open-dsi
/
clamav
mirror of https://github.com/Cisco-Talos/clamav
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

adding back changes to eliminate warnings from mspack, matcher, others, and readdb.

Browse Source
remotes/push_mirror/msnyder-clamav-mspack
Micah Snyder 8 years ago
parent 169af0fc67
commit d0cba11ea7
17 changed files with 184 additions and 118 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 3
      libclamav/libmspack-0.5alpha/mspack/cabc.c
  2. 3
      libclamav/libmspack-0.5alpha/mspack/chmc.c
  3. 22
      libclamav/libmspack-0.5alpha/mspack/chmd.c
  4. 3
      libclamav/libmspack-0.5alpha/mspack/hlpc.c
  5. 3
      libclamav/libmspack-0.5alpha/mspack/hlpd.c
  6. 3
      libclamav/libmspack-0.5alpha/mspack/kwajc.c
  7. 3
      libclamav/libmspack-0.5alpha/mspack/litc.c
  8. 3
      libclamav/libmspack-0.5alpha/mspack/litd.c
  9. 3
      libclamav/libmspack-0.5alpha/mspack/oabc.c
  10. 4
      libclamav/libmspack-0.5alpha/mspack/system.c
  11. 3
      libclamav/libmspack-0.5alpha/mspack/szddc.c
  12. 44
      libclamav/matcher-ac.c
  13. 4
      libclamav/matcher-ac.h
  14. 30
      libclamav/matcher.c
  15. 26
      libclamav/matcher.h
  16. 46
      libclamav/others.c
  17. 99
      libclamav/readdb.c

3
libclamav/libmspack-0.5alpha/mspack/cabc.c
Unescape View File

@ -15,10 +15,13 @@
struct mscab_compressor *
mspack_create_cab_compressor(struct mspack_system *sys)
{
(void) sys;
/* todo */
return NULL;
}
void mspack_destroy_cab_compressor(struct mscab_compressor *self) {
(void) self;
/* todo */
return;
}

3
libclamav/libmspack-0.5alpha/mspack/chmc.c
Unescape View File

@ -15,10 +15,13 @@
struct mschm_compressor *
mspack_create_chm_compressor(struct mspack_system *sys)
{
(void) sys;
/* todo */
return NULL;
}
void mspack_destroy_chm_compressor(struct mschm_compressor *self) {
(void) self;
/* todo */
return;
}

22
libclamav/libmspack-0.5alpha/mspack/chmd.c
Unescape View File

@ -1371,16 +1371,22 @@ static int chmd_error(struct mschm_decompressor *base) {
* are accepted, offsets beyond that cause an error message.
*/
static int read_off64(off_t *var, unsigned char *mem,
struct mspack_system *sys, struct mspack_file *fh)
struct mspack_system *sys, struct mspack_file *fh)
{
(void) sys;
#ifdef LARGEFILE_SUPPORT
*var = EndGetI64(mem);
(void) fh;
*var = EndGetI64(mem);
#else
*var = EndGetI32(mem);
if ((*var & 0x80000000) || EndGetI32(mem+4)) {
sys->message(fh, (char *)largefile_msg);
return 1;
}
*var = EndGetI32(mem);
if ((*var & 0x80000000) || EndGetI32(mem + 4))
{
sys->message(fh, (char *)largefile_msg);
return 1;
}
#endif
return 0;
return 0;
}

3
libclamav/libmspack-0.5alpha/mspack/hlpc.c
Unescape View File

@ -15,10 +15,13 @@
struct mshlp_compressor *
mspack_create_hlp_compressor(struct mspack_system *sys)
{
(void) sys;
/* todo */
return NULL;
}
void mspack_destroy_hlp_compressor(struct mshlp_compressor *self) {
(void) self;
/* todo */
return;
}

3
libclamav/libmspack-0.5alpha/mspack/hlpd.c
Unescape View File

@ -15,10 +15,13 @@
struct mshlp_decompressor *
mspack_create_hlp_decompressor(struct mspack_system *sys)
{
(void) sys;
/* todo */
return NULL;
}
void mspack_destroy_hlp_decompressor(struct mshlp_decompressor *self) {
(void) self;
/* todo */
return;
}

