5a3c50ca84
Changing the license for the complete-re-written unrar_iface code from LGPL to the BSD 3-Clause license, updating the copyright years, and adding Micah Snyder as an author.
7 years ago
07e80eb8ea
Modification to unrar codebase to enable keeping broken (bad CRC) files so that they can be scanned.
7 years ago
d39cb6581f
Updating libclamunrar from legacy C implementation to modern unrar 5.6.5. API changes and supporting changes included to pass the filepath of the scanned file into libclamav through the cli_ctx structure, required by the unrar library to open archives. The filename argument may be optional for the scandesc scanning variant, but libclamav will make a best effort to identify the filename from the file descriptor if it was not provided. In addition, included the ability to prefix temp file and directory names with file basenames.
7 years ago
9ead69043b
messageAddArguments: accept argument values with unbalanced quotes
...
If a quoted mime argument is unterminated, use all remaining line characters.
7 years ago
dd8a6b10b2
Freshclam improvements. Some simplification and cleanup of mirror management functions. Reduced mirror blacklist timeouts. Added ignore time-remaining output to --list-mirrors option. Made freshclam lenient when the database version is 1 behind what was advertised by DNS. Database updates will still fail if the hosted version is more than 1 version out of date.
7 years ago
f61e92da8f
Changing numerous scan options' names, primarily those of heuristic signatature alert options. Original options (command line and clamd) will remain as deprecated & undocumented for a couple releases. Added 2 extra scan options to allow users to differentiate between alerting on encrypted archives vs encrypted documents (bb11911).
7 years ago
9dcc0f7a74
Integrated new PE file unpacking capabilities for versions of Aspack up to 2.42, courtesy of Emmanuel Tacheau.
7 years ago
ef8f17542c
update freshclam to match exit codes defined in freshclam.1
7 years ago
d7979d4ff7
Restructured scan options flags from a single bitflag field to a structure containing multiple bitflag fields. This also required adding a new function to the bytecode API to get scan options a la carte, and modifying the existing function to hand back scan options in the old/deprecated uint32_t bitflag format. Re-generated bytecode iface header files.
...
Updated libclamav documentation detailing new scan options structure.
Renamed references to 'algorithmic' detection to 'heuristic' detection. Renaming references to 'properties' to 'collect metadata'.
Renamed references to 'scan all' to 'scan all match'.
Renamed a couple of 'Hueristic.*' signature names as 'Heuristics.*' signatures (plural) to match majority of other heuristics.
7 years ago
89d5207b31
Added new pdf object stream parsing capability.
7 years ago
e551468a03
Initializing virname to NULL in cases where it was uninitialized.
7 years ago
2459b65198
Replaced vdproj Installer Project setup build files with Inno Setup build file. Updated win32 README accordingly.
7 years ago
3a64e676b1
autojunk'd
7 years ago
5450d4579b
Make milter to respect $THREAD_LIBS instead of force -lpthread
7 years ago
5bc6fdb8b1
OnAccessExtraScanning: log in verbose mode
...
Before this patch, if OnAccessExtraScanning was active every
file/directory access would have generate a log line.
7 years ago
65ce67f911
0.101.0 - Removing call to EVP_cleanup since cleanup is now handled by auto-deinit
7 years ago
1f8557443e
autojunk'd
7 years ago
dfd6feb862
0.101 - pr87 - normalizing/correcting json m4 macro logic based on curl macro logic patch provided by Thomas Petazzoni
7 years ago
65ee1b8ec2
m4/reorganization/libs/curl.m4: fix curl-config detection logic
...
The current logic in curl.m4 doesn't behave properly when
--without-libcurl is passed to the ./configure script.
Indeed, in this case what happens is that:
(1) Since --without-libcurl is passed, LIBCURL_HOME is set to nothing
(2) find_curl is set to "no"
(3) Due to find_curl being "no", LIBCURL_HOME is not set to
/usr/local and remains empty
(4) We test if $LIBCURL_HOME/bin/curl_config exists, which is
equivalent to testing if /bin/curl-config exists. So curl.m4 is
looking at /bin/curl-config, which is irrelevant in a
cross-compilation context: it is not because the build machine
has libcurl installed that it is available for the target.
Due to this mistake, it sets have_curl="yes"
Due to this, the ./configure script assumes it can build the
clamsubmit program, which fails at build time because curl/curl.h
doesn't exist.
To fix this, this commit rewrites the curl-config detection logic with
a simpler loop. If find_curl=yes, it means we have to find libcurl
ourselves, so we iterate over /usr/local and /usr, and check if a
bin/curl-config binary is available there. If so, we use this path as
LIBCURL_HOME and set have_curl="yes".
