cli_max_malloc(len);
if (field) {
memcpy(field, key, len - 1);
@ -857,7 +857,7 @@ void messageSetEncoding(message *m, const char *enctype)
break;
}
et = (encoding_type *)cli_realloc(m->encodingTypes, (m->numberOfEncTypes + 1) * sizeof(encoding_type));
et = (encoding_type *)cli_max_realloc(m->encodingTypes, (m->numberOfEncTypes + 1) * sizeof(encoding_type));
if (et == NULL)
break;
@ -1375,7 +1375,7 @@ messageExport(message *m, const char *dir, void *(*create)(void), void (*destroy
datasize = (line) ? strlen(line) + 2 : 0;
if (datasize >= sizeof(smallbuf)) {
data = bigbuf = (unsigned char *)cli_malloc(datasize);
data = bigbuf = (unsigned char *)cli_max_malloc(datasize);
if (NULL == data) {
cli_dbgmsg("Failed to allocate data buffer of size %zu\n", datasize);
break;
@ -2338,7 +2338,7 @@ rfc2231(const char *in)
char *p;
/* Don't handle continuations, decode what we can */
p = ret = cli_malloc(strlen(in) + 16);
p = ret = cli_max_malloc(strlen(in) + 16);
if (ret == NULL) {
cli_errmsg("rfc2331: out of memory, unable to proceed\n");
return NULL;
@ -2394,7 +2394,7 @@ rfc2231(const char *in)
cli_dbgmsg("rfc2231 '%s'\n", in);
ret = cli_malloc(strlen(in) + 1);
ret = cli_max_malloc(strlen(in) + 1);
if (ret == NULL) {
cli_errmsg("rfc2331: out of memory for ret\n");

2
libclamav/mew.c
Unescape View File

@ -845,7 +845,7 @@ int unmew11(char *src, uint32_t off, uint32_t ssize, uint32_t dsize, uint32_t ba
return -1;
}
if (!(newsect = cli_realloc(section, (i + 2) * sizeof(struct cli_exe_section)))) {
if (!(newsect = cli_max_realloc(section, (i + 2) * sizeof(struct cli_exe_section)))) {
cli_dbgmsg("MEW: Out of memory\n");
free(section);
return -1;

4
libclamav/mpool.h
Unescape View File

@ -69,8 +69,8 @@ typedef void mpool_t;
#define MPOOL_MALLOC(a, b) malloc(b)
#define MPOOL_FREE(a, b) free(b)
#define MPOOL_CALLOC(a, b, c) calloc(b, c)
#define MPOOL_REALLOC(a, b, c) cli_realloc(b, c)
#define MPOOL_REALLOC2(a, b, c) cli_realloc2(b, c)
#define MPOOL_REALLOC(a, b, c) cli_safer_realloc(b, c)
#define MPOOL_REALLOC2(a, b, c) cli_safer_realloc2(b, c)
#define CLI_MPOOL_HEX2STR(mpool, src) cli_hex2str(src)
#define CLI_MPOOL_STRDUP(mpool, s) cli_strdup(s)
#define CLI_MPOOL_STRNDUP(mpool, s, n) cli_strdup(s, n)

12
libclamav/msdoc.c
Unescape View File

@ -80,7 +80,7 @@ ole2_convert_utf(summary_ctx_t *sctx, char *begin, size_t sz, const char *encodi
char *track;
size_t bcnt, scnt;
outbuf = cli_calloc(1, sz + 1);
outbuf = cli_max_calloc(1, sz + 1);
if (!(outbuf))
return NULL;
memcpy(outbuf, begin, sz);
@ -110,7 +110,7 @@ ole2_convert_utf(summary_ctx_t *sctx, char *begin, size_t sz, const char *encodi
}
#if HAVE_ICONV
p1 = buf = cli_calloc(1, sz);
p1 = buf = cli_max_calloc(1, sz);
if (!(buf))
return NULL;
@ -147,8 +147,8 @@ ole2_convert_utf(summary_ctx_t *sctx, char *begin, size_t sz, const char *encodi
for (attempt = 1; attempt <= 3; ++attempt) {
/* charset to UTF-8 should never exceed sz*6 */
sz2 = (attempt * 2) * sz;
/* use cli_realloc, reuse the buffer that has already been translated */
outbuf = (char *)cli_realloc(outbuf, sz2 + 1);
/* use cli_max_realloc, reuse the buffer that has already been translated */
outbuf = (char *)cli_max_realloc(outbuf, sz2 + 1);
if (!outbuf) {
free(buf);
iconv_close(cd);
@ -428,7 +428,7 @@ ole2_process_property(summary_ctx_t *sctx, unsigned char *databuf, uint32_t offs
strsize = PROPSTRLIMIT;
}
outstr = cli_calloc(strsize + 1, 1); /* last char must be NULL */
outstr = cli_max_calloc(strsize + 1, 1); /* last char must be NULL */
if (!outstr) {
return CL_EMEM;
}
@ -487,7 +487,7 @@ ole2_process_property(summary_ctx_t *sctx, unsigned char *databuf, uint32_t offs
sctx->flags |= OLE2_SUMMARY_ERROR_OOB;
return CL_EFORMAT;
}
outstr = cli_calloc(strsize + 2, 1); /* last two chars must be NULL */
outstr = cli_max_calloc(strsize + 2, 1); /* last two chars must be NULL */
if (!outstr) {
return CL_EMEM;
}

2
libclamav/nsis/bzlib.c
Unescape View File

@ -990,7 +990,7 @@ int bz_config_ok ( void )
static
void* default_bzalloc ( void* opaque, Int32 items, Int32 size )
{
void* v = cli_malloc ( items * size );
void* v = cli_max_malloc ( items * size );
UNUSEDPARAM(opaque);
return v;
}

20
libclamav/ole2_extract.c
Unescape View File

@ -256,7 +256,7 @@ cli_ole2_get_property_name2(const char *name, int size)
if ((name[0] == 0 && name[1] == 0) || size <= 0 || size > 128) {
return NULL;
}
CLI_MALLOC(newname, size * 7,
CLI_MAX_MALLOC(newname, size * 7,
cli_errmsg("OLE2 [cli_ole2_get_property_name2]: Unable to allocate memory for newname: %u\n", size * 7));
j = 0;
@ -304,7 +304,7 @@ get_property_name(char *name, int size)
return NULL;
}
CLI_MALLOC(newname, size,
CLI_MAX_MALLOC(newname, size,
cli_errmsg("OLE2 [get_property_name]: Unable to allocate memory for newname %u\n", size));
cname = newname;
@ -778,7 +778,7 @@ static int ole2_walk_property_tree(ole2_header_t *hdr, const char *dir, int32_t
}
}
#endif
dirname = (char *)cli_malloc(strlen(dir) + 8);
dirname = (char *)cli_max_malloc(strlen(dir) + 8);
if (!dirname) {
ole2_listmsg("OLE2: malloc failed for dirname\n");
ole2_list_delete(&node_list);
@ -888,7 +888,7 @@ static cl_error_t handler_writefile(ole2_header_t *hdr, property_t *prop, const
current_block = prop->start_block;
len = prop->size;
CLI_MALLOC(buff, 1 << hdr->log2_big_block_size,
CLI_MAX_MALLOC(buff, 1 << hdr->log2_big_block_size,
cli_errmsg("OLE2 [handler_writefile]: Unable to allocate memory for buff: %u\n", 1 << hdr->log2_big_block_size);
ret = CL_EMEM);
@ -1157,7 +1157,7 @@ static cl_error_t scan_for_xlm_macros_and_images(ole2_header_t *hdr, property_t
current_block = prop->start_block;
len = prop->size;
CLI_MALLOC(buff, 1 << hdr->log2_big_block_size,
CLI_MAX_MALLOC(buff, 1 << hdr->log2_big_block_size,
cli_errmsg("OLE2 [scan_for_xlm_macros_and_images]: Unable to allocate memory for buff: %u\n", 1 << hdr->log2_big_block_size);
status = CL_EMEM);
@ -1282,7 +1282,7 @@ static cl_error_t handler_enum(ole2_header_t *hdr, property_t *prop, const char
}
if (name) {
if (!strcmp(name, "fileheader")) {
CLI_CALLOC(hwp_check, 1, 1 << hdr->log2_big_block_size, status = CL_EMEM);
CLI_MAX_CALLOC(hwp_check, 1, 1 << hdr->log2_big_block_size, status = CL_EMEM);
/* reading safety checks; do-while used for breaks */
do {
@ -1567,7 +1567,7 @@ static cl_error_t handler_otf(ole2_header_t *hdr, property_t *prop, const char *
cli_dbgmsg("OLE2 [handler_otf]: Dumping '%s' to '%s'\n", name, tempfile);
}
CLI_MALLOC(buff, 1 << hdr->log2_big_block_size, ret = CL_EMEM);
CLI_MAX_MALLOC(buff, 1 << hdr->log2_big_block_size, ret = CL_EMEM);
blk_bitset = cli_bitset_init();
if (!blk_bitset) {
@ -1746,7 +1746,7 @@ static cl_error_t handler_otf_encrypted(ole2_header_t *hdr, property_t *prop, co
goto done;
}
CLI_MALLOC(rk, RKLENGTH(key->key_length_bits) * sizeof(uint64_t), ret = CL_EMEM);
CLI_MAX_MALLOC(rk, RKLENGTH(key->key_length_bits) * sizeof(uint64_t), ret = CL_EMEM);
print_ole2_property(prop);
@ -1774,8 +1774,8 @@ static cl_error_t handler_otf_encrypted(ole2_header_t *hdr, property_t *prop, co
}
uint32_t blockSize = 1 << hdr->log2_big_block_size;
CLI_MALLOC(buff, blockSize + sizeof(uint64_t), ret = CL_EMEM);
CLI_MALLOC(decryptDst, blockSize, ret = CL_EMEM);
CLI_MAX_MALLOC(buff, blockSize + sizeof(uint64_t), ret = CL_EMEM);
CLI_MAX_MALLOC(decryptDst, blockSize, ret = CL_EMEM);
blk_bitset = cli_bitset_init();
if (!blk_bitset) {

12
libclamav/others.c
Unescape View File

@ -539,7 +539,7 @@ struct cl_engine *cl_engine_new(void)
}
/* Set up default stats/intel gathering callbacks */
intel = cli_calloc(1, sizeof(cli_intel_t));
intel = cli_max_calloc(1, sizeof(cli_intel_t));
if ((intel)) {
#ifdef CL_THREAD_SAFE
if (pthread_mutex_init(&(intel->mutex), NULL)) {
@ -1279,7 +1279,7 @@ char *cli_hashstream(FILE *fs, unsigned char *digcpy, int type)
cl_finish_hash(ctx, digest);
if (!(hashstr = (char *)cli_calloc(size * 2 + 1, sizeof(char))))
if (!(hashstr = (char *)cli_max_calloc(size * 2 + 1, sizeof(char))))
return NULL;
pt = hashstr;
@ -1696,7 +1696,7 @@ int cli_rmdirs(const char *name)
if (strcmp(dent->d_name, "..") == 0)
continue;
path = cli_malloc(strlen(name) + strlen(dent->d_name) + 2);
path = cli_max_malloc(strlen(name) + strlen(dent->d_name) + 2);
if (path == NULL) {
cli_errmsg("cli_rmdirs: Unable to allocate memory for path %u\n", strlen(name) + strlen(dent->d_name) + 2);
@ -1742,7 +1742,7 @@ int cli_rmdirs(const char *dirname)
while ((dent = readdir(dd))) {
if (dent->d_ino) {
if (strcmp(dent->d_name, ".") && strcmp(dent->d_name, "..")) {
path = cli_malloc(strlen(dirname) + strlen(dent->d_name) + 2);
path = cli_max_malloc(strlen(dirname) + strlen(dent->d_name) + 2);
if (!path) {
cli_errmsg("cli_rmdirs: Unable to allocate memory for path %llu\n", (long long unsigned)(strlen(dirname) + strlen(dent->d_name) + 2));
closedir(dd);
@ -1820,7 +1820,7 @@ bitset_t *cli_bitset_init(void)
return NULL;
}
bs->length = BITSET_DEFAULT_SIZE;
bs->bitset = cli_calloc(BITSET_DEFAULT_SIZE, 1);
bs->bitset = cli_max_calloc(BITSET_DEFAULT_SIZE, 1);
if (!bs->bitset) {
cli_errmsg("cli_bitset_init: Unable to allocate memory for bs->bitset %u\n", BITSET_DEFAULT_SIZE);
free(bs);
@ -1846,7 +1846,7 @@ static bitset_t *bitset_realloc(bitset_t *bs, unsigned long min_size)
unsigned char *new_bitset;
new_length = nearest_power(min_size);
new_bitset = (unsigned char *)cli_realloc(bs->bitset, new_length);
new_bitset = (unsigned char *)cli_max_realloc(bs->bitset, new_length);
if (!new_bitset) {
return NULL;
}