3
libclamav/libmspack-0.5alpha/mspack/kwajc.c
Unescape View File

@ -15,10 +15,13 @@
struct mskwaj_compressor *
mspack_create_kwaj_compressor(struct mspack_system *sys)
{
(void) sys;
/* todo */
return NULL;
}
void mspack_destroy_kwaj_compressor(struct mskwaj_compressor *self) {
(void) self;
/* todo */
return;
}

3
libclamav/libmspack-0.5alpha/mspack/litc.c
Unescape View File

@ -15,10 +15,13 @@
struct mslit_compressor *
mspack_create_lit_compressor(struct mspack_system *sys)
{
(void) sys;
/* todo */
return NULL;
}
void mspack_destroy_lit_compressor(struct mslit_compressor *self) {
(void) self;
/* todo */
return;
}

3
libclamav/libmspack-0.5alpha/mspack/litd.c
Unescape View File

@ -15,10 +15,13 @@
struct mslit_decompressor *
mspack_create_lit_decompressor(struct mspack_system *sys)
{
(void) sys;
/* todo */
return NULL;
}
void mspack_destroy_lit_decompressor(struct mslit_decompressor *self) {
(void) self;
/* todo */
return;
}

3
libclamav/libmspack-0.5alpha/mspack/oabc.c
Unescape View File

@ -15,10 +15,13 @@
struct msoab_compressor *
mspack_create_oab_compressor(struct mspack_system *sys)
{
(void) sys;
/* todo */
return NULL;
}
void mspack_destroy_oab_compressor(struct msoab_compressor *self) {
(void) self;
/* todo */
return;
}

4
libclamav/libmspack-0.5alpha/mspack/system.c
Unescape View File

@ -118,6 +118,8 @@ static struct mspack_file *msp_open(struct mspack_system *self,
struct mspack_file_p *fh;
const char *fmode;
(void) self;
switch (mode) {
case MSPACK_SYS_OPEN_READ: fmode = "rb"; break;
case MSPACK_SYS_OPEN_WRITE: fmode = "wb"; break;
@ -201,10 +203,12 @@ static void *msp_alloc(struct mspack_system *self, size_t bytes) {
#ifdef DEBUG
/* make uninitialised data obvious */
char *buf = malloc(bytes + 8);
(void) self;
if (buf) memset(buf, 0xDC, bytes);
*((size_t *)buf) = bytes;
return &buf[8];
#else
(void) self;
return malloc(bytes);
#endif
}

3
libclamav/libmspack-0.5alpha/mspack/szddc.c
Unescape View File

@ -15,10 +15,13 @@
struct msszdd_compressor *
mspack_create_szdd_compressor(struct mspack_system *sys)
{
(void) sys;
/* todo */
return NULL;
}
void mspack_destroy_szdd_compressor(struct msszdd_compressor *self) {
(void) self;
/* todo */
return;
}

