DCONF support for ASPACK

git-svn: trunk@3103
19 years ago · c98bc23f79
parent 9443ec4a2a
commit c98bc23f79
5 changed files with 13 additions and 8 deletions
--- a/4
+++ b/4
@ -1,3 +1,7 @@
+Tue Jun 19 16:41:40 CEST 2007 (tk)
+----------------------------------
+  * libclamav: DCONF support for ASPACK
+
 Mon Jun 18 19:30:15 BST 2007 (njh)
 ----------------------------------
  * libclamav/pdf.c:	Remove compilation warnings on some Linux
--- a/libclamav/aspack.c
+++ b/libclamav/aspack.c
@ -23,6 +23,7 @@
 #include "execs.h"
 #include "others.h"
 #include "rebuildpe.h"
+#include "aspack.h"


 struct DICT_HELPER {
@ -325,7 +326,7 @@ int unaspack212(uint8_t *image, unsigned int size, struct cli_exe_section *secti
  struct ASPK stream;
  uint32_t i=0, j=0;
  uint8_t *blocks = image+ep+0x57c, *wrkbuf;
-  uint32_t block_rva, block_size;
+  uint32_t block_rva = 0, block_size;
  struct cli_exe_section *outsects;

  if (!(wrkbuf = cli_calloc(0x1800, sizeof(uint8_t)))) {
--- a/libclamav/dconf.c
+++ b/libclamav/dconf.c
@ -55,16 +55,17 @@ static struct dconf_module modules[] = {
    { "PE",	    "UPX",	    PE_CONF_UPX,	    1 },
    { "PE",	    "FSG",	    PE_CONF_FSG,	    1 },

-    { "PE",	    "SUE",	    PE_CONF_SUE,	    1 }, /* exp */
+    { "PE",	    "SUE",	    PE_CONF_SUE,	    1 },

    { "PE",	    "PETITE",	    PE_CONF_PETITE,	    1 },
    { "PE",	    "PESPIN",	    PE_CONF_PESPIN,	    1 },
    { "PE",	    "YC",	    PE_CONF_YC,		    1 },
    { "PE",	    "WWPACK",	    PE_CONF_WWPACK,	    1 },

-    { "PE",	    "NSPACK",	    PE_CONF_NSPACK,	    1 }, /* exp */
-    { "PE",	    "MEW",	    PE_CONF_MEW,	    1 }, /* exp */
-    { "PE",	    "UPACK",	    PE_CONF_UPACK,	    1 }, /* exp */
+    { "PE",	    "NSPACK",	    PE_CONF_NSPACK,	    1 },
+    { "PE",	    "MEW",	    PE_CONF_MEW,	    1 },
+    { "PE",	    "UPACK",	    PE_CONF_UPACK,	    1 },
+    { "PE",	    "ASPACK",	    PE_CONF_ASPACK,	    1 },

    { "ELF",	    NULL,	    0x1,		    1 },

--- a/libclamav/dconf.h
+++ b/libclamav/dconf.h
@ -50,6 +50,7 @@ struct cli_dconf {
 #define PE_CONF_NSPACK	    0x1000
 #define PE_CONF_MEW	    0x2000
 #define PE_CONF_UPACK	    0x4000
+#define PE_CONF_ASPACK	    0x8000

 /* Archive flags */
 #define ARCH_CONF_RAR	    0x1
--- a/libclamav/pe.c
+++ b/libclamav/pe.c
@ -2573,8 +2573,7 @@ skip_upack_and_go_to_next_unpacker:
    }

    /* ASPACK support */
-#ifdef CL_EXPERIMENTAL
-    while(ep+58+0x70e < fsize && !memcmp(buff,"\x60\xe8\x03\x00\x00\x00\xe9\xeb",8)) {
+    while((DCONF & PE_CONF_ASPACK) && ep+58+0x70e < fsize && !memcmp(buff,"\x60\xe8\x03\x00\x00\x00\xe9\xeb",8)) {
        char nbuff[6];

        if(lseek(desc, ep+0x3b9, SEEK_SET) == -1) break;
@ -2646,7 +2645,6 @@ skip_upack_and_go_to_next_unpacker:

 	break;
    }
-#endif /* CL_EXPERIMENTAL */

    /* NsPack */