123
libclamav/others.h
Unescape View File

@ -938,13 +938,32 @@ static inline int cli_getpagesize(void)
#endif /* HAVE_SYSCONF_SC_PAGESIZE */
#endif /* _WIN32 */
void *cli_malloc(size_t nmemb);
void *cli_calloc(size_t nmemb, size_t size);
/**
* @brief Wrapper around malloc that limits how much may be allocated to CLI_MAX_ALLOCATION.
*
* Please use CLI_MAX_MALLOC() with `goto done;` error handling instead.
*
* @param ptr
* @param size
* @return void*
*/
void *cli_max_malloc(size_t nmemb);
/**
* @brief Wrapper around Calloc that limits how much may be allocated to CLI_MAX_ALLOCATION.
*
* Please use CLI_MAX_CALLOC() with `goto done;` error handling instead.
*
* @param ptr
* @param size
* @return void*
*/
void *cli_max_calloc(size_t nmemb, size_t size);
/**
* @brief Wrapper around realloc that limits how much may be allocated to CLI_MAX_ALLOCATION.
*
* Please use CLI_REALLOC() with `goto done;` error handling instead.
* Please use CLI_MAX_REALLOC() with `goto done;` error handling instead.
*
* IMPORTANT: This differs from realloc() in that if size==0, it will NOT free the ptr.
*
@ -952,23 +971,52 @@ void *cli_calloc(size_t nmemb, size_t size);
* @param size
* @return void*
*/
void *cli_realloc(void *ptr, size_t size);
void *cli_max_realloc(void *ptr, size_t size);
/**
* @brief Wrapper around realloc that limits how much may be allocated to CLI_MAX_ALLOCATION.
*
* Please use CLI_REALLOC() with `goto done;` error handling instead.
* Please use CLI_MAX_REALLOC() with `goto done;` error handling instead.
*
* IMPORTANT: This differs from realloc() in that if size==0, it will NOT free the ptr.
*
* WARNING: This differs from cli_realloc() in that it will free the ptr if the allocation fails.
* WARNING: This differs from cli_max_realloc() in that it will free the ptr if the allocation fails.
* If you're using `goto done;` error handling, this may result in a double-free!!
*
* @param ptr
* @param size
* @return void*
*/
void *cli_realloc2(void *ptr, size_t size);
void *cli_max_realloc2(void *ptr, size_t size);
/**
* @brief Wrapper around realloc that, unlike some variants of realloc, will not free the ptr if size==0.
*
* Please use CLI_MAX_REALLOC() with `goto done;` error handling instead.
*
* IMPORTANT: This differs from realloc() in that if size==0, it will NOT free the ptr.
*
* @param ptr
* @param size
* @return void*
*/
void *cli_safer_realloc(void *ptr, size_t size);
/**
* @brief Wrapper around realloc that, unlike some variants of realloc, will not free the ptr if size==0.
*
* Please use CLI_SAFER_REALLOC() with `goto done;` error handling instead.
*
* IMPORTANT: This differs from realloc() in that if size==0, it will NOT free the ptr.
*
* WARNING: This differs from cli_safer_realloc() in that it will free the ptr if the allocation fails.
* If you're using `goto done;` error handling, this may result in a double-free!!
*
* @param ptr
* @param size
* @return void*
*/
void *cli_safer_realloc2(void *ptr, size_t size);
char *cli_strdup(const char *s);
int cli_rmdirs(const char *dirname);
@ -1292,10 +1340,10 @@ uint8_t cli_set_debug_flag(uint8_t debug_flag);
} while (0)
#endif
#ifndef CLI_MALLOC
#define CLI_MALLOC(var, size, ...) \
#ifndef CLI_MAX_MALLOC
#define CLI_MAX_MALLOC(var, size, ...) \
do { \
var = cli_malloc(size); \
var = cli_max_malloc(size); \
if (NULL == var) { \
do { \
__VA_ARGS__; \
@ -1318,10 +1366,10 @@ uint8_t cli_set_debug_flag(uint8_t debug_flag);
} while (0)
#endif
#ifndef CLI_CALLOC
#define CLI_CALLOC(var, nmemb, size, ...) \
#ifndef CLI_MAX_CALLOC
#define CLI_MAX_CALLOC(var, nmemb, size, ...) \
do { \
(var) = cli_calloc(nmemb, size); \
(var) = cli_max_calloc(nmemb, size); \
if (NULL == var) { \
do { \
__VA_ARGS__; \
@ -1348,23 +1396,48 @@ uint8_t cli_set_debug_flag(uint8_t debug_flag);
*
* IMPORTANT: This differs from realloc() in that if size==0, it will NOT free the ptr.
*
* NOTE: cli_realloc() will NOT free ptr if size==0. It is safe to free ptr after `done:`.
* NOTE: cli_max_realloc() will NOT free ptr if size==0. It is safe to free ptr after `done:`.
*
* @param ptr
* @param size
* @return void*
*/
#ifndef CLI_MAX_REALLOC
#define CLI_MAX_REALLOC(ptr, size, ...) \
do { \
void *vTmp = cli_max_realloc(ptr, size); \
if (NULL == vTmp) { \
do { \
__VA_ARGS__; \
} while (0); \
goto done; \
} \
ptr = vTmp; \
} while (0)
#endif
/**
* @brief Wrapper around realloc that, unlike some variants of realloc, will not free the ptr if size==0.
*
* IMPORTANT: This differs from realloc() in that if size==0, it will NOT free the ptr.
*
* NOTE: cli_safer_realloc() will NOT free ptr if size==0. It is safe to free ptr after `done:`.
*
* @param ptr
* @param size
* @return void*
*/
#ifndef CLI_REALLOC
#define CLI_REALLOC(ptr, size, ...) \
do { \
void *vTmp = cli_realloc(ptr, size); \
if (NULL == vTmp) { \
do { \
__VA_ARGS__; \
} while (0); \
goto done; \
} \
ptr = vTmp; \
#ifndef CLI_SAFER_REALLOC
#define CLI_SAFER_REALLOC(ptr, size, ...) \
do { \
void *vTmp = cli_safer_realloc(ptr, size); \
if (NULL == vTmp) { \
do { \
__VA_ARGS__; \
} while (0); \
goto done; \
} \
ptr = vTmp; \
} while (0)
#endif

110
libclamav/others_common.c
Unescape View File

@ -216,12 +216,12 @@ int cli_matchregex(const char *str, const char *regex)
return 0;
}
void *cli_malloc(size_t size)
void *cli_max_malloc(size_t size)
{
void *alloc;
if (!size || size > CLI_MAX_ALLOCATION) {
cli_warnmsg("cli_malloc(): File or section is too large to scan (%zu bytes). \
if (0 == size || size > CLI_MAX_ALLOCATION) {
cli_warnmsg("cli_max_malloc(): File or section is too large to scan (%zu bytes). \
For your safety, ClamAV limits how much memory an operation can allocate to %d bytes\n",
size, CLI_MAX_ALLOCATION);
return NULL;
@ -231,18 +231,19 @@ void *cli_malloc(size_t size)
if (!alloc) {
perror("malloc_problem");
cli_errmsg("cli_malloc(): Can't allocate memory (%zu bytes).\n", size);
cli_errmsg("cli_max_malloc(): Can't allocate memory (%zu bytes).\n", size);
return NULL;
} else
} else {
return alloc;
}
}
void *cli_calloc(size_t nmemb, size_t size)
void *cli_max_calloc(size_t nmemb, size_t size)
{
void *alloc;
if (!nmemb || !size || size > CLI_MAX_ALLOCATION || nmemb > CLI_MAX_ALLOCATION || (nmemb * size > CLI_MAX_ALLOCATION)) {
cli_warnmsg("cli_calloc2(): File or section is too large to scan (%zu bytes). \
if (!nmemb || 0 == size || size > CLI_MAX_ALLOCATION || nmemb > CLI_MAX_ALLOCATION || (nmemb * size > CLI_MAX_ALLOCATION)) {
cli_warnmsg("cli_max_calloc(): File or section is too large to scan (%zu bytes). \
For your safety, ClamAV limits how much memory an operation can allocate to %d bytes\n",
size, CLI_MAX_ALLOCATION);
return NULL;
@ -252,18 +253,65 @@ void *cli_calloc(size_t nmemb, size_t size)
if (!alloc) {
perror("calloc_problem");
cli_errmsg("cli_calloc(): Can't allocate memory (%zu bytes).\n", (nmemb * size));
cli_errmsg("cli_max_calloc(): Can't allocate memory (%lu bytes).\n", (unsigned long int)(nmemb * size));
return NULL;
} else {
return alloc;
}
}
void *cli_safer_realloc(void *ptr, size_t size)
{
void *alloc;
if (0 == size) {
cli_errmsg("cli_max_realloc(): Attempt to allocate 0 bytes. Please report to https://github.com/Cisco-Talos/clamav/issues\n");
return NULL;
}
alloc = realloc(ptr, size);
if (!alloc) {
perror("realloc_problem");
cli_errmsg("cli_max_realloc(): Can't re-allocate memory to %lu bytes.\n", (unsigned long int)size);
return NULL;
} else
} else {
return alloc;
}
}
void *cli_realloc(void *ptr, size_t size)
void *cli_safer_realloc2(void *ptr, size_t size)
{
void *alloc;
if (!size || size > CLI_MAX_ALLOCATION) {
cli_warnmsg("cli_realloc(): File or section is too large to scan (%zu bytes). \
if (0 == size) {
cli_errmsg("cli_max_realloc2(): Attempt to allocate 0 bytes. Please report to https://github.com/Cisco-Talos/clamav/issues\n");
return NULL;
}
alloc = realloc(ptr, size);
if (!alloc) {
perror("realloc_problem");
cli_errmsg("cli_max_realloc2(): Can't re-allocate memory to %lu bytes.\n", (unsigned long int)size);
// free the original pointer
if (ptr) {
free(ptr);
}
return NULL;
} else {
return alloc;
}
}
void *cli_max_realloc(void *ptr, size_t size)
{
void *alloc;
if (0 == size || size > CLI_MAX_ALLOCATION) {
cli_warnmsg("cli_max_realloc(): File or section is too large to scan (%zu bytes). \
For your safety, ClamAV limits how much memory an operation can allocate to %d bytes\n",
size, CLI_MAX_ALLOCATION);
return NULL;
@ -273,18 +321,19 @@ void *cli_realloc(void *ptr, size_t size)
if (!alloc) {
perror("realloc_problem");
cli_errmsg("cli_realloc(): Can't re-allocate memory to %zu bytes.\n", size);
cli_errmsg("cli_max_realloc(): Can't re-allocate memory to %zu bytes.\n", size);
return NULL;
} else
} else {
return alloc;
}
}
void *cli_realloc2(void *ptr, size_t size)
void *cli_max_realloc2(void *ptr, size_t size)
{
void *alloc;
if (!size || size > CLI_MAX_ALLOCATION) {
cli_warnmsg("cli_realloc2(): File or section is too large to scan (%zu bytes). \
if (0 == size || size > CLI_MAX_ALLOCATION) {
cli_warnmsg("cli_max_realloc2(): File or section is too large to scan (%zu bytes). \
For your safety, ClamAV limits how much memory an operation can allocate to %d bytes\n",
size, CLI_MAX_ALLOCATION);
return NULL;
@ -294,12 +343,17 @@ void *cli_realloc2(void *ptr, size_t size)
if (!alloc) {
perror("realloc_problem");
cli_errmsg("cli_realloc2(): Can't re-allocate memory to %zu bytes.\n", size);
if (ptr)
cli_errmsg("cli_max_realloc2(): Can't re-allocate memory to %zu bytes.\n", size);
// free the original pointer
if (ptr) {
free(ptr);
}
return NULL;
} else
} else {
return alloc;
}
}
char *cli_strdup(const char *s)
@ -826,7 +880,7 @@ static cl_error_t cli_ftw_dir(const char *dirname, int flags, int maxdepth, cli_
#else
ft = ft_unknown;
#endif
fname = (char *)cli_malloc(strlen(dirname) + strlen(dent->d_name) + 2);
fname = (char *)cli_max_malloc(strlen(dirname) + strlen(dent->d_name) + 2);
if (!fname) {
ret = callback(NULL, NULL, dirname, error_mem, data);
if (ret != CL_SUCCESS)
@ -873,7 +927,7 @@ static cl_error_t cli_ftw_dir(const char *dirname, int flags, int maxdepth, cli_
}
entries_cnt++;
entries = cli_realloc(entries, entries_cnt * sizeof(*entries));
entries = cli_max_realloc(entries, entries_cnt * sizeof(*entries));
if (!entries) {
ret = callback(stated ? &statbuf : NULL, NULL, fname, error_mem, data);
free(fname);
@ -954,7 +1008,7 @@ static char *cli_md5buff(const unsigned char *buffer, unsigned int len, unsigned
if (dig)
memcpy(dig, digest, 16);
if (!(md5str = (char *)cli_calloc(32 + 1, sizeof(char))))
if (!(md5str = (char *)cli_max_calloc(32 + 1, sizeof(char))))
return NULL;
pt = md5str;
@ -993,7 +1047,7 @@ char *cli_sanitize_filepath(const char *filepath, size_t filepath_len, char **sa
*sanitized_filebase = NULL;
}
sanitized_filepath = cli_calloc(filepath_len + 1, sizeof(unsigned char));
sanitized_filepath = cli_max_calloc(filepath_len + 1, sizeof(unsigned char));
if (NULL == sanitized_filepath) {
cli_dbgmsg("cli_sanitize_filepath: out of memory\n");
goto done;
@ -1146,7 +1200,7 @@ char *cli_genfname(const char *prefix)
len = strlen("clamav-") + 48 + strlen(".tmp") + 1; /* clamav-{48}.tmp\0 */
}
fname = (char *)cli_calloc(len, sizeof(char));
fname = (char *)cli_max_calloc(len, sizeof(char));
if (!fname) {
cli_dbgmsg("cli_genfname: no memory left for fname\n");
if (NULL != sanitized_prefix) {
@ -1207,7 +1261,7 @@ char *cli_newfilepath(const char *dir, const char *fname)
}
len = strlen(mdir) + strlen(PATHSEP) + strlen(fname) + 1; /* mdir/fname\0 */
fullpath = (char *)cli_calloc(len, sizeof(char));
fullpath = (char *)cli_max_calloc(len, sizeof(char));
if (NULL == fullpath) {
cli_dbgmsg("cli_newfilepath('%s'): out of memory\n", mdir);
return NULL;
@ -1262,7 +1316,7 @@ char *cli_gentemp_with_prefix(const char *dir, const char *prefix)
}
len = strlen(mdir) + strlen(PATHSEP) + strlen(fname) + 1; /* mdir/fname\0 */
fullpath = (char *)cli_calloc(len, sizeof(char));
fullpath = (char *)cli_max_calloc(len, sizeof(char));
if (!fullpath) {
free(fname);
cli_dbgmsg("cli_gentemp_with_prefix('%s'): out of memory\n", mdir);