44
libclamav/matcher-ac.c
Unescape View File

@ -307,7 +307,6 @@ static int cli_ac_addpatt_recursive(struct cli_matcher *root, struct cli_ac_patt
int cli_ac_addpatt(struct cli_matcher *root, struct cli_ac_patt *pattern)
{
struct cli_ac_node *pt;
struct cli_ac_patt **newtable;
uint16_t len = MIN(root->ac_maxdepth, pattern->length[0]);
uint8_t i;
@ -1275,7 +1274,7 @@ int cli_ac_initdata(struct cli_ac_data *data, uint32_t partsigs, uint32_t lsigs,
data->partsigs = partsigs;
if(partsigs) {
data->offmatrix = (int32_t ***) cli_calloc(partsigs, sizeof(int32_t **));
data->offmatrix = (uint32_t ***) cli_calloc(partsigs, sizeof(uint32_t **));
if(!data->offmatrix) {
cli_errmsg("cli_ac_init: Can't allocate memory for data->offmatrix\n");
@ -1529,7 +1528,6 @@ int lsig_sub_matched(const struct cli_matcher *root, struct cli_ac_data *mdata,
}
if (ac_lsig->type & CLI_YARA_OFFSET && realoff != CLI_OFF_NONE) {
uint32_t * offs;
struct cli_subsig_matches * ss_matches;
struct cli_lsig_matches * ls_matches;
cli_dbgmsg("lsig_sub_matched lsig %u:%u at %u\n", lsigid1, lsigid2, realoff);
@ -1624,7 +1622,19 @@ int cli_ac_chkmacro(struct cli_matcher *root, struct cli_ac_data *data, unsigned
}
int cli_ac_scanbuff(const unsigned char *buffer, uint32_t length, const char **virname, void **customdata, struct cli_ac_result **res, const struct cli_matcher *root, struct cli_ac_data *mdata, uint32_t offset, cli_file_t ftype, struct cli_matched_type **ftoffset, unsigned int mode, cli_ctx *ctx)
int cli_ac_scanbuff(
const unsigned char *buffer,
uint32_t length,
const char **virname,
void **customdata,
struct cli_ac_result **res,
const struct cli_matcher *root,
struct cli_ac_data *mdata,
uint32_t offset,
cli_file_t ftype,
struct cli_matched_type **ftoffset,
unsigned int mode,
cli_ctx *ctx)
{
struct cli_ac_node *current;
struct cli_ac_list *pattN, *ptN;
@ -1632,7 +1642,7 @@ int cli_ac_scanbuff(const unsigned char *buffer, uint32_t length, const char **v
uint32_t i, bp, exptoff[2], realoff, matchstart, matchend;
uint16_t j;
uint8_t found, viruses_found = 0;
int32_t **offmatrix, swp;
uint32_t **offmatrix, swp;
int type = CL_CLEAN;
struct cli_ac_result *newres;
int rc;
@ -1741,14 +1751,14 @@ int cli_ac_scanbuff(const unsigned char *buffer, uint32_t length, const char **v
return CL_EMEM;
}
mdata->offmatrix[pt->sigid - 1][0] = cli_malloc(pt->parts * (CLI_DEFAULT_AC_TRACKLEN + 2) * sizeof(int32_t));
mdata->offmatrix[pt->sigid - 1][0] = cli_malloc(pt->parts * (CLI_DEFAULT_AC_TRACKLEN + 2) * sizeof(uint32_t));
if(!mdata->offmatrix[pt->sigid - 1][0]) {
cli_errmsg("cli_ac_scanbuff: Can't allocate memory for mdata->offmatrix[%u][0]\n", pt->sigid - 1);
free(mdata->offmatrix[pt->sigid - 1]);
mdata->offmatrix[pt->sigid - 1] = NULL;
return CL_EMEM;
}
memset(mdata->offmatrix[pt->sigid - 1][0], -1, pt->parts * (CLI_DEFAULT_AC_TRACKLEN + 2) * sizeof(int32_t));
memset(mdata->offmatrix[pt->sigid - 1][0], (uint32_t)-1, pt->parts * (CLI_DEFAULT_AC_TRACKLEN + 2) * sizeof(uint32_t));
mdata->offmatrix[pt->sigid - 1][0][0] = 0;
for(j = 1; j < pt->parts; j++) {
mdata->offmatrix[pt->sigid - 1][j] = mdata->offmatrix[pt->sigid - 1][0] + j * (CLI_DEFAULT_AC_TRACKLEN + 2);
