open-dsi
/
clamav
mirror of https://github.com/Cisco-Talos/clamav
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

libclamav: add ".UNOFFICIAL" suffix to 3rd party signatures (bb#1061)

Browse Source 
git-svn: trunk@3903
remotes/push_mirror/metadata
Tomasz Kojm 17 years ago
parent 5dc9a0676a
commit b5513f8ddf
7 changed files with 78 additions and 49 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 4
      ChangeLog
  2. 1
      libclamav/clamav.h
  3. 4
      libclamav/cvd.c
  4. 23
      libclamav/matcher-ac.c
  5. 2
      libclamav/matcher-ac.h
  6. 91
      libclamav/readdb.c
  7. 2
      libclamav/readdb.h

4
ChangeLog
Unescape View File

@ -1,3 +1,7 @@
Thu Jul 3 12:47:38 CEST 2008 (tk)
----------------------------------
* libclamav: add ".UNOFFICIAL" suffix to 3rd party signatures (bb#1061)
Wed Jul 2 13:24:25 CEST 2008 (tk)
----------------------------------
* sigtool/sigtool.c: make use of the UNLINK command in cdiffs (bb#1080)

1
libclamav/clamav.h
Unescape View File

@ -72,6 +72,7 @@ extern "C"
#define CL_DB_PHISHING_URLS 0x8
#define CL_DB_PUA 0x10
#define CL_DB_CVDNOTMP 0x20
#define CL_DB_OFFICIAL 0x40
/* recommended db settings */
#define CL_DB_STDOPT (CL_DB_PHISHING | CL_DB_PHISHING_URLS)

4
libclamav/cvd.c
Unescape View File

@ -545,7 +545,7 @@ int cli_cvdload(FILE *fs, struct cl_engine **engine, unsigned int *signo, short
if(options & CL_DB_CVDNOTMP) {
return cli_tgzload(cfd, engine, signo, options);
return cli_tgzload(cfd, engine, signo, options | CL_DB_OFFICIAL);
} else {
@ -565,7 +565,7 @@ int cli_cvdload(FILE *fs, struct cl_engine **engine, unsigned int *signo, short
}
/* load extracted directory */
ret = cl_load(dir, engine, signo, options);
ret = cl_load(dir, engine, signo, options | CL_DB_OFFICIAL);
cli_rmdirs(dir);
free(dir);

23
libclamav/matcher-ac.c
Unescape View File

@ -36,6 +36,7 @@
#include "filetypes.h"
#include "cltypes.h"
#include "str.h"
#include "readdb.h"
uint8_t cli_ac_mindepth = AC_DEFAULT_MIN_DEPTH;
uint8_t cli_ac_maxdepth = AC_DEFAULT_MAX_DEPTH;
@ -760,12 +761,12 @@ int cli_ac_scanbuff(const unsigned char *buffer, uint32_t length, const char **v
}
/* FIXME: clean up the code */
int cli_ac_addsig(struct cli_matcher *root, const char *virname, const char *hexsig, uint32_t sigid, uint16_t parts, uint16_t partno, uint16_t rtype, uint16_t type, uint32_t mindist, uint32_t maxdist, const char *offset, uint8_t target)
int cli_ac_addsig(struct cli_matcher *root, const char *virname, const char *hexsig, uint32_t sigid, uint16_t parts, uint16_t partno, uint16_t rtype, uint16_t type, uint32_t mindist, uint32_t maxdist, const char *offset, uint8_t target, unsigned int options)
{
struct cli_ac_patt *new;
char *pt, *pt2, *hex = NULL, *hexcpy = NULL;
uint16_t i, j, ppos = 0, pend, *dec;
uint8_t wprefix = 0, zprefix = 1, namelen, plen = 0;
uint8_t wprefix = 0, zprefix = 1, plen = 0;
struct cli_ac_alt *newalt, *altpt, **newtable;
int ret, error = CL_SUCCESS;
@ -1059,27 +1060,13 @@ int cli_ac_addsig(struct cli_matcher *root, const char *virname, const char *hex
if(new->length > root->maxpatlen)
root->maxpatlen = new->length;
if((pt = strstr(virname, " (Clam)")))
namelen = strlen(virname) - strlen(pt);
else
namelen = strlen(virname);
if(!namelen) {
cli_errmsg("cli_ac_addsig: No virus name\n");
new->prefix ? free(new->prefix) : free(new->pattern);
ac_free_alt(new);
free(new);
return CL_EMALFDB;
}
if((new->virname = cli_calloc(namelen + 1, sizeof(char))) == NULL) {
new->virname = cli_virname((char *) virname, options & CL_DB_OFFICIAL, 0);
if(!new->virname) {
new->prefix ? free(new->prefix) : free(new->pattern);
ac_free_alt(new);
free(new);
return CL_EMEM;
}
strncpy(new->virname, virname, namelen);
new->virname[namelen]='\0';
if(offset) {
new->offset = cli_strdup(offset);