32
libclamav/pdf.c
Unescape View File

@ -480,9 +480,9 @@ int pdf_findobj_in_objstm(struct pdf_struct *pdf, struct objstm_struct *objstm,
/* Success! Add the object to the list of all objects found. */
pdf->nobjs++;
CLI_REALLOC(pdf->objs, sizeof(struct pdf_obj *) * pdf->nobjs,
cli_warnmsg("pdf_findobj_in_objstm: out of memory finding objects in stream\n"),
status = CL_EMEM);
CLI_MAX_REALLOC(pdf->objs, sizeof(struct pdf_obj *) * pdf->nobjs,
cli_warnmsg("pdf_findobj_in_objstm: out of memory finding objects in stream\n"),
status = CL_EMEM);
pdf->objs[pdf->nobjs - 1] = obj;
*obj_found = obj;
@ -545,7 +545,7 @@ cl_error_t pdf_findobj(struct pdf_struct *pdf)
goto done;
}
pdf->nobjs++;
CLI_REALLOC(pdf->objs, sizeof(struct pdf_obj *) * pdf->nobjs, status = CL_EMEM);
CLI_MAX_REALLOC(pdf->objs, sizeof(struct pdf_obj *) * pdf->nobjs, status = CL_EMEM);
obj = malloc(sizeof(struct pdf_obj));
if (!obj) {
@ -1238,7 +1238,7 @@ char *decrypt_any(struct pdf_struct *pdf, uint32_t id, const char *in, size_t *l
if (enc_method == ENC_AESV2)
n += 4;
key = cli_malloc(n);
key = cli_max_malloc(n);
if (!key) {
noisy_warnmsg("decrypt_any: malloc failed\n");
return NULL;
@ -1261,7 +1261,7 @@ char *decrypt_any(struct pdf_struct *pdf, uint32_t id, const char *in, size_t *l
if (n > 16)
n = 16;
q = cli_calloc(*length, sizeof(char));
q = cli_max_calloc(*length, sizeof(char));
if (!q) {
noisy_warnmsg("decrypt_any: malloc failed\n");
return NULL;
@ -1627,7 +1627,7 @@ cl_error_t pdf_extract_obj(struct pdf_struct *pdf, struct pdf_obj *obj, uint32_t
} else {
/* Add objstm to pdf struct, so it can be freed eventually */
pdf->nobjstms++;
pdf->objstms = cli_realloc2(pdf->objstms, sizeof(struct objstm_struct *) * pdf->nobjstms);
pdf->objstms = cli_max_realloc2(pdf->objstms, sizeof(struct objstm_struct *) * pdf->nobjstms);
if (!pdf->objstms) {
cli_warnmsg("pdf_extract_obj: out of memory parsing object stream (%u)\n", pdf->nobjstms);
pdf_free_dict(dparams);
@ -1692,7 +1692,7 @@ cl_error_t pdf_extract_obj(struct pdf_struct *pdf, struct pdf_obj *obj, uint32_t
free(pdf->objstms);
pdf->objstms = NULL;
} else {
pdf->objstms = cli_realloc2(pdf->objstms, sizeof(struct objstm_struct *) * pdf->nobjstms);
pdf->objstms = cli_max_realloc2(pdf->objstms, sizeof(struct objstm_struct *) * pdf->nobjstms);
if (!pdf->objstms) {
cli_warnmsg("pdf_extract_obj: out of memory when shrinking down objstm array\n");
@ -2620,7 +2620,7 @@ static char *pdf_readstring(const char *q0, int len, const char *key, unsigned *
q--;
len = q - start;
s0 = s = cli_malloc(len + 1);
s0 = s = cli_max_malloc(len + 1);
if (!s) {
cli_errmsg("pdf_readstring: Unable to allocate buffer\n");
return NULL;
@ -2713,7 +2713,7 @@ static char *pdf_readstring(const char *q0, int len, const char *key, unsigned *
if (qend)
*qend = q;
s = cli_malloc((q - start) / 2 + 1);
s = cli_max_malloc((q - start) / 2 + 1);
if (s == NULL) { /* oops, couldn't allocate memory */
cli_dbgmsg("pdf_readstring: unable to allocate memory...\n");
return NULL;
@ -2769,7 +2769,7 @@ static char *pdf_readval(const char *q, int len, const char *key)
len++;
}
s = cli_malloc(end - q + 1);
s = cli_max_malloc(end - q + 1);
if (!s)
return NULL;
@ -2976,7 +2976,7 @@ static void check_owner_password(struct pdf_struct *pdf, int R,
noisy_warnmsg("check_owner_password: OE length is not 32: %zu\n", OE_len);
} else {
pdf->keylen = 32;
pdf->key = cli_malloc(pdf->keylen);
pdf->key = cli_max_malloc(pdf->keylen);
if (!pdf->key) {
cli_errmsg("check_owner_password: Cannot allocate memory for pdf->key\n");
goto done;
@ -3063,7 +3063,7 @@ static void check_user_password(struct pdf_struct *pdf, int R, const char *O,
length = 40;
pdf->keylen = length / 8;
pdf->key = cli_malloc(pdf->keylen);
pdf->key = cli_max_malloc(pdf->keylen);
if (!pdf->key)
goto done;
@ -3141,7 +3141,7 @@ static void check_user_password(struct pdf_struct *pdf, int R, const char *O,
noisy_warnmsg("check_user_password: UE length is not 32: %zu\n", UE_len);
} else {
pdf->keylen = 32;
pdf->key = cli_malloc(pdf->keylen);
pdf->key = cli_max_malloc(pdf->keylen);
if (!pdf->key) {
cli_errmsg("check_user_password: Cannot allocate memory for pdf->key\n");
goto done;
@ -3203,7 +3203,7 @@ static void check_user_password(struct pdf_struct *pdf, int R, const char *O,
noisy_warnmsg("check_user_password: UE length is not 32: %zu\n", UE_len);
} else {
pdf->keylen = 32;
pdf->key = cli_malloc(pdf->keylen);
pdf->key = cli_max_malloc(pdf->keylen);
if (!pdf->key) {
cli_errmsg("check_user_password: Cannot allocate memory for pdf->key\n");
goto done;
@ -3760,7 +3760,7 @@ cl_error_t cli_pdf(const char *dir, cli_ctx *ctx, off_t offset)
begin = (char *)(pdfver + 5);
end = begin + 2;
strtoul(end, &end, 10);
p1 = cli_calloc((end - begin) + 2, 1);
p1 = cli_max_calloc((end - begin) + 2, 1);
if (p1) {
strncpy(p1, begin, end - begin);
p1[end - begin] = '\0';

20
libclamav/pdfdecode.c
Unescape View File

@ -147,7 +147,7 @@ size_t pdf_decodestream(
token->success = 0;
token->content = cli_malloc(streamlen);
token->content = cli_max_malloc(streamlen);
if (!token->content) {
*status = CL_EMEM;
goto done;
@ -406,7 +406,7 @@ static cl_error_t filter_ascii85decode(struct pdf_struct *pdf, struct pdf_obj *o
uint64_t sum = 0;
/* 5:4 decoding ratio, with 1:4 expansion sequences => (4*length)+1 */
if (!(dptr = decoded = (uint8_t *)cli_malloc((4 * remaining) + 1))) {
if (!(dptr = decoded = (uint8_t *)cli_max_malloc((4 * remaining) + 1))) {
cli_errmsg("cli_pdf: cannot allocate memory for decoded output\n");
return CL_EMEM;
}
@ -531,7 +531,7 @@ static cl_error_t filter_rldecode(struct pdf_struct *pdf, struct pdf_obj *obj, s
if ((rc = cli_checklimits("pdf", pdf->ctx, capacity + INFLATE_CHUNK_SIZE, 0, 0)) != CL_SUCCESS)
break;
if (!(temp = cli_realloc(decoded, capacity + INFLATE_CHUNK_SIZE))) {
if (!(temp = cli_max_realloc(decoded, capacity + INFLATE_CHUNK_SIZE))) {
cli_errmsg("cli_pdf: cannot reallocate memory for decoded output\n");
rc = CL_EMEM;
break;
@ -557,7 +557,7 @@ static cl_error_t filter_rldecode(struct pdf_struct *pdf, struct pdf_obj *obj, s
break;
}
if (!(temp = cli_realloc(decoded, capacity + INFLATE_CHUNK_SIZE))) {
if (!(temp = cli_max_realloc(decoded, capacity + INFLATE_CHUNK_SIZE))) {
cli_errmsg("cli_pdf: cannot reallocate memory for decoded output\n");
rc = CL_EMEM;
break;
@ -581,7 +581,7 @@ static cl_error_t filter_rldecode(struct pdf_struct *pdf, struct pdf_obj *obj, s
if (declen == 0) {
cli_dbgmsg("cli_pdf: empty stream after inflation completed.\n");
rc = CL_BREAK;
} else if (!(temp = cli_realloc(decoded, declen))) {
} else if (!(temp = cli_max_realloc(decoded, declen))) {
/* Shrink output buffer to final the decoded data length to minimize RAM usage */
cli_errmsg("cli_pdf: cannot reallocate memory for decoded output\n");
rc = CL_EMEM;
@ -704,7 +704,7 @@ static cl_error_t filter_flatedecode(struct pdf_struct *pdf, struct pdf_obj *obj
break;
}
if (!(temp = cli_realloc(decoded, capacity + INFLATE_CHUNK_SIZE))) {
if (!(temp = cli_max_realloc(decoded, capacity + INFLATE_CHUNK_SIZE))) {
cli_errmsg("cli_pdf: cannot reallocate memory for decoded output\n");
rc = CL_EMEM;
break;
@ -763,7 +763,7 @@ static cl_error_t filter_flatedecode(struct pdf_struct *pdf, struct pdf_obj *obj
if (declen == 0) {
cli_dbgmsg("cli_pdf: empty stream after inflation completed.\n");
rc = CL_BREAK;
} else if (!(temp = cli_realloc(decoded, declen))) {
} else if (!(temp = cli_max_realloc(decoded, declen))) {
/* Shrink output buffer to final the decoded data length to minimize RAM usage */
cli_errmsg("cli_pdf: cannot reallocate memory for decoded output\n");
rc = CL_EMEM;
@ -795,7 +795,7 @@ static cl_error_t filter_asciihexdecode(struct pdf_struct *pdf, struct pdf_obj *
uint32_t i, j;
cl_error_t rc = CL_SUCCESS;
if (!(decoded = (uint8_t *)cli_calloc(length / 2 + 1, sizeof(uint8_t)))) {
if (!(decoded = (uint8_t *)cli_max_calloc(length / 2 + 1, sizeof(uint8_t)))) {
cli_errmsg("cli_pdf: cannot allocate memory for decoded output\n");
return CL_EMEM;
}
@ -988,7 +988,7 @@ static cl_error_t filter_lzwdecode(struct pdf_struct *pdf, struct pdf_obj *obj,
break;
}
if (!(temp = cli_realloc(decoded, capacity + INFLATE_CHUNK_SIZE))) {
if (!(temp = cli_max_realloc(decoded, capacity + INFLATE_CHUNK_SIZE))) {
cli_errmsg("cli_pdf: cannot reallocate memory for decoded output\n");
rc = CL_EMEM;
break;
@ -1048,7 +1048,7 @@ static cl_error_t filter_lzwdecode(struct pdf_struct *pdf, struct pdf_obj *obj,
if (declen == 0) {
cli_dbgmsg("cli_pdf: empty stream after inflation completed.\n");
rc = CL_BREAK;
} else if (!(temp = cli_realloc(decoded, declen))) {
} else if (!(temp = cli_max_realloc(decoded, declen))) {
/* Shrink output buffer to final the decoded data length to minimize RAM usage */
cli_errmsg("cli_pdf: cannot reallocate memory for decoded output\n");
rc = CL_EMEM;

29
libclamav/pdfng.c
Unescape View File

@ -86,7 +86,7 @@ char *pdf_convert_utf(char *begin, size_t sz)
iconv_t cd;
#endif
buf = cli_calloc(1, sz + 1);
buf = cli_max_calloc(1, sz + 1);
if (!(buf))
return NULL;
memcpy(buf, begin, sz);
@ -94,7 +94,7 @@ char *pdf_convert_utf(char *begin, size_t sz)
#if HAVE_ICONV
p1 = buf;
p2 = outbuf = cli_calloc(1, sz + 1);
p2 = outbuf = cli_max_calloc(1, sz + 1);
if (!(outbuf)) {
free(buf);
return NULL;
@ -268,10 +268,7 @@ static char *pdf_decrypt_string(struct pdf_struct *pdf, struct pdf_obj *obj, con
bin_length = *length / 2;
// Convert the hex string to binary
decoded_bin = cli_calloc(1, bin_length);
if (!decoded_bin) {
return NULL;
}
CLI_MAX_CALLOC(decoded_bin, 1, bin_length);
hex2str_ret = cli_hex2str_to(hex, decoded_bin, *length);
if (hex2str_ret != 0) {
@ -314,7 +311,7 @@ char *pdf_finalize_string(struct pdf_struct *pdf, struct pdf_obj *obj, const cha
return NULL;
/* get a working copy */
wrkstr = cli_calloc(len + 1, sizeof(char));
wrkstr = cli_max_calloc(len + 1, sizeof(char));
if (!wrkstr)
return NULL;
memcpy(wrkstr, in, len);
@ -324,7 +321,7 @@ char *pdf_finalize_string(struct pdf_struct *pdf, struct pdf_obj *obj, const cha
/* convert PDF specific escape sequences, like octal sequences */
/* TODO: replace the escape sequences directly in the wrkstr */
if (strchr(wrkstr, '\\')) {
output = cli_calloc(wrklen + 1, sizeof(char));
output = cli_max_calloc(wrklen + 1, sizeof(char));
if (!output) {
free(wrkstr);
return NULL;
@ -386,7 +383,7 @@ char *pdf_finalize_string(struct pdf_struct *pdf, struct pdf_obj *obj, const cha
}
free(wrkstr);
wrkstr = cli_calloc(outlen + 1, sizeof(char));
wrkstr = cli_max_calloc(outlen + 1, sizeof(char));
if (!wrkstr) {
free(output);
return NULL;
@ -405,7 +402,7 @@ char *pdf_finalize_string(struct pdf_struct *pdf, struct pdf_obj *obj, const cha
outlen = tmpsz;
free(wrkstr);
if (output) {
wrkstr = cli_calloc(outlen + 1, sizeof(char));
wrkstr = cli_max_calloc(outlen + 1, sizeof(char));
if (!wrkstr) {
free(output);
return NULL;
@ -599,7 +596,7 @@ char *pdf_parse_string(struct pdf_struct *pdf, struct pdf_obj *obj, const char *
default:
res = pdf_finalize_string(pdf, obj, begin, objsize2);
if (!res) {
res = cli_calloc(1, objsize2 + 1);
res = cli_max_calloc(1, objsize2 + 1);
if (!(res)) {
close(fd);
cli_unlink(newobj->path);
@ -649,7 +646,7 @@ char *pdf_parse_string(struct pdf_struct *pdf, struct pdf_obj *obj, const char *
res = pdf_finalize_string(pdf, obj, p1, (p2 - p1) + 1);
if (!res) {
res = cli_calloc(1, (p2 - p1) + 2);
res = cli_max_calloc(1, (p2 - p1) + 2);
if (!(res))
return NULL;
memcpy(res, p1, (p2 - p1) + 1);
@ -706,7 +703,7 @@ char *pdf_parse_string(struct pdf_struct *pdf, struct pdf_obj *obj, const char *
res = pdf_finalize_string(pdf, obj, p1, len);
if (!res) {
res = cli_calloc(1, len + 1);
res = cli_max_calloc(1, len + 1);
if (!(res))
return NULL;
memcpy(res, p1, len);
@ -859,7 +856,7 @@ struct pdf_dict *pdf_parse_dict(struct pdf_struct *pdf, struct pdf_obj *obj, siz
if (p1 == end)
break;
key = cli_calloc((p1 - begin) + 2, 1);
key = cli_max_calloc((p1 - begin) + 2, 1);
if (!(key))
break;
@ -938,7 +935,7 @@ struct pdf_dict *pdf_parse_dict(struct pdf_struct *pdf, struct pdf_obj *obj, siz
is_object_reference(begin, &p1, NULL);
val = cli_calloc((p1 - begin) + 2, 1);
val = cli_max_calloc((p1 - begin) + 2, 1);
if (!(val))
break;
@ -1126,7 +1123,7 @@ struct pdf_array *pdf_parse_array(struct pdf_struct *pdf, struct pdf_obj *obj, s
p1++;
}
val = cli_calloc((p1 - begin) + 2, 1);
val = cli_max_calloc((p1 - begin) + 2, 1);
if (!(val))
break;