@ -1759,7 +1769,7 @@ int cli_ac_scanbuff(const unsigned char *buffer, uint32_t length, const char **v
found = 0;
if(pt->partno != 1) {
for(j = 1; j <= CLI_DEFAULT_AC_TRACKLEN + 1 && offmatrix[pt->partno - 2][j] != -1; j++) {
for(j = 1; j <= CLI_DEFAULT_AC_TRACKLEN + 1 && offmatrix[pt->partno - 2][j] != (uint32_t)-1; j++) {
found = j;
if(realoff < offmatrix[pt->partno - 2][j])
found = 0;
@ -1810,12 +1820,12 @@ int cli_ac_scanbuff(const unsigned char *buffer, uint32_t length, const char **v
/* FIXME: the first offset in the array is most likely the correct one but
* it may happen it is not
*/
for(j = 1; j <= CLI_DEFAULT_AC_TRACKLEN + 1 && offmatrix[0][j] != -1; j++)
for(j = 1; j <= CLI_DEFAULT_AC_TRACKLEN + 1 && offmatrix[0][j] != (uint32_t)-1; j++)
if(ac_addtype(ftoffset, type, offmatrix[pt->parts - 1][j], ctx))
return CL_EMEM;
}
memset(offmatrix[0], -1, pt->parts * (CLI_DEFAULT_AC_TRACKLEN + 2) * sizeof(int32_t));
memset(offmatrix[0], (uint32_t)-1, pt->parts * (CLI_DEFAULT_AC_TRACKLEN + 2) * sizeof(uint32_t));
for(j = 0; j < pt->parts; j++)
offmatrix[j][0] = 0;
}
@ -1838,7 +1848,7 @@ int cli_ac_scanbuff(const unsigned char *buffer, uint32_t length, const char **v
newres->virname = pt->virname;
newres->customdata = pt->customdata;
newres->next = *res;
newres->offset = offmatrix[pt->parts - 1][1];
newres->offset = (off_t)offmatrix[pt->parts - 1][1];
*res = newres;
ptN = ptN->next_same;
@ -1892,7 +1902,7 @@ int cli_ac_scanbuff(const unsigned char *buffer, uint32_t length, const char **v
}
newres->virname = pt->virname;
newres->customdata = pt->customdata;
newres->offset = realoff;
newres->offset = (off_t)realoff;
newres->next = *res;
*res = newres;
@ -1946,7 +1956,8 @@ static int qcompare_fstr(const void *arg, const void *a, const void *b)
/* returns if level of nesting, end set to MATCHING paren, start AFTER staring paren */
inline static int find_paren_end(char *hexstr, char **end)
{
int i, nest = 0, level = 0;
unsigned long i;
int nest = 0, level = 0;
*end = NULL;
for (i = 0; i < strlen(hexstr); i++) {
@ -1970,7 +1981,8 @@ inline static int find_paren_end(char *hexstr, char **end)
* counts applied to start of expr (not end, i.e. numexpr starts at 1 for the first expr */
inline static int ac_analyze_expr(char *hexstr, int *fixed_len, int *sub_len)
{
int i, level = 0, len = 0, numexpr = 1;
unsigned long i;
int level = 0, len = 0, numexpr = 1;
int flen, slen;
flen = 1;
@ -2026,7 +2038,7 @@ inline static int ac_analyze_expr(char *hexstr, int *fixed_len, int *sub_len)
inline static int ac_uicmp(uint16_t *a, size_t alen, uint16_t *b, size_t blen, int *wild)
{
uint16_t cmp, awild, bwild, side_wild;
uint16_t awild, bwild, side_wild;
size_t i, minlen = MIN(alen, blen);
side_wild = 0;
@ -2404,7 +2416,7 @@ int cli_ac_addsig(struct cli_matcher *root, const char *virname, const char *hex
char *pt, *pt2, *hex = NULL, *hexcpy = NULL;
uint16_t i, j, ppos = 0, pend, *dec, nzpos = 0;
uint8_t wprefix = 0, zprefix = 1, plen = 0, nzplen = 0;
struct cli_ac_special *newspecial, *specialpt, **newtable;
struct cli_ac_special *newspecial, **newtable;
int ret, error = CL_SUCCESS;