This preserves the existing behavior, while fixing the situation where
--without-libcurl is passed, but /bin/curl-config exists.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
7 years ago
a8c77430fd
Removed cfgfile, line variables from optadditem()
...
cfgfile and line variables make no sense as the function optadditem() exists to allow library users to set options programmatically without a config file.
7 years ago
33f14a688d
Include filename in config file line reports
7 years ago
7c3bba4746
bb12155: wrapping AID_ADDRCONFIG flag with #ifdef so enable builds on older systems.
7 years ago
4db33d075e
Adjusting HWP(v3) offset checks for 3 instances where it is legitimate for the offset to land at the exact end of the file.
7 years ago
159cf09561
autojunk'd
7 years ago
5a8bf449ca
bb12118: Increased recommended pcre2 version to 10.30 to avoid possible stack overflows. Adding warning for pcre users who should switch to pcre2. Updating warnings for pcre, pcre2 versions affected by 1 or more CVE's.
7 years ago
f67a9b7508
bb12118: Lowering the default PCRERecMatchLimit from 5000 to 2000, to minimize risk of segfault due to bug in older versions of libpcre/libpcrev2.
7 years ago
27aa41e0a0
autojunk'd
7 years ago
1e34093976
bb12091 - 0.101.x - adding pkg-config macro to fix conditional check failures for specificied configure options
7 years ago
6103512bcc
[PATCH] Remove AllowSupplementaryGroups
...
I got rid of AllowSupplementaryGroups in commit 2ea4230df2
7 years ago
aec4d6e4a2
Adding 0.100.1 release notes.
7 years ago
f842e965fe
Replacing strntol with strntoul to ensure proper (un)signedness when parsing numbers from PDFs.
7 years ago
3955b36133
Adjustment to pdf find_obj logic to allow the parser to skip, continue when it finds objects that cannot be parsed and may not in fact be objects at all.
7 years ago
2176b2c358
Uncommenting len adjustment that is clearly correct, needed.
7 years ago
bf6e777fa7
bb12133: Wrapping cli_strntol to provide easy error detection. Applying cli_strntol_wrap with error checking. Adding logic to identify when a parsing error is in fact a new revision of the PDF.
7 years ago
53cbdee38a
bb12133: Implementing cli_strntol based on gnu gcc's strtol implementation with modifications to limit string buffer length for non-null terminated strings. Using cli_strntol in pdf.c for added safety.
7 years ago
a79be7590e
bb12134: Adding missing len decrement and adding additional len check.
7 years ago
6d79990fee
100.1 - rar - reverting and fixing issues found with changes found to rar extraction during regression.
7 years ago
16a8c6487c
Adjusting HWP offset check to account for the possibility of a zero-cell or zero-line situation.
7 years ago
96c369dfc7
Replacing debug log that was accidentally removed by the previous commit.
7 years ago
73606e9f94
bb12122: improving bounds checking in a more intuitive way, and adding additional check that I missed earlier.
7 years ago
f2833bb019
bb12122: Adding checks to validate offsets parsed from file.
7 years ago
783fdd34a8
Patch from libxml2 upstream, 899a5d9f0ed13b8e32449a08a361e0de127dd961. Detect infinite recursion in parameter entities. When expanding a parameter entity in a DTD, infinite recursion could lead to an infinite loop or memory exhaustion.
7 years ago
57cfc5dddb
bb12059 - 100.1 - fixing potential buffer reads based on values from unintialized vars when unpacking rar files
7 years ago
518dcc33eb
bb12107 - 100.1 - fixing oob heap read in mspack
7 years ago
992de2e2c0
bb12031 - 0.100.1 - resolving pdf parsing DoS; patch by aCaB
7 years ago
a8e02d0178
Correction to Makefile.am and autoreconf to immediately evaluate variable and avoid recursive behavior.
7 years ago
36346c4615
0.100.1 - Additional Makefile fix from Tom Judge to correct CFLAGS include path order for libclamav's build of mspack.
7 years ago
48dc7a9c67
0.100.1 - fixing segfault caused by a linking order issue which occurred when updating to a newer version of clam, patch by Tom Judge
7 years ago
9957ff3c66
Adding bytecode functionlity level for 0.100.1. Incrementing the CL_FLEVEL to 100 for 0.101.
7 years ago
a46a106a2a
Adding additional free() calls in error conditions for str variable that isn't cleaned up at the end of the function.
7 years ago
Micah Snyder