48
libclamav/pe.c
Unescape View File

@ -2297,7 +2297,7 @@ static inline int hash_impfns(cli_ctx *ctx, void **hashctx, uint32_t *impsz, str
break; \
} \
\
fname = cli_calloc(funclen + dlllen + 3, sizeof(char)); \
fname = cli_max_calloc(funclen + dlllen + 3, sizeof(char)); \
if (fname == NULL) { \
cli_dbgmsg("scan_pe: cannot allocate memory for imphash string\n"); \
ret = CL_EMEM; \
@ -3218,7 +3218,7 @@ int cli_scanpe(cli_ctx *ctx)
if (xsjs == 1280)
break;
if (!(jumps = (uint32_t *)cli_realloc2(jumps, (xsjs + 128) * sizeof(uint32_t)))) {
if (!(jumps = (uint32_t *)cli_max_realloc2(jumps, (xsjs + 128) * sizeof(uint32_t)))) {
cli_exe_info_destroy(peinfo);
return CL_EMEM;
}
@ -3373,7 +3373,7 @@ int cli_scanpe(cli_ctx *ctx)
}
/* allocate needed buffer */
if (!(src = cli_calloc(ssize + dsize, sizeof(char)))) {
if (!(src = cli_max_calloc(ssize + dsize, sizeof(char)))) {
cli_exe_info_destroy(peinfo);
return CL_EMEM;
}
@ -3489,7 +3489,7 @@ int cli_scanpe(cli_ctx *ctx)
break;
}
if ((dest = (char *)cli_calloc(dsize, sizeof(char))) == NULL) {
if ((dest = (char *)cli_max_calloc(dsize, sizeof(char))) == NULL) {
cli_exe_info_destroy(peinfo);
return CL_EMEM;
}
@ -3591,7 +3591,7 @@ int cli_scanpe(cli_ctx *ctx)
newedx = cli_readint32(newebx + 12 - peinfo->sections[i + 1].rva + src) - EC32(peinfo->pe_opt.opt32.ImageBase);
cli_dbgmsg("cli_scanpe: FSG: found old EP @%x\n", newedx);
if ((dest = (char *)cli_calloc(dsize, sizeof(char))) == NULL) {
if ((dest = (char *)cli_max_calloc(dsize, sizeof(char))) == NULL) {
cli_exe_info_destroy(peinfo);
return CL_EMEM;
}
@ -3677,7 +3677,7 @@ int cli_scanpe(cli_ctx *ctx)
break;
}
if ((sections = (struct cli_exe_section *)cli_malloc((sectcnt + 1) * sizeof(struct cli_exe_section))) == NULL) {
if ((sections = (struct cli_exe_section *)cli_max_malloc((sectcnt + 1) * sizeof(struct cli_exe_section))) == NULL) {
cli_errmsg("cli_scanpe: FSG: Unable to allocate memory for sections %llu\n", (long long unsigned)((sectcnt + 1) * sizeof(struct cli_exe_section)));
cli_exe_info_destroy(peinfo);
return CL_EMEM;
@ -3694,7 +3694,7 @@ int cli_scanpe(cli_ctx *ctx)
return CL_EREAD;
}
if ((dest = (char *)cli_calloc(dsize, sizeof(char))) == NULL) {
if ((dest = (char *)cli_max_calloc(dsize, sizeof(char))) == NULL) {
cli_exe_info_destroy(peinfo);
free(sections);
return CL_EMEM;
@ -3779,7 +3779,7 @@ int cli_scanpe(cli_ctx *ctx)
if (t >= gp - 10 || cli_readint32(support + t + 6) != 2)
break;
if ((sections = (struct cli_exe_section *)cli_malloc((sectcnt + 1) * sizeof(struct cli_exe_section))) == NULL) {
if ((sections = (struct cli_exe_section *)cli_max_malloc((sectcnt + 1) * sizeof(struct cli_exe_section))) == NULL) {
cli_errmsg("cli_scanpe: FSG: Unable to allocate memory for sections %llu\n", (long long unsigned)((sectcnt + 1) * sizeof(struct cli_exe_section)));
cli_exe_info_destroy(peinfo);
return CL_EMEM;
@ -3796,7 +3796,7 @@ int cli_scanpe(cli_ctx *ctx)
return CL_EREAD;
}
if ((dest = (char *)cli_calloc(dsize, sizeof(char))) == NULL) {
if ((dest = (char *)cli_max_calloc(dsize, sizeof(char))) == NULL) {
cli_exe_info_destroy(peinfo);
free(sections);
return CL_EMEM;
@ -3842,7 +3842,7 @@ int cli_scanpe(cli_ctx *ctx)
return CL_EREAD;
}
if ((dest = (char *)cli_calloc(dsize + 8192, sizeof(char))) == NULL) {
if ((dest = (char *)cli_max_calloc(dsize + 8192, sizeof(char))) == NULL) {
cli_exe_info_destroy(peinfo);
return CL_EMEM;
}
@ -4021,7 +4021,7 @@ int cli_scanpe(cli_ctx *ctx)
CLI_UNPSIZELIMITS("cli_scanpe: Petite", dsize);
if ((dest = (char *)cli_calloc(dsize, sizeof(char))) == NULL) {
if ((dest = (char *)cli_max_calloc(dsize, sizeof(char))) == NULL) {
cli_dbgmsg("cli_scanpe: Petite: Can't allocate %d bytes\n", dsize);
cli_exe_info_destroy(peinfo);
return CL_EMEM;
@ -4073,7 +4073,7 @@ int cli_scanpe(cli_ctx *ctx)
CLI_UNPSIZELIMITS("cli_scanpe: PEspin", fsize);
if ((spinned = (char *)cli_malloc(fsize)) == NULL) {
if ((spinned = (char *)cli_max_malloc(fsize)) == NULL) {
cli_errmsg("cli_scanpe: PESping: Unable to allocate memory for spinned %lu\n", (unsigned long)fsize);
cli_exe_info_destroy(peinfo);
return CL_EMEM;
@ -4142,7 +4142,7 @@ int cli_scanpe(cli_ctx *ctx)
size_t num_alerts;
char *spinned;
if ((spinned = (char *)cli_malloc(fsize)) == NULL) {
if ((spinned = (char *)cli_max_malloc(fsize)) == NULL) {
cli_errmsg("cli_scanpe: yC: Unable to allocate memory for spinned %lu\n", (unsigned long)fsize);
cli_exe_info_destroy(peinfo);
return CL_EMEM;
@ -4207,7 +4207,7 @@ int cli_scanpe(cli_ctx *ctx)
CLI_UNPSIZELIMITS("cli_scanpe: WWPack", ssize);
if (!(src = (char *)cli_calloc(ssize, sizeof(char)))) {
if (!(src = (char *)cli_max_calloc(ssize, sizeof(char)))) {
cli_exe_info_destroy(peinfo);
return CL_EMEM;
}
@ -4236,7 +4236,7 @@ int cli_scanpe(cli_ctx *ctx)
break;
}
if ((packer = (uint8_t *)cli_calloc(peinfo->sections[peinfo->nsections - 1].rsz, sizeof(char))) == NULL) {
if ((packer = (uint8_t *)cli_max_calloc(peinfo->sections[peinfo->nsections - 1].rsz, sizeof(char))) == NULL) {
free(src);
cli_exe_info_destroy(peinfo);
return CL_EMEM;
@ -4291,7 +4291,7 @@ int cli_scanpe(cli_ctx *ctx)
CLI_UNPSIZELIMITS("cli_scanpe: Aspack", ssize);
if (!(src = (char *)cli_calloc(ssize, sizeof(char)))) {
if (!(src = (char *)cli_max_calloc(ssize, sizeof(char)))) {
cli_exe_info_destroy(peinfo);
return CL_EMEM;
}
@ -4369,7 +4369,7 @@ int cli_scanpe(cli_ctx *ctx)
if (!ssize || !dsize || dsize != peinfo->sections[0].vsz)
break;
if (!(dest = cli_malloc(dsize))) {
if (!(dest = cli_max_malloc(dsize))) {
cli_errmsg("cli_scanpe: NsPack: Unable to allocate memory for dest %u\n", dsize);
break;
}
@ -5098,14 +5098,14 @@ cl_error_t cli_peheader(fmap_t *map, struct cli_exe_info *peinfo, uint32_t opts,
// TODO in cli_checkpe_fp this aligned to falign, elsewhere it aligned to salign
peinfo->hdr_size = PESALIGN(peinfo->hdr_size, salign);
peinfo->sections = (struct cli_exe_section *)cli_calloc(peinfo->nsections, sizeof(struct cli_exe_section));
peinfo->sections = (struct cli_exe_section *)cli_max_calloc(peinfo->nsections, sizeof(struct cli_exe_section));
if (!peinfo->sections) {
cli_dbgmsg("cli_peheader: Can't allocate memory for section headers\n");
goto done;
}
section_hdrs = (struct pe_image_section_hdr *)cli_calloc(peinfo->nsections, sizeof(struct pe_image_section_hdr));
section_hdrs = (struct pe_image_section_hdr *)cli_max_calloc(peinfo->nsections, sizeof(struct pe_image_section_hdr));
if (!section_hdrs) {
cli_dbgmsg("cli_peheader: Can't allocate memory for section headers\n");
@ -5849,29 +5849,29 @@ cl_error_t cli_genhash_pe(cli_ctx *ctx, unsigned int class, int type, stats_sect
case 1:
genhash[CLI_HASH_MD5] = 1;
hlen = hashlen[CLI_HASH_MD5];
hash = hashset[CLI_HASH_MD5] = cli_calloc(hlen, sizeof(char));
hash = hashset[CLI_HASH_MD5] = cli_max_calloc(hlen, sizeof(char));
break;
case 2:
genhash[CLI_HASH_SHA1] = 1;
hlen = hashlen[CLI_HASH_SHA1];
hash = hashset[CLI_HASH_SHA1] = cli_calloc(hlen, sizeof(char));
hash = hashset[CLI_HASH_SHA1] = cli_max_calloc(hlen, sizeof(char));
break;
default:
genhash[CLI_HASH_SHA256] = 1;
hlen = hashlen[CLI_HASH_SHA256];
hash = hashset[CLI_HASH_SHA256] = cli_calloc(hlen, sizeof(char));
hash = hashset[CLI_HASH_SHA256] = cli_max_calloc(hlen, sizeof(char));
break;
}
if (!hash) {
cli_errmsg("cli_genhash_pe: cli_calloc failed!\n");
cli_errmsg("cli_genhash_pe: cli_max_calloc failed!\n");
cli_exe_info_destroy(peinfo);
return CL_EMEM;
}
if (hashes) {
hashes->nsections = peinfo->nsections;
hashes->sections = cli_calloc(peinfo->nsections, sizeof(struct cli_section_hash));
hashes->sections = cli_max_calloc(peinfo->nsections, sizeof(struct cli_section_hash));
if (!(hashes->sections)) {
cli_exe_info_destroy(peinfo);

8
libclamav/pe_icons.c
Unescape View File

@ -901,7 +901,7 @@ static int getmetrics(unsigned int side, unsigned int *imagedata, struct icomtr
unsigned int edge_avg[6], edge_x[6] = {0, 0, 0, 0, 0, 0}, edge_y[6] = {0, 0, 0, 0, 0, 0}, noedge_avg[6], noedge_x[6] = {0, 0, 0, 0, 0, 0}, noedge_y[6] = {0, 0, 0, 0, 0, 0};
double *sobel;
if (!(tmp = cli_malloc(side * side * 4 * 2))) {
if (!(tmp = cli_max_malloc(side * side * 4 * 2))) {
cli_errmsg("getmetrics: Unable to allocate memory for tmp %u\n", (side * side * 4 * 2));
return CL_EMEM;
}
@ -1067,7 +1067,7 @@ static int getmetrics(unsigned int side, unsigned int *imagedata, struct icomtr
/* Sobel 1 - gradients */
i = 0;
#ifdef USE_FLOATS
sobel = cli_malloc(side * side * sizeof(double));
sobel = cli_max_malloc(side * side * sizeof(double));
if (!sobel) {
cli_errmsg("getmetrics: Unable to allocate memory for edge detection %llu\n", (long long unsigned)(side * side * sizeof(double)));
free(tmp);
@ -1457,7 +1457,7 @@ static int parseicon(struct ICON_ENV *icon_env, uint32_t rva)
fmap_unneed_ptr(map, palette, (1 << depth) * sizeof(int));
return CL_SUCCESS;
}
if (!(imagedata = cli_malloc(width * height * sizeof(*imagedata)))) {
if (!(imagedata = cli_max_malloc(width * height * sizeof(*imagedata)))) {
if (palette)
fmap_unneed_ptr(map, palette, (1 << depth) * sizeof(int));
return CL_SUCCESS;
@ -1601,7 +1601,7 @@ static int parseicon(struct ICON_ENV *icon_env, uint32_t rva)
newsize = 16;
scalex = (double)width / newsize;
scaley = (double)height / newsize;
if (!(newdata = cli_malloc(newsize * newsize * sizeof(*newdata)))) {
if (!(newdata = cli_max_malloc(newsize * newsize * sizeof(*newdata)))) {
cli_errmsg("parseicon: Unable to allocate memory for scaling image\n");
return CL_EMEM;
}

2
libclamav/petite.c
Unescape View File

@ -299,7 +299,7 @@ int petite_inflate2x_1to9(char *buf, uint32_t minrva, uint32_t bufsz, struct cli
return 1;
}
/* Alloc 1 more struct */
if (!(tmpsct = cli_realloc(usects, sizeof(struct cli_exe_section) * (j + 1)))) {
if (!(tmpsct = cli_max_realloc(usects, sizeof(struct cli_exe_section) * (j + 1)))) {
if (usects)
free(usects);
return 1;

6
libclamav/phishcheck.c
Unescape View File

@ -260,7 +260,7 @@ static void string_init_c(struct string* dest, char* data)
static int string_assign_concatenated(struct string* dest, const char* prefix, const char* begin, const char* end)
{
const size_t prefix_len = strlen(prefix);
char* ret = cli_malloc(prefix_len + end - begin + 1);
char* ret = cli_max_malloc(prefix_len + end - begin + 1);
if (!ret) {
cli_errmsg("Phishcheck: Unable to allocate memory for string_assign_concatenated\n");
return CL_EMEM;
@ -276,7 +276,7 @@ static int string_assign_concatenated(struct string* dest, const char* prefix, c
/* make a copy of the string between start -> end*/
static int string_assign_dup(struct string* dest, const char* start, const char* end)
{
char* ret = cli_malloc(end - start + 1);
char* ret = cli_max_malloc(end - start + 1);
if (!ret) {
cli_errmsg("Phishcheck: Unable to allocate memory for string_assign_dup\n");
return CL_EMEM;
@ -324,7 +324,7 @@ static int build_regex(regex_t* preg, const char* regex, int nosub)
if (rc) {
size_t buflen = cli_regerror(rc, preg, NULL, 0);
char* errbuf = cli_malloc(buflen);
char* errbuf = cli_max_malloc(buflen);
if (errbuf) {
cli_regerror(rc, preg, errbuf, buflen);