4
libclamav/matcher-ac.h
Unescape View File

@ -1,5 +1,5 @@
/*
* Copyright (C) 2015 Cisco Systems, Inc. and/or its affiliates. All rights reserved.
* Copyright (C) 2015, 2017 Cisco Systems, Inc. and/or its affiliates. All rights reserved.
* Copyright (C) 2007-2009 Sourcefire, Inc.
*
* Authors: Tomasz Kojm
@ -57,7 +57,7 @@ struct cli_lsig_matches {
};
struct cli_ac_data {
int32_t ***offmatrix;
uint32_t ***offmatrix;
uint32_t partsigs, lsigs, reloffsigs;
uint32_t **lsigcnt;
uint32_t **lsigsuboff_last, **lsigsuboff_first;

30
libclamav/matcher.c
Unescape View File

@ -1,5 +1,5 @@
/*
* Copyright (C) 2015 Cisco Systems, Inc. and/or its affiliates. All rights reserved.
* Copyright (C) 2015, 2017 Cisco Systems, Inc. and/or its affiliates. All rights reserved.
* Copyright (C) 2007-2013 Sourcefire, Inc.
* All Rights Reserved.
*
@ -802,8 +802,11 @@ static int yara_eval(cli_ctx *ctx, struct cli_matcher *root, struct cli_ac_data
{
struct cli_ac_lsig *ac_lsig = root->ac_lsigtable[lsid];
int rc;
YR_SCAN_CONTEXT context = {0};
YR_SCAN_CONTEXT context;
(void)hash;
memset(&context, 0, sizeof(YR_SCAN_CONTEXT));
context.fmap = *ctx->fmap;
context.file_size = (*ctx->fmap)->len;
if (target_info != NULL) {
@ -852,9 +855,9 @@ int cli_exp_eval(cli_ctx *ctx, struct cli_matcher *root, struct cli_ac_data *acd
int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli_matched_type **ftoffset, unsigned int acmode, struct cli_ac_result **acres, unsigned char *refhash)
{
const unsigned char *buff;
int ret = CL_CLEAN, type = CL_CLEAN, bytes, compute_hash[CLI_HASH_AVAIL_TYPES];
int ret = CL_CLEAN, type = CL_CLEAN, compute_hash[CLI_HASH_AVAIL_TYPES];
unsigned int i = 0, j = 0, bm_offmode = 0;
uint32_t maxpatlen, offset = 0;
uint32_t maxpatlen, bytes, offset = 0;
struct cli_ac_data gdata, tdata;
struct cli_bm_off toff;
struct cli_pcre_off gpoff, tpoff;
@ -1265,16 +1268,17 @@ int cli_matchmeta(cli_ctx *ctx, const char *fname, size_t fsizec, size_t fsizer,
if(cdb->res1 && (cdb->ctype == CL_TYPE_ZIP || cdb->ctype == CL_TYPE_RAR) && cdb->res1 != res1)
continue;
#define CDBRANGE(field, val) \
if(field[0] != CLI_OFF_ANY) { \
if(field[0] == field[1] && field[0] != val) \
continue; \
else if(field[0] != field[1] && ((field[0] && field[0] > val) ||\
(field[1] && field[1] < val))) \
continue; \
}
#define CDBRANGE(field, val) \
if (field[0] != CLI_OFF_ANY) \
{ \
if (field[0] == field[1] && field[0] != val) \
continue; \
else if (field[0] != field[1] && ((field[0] && field[0] > val) || \
(field[1] && field[1] < val))) \
continue; \
}
CDBRANGE(cdb->csize, cli_get_container_size(ctx, -1));
CDBRANGE(cdb->csize, cli_get_container_size(ctx, -1));
CDBRANGE(cdb->fsizec, fsizec);
CDBRANGE(cdb->fsizer, fsizer);
CDBRANGE(cdb->filepos, filepos);

