Micah Snyder
bcbc4f08f6
bb11733: applying patch provided courtesy of A. Wilcox that resolves stack size issues on non-glibc Linux machines. May apply to bb11979 as well.
7 years ago
Steven Morgan
961ab24c66
bb11996 - deprecate AllowSupplementaryGroups more gracefully.
8 years ago
Steven Morgan
4522932cf3
fix result of yara matches operator when running in ClamAV.
8 years ago
Steven Morgan
a5e2b97d24
bb11981 - fix for some unit tests.
8 years ago
James Ralston
39bd083cbc
bb11978 - onas: document limitations of OnAccessExcludeRootUID and
...
OnAccessExcludeUID.
8 years ago
James Ralston
15596b1060
bb11978 - onas: onas_fan_checkowner(): distinguish EACCES and ENOENT
...
stat() failures; clean up documentation.
8 years ago
Mickey Sola
51be9906ac
0.99.3 - bb11978 - onas - onas_fan_checkowner cleanup patch submitted by James Ralston
8 years ago
Mickey Sola
ef48b6af14
0.99.3 - bb11978 - onas - adding ExcludeRootUID option as cleaner alternative to using negative values to whitelist root UIDs using the ExcludeUID option
8 years ago
Micah Snyder
27281e3309
setting up insteller project files to create setup.exe that install the missing redistributables. adding sample config files that are targetted towards windows. fixing setup-x86 configuration to actually include 32bit binaries instead of using the 64bit binaries. removing the broken Release-Static configuration.
8 years ago
Steven Morgan
ac75c6b87d
ClamAV 0.99.3 beta2 ChangeLog.
8 years ago
Steven Morgan
3f0ed8d460
bb11882 - set default ./configure library search for libxml2.
8 years ago
Micah Snyder
8fdc5bb262
commenting out UTF8 BOM detection code for the time being until cli_scanhtml can be validated to handle multibyte utf8
8 years ago
Mickey Sola
a20128bb21
0.99.3 - bb11963 - ensuring users have a way to correctly exlcude UID 0 when using the onaccess scanner
8 years ago
Mickey Sola
77112702d8
0.99.3 - bb11954 - adding pid check to fanotify event verification to ensure we ignore events triggered by our own process
8 years ago
Micah Snyder
03a76caa58
Regargeting openssl solution to match the other projects.
8 years ago
Micah Snyder
1f529a7e22
B11955: a few minor changes stolen from the latest 7z to close a double-free vulnerability
8 years ago
Steven Morgan
e887f11324
bb11943 - buffer check for mew packed files.
8 years ago
Micah Snyder
5810338a74
replacing extra params that indicate intentional variable assignment within an if statement, preventing a compile warning.
8 years ago
Micah Snyder
9ea7b0093a
eliminating potential infinite loop in libmspack quantum decompression code.
8 years ago
Micah Snyder
2c83276ca5
adding utf-8 BOM detection to ascii check
8 years ago
Micah Snyder
740b1ee572
applying a cleaner casting solution to account for isalnum issue on Windows Debug builds.
8 years ago
Micah Snyder
a1b528d29a
adding check prior to call to isalnum to avoid assert error in windows when random data that is < -1 or > 255 is fed into isalnum(). see https://stackoverflow.com/questions/28589051/using-isalnum-with-signed-character-inputs-visual-c
8 years ago
Mickey Sola
b4852b8e4a
0.99.3 - regression fix - removing first pass offset check when extracting cab files compressed with lzx, improving debug output for LZX type decompression, warning on lzx file format issue instead of exiting decompression
8 years ago
Craig Davison
0cf813f835
Better fix for bug 11946
...
Signed-off-by: Steven Morgan <stevmorg@cisco.com>
8 years ago
Steven Morgan
c8f8f9f715
Merge branch 'master' of git.vrt.sourcefire.com:clamav/clamav-devel
8 years ago
Steven Morgan
0604618374
bb11944 - fix possible message.c OOB read.