48
libclamav/readdb.c
Unescape View File

@ -116,7 +116,7 @@ char *cli_virname(const char *virname, unsigned int official)
if (official)
return cli_strdup(virname);
newname = (char *)cli_malloc(strlen(virname) + 11 + 1);
newname = (char *)cli_max_malloc(strlen(virname) + 11 + 1);
if (!newname) {
cli_errmsg("cli_virname: Can't allocate memory for newname\n");
return NULL;
@ -156,7 +156,7 @@ cl_error_t cli_sigopts_handler(struct cli_matcher *root, const char *virname, co
/* FULLWORD regex sigopt handling */
if (sigopts & ACPATT_OPTION_FULLWORD) {
size_t ovrlen = strlen(hexcpy) + 21;
char *hexovr = cli_calloc(ovrlen, sizeof(char));
char *hexovr = cli_max_calloc(ovrlen, sizeof(char));
if (!hexovr) {
free(hexcpy);
return CL_EMEM;
@ -173,7 +173,7 @@ cl_error_t cli_sigopts_handler(struct cli_matcher *root, const char *virname, co
/* NOCASE sigopt is passed onto the regex-opt handler */
if (sigopts & ACPATT_OPTION_NOCASE) {
size_t ovrlen = strlen(hexcpy) + 2;
char *hexovr = cli_calloc(ovrlen, sizeof(char));
char *hexovr = cli_max_calloc(ovrlen, sizeof(char));
if (!hexovr) {
free(hexcpy);
return CL_EMEM;
@ -213,7 +213,7 @@ cl_error_t cli_sigopts_handler(struct cli_matcher *root, const char *virname, co
if (sigopts & ACPATT_OPTION_FULLWORD) {
char *rechar;
size_t ovrlen = strlen(hexcpy) + 7;
char *hexovr = cli_calloc(ovrlen, sizeof(char));
char *hexovr = cli_max_calloc(ovrlen, sizeof(char));
if (!hexovr) {
free(hexcpy);
return CL_EMEM;
@ -245,7 +245,7 @@ cl_error_t cli_sigopts_handler(struct cli_matcher *root, const char *virname, co
if (sigopts & ACPATT_OPTION_WIDE) {
size_t hexcpylen = strlen(hexcpy);
size_t ovrlen = 2 * hexcpylen + 1;
char *hexovr = cli_calloc(ovrlen, sizeof(char));
char *hexovr = cli_max_calloc(ovrlen, sizeof(char));
if (!hexovr) {
free(hexcpy);
return CL_EMEM;
@ -729,7 +729,7 @@ cl_error_t cli_add_content_match_pattern(struct cli_matcher *root, const char *v
* Parse "{n}" wildcard - Not a "{n-m}" range-style one.
* Replaces it with: "??" * n and then re-parses the modified hexsig with recursion.
*/
hexcpy = cli_calloc(hexlen + 2 * range, sizeof(char));
hexcpy = cli_max_calloc(hexlen + 2 * range, sizeof(char));
if (!hexcpy)
return CL_EMEM;
@ -1144,7 +1144,7 @@ static char *cli_signorm(const char *signame)
nsz = 3;
}
new_signame = cli_calloc((nsz + 1), sizeof(char));
new_signame = cli_max_calloc((nsz + 1), sizeof(char));
if (!new_signame)
return NULL;
@ -1731,7 +1731,7 @@ struct lsig_attrib {
/* TODO: rework this */
static int lsigattribs(char *attribs, struct cli_lsig_tdb *tdb)
{
// clang-format off
// clang-format off
#define ATTRIB_TOKENS 10
#define EXPR_TOKEN_MAX 16
struct lsig_attrib attrtab[] = {
@ -2330,7 +2330,7 @@ static int cli_loadcbc(FILE *fs, struct cl_engine *engine, unsigned int *signo,
return CL_SUCCESS;
}
bcs->all_bcs = cli_realloc2(bcs->all_bcs, sizeof(*bcs->all_bcs) * (bcs->count + 1));
bcs->all_bcs = cli_max_realloc2(bcs->all_bcs, sizeof(*bcs->all_bcs) * (bcs->count + 1));
if (!bcs->all_bcs) {
cli_errmsg("cli_loadcbc: Can't allocate memory for bytecode entry\n");
return CL_EMEM;
@ -2401,8 +2401,8 @@ static int cli_loadcbc(FILE *fs, struct cl_engine *engine, unsigned int *signo,
if (bc->kind >= _BC_START_HOOKS && bc->kind < _BC_LAST_HOOK) {
unsigned hook = bc->kind - _BC_START_HOOKS;
unsigned cnt = ++engine->hooks_cnt[hook];
engine->hooks[hook] = cli_realloc2(engine->hooks[hook],
sizeof(*engine->hooks[0]) * cnt);
engine->hooks[hook] = cli_max_realloc2(engine->hooks[hook],
sizeof(*engine->hooks[0]) * cnt);
if (!engine->hooks[hook]) {
cli_errmsg("Out of memory allocating memory for hook %u", hook);
return CL_EMEM;
@ -3581,7 +3581,7 @@ static char *parse_yara_hex_string(YR_STRING *string, int *ret)
}
reslen++;
res = cli_calloc(reslen, 1);
res = cli_max_calloc(reslen, 1);
if (!(res)) {
if (ret) *ret = CL_EMEM;
return NULL;
@ -3755,7 +3755,7 @@ static int ytable_add_string(struct cli_ytable *ytable, const char *hexsig)
}
ytable->tbl_cnt++;
newtable = cli_realloc(ytable->table, ytable->tbl_cnt * sizeof(struct cli_ytable_entry *));
newtable = cli_max_realloc(ytable->table, ytable->tbl_cnt * sizeof(struct cli_ytable_entry *));
if (!newtable) {
cli_yaramsg("ytable_add_string: failed to reallocate new ytable table\n");
free(new->hexstr);
@ -3861,7 +3861,7 @@ static int load_oneyara(YR_RULE *rule, int chkpua, struct cl_engine *engine, uns
return CL_SUCCESS;
}
newident = cli_malloc(strlen(rule->identifier) + 5 + 1);
newident = cli_max_malloc(strlen(rule->identifier) + 5 + 1);
if (!newident) {
cli_errmsg("cli_loadyara(): newident == NULL\n");
return CL_EMEM;
@ -4030,7 +4030,7 @@ static int load_oneyara(YR_RULE *rule, int chkpua, struct cl_engine *engine, uns
#if HAVE_PCRE
size_t length = strlen(PCRE_BYPASS) + string->length + 3;
substr = cli_calloc(length, sizeof(char));
substr = cli_max_calloc(length, sizeof(char));
if (!substr) {
cli_errmsg("load_oneyara: cannot allocate memory for converted regex string\n");
str_error++;
@ -4063,7 +4063,7 @@ static int load_oneyara(YR_RULE *rule, int chkpua, struct cl_engine *engine, uns
continue;
}
substr = cli_calloc(totsize, sizeof(char));
substr = cli_max_calloc(totsize, sizeof(char));
if (!substr) {
cli_errmsg("load_oneyara: cannot allocate memory for converted generic string\n");
str_error++;
@ -4195,7 +4195,7 @@ static int load_oneyara(YR_RULE *rule, int chkpua, struct cl_engine *engine, uns
#if 0
if (rule->cl_flags & RULE_ALL || rule->cl_flags & RULE_ANY) {
lsize = 3*ytable.tbl_cnt;
logic = cli_calloc(lsize, sizeof(char));
logic = cli_max_calloc(lsize, sizeof(char));
if (!logic) {
cli_errmsg("load_oneyara: cannot allocate memory for logic statement\n");
ytable_delete(&ytable);
@ -4600,7 +4600,7 @@ static int cli_loadpwdb(FILE *fs, struct cl_engine *engine, unsigned int options
}
} else {
size_t attlen = strlen(tokens[1]) + 10;
attribs = cli_calloc(attlen, sizeof(char));
attribs = cli_max_calloc(attlen, sizeof(char));
if (!attribs) {
cli_errmsg("cli_loadpwdb: Can't allocate memory for attributes\n");
ret = CL_EMEM;
@ -5081,7 +5081,7 @@ static cl_error_t cli_loaddbdir(const char *dirname, struct cl_engine *engine, u
continue;
}
dbfile = (char *)cli_malloc(strlen(dent->d_name) + dirname_len + 2);
dbfile = (char *)cli_max_malloc(strlen(dent->d_name) + dirname_len + 2);
if (!dbfile) {
cli_errmsg("cli_loaddbdir: dbfile == NULL\n");
ret = CL_EMEM;
@ -5415,7 +5415,7 @@ cl_error_t cl_statinidir(const char *dirname, struct cl_stat *dbstat)
if (dent->d_ino) {
if (strcmp(dent->d_name, ".") && strcmp(dent->d_name, "..") && CLI_DBEXT(dent->d_name)) {
dbstat->entries++;
dbstat->stattab = (STATBUF *)cli_realloc2(dbstat->stattab, dbstat->entries * sizeof(STATBUF));
dbstat->stattab = (STATBUF *)cli_max_realloc2(dbstat->stattab, dbstat->entries * sizeof(STATBUF));
if (!dbstat->stattab) {
cl_statfree(dbstat);
closedir(dd);
@ -5423,7 +5423,7 @@ cl_error_t cl_statinidir(const char *dirname, struct cl_stat *dbstat)
}
#ifdef _WIN32
dbstat->statdname = (char **)cli_realloc2(dbstat->statdname, dbstat->entries * sizeof(char *));
dbstat->statdname = (char **)cli_max_realloc2(dbstat->statdname, dbstat->entries * sizeof(char *));
if (!dbstat->statdname) {
cli_errmsg("cl_statinidir: Can't allocate memory for dbstat->statdname\n");
cl_statfree(dbstat);
@ -5432,7 +5432,7 @@ cl_error_t cl_statinidir(const char *dirname, struct cl_stat *dbstat)
}
#endif
fname = cli_malloc(strlen(dirname) + strlen(dent->d_name) + 32);
fname = cli_max_malloc(strlen(dirname) + strlen(dent->d_name) + 32);
if (!fname) {
cli_errmsg("cl_statinidir: Cant' allocate memory for fname\n");
cl_statfree(dbstat);
@ -5441,7 +5441,7 @@ cl_error_t cl_statinidir(const char *dirname, struct cl_stat *dbstat)
}
sprintf(fname, "%s" PATHSEP "%s", dirname, dent->d_name);
#ifdef _WIN32
dbstat->statdname[dbstat->entries - 1] = (char *)cli_malloc(strlen(dent->d_name) + 1);
dbstat->statdname[dbstat->entries - 1] = (char *)cli_max_malloc(strlen(dent->d_name) + 1);
if (!dbstat->statdname[dbstat->entries - 1]) {
cli_errmsg("cli_statinidir: Can't allocate memory for dbstat->statdname\n");
cl_statfree(dbstat);
@ -5484,7 +5484,7 @@ int cl_statchkdir(const struct cl_stat *dbstat)
while ((dent = readdir(dd))) {
if (dent->d_ino) {
if (strcmp(dent->d_name, ".") && strcmp(dent->d_name, "..") && CLI_DBEXT(dent->d_name)) {
fname = cli_malloc(strlen(dbstat->dir) + strlen(dent->d_name) + 32);
fname = cli_max_malloc(strlen(dbstat->dir) + strlen(dent->d_name) + 32);
if (!fname) {
cli_errmsg("cl_statchkdir: can't allocate memory for fname\n");
closedir(dd);

2
libclamav/rebuildpe.c
Unescape View File

@ -146,7 +146,7 @@ int cli_rebuildpe_align(char *buffer, struct cli_exe_section *sections, int sect
if (datasize > CLI_MAX_ALLOCATION)
return 0;
pefile = (char *)cli_calloc(rawbase + datasize, 1);
pefile = (char *)cli_max_calloc(rawbase + datasize, 1);
if (!pefile)
return 0;

6
libclamav/regex/engine.c
Unescape View File

@ -209,7 +209,7 @@ matcher(struct re_guts *g, const char *string, size_t nmatch,
/* oh my, he wants the subexpressions... */
if (m->pmatch == NULL)
m->pmatch = (regmatch_t *)cli_malloc((m->g->nsub + 1) *
m->pmatch = (regmatch_t *)cli_max_malloc((m->g->nsub + 1) *
sizeof(regmatch_t));
if (m->pmatch == NULL) {
free(m->lastpos);
@ -223,7 +223,7 @@ matcher(struct re_guts *g, const char *string, size_t nmatch,
dp = dissect(m, m->coldp, endp, gf, gl);
} else {
if (g->nplus > 0 && m->lastpos == NULL)
m->lastpos = (char **)cli_malloc((g->nplus+1) *
m->lastpos = (char **)cli_max_malloc((g->nplus+1) *
sizeof(char *));
if (g->nplus > 0 && m->lastpos == NULL) {
free(m->pmatch);
@ -983,7 +983,7 @@ print(struct match *m, const char *caption, states st, int ch, FILE *d)
(void)fprintf(d, "\n");
}
/*
/*
- at - print current situation
*/
static void

14
libclamav/regex/regcomp.c
Unescape View File

@ -165,7 +165,7 @@ cli_regcomp_real(regex_t *preg, const char *pattern, int cflags)
len = strlen((char *)pattern);
/* do the mallocs early so failure handling is easy */
g = (struct re_guts *)cli_malloc(sizeof(struct re_guts) +
g = (struct re_guts *)cli_max_malloc(sizeof(struct re_guts) +
(NC-1)*sizeof(unsigned char));
if (g == NULL)
return(REG_ESPACE);
@ -190,7 +190,7 @@ cli_regcomp_real(regex_t *preg, const char *pattern, int cflags)
return(REG_ESPACE);
}
p->strip = (sop *)cli_calloc(p->ssize, sizeof(sop));
p->strip = (sop *)cli_max_calloc(p->ssize, sizeof(sop));
p->slen = 0;
if (p->strip == NULL) {
free(g);
@ -1047,12 +1047,12 @@ allocset(struct parse *p)
assert(nc % CHAR_BIT == 0);
nbytes = nc / CHAR_BIT *css;
ptr = (cset *)cli_realloc((char*)p->g->sets, nc * sizeof(cset));
ptr = (cset *)cli_max_realloc((char*)p->g->sets, nc * sizeof(cset));
if (ptr == NULL)
goto nomem;
p->g->sets = ptr;
ptr = (uch *)cli_realloc((char*)p->g->setbits, nbytes);
ptr = (uch *)cli_max_realloc((char*)p->g->setbits, nbytes);
if (ptr == NULL)
goto nomem;
nbytes = (nc / CHAR_BIT) * css;
@ -1279,7 +1279,7 @@ enlarge(struct parse *p, sopno size)
if (p->ssize >= size)
return 1;
sp = (sop *)cli_realloc(p->strip, size * sizeof(sop));
sp = (sop *)cli_max_realloc(p->strip, size * sizeof(sop));
if (sp == NULL) {
SETERROR(REG_ESPACE);
return 0;
@ -1296,7 +1296,7 @@ static void
stripsnug(struct parse *p, struct re_guts *g)
{
g->nstates = p->slen;
g->strip = (sop *)cli_realloc((char *)p->strip, p->slen * sizeof(sop));
g->strip = (sop *)cli_max_realloc((char *)p->strip, p->slen * sizeof(sop));
if (g->strip == NULL) {
SETERROR(REG_ESPACE);
g->strip = p->strip;
@ -1374,7 +1374,7 @@ findmust(struct parse *p, struct re_guts *g)
}
/* turn it into a character string */
g->must = cli_malloc((size_t)g->mlen + 1);
g->must = cli_max_malloc((size_t)g->mlen + 1);
if (g->must == NULL) { /* argh; just forget it */
g->mlen = 0;
return;

