merged

git-svn-id: file:///var/lib/svn/clamav-devel/branches/not_for_0.92_tempbranch@3299 77e5149b-7576-45b1-b177-96237e5ba77b
18 years ago · ed78cf202b
parent 4189cc9ad6
commit ed78cf202b
4 changed files with 26 additions and 7 deletions
--- a/libclamav/Makefile.am
+++ b/libclamav/Makefile.am
@ -111,6 +111,8 @@ libclamav_la_SOURCES = \
 	is_tar.h \
 	tnef.c \
 	tnef.h \
+	autoit.c \
+	autoit.h \
 	regex/strlcpy.c \
 	regex/regcomp.c \
 	regex/regerror.c \
--- a/libclamav/Makefile.in
+++ b/libclamav/Makefile.in
@ -84,11 +84,11 @@ am_libclamav_la_OBJECTS = matcher-ac.lo matcher-bm.lo matcher.lo \
 	pe.lo upx.lo htmlnorm.lo chmunpack.lo rebuildpe.lo petite.lo \
 	wwunpack.lo unsp.lo aspack.lo packlibs.lo fsg.lo mew.lo \
 	upack.lo line.lo untar.lo unzip.lo special.lo binhex.lo \
-	is_tar.lo tnef.lo strlcpy.lo regcomp.lo regerror.lo regexec.lo \
-	regfree.lo unrar15.lo unrarvm.lo unrar.lo unrarfilter.lo \
-	unrarppm.lo unrar20.lo unrarcmd.lo unarj.lo LZMADecode.lo \
-	bzlib.lo infblock.lo nulsft.lo pdf.lo spin.lo yc.lo elf.lo \
-	sis.lo uuencode.lo pst.lo phishcheck.lo \
+	is_tar.lo tnef.lo autoit.lo strlcpy.lo regcomp.lo regerror.lo \
+	regexec.lo regfree.lo unrar15.lo unrarvm.lo unrar.lo \
+	unrarfilter.lo unrarppm.lo unrar20.lo unrarcmd.lo unarj.lo \
+	LZMADecode.lo bzlib.lo infblock.lo nulsft.lo pdf.lo spin.lo \
+	yc.lo elf.lo sis.lo uuencode.lo pst.lo phishcheck.lo \
 	phish_domaincheck_db.lo phish_whitelist.lo regex_list.lo \
 	sha256.lo mspack.lo cab.lo entconv.lo hashtab.lo dconf.lo \
 	lockdb.lo
@ -326,6 +326,8 @@ libclamav_la_SOURCES = \
 	is_tar.h \
 	tnef.c \
 	tnef.h \
+	autoit.c \
+	autoit.h \
 	regex/strlcpy.c \
 	regex/regcomp.c \
 	regex/regerror.c \
@ -477,6 +479,7 @@ distclean-compile:

@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/LZMADecode.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/aspack.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/autoit.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/binhex.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/blob.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bzlib.Plo@am__quote@
--- a/libclamav/filetypes.h
+++ b/libclamav/filetypes.h
@ -55,7 +55,6 @@ typedef enum {
    CL_TYPE_PST,	/* Microsoft Outlook binary email folder (.pst file) */
    CL_TYPE_HTML_UTF16,
    CL_TYPE_RTF,
-    CL_TYPE_AUTOIT,

    /* bigger numbers have higher priority (in o-t-f detection) */
    CL_TYPE_HTML, /* on the fly */
@ -65,7 +64,9 @@ typedef enum {
    CL_TYPE_RARSFX, /* on the fly */
    CL_TYPE_CABSFX,
    CL_TYPE_ARJSFX,
-    CL_TYPE_NULSFT /* on the fly */
+    CL_TYPE_NULSFT, /* on the fly */
+    CL_TYPE_AUTOIT /* FIXME_AUTOIT: good nuff? */
+
 } cli_file_t;

 struct cli_matched_type {
--- a/libclamav/scanners.c
+++ b/libclamav/scanners.c
@ -86,6 +86,7 @@
 #include "rtf.h"
 #include "unarj.h"
 #include "nulsft.h"
+#include "autoit.h"

 #ifdef HAVE_ZLIB_H
 #include <zlib.h>
@ -1920,6 +1921,13 @@ static int cli_scanraw(int desc, cli_ctx *ctx, cli_file_t type, uint8_t typercg)
 			}
 			break;

+		    case CL_TYPE_AUTOIT:
+		        if(1 && type == CL_TYPE_MSEXE /* FIXME_AUTOIT: DCONF THIS */) {
+			    cli_dbgmsg("AUTOIT signature found at %u\n", (unsigned int) fpt->offset);
+			    nret = cli_scanautoit(desc, ctx, fpt->offset + 24);
+			}
+			break;
+
 		    case CL_TYPE_MSEXE:
 			if(SCAN_PE && ctx->dconf->pe && fpt->offset) {
 			    cli_dbgmsg("PE signature found at %u\n", (unsigned int) fpt->offset);
@ -2181,6 +2189,11 @@ int cli_magic_scandesc(int desc, cli_ctx *ctx)
 		ret = cli_scansis(desc, ctx);
 	    break;

+        case CL_TYPE_AUTOIT:
+	    if(1 /* FIXME_AUTOIT: DCONF THIS */)
+		ret = cli_scanautoit(desc, ctx, 24);
+	    break;
+
 	case CL_TYPE_DATA:
 	    /* it could be a false positive and a standard DOS .COM file */
 	    {