2
libclamav/matcher-ac.h
Unescape View File

@ -78,7 +78,7 @@ int cli_ac_scanbuff(const unsigned char *buffer, uint32_t length, const char **v
int cli_ac_buildtrie(struct cli_matcher *root);
int cli_ac_init(struct cli_matcher *root, uint8_t mindepth, uint8_t maxdepth);
void cli_ac_free(struct cli_matcher *root);
int cli_ac_addsig(struct cli_matcher *root, const char *virname, const char *hexsig, uint32_t sigid, uint16_t parts, uint16_t partno, uint16_t rtype, uint16_t type, uint32_t mindist, uint32_t maxdist, const char *offset, uint8_t target);
int cli_ac_addsig(struct cli_matcher *root, const char *virname, const char *hexsig, uint32_t sigid, uint16_t parts, uint16_t partno, uint16_t rtype, uint16_t type, uint32_t mindist, uint32_t maxdist, const char *offset, uint8_t target, unsigned int options);
void cli_ac_setdepth(uint8_t mindepth, uint8_t maxdepth);
#endif

91
libclamav/readdb.c
Unescape View File

@ -92,11 +92,62 @@ struct cli_ignored {
int cl_loaddb(const char *filename, struct cl_engine **engine, unsigned int *signo);
int cl_loaddbdir(const char *dirname, struct cl_engine **engine, unsigned int *signo);
int cli_parse_add(struct cli_matcher *root, const char *virname, const char *hexsig, uint16_t rtype, uint16_t type, const char *offset, uint8_t target)
char *cli_virname(char *virname, unsigned int official, unsigned int allocated)
{
unsigned int len;
char *newname, *pt;
if(!virname)
return NULL;
if((pt = strstr(virname, " (Clam)")))
len = strlen(virname) - strlen(pt);
else
len = strlen(virname);
if(!len) {
cli_errmsg("cli_virname: Empty virus name\n");
return NULL;
}
if(!official) {
newname = (char *) cli_malloc(len + 11 + 1);
if(!newname) {
cli_errmsg("cli_virname: Can't allocate memory for newname\n");
if(allocated)
free(virname);
return NULL;
}
strncpy(newname, virname, len);
newname[len] = 0;
strcat(newname, ".UNOFFICIAL");
newname[len + 11] = 0;
if(allocated)
free(virname);
return newname;
}
if(!allocated) {
newname = (char *) cli_malloc(len + 1);
if(!newname) {
cli_errmsg("cli_virname: Can't allocate memory for newname\n");
return NULL;
}
strncpy(newname, virname, len);
newname[len] = 0;
return newname;
}
return virname;
}
static int cli_parse_add(struct cli_matcher *root, const char *virname, const char *hexsig, uint16_t rtype, uint16_t type, const char *offset, uint8_t target, unsigned int options)
{
struct cli_bm_patt *bm_new;
char *pt, *hexcpy, *start, *n;
int ret, virlen, asterisk = 0;
int ret, asterisk = 0;
unsigned int i, j, len, parts = 0;
int mindist = 0, maxdist = 0, error = 0;
@ -135,7 +186,7 @@ int cli_parse_add(struct cli_matcher *root, const char *virname, const char *hex
*pt++ = 0;
}
if((ret = cli_ac_addsig(root, virname, start, root->ac_partsigs, parts, i, rtype, type, mindist, maxdist, offset, target))) {
if((ret = cli_ac_addsig(root, virname, start, root->ac_partsigs, parts, i, rtype, type, mindist, maxdist, offset, target, options))) {
cli_errmsg("cli_parse_add(): Problem adding signature (1).\n");
error = 1;
break;
@ -215,7 +266,7 @@ int cli_parse_add(struct cli_matcher *root, const char *virname, const char *hex
return CL_EMALFDB;
}
if((ret = cli_ac_addsig(root, virname, pt, root->ac_partsigs, parts, i, rtype, type, 0, 0, offset, target))) {
if((ret = cli_ac_addsig(root, virname, pt, root->ac_partsigs, parts, i, rtype, type, 0, 0, offset, target, options))) {
