clamav

Commit Graph

Author	SHA1	Message	Date
Tomasz Kojm	b07f9a5eba	fix bb#495 git-svn: trunk@3270	18 years ago
aCaB	618943537c	Avoid variadic macroes make vc6 happy. git-svn: trunk@3236	18 years ago
aCaB	b57836c45d	s/buff/epbuff/ git-svn: trunk@3222	18 years ago
aCaB	5f7aa0c49f	typo in upack checks git-svn: trunk@3216	18 years ago
aCaB	a993c5ad0d	Shut up a few warnings and fix some typoes git-svn: trunk@3214	18 years ago
aCaB	6ca0345c5a	bb#656 git-svn: trunk@3210	18 years ago
aCaB	95e31dc77b	General "tidy" and some algo hacks. Old and inefficient sue cryptor replaced with a signature. git-svn: trunk@3202	18 years ago
Tomasz Kojm	a7ac59781d	various cleanups; fix bb#577 (move cli_* out of clamav.h) git-svn: trunk@3196	18 years ago
Tomasz Kojm	c98bc23f79	DCONF support for ASPACK git-svn: trunk@3103	18 years ago
aCaB	2f73b97743	Aspack support (experimental) The OEP is messed up - will be fixed ASAP git-svn: trunk@3101	18 years ago
Tomasz Kojm	0a3d409413	use BM matcher to handle .mdb sigs git-svn: trunk@3040	18 years ago
aCaB	85ec399acb	typo in pe.c git-svn: trunk@2975	18 years ago
aCaB	0ab9e292f5	move the assignment out of cli_dbgmsg git-svn: trunk@2974	18 years ago
aCaB	4490fd97ee	More generic approach for ghost detection/fixup on rebuild. Better handling of rebuilt headers size with lots of sects. Nested (2+) petite packed files still result in Broken.Executable but they're indeed broken - not too elegant, but... git-svn-id: file:///var/lib/svn/clamav-devel/branches/temp_branch_pe_cleanup@2954 77e5149b-7576-45b1-b177-96237e5ba77b	18 years ago
aCaB	9c0614e82c	sizeofheaders check making room for ghosts in petite: all useless efforts since now we break on OEP out of file blah git-svn-id: file:///var/lib/svn/clamav-devel/branches/temp_branch_pe_cleanup@2951 77e5149b-7576-45b1-b177-96237e5ba77b	18 years ago
aCaB	21bf52c0aa	sync cli_peheader and cleanup git-svn-id: file:///var/lib/svn/clamav-devel/branches/temp_branch_pe_cleanup@2950 77e5149b-7576-45b1-b177-96237e5ba77b	18 years ago
aCaB	5deedfa572	- remove hardcoded header size - fix check for 1st sect rva TODO: - check consistency in elf parser - cli_peheader merge - regression git-svn-id: file:///var/lib/svn/clamav-devel/branches/temp_branch_pe_cleanup@2946 77e5149b-7576-45b1-b177-96237e5ba77b	18 years ago
aCaB	6e075ed263	typo in Upack TODO: - check consistency in elf parser - remove hardcoded header size - fix check for 1st sect rva - ... - regression git-svn-id: file:///var/lib/svn/clamav-devel/branches/temp_branch_pe_cleanup@2945 77e5149b-7576-45b1-b177-96237e5ba77b	18 years ago
aCaB	de800f2a29	checking/fixing packers... #3 TODO: - handle section names in yC - check consistency in elf parser and rebuildpe - remove hardcoded header size - fix check for 1st sect rva - ... - regression git-svn-id: file:///var/lib/svn/clamav-devel/branches/temp_branch_pe_cleanup@2941 77e5149b-7576-45b1-b177-96237e5ba77b	18 years ago
aCaB	972c048b66	checking/fixing packers... #2 TODO: - yC + wwpack, check consistency in elf parser and rebuildpe - remove hardcoded header size - fix check for 1st sect rva - ... - regression git-svn-id: file:///var/lib/svn/clamav-devel/branches/temp_branch_pe_cleanup@2940 77e5149b-7576-45b1-b177-96237e5ba77b	18 years ago
aCaB	9a25caf33d	checking/fixing packers... TODO: - complete section_hdr transition - check consistency in elf parser, more packers and rebuildpe - remove hardcoded header size - fix check for 1st sect rva - ... - regression git-svn-id: file:///var/lib/svn/clamav-devel/branches/temp_branch_pe_cleanup@2939 77e5149b-7576-45b1-b177-96237e5ba77b	18 years ago
