[Pkg-clamav-commits] [SCM] Debian repository for ClamAV branch, debian/unstable, updated. debian/0.95+dfsg-1-6156-g094ec9b
aCaB
acab at clamav.net
Sun Apr 4 01:02:36 UTC 2010
The following commit has been merged in the debian/unstable branch:
commit cb680655f1590e07d11e7211b489bbd8accbf83e
Author: aCaB <acab at clamav.net>
Date: Sun Aug 30 19:46:26 2009 +0200
unify mail-container scans
diff --git a/ChangeLog b/ChangeLog
index d09650a..7ba9ce9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+Sun Aug 30 23:56:49 CEST 2009 (acab)
+------------------------------------
+ * libclamav: unify CL_TYPE_MAIL scanning
+
Wed Aug 26 23:37:04 CEST 2009 (tk)
----------------------------------
* libclamav/matcher-ac.c: improve handling of signature offsets
diff --git a/libclamav/blob.c b/libclamav/blob.c
index 49bd398..f47a2ac 100644
--- a/libclamav/blob.c
+++ b/libclamav/blob.c
@@ -648,16 +648,10 @@ fileblobScan(const fileblob *fb)
fflush(fb->fp);
lseek(fb->fd, 0, SEEK_SET);
- rc = cli_magic_scandesc(fb->fd, fb->ctx);
- if(rc == CL_CLEAN) {
- lseek(fb->fd, 0, SEEK_SET);
- ftype = cli_filetype2(fb->fd, fb->ctx->engine);
- if(ftype >= CL_TYPE_TEXT_ASCII && ftype <= CL_TYPE_TEXT_UTF16BE) {
- lseek(fb->fd, 0, SEEK_SET);
- rc = cli_scandesc(fb->fd, fb->ctx, CL_TYPE_MAIL, 0, NULL, AC_SCAN_VIR);
- }
- }
+ fb->ctx->container_type = CL_TYPE_MAIL;
+ rc = cli_magic_scandesc(fb->fd, fb->ctx);
+ fb->ctx->container_type = 0;
if(rc == CL_VIRUS) {
cli_dbgmsg("%s is infected\n", fb->fullname);
diff --git a/libclamav/others.h b/libclamav/others.h
index 592f138..1c3f58f 100644
--- a/libclamav/others.h
+++ b/libclamav/others.h
@@ -37,6 +37,7 @@
#include "clamav.h"
#include "dconf.h"
+#include "filetypes.h"
#include "libclamunrar_iface/unrar_iface.h"
#include "regex/regex.h"
@@ -106,6 +107,7 @@ typedef struct {
unsigned int recursion;
unsigned int scannedfiles;
unsigned int found_possibly_unwanted;
+ cli_file_t container_type; /* FIXME: to be made into a stack or array - see bb#1579 & bb#1293 */
struct cli_dconf *dconf;
} cli_ctx;
diff --git a/libclamav/scanners.c b/libclamav/scanners.c
index 0d7afe5..89a9f19 100644
--- a/libclamav/scanners.c
+++ b/libclamav/scanners.c
@@ -108,7 +108,7 @@
static int cli_scanfile(const char *filename, cli_ctx *ctx);
-static int cli_scandir(const char *dirname, cli_ctx *ctx, cli_file_t container)
+static int cli_scandir(const char *dirname, cli_ctx *ctx)
{
DIR *dd;
struct dirent *dent;
@@ -120,8 +120,6 @@ static int cli_scandir(const char *dirname, cli_ctx *ctx, cli_file_t container)
#endif
struct stat statbuf;
char *fname;
- int fd, ret = CL_CLEAN;
- cli_file_t ftype;
if((dd = opendir(dirname)) != NULL) {
@@ -149,7 +147,7 @@ static int cli_scandir(const char *dirname, cli_ctx *ctx, cli_file_t container)
/* stat the file */
if(lstat(fname, &statbuf) != -1) {
if(S_ISDIR(statbuf.st_mode) && !S_ISLNK(statbuf.st_mode)) {
- if(cli_scandir(fname, ctx, container) == CL_VIRUS) {
+ if(cli_scandir(fname, ctx) == CL_VIRUS) {
free(fname);
closedir(dd);
return CL_VIRUS;
@@ -161,27 +159,6 @@ static int cli_scandir(const char *dirname, cli_ctx *ctx, cli_file_t container)
closedir(dd);
return CL_VIRUS;
}
-
- if(container == CL_TYPE_MAIL) {
- fd = open(fname, O_RDONLY|O_BINARY);
- if(fd == -1) {
- char err[128];
- cli_warnmsg("Cannot open file %s: %s, mode: %x\n", fname, cli_strerror(errno, err, sizeof(err)), statbuf.st_mode);
- free(fname);
- continue;
- }
- ftype = cli_filetype2(fd, ctx->engine);
- if(ftype >= CL_TYPE_TEXT_ASCII && ftype <= CL_TYPE_TEXT_UTF16BE) {
- lseek(fd, 0, SEEK_SET);
- ret = cli_scandesc(fd, ctx, CL_TYPE_MAIL, 0, NULL, AC_SCAN_VIR);
- }
- close(fd);
- if(ret == CL_VIRUS) {
- free(fname);
- closedir(dd);
- return CL_VIRUS;
- }
- }
}
}
}
@@ -365,7 +342,7 @@ static int cli_scanrar(int desc, cli_ctx *ctx, off_t sfx_offset, uint32_t *sfx_c
metadata = metadata_tmp = rar_state.metadata;