2
libclamav/regex/regexec.c
Unescape View File

@ -110,7 +110,7 @@
#define ASSIGN(d, s) memcpy(d, s, m->g->nstates)
#define EQ(a, b) (memcmp(a, b, m->g->nstates) == 0)
#define STATEVARS long vn; char *space
#define STATESETUP(m, nv) { (m)->space = cli_malloc((nv)*(m)->g->nstates); \
#define STATESETUP(m, nv) { (m)->space = cli_max_malloc((nv)*(m)->g->nstates); \
if ((m)->space == NULL) return(REG_ESPACE); \
(m)->vn = 0; }
#define STATETEARDOWN(m) { free((m)->space); }

12
libclamav/regex_list.c
Unescape View File

@ -200,7 +200,7 @@ cl_error_t regex_list_match(struct regex_matcher *matcher, char *real_url, const
/* too short, no match possible */
return CL_SUCCESS;
}
buffer = cli_malloc(buffer_len + 1);
buffer = cli_max_malloc(buffer_len + 1);
if (!buffer) {
cli_errmsg("regex_list_match: Unable to allocate memory for buffer\n");
return CL_EMEM;
@ -802,10 +802,10 @@ static cl_error_t add_pattern_suffix(void *cbdata, const char *suffix, size_t su
/* new suffix */
size_t n = matcher->suffix_cnt;
el = cli_hashtab_insert(&matcher->suffix_hash, suffix, suffix_len, (cli_element_data)n);
CLI_REALLOC(matcher->suffix_regexes,
(n + 1) * sizeof(*matcher->suffix_regexes),
cli_errmsg("add_pattern_suffix: Unable to reallocate memory for matcher->suffix_regexes\n");
ret = CL_EMEM);
CLI_MAX_REALLOC(matcher->suffix_regexes,
(n + 1) * sizeof(*matcher->suffix_regexes),
cli_errmsg("add_pattern_suffix: Unable to reallocate memory for matcher->suffix_regexes\n");
ret = CL_EMEM);
matcher->suffix_regexes[n].tail = regex;
matcher->suffix_regexes[n].head = regex;
if (suffix[0] == '/' && suffix[1] == '\0') {
@ -817,7 +817,7 @@ static cl_error_t add_pattern_suffix(void *cbdata, const char *suffix, size_t su
if (CL_SUCCESS != ret) {
cli_hashtab_delete(&matcher->suffix_hash, suffix, suffix_len);
/*shrink the size back to what it was.*/
CLI_REALLOC(matcher->suffix_regexes, n * sizeof(*matcher->suffix_regexes));
CLI_MAX_REALLOC(matcher->suffix_regexes, n * sizeof(*matcher->suffix_regexes));
} else {
matcher->suffix_cnt++;
}

6
libclamav/regex_pcre.c
Unescape View File

@ -42,7 +42,7 @@
void *cli_pcre_malloc(size_t size, void *ext)
{
UNUSEDPARAM(ext);
return cli_malloc(size);
return cli_max_malloc(size);
}
void cli_pcre_free(void *ptr, void *ext)
@ -56,9 +56,9 @@ void cli_pcre_free(void *ptr, void *ext)
cl_error_t cli_pcre_init_internal()
{
#if !USING_PCRE2
pcre_malloc = cli_malloc;
pcre_malloc = cli_max_malloc;
pcre_free = free;
pcre_stack_malloc = cli_malloc;
pcre_stack_malloc = cli_max_malloc;
pcre_stack_free = free;
#endif

2
libclamav/regex_suffix.c
Unescape View File

@ -490,7 +490,7 @@ cl_error_t cli_regex2suffix(const char *pattern, regex_t *preg, suffix_callback
rc = cli_regcomp(regex.preg, pattern, REG_EXTENDED);
if (rc) {
size_t buflen = cli_regerror(rc, regex.preg, NULL, 0);
char *errbuf = cli_malloc(buflen);
char *errbuf = cli_max_malloc(buflen);
if (errbuf) {
cli_regerror(rc, regex.preg, errbuf, buflen);
cli_errmsg(MODULE "Error compiling regular expression %s: %s\n", pattern, errbuf);

6
libclamav/rtf.c
Unescape View File

@ -167,7 +167,7 @@ static int push_state(struct stack* stack, struct rtf_state* state)
/* grow stack */
struct rtf_state* states;
stack->stack_size += 128;
states = cli_realloc(stack->states, stack->stack_size * sizeof(*stack->states));
states = cli_max_realloc(stack->states, stack->stack_size * sizeof(*stack->states));
if (!states) {
// Realloc failed. Note that stack->states has not been freed and must still be cleaned up by the caller.
return CL_EMEM;
@ -333,7 +333,7 @@ static int rtf_object_process(struct rtf_state* state, const unsigned char* inpu
cli_dbgmsg("Description length too big (%lu), showing only 64 bytes of it\n", (unsigned long int)data->desc_len);
data->desc_name = malloc(65);
} else
data->desc_name = cli_malloc(data->desc_len + 1);
data->desc_name = cli_max_malloc(data->desc_len + 1);
if (!data->desc_name) {
cli_errmsg("rtf_object_process: Unable to allocate memory for data->desc_name\n");
return CL_EMEM;
@ -525,7 +525,7 @@ int cli_scanrtf(cli_ctx* ctx)
stack.stack_size = 16;
stack.elements = 0;
stack.warned = 0;
stack.states = cli_malloc(stack.stack_size * sizeof(*stack.states));
stack.states = cli_max_malloc(stack.stack_size * sizeof(*stack.states));
if (!stack.states) {
cli_errmsg("ScanRTF: Unable to allocate memory for stack states\n");

14
libclamav/scanners.c
Unescape View File

@ -141,7 +141,7 @@ cl_error_t cli_magic_scan_dir(const char *dir, cli_ctx *ctx, uint32_t attributes
if (dent->d_ino) {
if (strcmp(dent->d_name, ".") && strcmp(dent->d_name, "..")) {
/* build the full name */
fname = cli_malloc(strlen(dir) + strlen(dent->d_name) + 2);
fname = malloc(strlen(dir) + strlen(dent->d_name) + 2);
if (!fname) {
cli_dbgmsg("cli_magic_scan_dir: Unable to allocate memory for filename\n");
status = CL_EMEM;
@ -2256,7 +2256,7 @@ static cl_error_t cli_scanscript(cli_ctx *ctx)
goto done;
}
if (!(normalized = cli_malloc(SCANBUFF + maxpatlen))) {
if (!(normalized = cli_max_malloc(SCANBUFF + maxpatlen))) {
cli_dbgmsg("cli_scanscript: Unable to malloc %u bytes\n", SCANBUFF);
ret = CL_EMEM;
goto done;
@ -2584,7 +2584,7 @@ static cl_error_t cli_ole2_scan_tempdir(
if (dent->d_ino) {
if (strcmp(dent->d_name, ".") && strcmp(dent->d_name, "..")) {
/* build the full name */
subdirectory = cli_malloc(strlen(dir) + strlen(dent->d_name) + 2);
subdirectory = malloc(strlen(dir) + strlen(dent->d_name) + 2);
if (!subdirectory) {
cli_dbgmsg("cli_ole2_tempdir_scan_vba: Unable to allocate memory for subdirectory path\n");
status = CL_EMEM;
@ -4014,7 +4014,7 @@ static cl_error_t dispatch_file_inspection_callback(clcb_file_inspection cb, cli
fmap = ctx->recursion_stack[fmap_index].fmap;
fd = fmap_fd(fmap);
CLI_CALLOC(ancestors, ctx->recursion_level + 1, sizeof(char *), status = CL_EMEM);
CLI_MAX_CALLOC(ancestors, ctx->recursion_level + 1, sizeof(char *), status = CL_EMEM);
file_name = fmap->name;
file_buffer = fmap_need_off_once_len(fmap, 0, fmap->len, &file_size);
@ -5421,7 +5421,7 @@ static cl_error_t scan_common(cl_fmap_t *map, const char *filepath, const char *
}
ctx.recursion_stack_size = ctx.engine->max_recursion_level;
ctx.recursion_stack = cli_calloc(sizeof(recursion_level_t), ctx.recursion_stack_size);
ctx.recursion_stack = cli_max_calloc(sizeof(recursion_level_t), ctx.recursion_stack_size);
if (!ctx.recursion_stack) {
status = CL_EMEM;
goto done;
@ -5480,7 +5480,7 @@ static cl_error_t scan_common(cl_fmap_t *map, const char *filepath, const char *
(CL_SUCCESS == cli_basename(ctx.target_filepath, strlen(ctx.target_filepath), &target_basename))) {
/* Include the basename in the temp directory */
new_temp_prefix_len = strlen("YYYYMMDD_HHMMSS-") + strlen(target_basename);
new_temp_prefix = cli_calloc(1, new_temp_prefix_len + 1);
new_temp_prefix = cli_max_calloc(1, new_temp_prefix_len + 1);
if (!new_temp_prefix) {
cli_errmsg("scan_common: Failed to allocate memory for temp directory name.\n");
status = CL_EMEM;
@ -5491,7 +5491,7 @@ static cl_error_t scan_common(cl_fmap_t *map, const char *filepath, const char *
} else {
/* Just use date */
new_temp_prefix_len = strlen("YYYYMMDD_HHMMSS-scantemp");
new_temp_prefix = cli_calloc(1, new_temp_prefix_len + 1);
new_temp_prefix = cli_max_calloc(1, new_temp_prefix_len + 1);
if (!new_temp_prefix) {
cli_errmsg("scan_common: Failed to allocate memory for temp directory name.\n");
status = CL_EMEM;

12
libclamav/sis.c
Unescape View File

@ -190,7 +190,7 @@ static char *getsistring(fmap_t *map, uint32_t ptr, uint32_t len)
if (!len) return NULL;
if (len > 400) len = 400;
name = cli_malloc(len + 1);
name = cli_max_malloc(len + 1);
if (!name) {
cli_dbgmsg("SIS: OOM\n");
return NULL;
@ -303,7 +303,7 @@ static cl_error_t real_scansis(cli_ctx *ctx, const char *tmpd)
goto done;
}
pos += sis.langs * sizeof(uint16_t);
if (!(alangs = cli_malloc(sis.langs * sizeof(char *)))) {
if (!(alangs = cli_max_malloc(sis.langs * sizeof(char *)))) {
cli_dbgmsg("SIS: OOM\n");
goto done;
}
@ -431,7 +431,7 @@ static cl_error_t real_scansis(cli_ctx *ctx, const char *tmpd)
FREE(install_filepath);
}
if (!(ptrs = cli_malloc(fcount * sizeof(uint32_t) * 3))) {
if (!(ptrs = cli_max_malloc(fcount * sizeof(uint32_t) * 3))) {
cli_dbgmsg("\tOOM\n");
status = CL_EMEM;
goto done;
@ -486,7 +486,7 @@ static cl_error_t real_scansis(cli_ctx *ctx, const char *tmpd)
continue;
}
if (!(decomp = cli_malloc(olen))) {
if (!(decomp = cli_max_malloc(olen))) {
cli_dbgmsg("\tOOM\n");
goto done;
}
@ -790,7 +790,7 @@ static cl_error_t real_scansis9x(cli_ctx *ctx, const char *tmpd)
s->sleft = s->smax = 0;
if (cli_checklimits("sis", ctx, ALIGN4(s->fsize[s->level]), 0, 0) != CL_CLEAN) break;
if (!(src = cli_malloc(ALIGN4(s->fsize[s->level])))) break;
if (!(src = cli_max_malloc(ALIGN4(s->fsize[s->level])))) break;
len = ALIGN4(s->fsize[s->level]);
if ((uint32_t)fmap_readn(s->map, src, s->pos, len) != len) {
@ -811,7 +811,7 @@ static cl_error_t real_scansis9x(cli_ctx *ctx, const char *tmpd)
break;
}
if (!(dst = cli_malloc(uusize))) {
if (!(dst = cli_max_malloc(uusize))) {
cli_dbgmsg("SIS: OOM\n");
free(src);
break;

12
libclamav/spin.c
Unescape View File

@ -171,7 +171,7 @@ int unspin(char *src, int ssize, struct cli_exe_section *sections, int sectcnt,
cli_dbgmsg("in unspin\n");
if ((spinned = (char *)cli_malloc(sections[sectcnt].rsz)) == NULL) {
if ((spinned = (char *)cli_max_malloc(sections[sectcnt].rsz)) == NULL) {
cli_dbgmsg("spin: Unable to allocate memory for spinned\n");
return 1;
}
@ -394,7 +394,7 @@ int unspin(char *src, int ssize, struct cli_exe_section *sections, int sectcnt,
}
cli_dbgmsg("spin: Compression bitmap is %x\n", bitmap);
if ((sects = (char **)cli_malloc(sectcnt * sizeof(char *))) == NULL) {
if ((sects = (char **)cli_max_malloc(sectcnt * sizeof(char *))) == NULL) {
cli_dbgmsg("spin: malloc(%zu) failed\n", (size_t)sectcnt * sizeof(char *));
return 1;
}
@ -402,7 +402,7 @@ int unspin(char *src, int ssize, struct cli_exe_section *sections, int sectcnt,
len = 0;
for (j = 0; j < sectcnt; j++) {
if (bitmap & 1) {
if ((sects[j] = (char *)cli_malloc(sections[j].vsz)) == NULL) {
if ((sects[j] = (char *)cli_max_malloc(sections[j].vsz)) == NULL) {
cli_dbgmsg("spin: malloc(%u) failed\n", sections[j].vsz);
len = 1;
break;
@ -447,7 +447,7 @@ int unspin(char *src, int ssize, struct cli_exe_section *sections, int sectcnt,
if (j != sectcnt && ((bitman & (1 << j)) == 0)) { /* FIXME: not really sure either the res sect is lamed or just compressed, but this'll save some major headaches */
cli_dbgmsg("spin: Resources (sect%d) appear to be compressed\n\tuncompressed offset %x, len %x\n\tcompressed offset %x, len %x\n", j, sections[j].rva, key32 - sections[j].rva, key32, sections[j].vsz - (key32 - sections[j].rva));
if ((curr = (char *)cli_malloc(sections[j].vsz)) != NULL) {
if ((curr = (char *)cli_max_malloc(sections[j].vsz)) != NULL) {
memcpy(curr, src + sections[j].raw, key32 - sections[j].rva); /* Uncompressed part */
memset(curr + key32 - sections[j].rva, 0, sections[j].vsz - (key32 - sections[j].rva)); /* bzero */
if (cli_unfsg(src + sections[j].raw + key32 - sections[j].rva, curr + key32 - sections[j].rva, sections[j].rsz - (key32 - sections[j].rva), sections[j].vsz - (key32 - sections[j].rva), NULL, NULL)) {
@ -473,9 +473,9 @@ int unspin(char *src, int ssize, struct cli_exe_section *sections, int sectcnt,
bitmap = bitman; /* save as a free() bitmap */
if ((ep = (char *)cli_malloc(blobsz)) != NULL) {
if ((ep = (char *)cli_max_malloc(blobsz)) != NULL) {
struct cli_exe_section *rebhlp;
if ((rebhlp = (struct cli_exe_section *)cli_malloc(sizeof(struct cli_exe_section) * (sectcnt))) != NULL) {
if ((rebhlp = (struct cli_exe_section *)cli_max_malloc(sizeof(struct cli_exe_section) * (sectcnt))) != NULL) {
char *to = ep;
int retval = 0;

