add mew and upack into dconf

git-svn: trunk@2652
19 years ago · b6aee32121
parent e48dcea965
commit b6aee32121
8 changed files with 20 additions and 25 deletions
--- a/clamav-devel/ChangeLog
+++ b/clamav-devel/ChangeLog
@ -1,3 +1,7 @@
+Tue Jan 30 20:16:39 CET 2007 (tk)
+---------------------------------
+  * libclamav: add mew and upack into dconf
+
 Tue Jan 30 16:31:37 CET 2007 (tk)
 ---------------------------------
  * libclamav/unrar/unrar.c: properly handle metadata for large files
--- a/clamav-devel/libclamav/dconf.c
+++ b/clamav-devel/libclamav/dconf.c
@ -61,8 +61,12 @@ static struct dconf_module modules[] = {
 #ifdef CL_EXPERIMENTAL
    /* enable by default in experimental mode */
    { "PE",	    "NSPACK",	    PE_CONF_NSPACK,	    1 },
+    { "PE",	    "MEW",	    PE_CONF_MEW,	    1 },
+    { "PE",	    "UPACK",	    PE_CONF_UPACK,	    1 },
 #else
    { "PE",	    "NSPACK",	    PE_CONF_NSPACK,	    0 },
+    { "PE",	    "MEW",	    PE_CONF_MEW,	    0 },
+    { "PE",	    "UPACK",	    PE_CONF_UPACK,	    0 },
 #endif

    { "ELF",	    NULL,	    0x1,		    1 },
--- a/clamav-devel/libclamav/dconf.h
+++ b/clamav-devel/libclamav/dconf.h
@ -47,6 +47,8 @@ struct cli_dconf {
 #define PE_CONF_YC	    0x400
 #define PE_CONF_WWPACK	    0x800
 #define PE_CONF_NSPACK	    0x1000
+#define PE_CONF_MEW	    0x2000
+#define PE_CONF_UPACK	    0x4000

 /* Archive flags */
 #define ARCH_CONF_RAR	    0x1
--- a/clamav-devel/libclamav/mew.c
+++ b/clamav-devel/libclamav/mew.c
@ -30,7 +30,6 @@
 #include "clamav-config.h"
 #endif

-#ifdef CL_EXPERIMENTAL
 #include <stdio.h>
 #include <stdlib.h>
 #include <sys/types.h>
@ -874,5 +873,3 @@ int unmew11(int sectnum, char *src, int off, int ssize, int dsize, uint32_t base

 	return 1;
 }
-
-#endif /* CL_EXPERIMENTAL */
--- a/clamav-devel/libclamav/mew.h
+++ b/clamav-devel/libclamav/mew.h
@ -24,20 +24,18 @@
 #include "clamav-config.h"
 #endif

-#ifdef CL_EXPERIMENTAL
+#include "cltypes.h"
+
 struct lzmastate {
 	char *p0;
 	uint32_t p1, p2;
 };

-//int mew_lzma(struct pe_image_section_hdr *, char *, char *, uint32_t, uint32_t, uint32_t);
 int mew_lzma(char *, char *, uint32_t, uint32_t, uint32_t);

 uint32_t lzma_upack_esi_00(struct lzmastate *, char *, char *, uint32_t);
 uint32_t lzma_upack_esi_50(struct lzmastate *, uint32_t, uint32_t, char **, char *, uint32_t *, char *, uint32_t);
 uint32_t lzma_upack_esi_54(struct lzmastate *, uint32_t, uint32_t *, char **, uint32_t *, char *, uint32_t);
-//int unmew11(struct pe_image_section_hdr *, int, char *, int, int, int, uint32_t, uint32_t, int, char **, char **, int);
 int unmew11(int, char *, int, int, int, uint32_t, uint32_t, int, char **, char **, int);
-#endif

 #endif
--- a/clamav-devel/libclamav/pe.c
+++ b/clamav-devel/libclamav/pe.c
@ -49,10 +49,8 @@
 #include "str.h"
 #include "execs.h"
 #include "md5.h"
-#ifdef CL_EXPERIMENTAL
 #include "mew.h"
 #include "upack.h"
-#endif