cli_errmsg("cli_parse_add(): Problem adding signature (2).\n");
free(pt);
return ret;
@ -225,7 +276,7 @@ int cli_parse_add(struct cli_matcher *root, const char *virname, const char *hex
}
} else if(root->ac_only || strpbrk(hexsig, "?(") || type) {
if((ret = cli_ac_addsig(root, virname, hexsig, 0, 0, 0, rtype, type, 0, 0, offset, target))) {
if((ret = cli_ac_addsig(root, virname, hexsig, 0, 0, 0, rtype, type, 0, 0, offset, target, options))) {
cli_errmsg("cli_parse_add(): Problem adding signature (3).\n");
return ret;
}
@ -239,29 +290,15 @@ int cli_parse_add(struct cli_matcher *root, const char *virname, const char *hex
free(bm_new);
return CL_EMALFDB;
}
bm_new->length = strlen(hexsig) / 2;
if((pt = strstr(virname, "(Clam)")))
virlen = strlen(virname) - strlen(pt) - 1;
else
virlen = strlen(virname);
if(virlen <= 0) {
free(bm_new->pattern);
free(bm_new);
return CL_EMALFDB;
}
if((bm_new->virname = cli_calloc(virlen + 1, sizeof(char))) == NULL) {
bm_new->virname = cli_virname((char *) virname, options & CL_DB_OFFICIAL, 0);
if(!bm_new->virname) {
free(bm_new->pattern);
free(bm_new);
return CL_EMEM;
}
strncpy(bm_new->virname, virname, virlen);
bm_new->virname[virlen]='\0';
if(offset) {
bm_new->offset = cli_strdup(offset);
if(!bm_new->offset) {
@ -453,7 +490,7 @@ static int cli_loaddb(FILE *fs, struct cl_engine **engine, unsigned int *signo,
if(*pt == '=') continue;
if((ret = cli_parse_add(root, start, pt, 0, 0, NULL, 0))) {
if((ret = cli_parse_add(root, start, pt, 0, 0, NULL, 0, options))) {
ret = CL_EMALFDB;
break;
}
@ -632,7 +669,7 @@ static int cli_loadndb(FILE *fs, struct cl_engine **engine, unsigned int *signo,
break;
}
if((ret = cli_parse_add(root, virname, sig, 0, 0, offset, target))) {
if((ret = cli_parse_add(root, virname, sig, 0, 0, offset, target, options))) {
ret = CL_EMALFDB;
break;
}
@ -729,7 +766,7 @@ static int cli_loadftm(FILE *fs, struct cl_engine **engine, unsigned int options
}
if(atoi(tokens[0]) == 1) { /* A-C */
if((ret = cli_parse_add((*engine)->root[0], tokens[3], tokens[2], rtype, type, strcmp(tokens[1], "*") ? tokens[1] : NULL, 0)))
if((ret = cli_parse_add((*engine)->root[0], tokens[3], tokens[2], rtype, type, strcmp(tokens[1], "*") ? tokens[1] : NULL, 0, options)))
break;
} else if(atoi(tokens[0]) == 0) { /* memcmp() */
@ -973,7 +1010,7 @@ static int cli_loadmd5(FILE *fs, struct cl_engine **engine, unsigned int *signo,
}
size = atoi(pt);
if(!(new->virname = cli_strdup(tokens[2]))) {
if(!(new->virname = cli_virname((char *) tokens[2], options & CL_DB_OFFICIAL, 0))) {
free(new->pattern);
free(new);
ret = CL_EMALFDB;
@ -1059,9 +1096,9 @@ static int cli_loadmd(FILE *fs, struct cl_engine **engine, unsigned int *signo,
break;
}
if(!(new->virname = cli_strtok(buffer, 0, ":"))) {
if(!(new->virname = cli_virname(cli_strtok(buffer, 0, ":"), options & CL_DB_OFFICIAL, 1))) {
free(new);
ret = CL_EMALFDB;
ret = CL_EMEM;
break;
}

2
libclamav/readdb.h
Unescape View File

@ -51,7 +51,7 @@
cli_strbcasestr(ext, ".cld") \
)
int cli_parse_add(struct cli_matcher *root, const char *virname, const char *hexsig, uint16_t rtype, uint16_t type, const char *offset, uint8_t target);
char *cli_virname(char *virname, unsigned int official, unsigned int allocated);
int cli_initengine(struct cl_engine **engine, unsigned int options);

Write Preview
Loading…
Cancel
Save