aCaB	e9d44a24ac	hacked cli_exe_sextions to allow for unaligned values and characteristics TODO: - check consistency in elf parser, packers and rebuildpe - remove hardcoded header size - fix check for 1st sect rva - ... git-svn-id: file:///var/lib/svn/clamav-devel/branches/temp_branch_pe_cleanup@2938 77e5149b-7576-45b1-b177-96237e5ba77b	18 years ago
aCaB	fa4f9e8b6c	Started to break things git-svn-id: file:///var/lib/svn/clamav-devel/branches/temp_branch_pe_cleanup@2937 77e5149b-7576-45b1-b177-96237e5ba77b	18 years ago
Tomasz Kojm	ee99255a6d	extract and scan PE files embedded into other executables or fake zip files generated by some worms git-svn: trunk@2934	18 years ago
aCaB	ba8635f48a	cleanup git-svn: trunk@2870	19 years ago
aCaB	d426b12e56	fix leaks in upack return git-svn: trunk@2868	19 years ago
aCaB	3c45f3f46f	improved broken detection git-svn: trunk@2814	19 years ago
Sven Strickroth	a99111f050	remove old CVS-stuff and make the repository look more like SVN git-svn: trunk@2755	19 years ago
Tomasz Kojm	f35ffb9182	minor fix git-svn: trunk@2744	19 years ago
Tomasz Kojm	2a9e6ac823	fix MD5 handling git-svn: trunk@2704	19 years ago
Tomasz Kojm	b6aee32121	add mew and upack into dconf git-svn: trunk@2652	19 years ago
aCaB	037f89cb20	Fixed debug spam logic Fixed unaligned raw data: this will require more testing on NT and 9x but should work for now git-svn: trunk@2644	19 years ago
aCaB	e8042398c1	Upack handler merged (experiemntal). MEW minor cosmetics. git-svn: trunk@2619	19 years ago
aCaB	91ad933043	MEW code cleanup, now using sanitized values, removed unused variables, removed swear. MEW merge complete! git-svn: trunk@2613	19 years ago
aCaB	ce323ef4fb	Fix for cli_rebuildpe call in mew unpacker. Code is not yet 100% ready. Please only use for debugging purposes. git-svn: trunk@2611	19 years ago
aCaB	4aa4a05cc7	MEW support code added (enabled via configure option) Merge not complete, please don't freeze yet. git-svn: trunk@2609	19 years ago
Tomasz Kojm	bc93eda059	dynamic configuration support git-svn: trunk@2603	19 years ago
aCaB	1ff5f3b8ce	Memory leaks git-svn: trunk@2549	19 years ago
aCaB	e287514ea0	Remove debug line git-svn: trunk@2538	19 years ago
aCaB	a9b1e8d28b	fix newpe merge bugs (bb#171, bb#172) git-svn: trunk@2537	19 years ago
Tomasz Kojm	5f9d4c3b3d	detect damaged infections of Magistr git-svn: trunk@2524	19 years ago
aCaB	b3c5eb95b9	Fix newpe merge bug in cli_peheader (header32 was read twice) git-svn: trunk@2523	19 years ago
Tomasz Kojm	c1df0e6dec	use unaligned section's virtual size in Magistr detection git-svn: trunk@2522	19 years ago
aCaB	82d4c9898f	Stuff forgotten in my previous commit git-svn: trunk@2521	19 years ago
aCaB	57866af1c9	New PE parsing model - Accurate virtual and raw size and offset calculations - Proper parsing of executables with weird/handcrafted/uncommon headers - Proper handling (or skipping) of ghost sections at various places in the code - Rebuild improvements for various unpackers - Adjusted alignment on rebuilt executables - Proper handling of out of sections offsets - Broken exe detection now mimics the XPSP2 loader () - Lots of misc improvements and fixes () Except for SizeOfImage check which is still to be implemented git-svn: trunk@2520	19 years ago
Tomasz Kojm	841161e0d6	cache target file info in pattern matchers git-svn: trunk@2511	19 years ago
Tomasz Kojm	3b82c176e5	fix incorrect comparison git-svn: trunk@2495	19 years ago
Tomasz Kojm	6b1696926a	don't report I/O error when EP is near (less than 200 bytes) to the end of file git-svn: trunk@2487	19 years ago
aCaB	752f17ab49	RVA broken.executable checks skip checks on virtual-only sections git-svn: trunk@2484	19 years ago
aCaB	e1e5af583f	add broken.executable checks on alignments git-svn: trunk@2483	19 years ago

28 Commits (2c4071f90a6f2dd2452eb13c0f339f4ed6a58311)