16
libclamav/str.c
Unescape View File

@ -134,7 +134,7 @@ uint16_t *cli_hex2ui(const char *hex)
return NULL;
}
str = cli_calloc((len / 2) + 1, sizeof(uint16_t));
str = cli_max_calloc((len / 2) + 1, sizeof(uint16_t));
if (!str)
return NULL;
@ -158,7 +158,7 @@ char *cli_hex2str(const char *hex)
return NULL;
}
str = cli_calloc((len / 2) + 1, sizeof(char));
str = cli_max_calloc((len / 2) + 1, sizeof(char));
if (!str)
return NULL;
@ -224,9 +224,9 @@ int cli_xtoi(const char *hex)
if (len % 2 == 0)
return cli_hex2num(hex);
hexbuf = cli_calloc(len + 2, sizeof(char));
hexbuf = cli_max_calloc(len + 2, sizeof(char));
if (hexbuf == NULL) {
cli_errmsg("cli_xtoi(): cli_malloc fails.\n");
cli_errmsg("cli_xtoi(): cli_max_malloc fails.\n");
return -1;
}
@ -244,7 +244,7 @@ char *cli_str2hex(const char *string, unsigned int len)
'8', '9', 'a', 'b', 'c', 'd', 'e', 'f'};
unsigned int i, j;
if ((hexstr = (char *)cli_calloc(2 * len + 1, sizeof(char))) == NULL)
if ((hexstr = (char *)cli_max_calloc(2 * len + 1, sizeof(char))) == NULL)
return NULL;
for (i = 0, j = 0; i < len; i++, j += 2) {
@ -332,7 +332,7 @@ char *cli_strtok(const char *line, int fieldno, const char *delim)
if (i == j) {
return NULL;
}
buffer = cli_malloc(j - i + 1);
buffer = cli_max_malloc(j - i + 1);
if (!buffer) {
cli_errmsg("cli_strtok: Unable to allocate memory for buffer\n");
return NULL;
@ -940,7 +940,7 @@ char *cli_unescape(const char *str)
const size_t len = strlen(str);
/* unescaped string is at most as long as original,
* it will usually be shorter */
R = cli_malloc(len + 1);
R = cli_max_malloc(len + 1);
if (!R) {
cli_errmsg("cli_unescape: Unable to allocate memory for string\n");
return NULL;
@ -974,7 +974,7 @@ char *cli_unescape(const char *str)
R[i++] = c;
}
R[i++] = '\0';
R = cli_realloc2(R, i);
R = cli_max_realloc2(R, i);
return R;
}

4
libclamav/tnef.c
Unescape View File

@ -246,7 +246,7 @@ tnef_message(fmap_t *map, off_t *pos, uint16_t type, uint16_t tag, int32_t lengt
case attMSGCLASS:
if (length <= 0)
return -1;
string = cli_malloc(length + 1);
string = cli_max_malloc(length + 1);
if (string == NULL) {
cli_errmsg("tnef_message: Unable to allocate memory for string\n");
return -1;
@ -296,7 +296,7 @@ tnef_attachment(fmap_t *map, off_t *pos, uint16_t type, uint16_t tag, int32_t le
case attATTACHTITLE:
if (length <= 0)
return -1;
string = cli_malloc(length + 1);
string = cli_max_malloc(length + 1);
if (string == NULL) {
cli_errmsg("tnef_attachment: Unable to allocate memory for string\n");
return -1;

12
libclamav/udf.c
Unescape View File

@ -633,9 +633,9 @@ static cl_error_t initPointerList(PointerList *pl)
uint32_t capacity = POINTER_LIST_INCREMENT;
freePointerList(pl);
CLI_CALLOC(pl->idxs, capacity, sizeof(uint8_t *),
cli_errmsg("initPointerList: Can't allocate memory\n");
ret = CL_EMEM);
CALLOC(pl->idxs, capacity, sizeof(uint8_t *),
cli_errmsg("initPointerList: Can't allocate memory\n");
ret = CL_EMEM);
pl->capacity = capacity;
done:
@ -648,9 +648,9 @@ static cl_error_t insertPointer(PointerList *pl, const uint8_t *pointer)
if (pl->cnt == (pl->capacity - 1)) {
uint32_t newCapacity = pl->capacity + POINTER_LIST_INCREMENT;
CLI_REALLOC(pl->idxs, newCapacity * sizeof(uint8_t *),
cli_errmsg("insertPointer: Can't allocate memory\n");
ret = CL_EMEM);
CLI_SAFER_REALLOC(pl->idxs, newCapacity * sizeof(uint8_t *),
cli_errmsg("insertPointer: Can't allocate memory\n");
ret = CL_EMEM);
pl->capacity = newCapacity;
}

12
libclamav/unarj.c
Unescape View File

@ -551,7 +551,7 @@ static cl_error_t decode(arj_metadata_t *metadata)
int16_t chr, i, j;
memset(&decode_data, 0, sizeof(decode_data));
decode_data.text = (unsigned char *)cli_calloc(DDICSIZ, 1);
decode_data.text = (unsigned char *)cli_max_calloc(DDICSIZ, 1);
if (!decode_data.text) {
return CL_EMEM;
}
@ -706,7 +706,7 @@ static cl_error_t decode_f(arj_metadata_t *metadata)
dd = &decode_data;
memset(&decode_data, 0, sizeof(decode_data));
decode_data.text = (unsigned char *)cli_calloc(DDICSIZ, 1);
decode_data.text = (unsigned char *)cli_max_calloc(DDICSIZ, 1);
if (!decode_data.text) {
return CL_EMEM;
}
@ -899,7 +899,7 @@ static int arj_read_main_header(arj_metadata_t *metadata)
goto done;
}
if (filename_max_len > 0) {
fnnorm = cli_calloc(sizeof(unsigned char), filename_max_len + 1);
fnnorm = cli_max_calloc(sizeof(unsigned char), filename_max_len + 1);
filename = fmap_need_offstr(metadata->map, metadata->offset, filename_max_len + 1);
if (!filename || !fnnorm) {
cli_dbgmsg("UNARJ: Unable to allocate memory for filename\n");
@ -917,7 +917,7 @@ static int arj_read_main_header(arj_metadata_t *metadata)
goto done;
}
if (comment_max_len > 0) {
comnorm = cli_calloc(sizeof(unsigned char), comment_max_len + 1);
comnorm = cli_max_calloc(sizeof(unsigned char), comment_max_len + 1);
comment = fmap_need_offstr(metadata->map, metadata->offset, comment_max_len + 1);
if (!comment || !comnorm) {
cli_dbgmsg("UNARJ: Unable to allocate memory for comment\n");
@ -1044,7 +1044,7 @@ static cl_error_t arj_read_file_header(arj_metadata_t *metadata)
goto done;
}
if (filename_max_len > 0) {
fnnorm = cli_calloc(sizeof(unsigned char), filename_max_len + 1);
fnnorm = cli_max_calloc(sizeof(unsigned char), filename_max_len + 1);
if (!fnnorm) {
cli_dbgmsg("UNARJ: Unable to allocate memory for filename\n");
ret = CL_EMEM;
@ -1067,7 +1067,7 @@ static cl_error_t arj_read_file_header(arj_metadata_t *metadata)
goto done;
}
if (comment_max_len > 0) {
comnorm = cli_calloc(sizeof(unsigned char), comment_max_len + 1);
comnorm = cli_max_calloc(sizeof(unsigned char), comment_max_len + 1);
if (!comnorm) {
cli_dbgmsg("UNARJ: Unable to allocate memory for comment\n");
ret = CL_EMEM;

2
libclamav/uniq.c
Unescape View File

@ -42,7 +42,7 @@ struct uniq *uniq_init(uint32_t count)
U = calloc(1, sizeof(*U));
if (!U) return NULL;
U->md5s = cli_malloc(count * sizeof(*U->md5s));
U->md5s = cli_max_malloc(count * sizeof(*U->md5s));
if (!U->md5s) {
uniq_free(U);
return NULL;

2
libclamav/unsp.c
Unescape View File

@ -155,7 +155,7 @@ uint32_t unspack(const char *start_of_stuff, char *dest, cli_ctx *ctx, uint32_t
return 1; /* Should be ~15KB, if it's so big it's prolly just not nspacked */
cli_dbgmsg("unsp: table size = %d\n", tablesz);
if (!(table = cli_malloc(tablesz))) {
if (!(table = cli_max_malloc(tablesz))) {
cli_dbgmsg("unspack: Unable to allocate memory for table\n");
return 1;
}

2
libclamav/unzip.c
Unescape View File

@ -1065,7 +1065,7 @@ cl_error_t index_the_central_directory(
goto done;
}
zip_catalogue_new = cli_realloc(zip_catalogue, sizeof(struct zip_record) * ZIP_RECORDS_CHECK_BLOCKSIZE * (num_record_blocks + 1));
zip_catalogue_new = cli_max_realloc(zip_catalogue, sizeof(struct zip_record) * ZIP_RECORDS_CHECK_BLOCKSIZE * (num_record_blocks + 1));
if (NULL == zip_catalogue_new) {
status = CL_EMEM;
goto done;

4
libclamav/upx.c
Unescape View File

@ -187,7 +187,7 @@ static int pefromupx(const char *src, uint32_t ssize, char *dst, uint32_t *dsize
if (!pehdr) {
uint32_t rebsz = PESALIGN(dend, 0x1000);
cli_dbgmsg("UPX: no luck - brutally crafting a reasonable PE\n");
if (!(newbuf = (char *)cli_calloc(rebsz + 0x200, sizeof(char)))) {
if (!(newbuf = (char *)cli_max_calloc(rebsz + 0x200, sizeof(char)))) {
cli_dbgmsg("UPX: malloc failed - giving up rebuild\n");
return 0;
}
@ -234,7 +234,7 @@ static int pefromupx(const char *src, uint32_t ssize, char *dst, uint32_t *dsize
cli_writeint32(pehdr + 8, 0x4d414c43);
cli_writeint32(pehdr + 0x3c, valign);
if (!(newbuf = (char *)cli_calloc(foffset, sizeof(char)))) {
if (!(newbuf = (char *)cli_max_calloc(foffset, sizeof(char)))) {
cli_dbgmsg("UPX: malloc failed - giving up rebuild\n");
return 0;
}

24
libclamav/vba_extract.c
Unescape View File

@ -109,7 +109,7 @@ get_unicode_name(const char *name, int size, int big_endian)
if ((name == NULL) || (*name == '\0') || (size <= 0))
return NULL;
newname = (char *)cli_malloc(size * 7 + 1);
newname = (char *)cli_max_malloc(size * 7 + 1);
if (newname == NULL) {
cli_errmsg("get_unicode_name: Unable to allocate memory for newname\n");
return NULL;
@ -150,7 +150,7 @@ get_unicode_name(const char *name, int size, int big_endian)
*ret = '\0';
/* Saves a lot of memory */
ret = cli_realloc(newname, (ret - newname) + 1);
ret = cli_max_realloc(newname, (ret - newname) + 1);
return ret ? ret : newname;
}
@ -211,7 +211,7 @@ vba_read_project_strings(int fd, int big_endian)
}
/* ensure buffer is large enough */
if (length > buflen) {
unsigned char *newbuf = (unsigned char *)cli_realloc(buf, length);
unsigned char *newbuf = (unsigned char *)cli_max_realloc(buf, length);
if (newbuf == NULL) {
ret = 0;
break;
@ -1539,7 +1539,7 @@ cli_vba_readdir(const char *dir, struct uniq *U, uint32_t which)
break;
}
if (length > buflen) {
unsigned char *newbuf = (unsigned char *)cli_realloc(buf, length);
unsigned char *newbuf = (unsigned char *)cli_max_realloc(buf, length);
if (newbuf == NULL)
break;
buflen = length;
@ -2034,7 +2034,7 @@ word_read_macro_entry(int fd, macro_info_t *macro_info)
return TRUE;
msize = count * sizeof(struct macro);
m = cli_malloc(msize);
m = cli_max_malloc(msize);
if (m == NULL) {
cli_errmsg("word_read_macro_entry: Unable to allocate memory for 'm'\n");
return FALSE;
@ -2069,7 +2069,7 @@ word_read_macro_info(int fd, macro_info_t *macro_info)
cli_dbgmsg("macro count: %d\n", macro_info->count);
if (macro_info->count == 0)
return NULL;
macro_info->entries = (macro_entry_t *)cli_malloc(sizeof(macro_entry_t) * macro_info->count);
macro_info->entries = (macro_entry_t *)cli_max_malloc(sizeof(macro_entry_t) * macro_info->count);
if (macro_info->entries == NULL) {
macro_info->count = 0;
cli_errmsg("word_read_macro_info: Unable to allocate memory for macro_info->entries\n");
@ -2290,8 +2290,8 @@ cli_wm_readdir(int fd)
vba_project = create_vba_project(macro_info.count, "", NULL);
if (vba_project) {
vba_project->length = (uint32_t *)cli_malloc(sizeof(uint32_t) * macro_info.count);
vba_project->key = (unsigned char *)cli_malloc(sizeof(unsigned char) * macro_info.count);
vba_project->length = (uint32_t *)cli_max_malloc(sizeof(uint32_t) * macro_info.count);
vba_project->key = (unsigned char *)cli_max_malloc(sizeof(unsigned char) * macro_info.count);
if ((vba_project->length != NULL) &&
(vba_project->key != NULL)) {
int i;
@ -2333,7 +2333,7 @@ cli_wm_decrypt_macro(int fd, off_t offset, uint32_t len, unsigned char key)
if (fd < 0)
return NULL;
buff = (unsigned char *)cli_malloc(len);
buff = (unsigned char *)cli_max_malloc(len);
if (buff == NULL) {
cli_errmsg("cli_wm_decrypt_macro: Unable to allocate memory for buff\n");
return NULL;
@ -2432,10 +2432,10 @@ create_vba_project(int record_count, const char *dir, struct uniq *U)
return NULL;
}
ret->name = (char **)cli_malloc(sizeof(char *) * record_count);
ret->colls = (uint32_t *)cli_malloc(sizeof(uint32_t) * record_count);
ret->name = (char **)cli_max_malloc(sizeof(char *) * record_count);
ret->colls = (uint32_t *)cli_max_malloc(sizeof(uint32_t) * record_count);
ret->dir = cli_strdup(dir);
ret->offset = (uint32_t *)cli_malloc(sizeof(uint32_t) * record_count);
ret->offset = (uint32_t *)cli_max_malloc(sizeof(uint32_t) * record_count);
if ((ret->colls == NULL) || (ret->name == NULL) || (ret->dir == NULL) || (ret->offset == NULL)) {
cli_free_vba_project(ret);