26
libclamav/matcher.h
Unescape View File

@ -1,5 +1,5 @@
/*
* Copyright (C) 2015 Cisco Systems, Inc. and/or its affiliates. All rights reserved.
* Copyright (C) 2015, 2017 Cisco Systems, Inc. and/or its affiliates. All rights reserved.
* Copyright (C) 2007-2013 Sourcefire, Inc.
*
* Authors: Tomasz Kojm
@ -143,18 +143,18 @@ struct cli_matcher {
struct cli_cdb
{
char *virname; /* virus name */
cli_file_t ctype; /* container type */
regex_t name; /* filename regex */
size_t csize[2]; /* container size (min, max); if csize[0] != csize[1]
* then value of 0 makes the field ignored
*/
size_t fsizec[2]; /* file size in container */
size_t fsizer[2]; /* real file size */
int encrypted; /* file is encrypted; 2 == ignore */
int filepos[2]; /* file position in container */
int res1; /* reserved / format specific */
void *res2; /* reserved / format specific */
char *virname; /* virus name */
cli_file_t ctype; /* container type */
regex_t name; /* filename regex */
size_t csize[2]; /* container size (min, max); if csize[0] != csize[1]
* then value of 0 makes the field ignored
*/
size_t fsizec[2]; /* file size in container */
size_t fsizer[2]; /* real file size */
int encrypted; /* file is encrypted; 2 == ignore */
unsigned int filepos[2]; /* file position in container */
int res1; /* reserved / format specific */
void *res2; /* reserved / format specific */
struct cli_cdb *next;
};

46
libclamav/others.c
Unescape View File

@ -1,5 +1,5 @@
/*
* Copyright (C) 2015 Cisco Systems, Inc. and/or its affiliates. All rights reserved.
* Copyright (C) 2015, 2017 Cisco Systems, Inc. and/or its affiliates. All rights reserved.
* Copyright (C) 2007-2010 Sourcefire, Inc.
*
* Authors: Tomasz Kojm, Trog
@ -1171,35 +1171,37 @@ void cli_set_container(cli_ctx *ctx, cli_file_t type, size_t size)
cli_file_t cli_get_container(cli_ctx *ctx, int index)
{
if (index < 0)
index = ctx->recursion + index + 1;
while (index >= 0 && index <= ctx->recursion) {
if (ctx->containers[index].flag & CONTAINER_FLAG_VALID)
return ctx->containers[index].type;
index--;
}
return CL_TYPE_ANY;
if (index < 0)
index = ctx->recursion + index + 1;
while (index >= 0 && index <= (int)ctx->recursion)
{
if (ctx->containers[index].flag & CONTAINER_FLAG_VALID)
return ctx->containers[index].type;
index--;
}
return CL_TYPE_ANY;
}
cli_file_t cli_get_container_intermediate(cli_ctx *ctx, int index)
{
if (index < 0)
index = ctx->recursion + index + 1;
if (index >= 0 && index <= ctx->recursion)
return ctx->containers[index].type;
return CL_TYPE_ANY;
if (index < 0)
index = ctx->recursion + index + 1;
if (index >= 0 && index <= (int)ctx->recursion)
return ctx->containers[index].type;
return CL_TYPE_ANY;
}
size_t cli_get_container_size(cli_ctx *ctx, int index)
{
if (index < 0)
index = ctx->recursion + index + 1;
while (index >= 0 && index <= ctx->recursion) {
if (ctx->containers[index].flag & CONTAINER_FLAG_VALID)
return ctx->containers[index].size;
index--;
}
return ctx->containers[0].size;
if (index < 0)
index = ctx->recursion + index + 1;
while (index >= 0 && index <= (int)ctx->recursion)
{
if (ctx->containers[index].flag & CONTAINER_FLAG_VALID)
return ctx->containers[index].size;
index--;
}
return ctx->containers[0].size;
}