- if(cli_scandir(rar_state.comment_dir, ctx, 0) == CL_VIRUS)
+ if(cli_scandir(rar_state.comment_dir, ctx) == CL_VIRUS)
ret = CL_VIRUS;
cli_unrar_close(&rar_state);
@@ -820,7 +797,7 @@ static int cli_vba_scandir(const char *dirname, cli_ctx *ctx, struct uniq *U)
fd = open(vbaname, O_RDONLY|O_BINARY);
if (fd == -1) continue;
if ((fullname = cli_ppt_vba_read(fd, ctx))) {
- if(cli_scandir(fullname, ctx, 0) == CL_VIRUS) {
+ if(cli_scandir(fullname, ctx) == CL_VIRUS) {
ret = CL_VIRUS;
}
if(!ctx->engine->keeptmp)
@@ -1007,7 +984,7 @@ static int cli_scanhtml(int desc, cli_ctx *ctx)
if (ret == CL_CLEAN) {
snprintf(fullname, 1024, "%s/rfc2397", tempname);
- ret = cli_scandir(fullname, ctx, 0);
+ ret = cli_scandir(fullname, ctx);
}
if(!ctx->engine->keeptmp)
@@ -1197,7 +1174,7 @@ static int cli_scanole2(int desc, cli_ctx *ctx)
ret = cli_vba_scandir(dir, ctx, vba);
uniq_free(vba);
if(ret != CL_VIRUS)
- if(cli_scandir(dir, ctx, 0) == CL_VIRUS)
+ if(cli_scandir(dir, ctx) == CL_VIRUS)
ret = CL_VIRUS;
ctx->recursion--;
}
@@ -1256,7 +1233,7 @@ static int cli_scanbinhex(int desc, cli_ctx *ctx)
if((ret = cli_binhex(dir, desc)))
cli_dbgmsg("Binhex: %s\n", cl_strerror(ret));
else
- ret = cli_scandir(dir, ctx, 0);
+ ret = cli_scandir(dir, ctx);
if(!ctx->engine->keeptmp)
cli_rmdirs(dir);
@@ -1342,7 +1319,7 @@ static int cli_scanscrenc(int desc, cli_ctx *ctx)
}
if (html_screnc_decode(desc, tempname))
- ret = cli_scandir(tempname, ctx, 0);
+ ret = cli_scandir(tempname, ctx);
if(!ctx->engine->keeptmp)
cli_rmdirs(tempname);
@@ -1504,7 +1481,7 @@ static int cli_scantnef(int desc, cli_ctx *ctx)
ret = cli_tnef(dir, desc, ctx);
if(ret == CL_CLEAN)
- ret = cli_scandir(dir, ctx, 0);
+ ret = cli_scandir(dir, ctx);
if(!ctx->engine->keeptmp)
cli_rmdirs(dir);
@@ -1530,7 +1507,7 @@ static int cli_scanuuencoded(int desc, cli_ctx *ctx)
ret = cli_uuencode(dir, desc);
if(ret == CL_CLEAN)
- ret = cli_scandir(dir, ctx, 0);
+ ret = cli_scandir(dir, ctx);
if(!ctx->engine->keeptmp)
cli_rmdirs(dir);
@@ -1567,7 +1544,9 @@ static int cli_scanmail(int desc, cli_ctx *ctx)
return ret;
}
- ret = cli_scandir(dir, ctx, CL_TYPE_MAIL);
+ ctx->container_type = CL_TYPE_MAIL;
+ ret = cli_scandir(dir, ctx);
+ ctx->container_type = 0;
if(!ctx->engine->keeptmp)
cli_rmdirs(dir);
@@ -1881,6 +1860,7 @@ int cli_magic_scandesc(int desc, cli_ctx *ctx)
cli_file_t type, dettype = 0;
struct stat sb;
uint8_t typercg = 1;
+ cli_file_t current_container = ctx->container_type; /* TODO: container tracking code TBD - bb#1293 */
if(ctx->engine->maxreclevel && ctx->recursion > ctx->engine->maxreclevel) {
cli_dbgmsg("cli_magic_scandesc: Archive recursion limit exceeded (%u, max: %u)\n", ctx->recursion, ctx->engine->maxreclevel);
@@ -1934,8 +1914,8 @@ int cli_magic_scandesc(int desc, cli_ctx *ctx)
lseek(desc, 0, SEEK_SET);
}
+ ctx->container_type = 0;
ctx->recursion++;
-
switch(type) {
case CL_TYPE_IGNORED:
break;
@@ -2131,6 +2111,7 @@ int cli_magic_scandesc(int desc, cli_ctx *ctx)
break;
}
ctx->recursion--;
+ ctx->container_type = current_container;
if(ret == CL_VIRUS)
return CL_VIRUS;
@@ -2157,6 +2138,8 @@ int cli_magic_scandesc(int desc, cli_ctx *ctx)
case CL_TYPE_TEXT_UTF8:
if((DCONF_DOC & DOC_CONF_SCRIPT) && dettype != CL_TYPE_HTML)
ret = cli_scanscript(desc, ctx);
+ if(ret != CL_VIRUS && ctx->container_type == CL_TYPE_MAIL)
+ ret = cli_scandesc(desc, ctx, CL_TYPE_MAIL, 0, NULL, AC_SCAN_VIR);
break;
/* Due to performance reasons all executables were first scanned
* in raw mode. Now we will try to unpack them
@@ -2194,6 +2177,7 @@ int cl_scandesc(int desc, const char **virname, unsigned long int *scanned, cons
ctx.scanned = scanned;
ctx.options = scanoptions;
ctx.found_possibly_unwanted = 0;
+ ctx.container_type = 0;
ctx.dconf = (struct cli_dconf *) engine->dconf;
rc = cli_magic_scandesc(desc, &ctx);
--
Debian repository for ClamAV
More information about the Pkg-clamav-commits
mailing list