2
libclamav/wwunpack.c
Unescape View File

@ -96,7 +96,7 @@ cl_error_t wwunpack(uint8_t *exe, uint32_t exesz, uint8_t *wwsect, struct cli_ex
break;
}
cli_dbgmsg("WWP: src: %x, szd: %x, srcend: %x - %x\n", src, szd, srcend, srcend + 4 - szd);
if (!(compd = cli_malloc(szd))) {
if (!(compd = cli_max_malloc(szd))) {
cli_dbgmsg("WWPack: Unable to allocate memory for compd\n");
break;
}

4
libclamav/www.c
Unescape View File

@ -173,7 +173,7 @@ char *encode_data(const char *postdata)
if (bufsz == 0)
return NULL;
buf = cli_calloc(1, bufsz + 1);
buf = cli_max_calloc(1, bufsz + 1);
if (!(buf))
return NULL;
@ -231,7 +231,7 @@ void submit_post(const char *host, const char *port, const char *method, const c
bufsz += strlen(encoded);
}
buf = cli_calloc(1, bufsz);
buf = cli_max_calloc(1, bufsz);
if (!(buf)) {
if ((encoded))
free(encoded);

4
libclamav/xar.c
Unescape View File

@ -473,9 +473,9 @@ int cli_scanxar(cli_ctx *ctx)
return CL_EREAD;
}
strm.avail_in = hdr.toc_length_compressed;
toc = cli_malloc(hdr.toc_length_decompressed + 1);
toc = cli_max_malloc(hdr.toc_length_decompressed + 1);
if (toc == NULL) {
cli_dbgmsg("cli_scanxar: cli_malloc fails on TOC decompress buffer.\n");
cli_dbgmsg("cli_scanxar: cli_max_malloc fails on TOC decompress buffer.\n");
return CL_EMEM;
}
toc[hdr.toc_length_decompressed] = '\0';

4
libclamav/xlm_extract.c
Unescape View File

@ -4790,7 +4790,7 @@ cl_error_t cli_extract_xlm_macros_and_images(const char *dir, cli_ctx *ctx, char
} else {
/* already found the beginning of a drawing group, extract the remaining chunks */
drawinggroup_len += biff_header.length;
CLI_REALLOC(drawinggroup, drawinggroup_len, status = CL_EMEM);
CLI_MAX_REALLOC(drawinggroup, drawinggroup_len, status = CL_EMEM);
memcpy(drawinggroup + (drawinggroup_len - biff_header.length), data, biff_header.length);
// cli_dbgmsg("Collected %d drawing group bytes\n", biff_header.length);
}
@ -4801,7 +4801,7 @@ cl_error_t cli_extract_xlm_macros_and_images(const char *dir, cli_ctx *ctx, char
(NULL != drawinggroup)) {
/* already found the beginning of an image, extract the remaining chunks */
drawinggroup_len += biff_header.length;
CLI_REALLOC(drawinggroup, drawinggroup_len, status = CL_EMEM);
CLI_MAX_REALLOC(drawinggroup, drawinggroup_len, status = CL_EMEM);
memcpy(drawinggroup + (drawinggroup_len - biff_header.length), data, biff_header.length);
// cli_dbgmsg("Collected %d image bytes\n", biff_header.length);
}

2
libclamav/xz_iface.c
Unescape View File

@ -40,7 +40,7 @@ void *__xz_wrap_alloc(void *unused, size_t size)
(unsigned long int)size);
return NULL;
}
return cli_malloc(size);
return cli_max_malloc(size);
}
void __xz_wrap_free(void *unused, void *freeme)
{

4
libclamav/yara_clam.h
Unescape View File

@ -453,8 +453,8 @@ struct RE {
* YARA to ClamAV function mappings
*/
#define yr_strdup cli_strdup
#define yr_malloc cli_malloc
#define yr_realloc cli_realloc
#define yr_malloc cli_max_malloc
#define yr_realloc cli_max_realloc
#define yr_free free
#define xtoi cli_xtoi

2
libfreshclam/libfreshclam.c
Unescape View File

@ -227,7 +227,7 @@ fc_error_t fc_initialize(fc_config *fcConfig)
#else
if (fcConfig->databaseDirectory[strlen(fcConfig->databaseDirectory) - 1] != '/') {
#endif
g_databaseDirectory = cli_malloc(strlen(fcConfig->databaseDirectory) + strlen(PATHSEP) + 1);
g_databaseDirectory = cli_max_malloc(strlen(fcConfig->databaseDirectory) + strlen(PATHSEP) + 1);
snprintf(
g_databaseDirectory,
strlen(fcConfig->databaseDirectory) + strlen(PATHSEP) + 1,

18
sigtool/sigtool.c
Unescape View File

@ -219,7 +219,7 @@ static int hashpe(const char *filename, unsigned int class, int type)
ctx.dconf = (struct cli_dconf *)engine->dconf;
ctx.recursion_stack_size = ctx.engine->max_recursion_level;
ctx.recursion_stack = cli_calloc(sizeof(recursion_level_t), ctx.recursion_stack_size);
ctx.recursion_stack = calloc(sizeof(recursion_level_t), ctx.recursion_stack_size);
if (!ctx.recursion_stack) {
goto done;
}
@ -473,7 +473,7 @@ static cli_ctx *convenience_ctx(int fd)
}
/* prepare context */
ctx = cli_calloc(1, sizeof(cli_ctx));
ctx = calloc(1, sizeof(cli_ctx));
if (!ctx) {
printf("convenience_ctx: ctx allocation failed\n");
goto done;
@ -486,7 +486,7 @@ static cli_ctx *convenience_ctx(int fd)
ctx->dconf = (struct cli_dconf *)engine->dconf;
ctx->recursion_stack_size = ctx->engine->max_recursion_level;
ctx->recursion_stack = cli_calloc(sizeof(recursion_level_t), ctx->recursion_stack_size);
ctx->recursion_stack = calloc(sizeof(recursion_level_t), ctx->recursion_stack_size);
if (!ctx->recursion_stack) {
status = CL_EMEM;
goto done;
@ -499,7 +499,7 @@ static cli_ctx *convenience_ctx(int fd)
ctx->fmap = ctx->recursion_stack[ctx->recursion_level].fmap;
ctx->options = cli_calloc(1, sizeof(struct cl_scan_options));
ctx->options = calloc(1, sizeof(struct cl_scan_options));
if (!ctx->options) {
printf("convenience_ctx: scan options allocation failed\n");
goto done;
@ -2367,7 +2367,7 @@ static void matchsig(char *sig, const char *offset, int fd)
ctx.dconf = (struct cli_dconf *)engine->dconf;
ctx.recursion_stack_size = ctx.engine->max_recursion_level;
ctx.recursion_stack = cli_calloc(sizeof(recursion_level_t), ctx.recursion_stack_size);
ctx.recursion_stack = calloc(sizeof(recursion_level_t), ctx.recursion_stack_size);
if (!ctx.recursion_stack) {
goto done;
}
@ -2753,7 +2753,7 @@ static int decodehex(const char *hexsig)
clen = hexlen - tlen - rlen - 2; /* 2 from regex boundaries '/' */
/* get the trigger statement */
trigger = cli_calloc(tlen + 1, sizeof(char));
trigger = calloc(tlen + 1, sizeof(char));
if (!trigger) {
mprintf(LOGG_ERROR, "cannot allocate memory for trigger string\n");
return -1;
@ -2762,7 +2762,7 @@ static int decodehex(const char *hexsig)
trigger[tlen] = '\0';
/* get the regex expression */
regex = cli_calloc(rlen + 1, sizeof(char));
regex = cli_max_calloc(rlen + 1, sizeof(char));
if (!regex) {
mprintf(LOGG_ERROR, "cannot allocate memory for regex expression\n");
free(trigger);
@ -2773,7 +2773,7 @@ static int decodehex(const char *hexsig)
/* get the compile flags */
if (clen) {
cflags = cli_calloc(clen + 1, sizeof(char));
cflags = cli_max_calloc(clen + 1, sizeof(char));
if (!cflags) {
mprintf(LOGG_ERROR, "cannot allocate memory for compile flags\n");
free(trigger);
@ -3578,7 +3578,7 @@ static int dumpcerts(const struct optstruct *opts)
ctx.dconf = (struct cli_dconf *)engine->dconf;
ctx.recursion_stack_size = ctx.engine->max_recursion_level;
ctx.recursion_stack = cli_calloc(sizeof(recursion_level_t), ctx.recursion_stack_size);
ctx.recursion_stack = calloc(sizeof(recursion_level_t), ctx.recursion_stack_size);
if (!ctx.recursion_stack) {
goto done;
}

8
unit_tests/check_bytecode.c
Unescape View File

@ -83,8 +83,8 @@ static void runtest(const char *file, uint64_t expected, int fail, int nojit,
cctx.dconf = cctx.engine->dconf;
cctx.recursion_stack_size = cctx.engine->max_recursion_level;
cctx.recursion_stack = cli_calloc(sizeof(recursion_level_t), cctx.recursion_stack_size);
ck_assert_msg(!!cctx.recursion_stack, "cli_calloc() for recursion_stack failed");
cctx.recursion_stack = cli_max_calloc(sizeof(recursion_level_t), cctx.recursion_stack_size);
ck_assert_msg(!!cctx.recursion_stack, "cli_max_calloc() for recursion_stack failed");
// ctx was memset, so recursion_level starts at 0.
cctx.recursion_stack[cctx.recursion_level].fmap = NULL;
@ -509,8 +509,8 @@ static void runload(const char *dbname, struct cl_engine *engine, unsigned signo
/* when run from automake srcdir is set, but if run manually then not */
srcdir = SRCDIR;
}
str = cli_malloc(strlen(srcdir) + 1 + strlen(dbname) + 1);
ck_assert_msg(!!str, "cli_malloc");
str = cli_max_malloc(strlen(srcdir) + 1 + strlen(dbname) + 1);
ck_assert_msg(!!str, "cli_max_malloc");
sprintf(str, "%s" PATHSEP "%s", srcdir, dbname);
rc = cl_load(str, engine, &signo, CL_DB_STDOPT);

12
unit_tests/check_clamav.c
Unescape View File

@ -581,8 +581,8 @@ static void init_testfiles(void)
if (strncmp(dirent->d_name, "clam", 4))
continue;
i++;
testfiles = cli_realloc(testfiles, i * sizeof(*testfiles));
ck_assert_msg(!!testfiles, "cli_realloc");
testfiles = cli_max_realloc(testfiles, i * sizeof(*testfiles));
ck_assert_msg(!!testfiles, "cli_max_realloc");
testfiles[i - 1] = strdup(dirent->d_name);
}
testfiles_n = i;
@ -1921,8 +1921,8 @@ int open_testfile(const char *name, int flags)
srcdir = SRCDIR;
}
str = cli_malloc(strlen(name) + strlen(srcdir) + 2);
ck_assert_msg(!!str, "cli_malloc");
str = cli_max_malloc(strlen(name) + strlen(srcdir) + 2);
ck_assert_msg(!!str, "cli_max_malloc");
sprintf(str, "%s" PATHSEP "%s", srcdir, name);
fd = open(str, flags);
@ -1935,7 +1935,7 @@ void diff_file_mem(int fd, const char *ref, size_t len)
{
char c1, c2;
size_t p, reflen = len;
char *buf = cli_malloc(len);
char *buf = cli_max_malloc(len);
ck_assert_msg(!!buf, "unable to malloc buffer: %zu", len);
p = read(fd, buf, len);
@ -1964,7 +1964,7 @@ void diff_files(int fd, int ref_fd)
off_t siz = lseek(ref_fd, 0, SEEK_END);
ck_assert_msg(siz != -1, "lseek failed");
ref = cli_malloc(siz);
ref = cli_max_malloc(siz);
ck_assert_msg(!!ref, "unable to malloc buffer: " STDi64, (int64_t)siz);
ck_assert_msg(lseek(ref_fd, 0, SEEK_SET) == 0, "lseek failed");

8
unit_tests/check_matchers.c
Unescape View File

@ -178,8 +178,8 @@ static void setup(void)
ctx.dconf = ctx.engine->dconf;
ctx.recursion_stack_size = ctx.engine->max_recursion_level;
ctx.recursion_stack = cli_calloc(sizeof(recursion_level_t), ctx.recursion_stack_size);
ck_assert_msg(!!ctx.recursion_stack, "cli_calloc() for recursion_stack failed");
ctx.recursion_stack = cli_max_calloc(sizeof(recursion_level_t), ctx.recursion_stack_size);
ck_assert_msg(!!ctx.recursion_stack, "cli_max_calloc() for recursion_stack failed");
// ctx was memset, so recursion_level starts at 0.
ctx.recursion_stack[ctx.recursion_level].fmap = &thefmap;
@ -478,7 +478,7 @@ START_TEST(test_pcre_scanbuff)
for (i = 0; pcre_testdata[i].data; i++) {
hexlen = strlen(PCRE_BYPASS) + strlen(pcre_testdata[i].hexsig) + 1;
hexsig = cli_calloc(hexlen, sizeof(char));
hexsig = cli_max_calloc(hexlen, sizeof(char));
ck_assert_msg(hexsig != NULL, "[pcre] failed to prepend bypass (out-of-memory)");
strncat(hexsig, PCRE_BYPASS, hexlen);
@ -532,7 +532,7 @@ START_TEST(test_pcre_scanbuff_allscan)
for (i = 0; pcre_testdata[i].data; i++) {
hexlen = strlen(PCRE_BYPASS) + strlen(pcre_testdata[i].hexsig) + 1;
hexsig = cli_calloc(hexlen, sizeof(char));
hexsig = cli_max_calloc(hexlen, sizeof(char));
ck_assert_msg(hexsig != NULL, "[pcre] failed to prepend bypass (out-of-memory)");
strncat(hexsig, PCRE_BYPASS, hexlen);

Write Preview
Loading…
Cancel
Save