99
libclamav/readdb.c
Unescape View File

@ -126,7 +126,8 @@ char *cli_virname(const char *virname, unsigned int official)
int cli_sigopts_handler(struct cli_matcher *root, const char *virname, const char *hexsig, uint8_t sigopts, uint16_t rtype, uint16_t type, const char *offset, uint8_t target, const uint32_t *lsigid, unsigned int options)
{
char *hexcpy, *start, *end;
int i, ret = CL_SUCCESS;
unsigned int i;
int ret = CL_SUCCESS;
/*
* cyclic loops with cli_parse_add are impossible now as cli_parse_add
@ -303,7 +304,6 @@ int cli_parse_add(struct cli_matcher *root, const char *virname, const char *hex
int ret, asterisk = 0, range;
unsigned int i, j, hexlen, nest, parts = 0;
int mindist = 0, maxdist = 0, error = 0;
size_t hexcpysz;
hexlen = strlen(hexsig);
if (hexsig[0] == '$') {
@ -1820,7 +1820,7 @@ static int load_oneldb(char *buffer, int chkpua, struct cl_engine *engine, unsig
sigopts = subtokens[3];
if(sigopts) { /* signature modifiers */
for(j = 0; j < strlen(sigopts); j++)
for(j = 0; j < (int)strlen(sigopts); j++)
switch(sigopts[j]) {
case 'i':
subsig_opts |= ACPATT_OPTION_NOCASE;
@ -2687,7 +2687,7 @@ static int cli_loadmd(FILE *fs, struct cl_engine *engine, unsigned int *signo, i
/* tokens[6] - not used */
new->filepos[0] = new->filepos[1] = strcmp(tokens[7], "*") ? atoi(tokens[7]) : (int) CLI_OFF_ANY;
new->filepos[0] = new->filepos[1] = strcmp(tokens[7], "*") ? (unsigned int) atoi(tokens[7]) : (unsigned int) CLI_OFF_ANY;
/* tokens[8] - not used */
@ -2812,36 +2812,46 @@ static int cli_loadcdb(FILE *fs, struct cl_engine *engine, unsigned int *signo,
break;
}
#define CDBRANGE(token_str, dest) \
if(strcmp(token_str, "*")) { \
if(strchr(token_str, '-')) { \
if(sscanf(token_str, "%u-%u", &n0, &n1) != 2) { \
ret = CL_EMALFDB; \
} else { \
dest[0] = n0; \
dest[1] = n1; \
} \
} else { \
if(!cli_isnumber(token_str)) \
ret = CL_EMALFDB; \
else \
dest[0] = dest[1] = atoi(token_str); \
} \
if(ret != CL_SUCCESS) { \
cli_errmsg("cli_loadcdb: Invalid value %s in signature for %s\n",\
token_str, tokens[0]); \
if(new->name.re_magic) \
cli_regfree(&new->name); \
mpool_free(engine->mempool, new->virname); \
mpool_free(engine->mempool, new); \
ret = CL_EMEM; \
break; \
} \
} else { \
dest[0] = dest[1] = CLI_OFF_ANY; \
}
#define CDBRANGE(token_str, dest) \
if (strcmp(token_str, "*")) \
{ \
if (strchr(token_str, '-')) \
{ \
if (sscanf(token_str, "%u-%u", &n0, &n1) != 2) \
{ \
ret = CL_EMALFDB; \
} \
else \
{ \
dest[0] = n0; \
dest[1] = n1; \
} \
} \
else \
{ \
if (!cli_isnumber(token_str)) \
ret = CL_EMALFDB; \
else \
dest[0] = dest[1] = (unsigned int)atoi(token_str); \
} \
if (ret != CL_SUCCESS) \
{ \
cli_errmsg("cli_loadcdb: Invalid value %s in signature for %s\n", \
token_str, tokens[0]); \
if (new->name.re_magic) \
cli_regfree(&new->name); \
mpool_free(engine->mempool, new->virname); \
mpool_free(engine->mempool, new); \
ret = CL_EMEM; \
break; \
} \
} \
else \
{ \
dest[0] = dest[1] = CLI_OFF_ANY; \
}
CDBRANGE(tokens[2], new->csize);
CDBRANGE(tokens[2], new->csize);
CDBRANGE(tokens[4], new->fsizec);
CDBRANGE(tokens[5], new->fsizer);
CDBRANGE(tokens[7], new->filepos);
@ -3113,7 +3123,6 @@ static char *parse_yara_hex_string(YR_STRING *string, int *ret)