8 years ago
Micah Snyder
40451e2eea
Reverting change that supported empty string filenames for cab files.
8 years ago
Mickey Sola
c8ba4ae2e4
11942 - fixing heap overflow in handle_pdfname. Patch submitted by Suleman Ali.
8 years ago
Mickey Sola
f75c04b0c4
bb11941 - fixing UAF in mbox exportBounceMessage. Original patch submitted by Suleman Ali
8 years ago
Micah Snyder
7cf2a70104
b11939: adding fix as recommended by bug reporter along with a couple extra lines to ensure freed pointers are set to NULL.
8 years ago
Mickey Sola
d1100be31a
bb11940 - fixing heap overflow in rfc2037. Patch submitted by Suleman Ali
8 years ago
Mickey Sola
39c89d14a6
bb11945 - fixing null dereference of blob pointer
8 years ago
Steven Morgan
38da4800bf
bb11943 - add check to mew.c for out of bounds read. Patch supplied by Suleman Ali.
8 years ago
Steven Morgan
292d6878fa
bb11946 - check that tar checksum is within bounds. Patch supplied by Suleman Ali.
8 years ago
Micah Snyder
77326673e2
Adding missing -1 that enables trimming of trailing spaces in mbox parsing code.
8 years ago
Micah Snyder
ad905e5391
forgot to remove a few stats submission related option checking in clamd
8 years ago
Micah Snyder
22880de038
eliminating additional option references to stat collection and submission until such time as a new stats website and associated clamav code is ready.
8 years ago
Micah Snyder
eaa711526c
1) improved debug messages
...
2) accept files in the cab with 0-byte (just a null terminator) lengths. I don’t know that there are any real cabs that have this, but it’s conceivable.
3) only try to sanitize if we actually got the filename correctly (I forgot to put an else{} around it when I added filename sanitization).
4) reset the parsing offset to the beginning of the file entries in case the # of folder entries found did not match the # stated in the header. (This could help or hurt in a malformed cab header depending on exactly how it was malformed. Actual value gained… hard to say).
8 years ago
Steven Morgan
dc30ba752d
bb11910 - remove DetectionStatsHostID.
8 years ago
Micah Snyder
8dbf92a40f
Adding some debug strings for cab parsing that existed in 0.99.2. Adding code that sterilizes garbage data that is read in as a string so it is not output to stderr when --debug is enabled.
8 years ago
Steven Morgan
b2f59861ee
bb11915 - Fix for whitelisting bytecode signatures. Patch by Georgy Salnikov.
8 years ago
Micah Snyder
7dbfe2412e
Updating win32 readme
8 years ago
Micah Snyder
5812c75fa3
updating git commits, sln to fix build, and most importantly adding macro definitions to cltypes in support of Windows.
8 years ago
Micah Snyder
a33b7b655f
adding code to fail out of cab header parsing function if at the end of the function no files were added to the file list (i.e. format issue with header)
8 years ago
Micah Snyder
b470fcb998
fixing small memory leak.
8 years ago
Micah Snyder
e8e02f69df
fixing decompression hack for LZX since we increased CAB_BLOCKMAX. adding some debug messages and eliminating one that no longer makes sense.
8 years ago
Micah Snyder
0cf59dddb3
eliminating warning for redefinition, correcting end of dbg buffer newline line.
8 years ago
Micah Snyder
ab096116b6
fmin resulted in an incorrect value. switching to just use UINT_MAX because we know that will be the minimum in the statement anyways.
8 years ago
Micah Snyder
1245231999
adding fix that limits cabmax size to UINT_MAX
8 years ago
Micah Snyder
520b0fd317
updating max cab size t 64k as was in old implementation, even though it's technically higher than the spec. adding back size checks. adding fix to mspack_fmap_alloc to zero the mem.
8 years ago