 #ifndef	O_BINARY
 #define	O_BINARY	0
@ -484,7 +482,9 @@ int cli_scanpe(int desc, cli_ctx *ctx)
 	    lseek(desc, (EC16(file_hdr.SizeOfOptionalHeader)-sizeof(struct pe_image_optional_hdr32)), SEEK_CUR);
 	}

-	upack = (EC16(file_hdr.SizeOfOptionalHeader)==0x148);
+	if(DCONF & PE_CONF_UPACK)
+	    upack = (EC16(file_hdr.SizeOfOptionalHeader)==0x148);
+
 	vep = EC32(optional_hdr32.AddressOfEntryPoint);
 	cli_dbgmsg("File format: PE\n");

@ -1080,7 +1080,7 @@ int cli_scanpe(int desc, cli_ctx *ctx)

    /* try to find the first section with physical size == 0 */
    found = 0;
-    if(DCONF & (PE_CONF_UPX | PE_CONF_FSG)) {
+    if(DCONF & (PE_CONF_UPX | PE_CONF_FSG | PE_CONF_MEW)) {
 	for(i = 0; i < (unsigned int) nsections - 1; i++) {
 	    if(!section_hdr[i].SizeOfRawData && section_hdr[i].VirtualSize && section_hdr[i + 1].SizeOfRawData && section_hdr[i + 1].VirtualSize) {
 		found = 1;
@ -1090,10 +1090,8 @@ int cli_scanpe(int desc, cli_ctx *ctx)
 	}
    }

-
    /* MEW support */
-#ifdef CL_EXPERIMENTAL
-    if (found) {
+    if (found && (DCONF & PE_CONF_MEW)) {
 	uint32_t fileoffset;
 	/* Check EP for MEW */
 	if(lseek(desc, ep, SEEK_SET) == -1) {
@ -1253,11 +1251,7 @@ int cli_scanpe(int desc, cli_ctx *ctx)
 	} while (0);
    }

-
    if(found || upack) {
-#else
-    if(found) {
-#endif
 	/* Check EP for UPX vs. FSG vs. Upack */
 	if(lseek(desc, ep, SEEK_SET) == -1) {
 	    cli_dbgmsg("UPX/FSG: lseek() failed\n");
@ -1274,7 +1268,6 @@ int cli_scanpe(int desc, cli_ctx *ctx)
 	    return CL_CLEAN;
 	}

-#ifdef CL_EXPERIMENTAL
 	/* Upack 0.39 produces 2 types of executables
 	 * 3 sections:           | 2 sections (one empty, I don't chech found if !upack, since it's in OR above):
 	 *   mov esi, value      |   pusha
@ -1424,7 +1417,6 @@ int cli_scanpe(int desc, cli_ctx *ctx)
 		}
 	}
 skip_upack_and_go_to_next_unpacker:
-#endif

 	if((DCONF & PE_CONF_FSG) && buff[0] == '\x87' && buff[1] == '\x25') {

--- a/clamav-devel/libclamav/upack.c
+++ b/clamav-devel/libclamav/upack.c
@ -27,7 +27,6 @@
 #include "clamav-config.h"
 #endif

-#ifdef CL_EXPERIMENTAL
 #include <stdio.h>
 #include <stdlib.h>
 #include <sys/types.h>
@ -39,6 +38,7 @@
 #include "pe.h"
 #include "rebuildpe.h"
 #include "others.h"
+#include "upack.h"
 #include "mew.h"

 #define EC32(x) le32_to_host(x) /* Convert little endian to host */
@ -672,5 +672,3 @@ int unupack399(char *bs, uint32_t bl, uint32_t init_eax, char *init_ebx, uint32_

 	return 1;
 }
-
-#endif
--- a/clamav-devel/libclamav/upack.h
+++ b/clamav-devel/libclamav/upack.h
@ -24,8 +24,8 @@
 #include "clamav-config.h"
 #endif

-#ifdef CL_EXPERIMENTAL
+#include "cltypes.h"
+
 int unupack(int, char *, uint32_t, char *, uint32_t, uint32_t, uint32_t, uint32_t, int);

 #endif
-#endif