{
char *res, *str, *ovr;
size_t slen, reslen=0, i, j;
int sqr = 0;
if (!(string) || !(string->string)) {
if (ret) *ret = CL_ENULLARG;
@ -3242,6 +3251,7 @@ struct cli_ytable {
static int32_t ytable_lookup(const char *hexsig)
{
(void) hexsig;
/* TODO - WRITE ME! */
return -1;
}
@ -3249,7 +3259,6 @@ static int32_t ytable_lookup(const char *hexsig)
static int ytable_add_attrib(struct cli_ytable *ytable, const char *hexsig, const char *value, int type)
{
int32_t lookup;
char **attrib;
if (!ytable || !value)
return CL_ENULLARG;
@ -3349,7 +3358,7 @@ static int ytable_add_string(struct cli_ytable *ytable, const char *hexsig)
static void ytable_delete(struct cli_ytable *ytable)
{
uint32_t i;
int32_t i;
if (!ytable)
return;
@ -3404,17 +3413,17 @@ static int load_oneyara(YR_RULE *rule, int chkpua, struct cl_engine *engine, uns
{
YR_STRING *string;
struct cli_ytable ytable;
int str_error = 0, i = 0, ret = CL_SUCCESS;
size_t i;
int str_error = 0, ret = CL_SUCCESS;
struct cli_lsig_tdb tdb;
uint32_t lsigid[2];
struct cli_matcher *root;
struct cli_ac_lsig **newtable, *lsig, *tsig = NULL;
unsigned short target = 0;
size_t lsize;
char *logic = NULL, *target_str = NULL;
uint8_t has_short_string;
char *exp_op = "|";
char *newident = NULL;
/* size_t lsize; */ // only used in commented out code
/* char *exp_op = "|"; */ // only used in commented out code
cli_yaramsg("load_oneyara: attempting to load %s\n", rule->identifier);
@ -3859,10 +3868,10 @@ static int load_oneyara(YR_RULE *rule, int chkpua, struct cl_engine *engine, uns
tdb.subsigs = ytable.tbl_cnt;
/*** loading step - put things into the AC trie ***/
for (i = 0; i < ytable.tbl_cnt; ++i) {
for (i = 0; i < (size_t)ytable.tbl_cnt; ++i) {
lsigid[1] = i;
cli_yaramsg("%d: [%s] [%s] [%s%s%s%s]\n", i, ytable.table[i]->hexstr, ytable.table[i]->offset,
cli_yaramsg("%zu: [%s] [%s] [%s%s%s%s]\n", i, ytable.table[i]->hexstr, ytable.table[i]->offset,
(ytable.table[i]->sigopts & ACPATT_OPTION_NOCASE) ? "i" : "",
(ytable.table[i]->sigopts & ACPATT_OPTION_FULLWORD) ? "f" : "",
(ytable.table[i]->sigopts & ACPATT_OPTION_WIDE) ? "w" : "",
@ -3972,7 +3981,7 @@ void cli_yara_free(struct cl_engine * engine)
//TODO - pua? dbio?
static int cli_loadyara(FILE *fs, struct cl_engine *engine, unsigned int *signo, unsigned int options, struct cli_dbio *dbio, const char *filename)
{
YR_COMPILER compiler = {0};
YR_COMPILER compiler;
YR_NAMESPACE ns;
YR_RULE *rule;
unsigned int sigs = 0, rules = 0, rule_errors = 0;
@ -3983,6 +3992,8 @@ static int cli_loadyara(FILE *fs, struct cl_engine *engine, unsigned int *signo,
if((rc = cli_initroots(engine, options)))
return rc;
memset(&compiler, 0, sizeof(YR_COMPILER));
compiler.last_result = ERROR_SUCCESS;
STAILQ_INIT(&compiler.rule_q);
STAILQ_INIT(&compiler.current_rule_string_q);
@ -4095,7 +4106,7 @@ static int cli_loadpwdb(FILE *fs, struct cl_engine *engine, unsigned int options
char *attribs;
char buffer[FILEBUFF];
unsigned int line = 0, skip = 0, pwcnt = 0, tokens_count;
struct cli_pwdb *new, *ins;
struct cli_pwdb *new;
cl_pwdb_t container;
struct cli_lsig_tdb tdb;
int ret = CL_SUCCESS, pwstype;

Write Preview
Loading…
Cancel
Save