[Pkg-clamav-commits] [SCM] Debian repository for ClamAV branch, debian/unstable, updated. debian/0.95+dfsg-1-6156-g094ec9b
Tomasz Kojm
tkojm at clamav.net
Sun Apr 4 01:08:58 UTC 2010
The following commit has been merged in the debian/unstable branch:
commit 5ccfa0b76a97f08e1b5656c0622ebdc196ada1c5
Author: Tomasz Kojm <tkojm at clamav.net>
Date: Tue Nov 3 15:19:43 2009 +0100
libclamav/readdb.c: return error if lsig contains redundant subsigs
diff --git a/ChangeLog b/ChangeLog
index 730aec5..ee80dee 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+Tue Nov 3 15:18:14 CET 2009 )tk)
+---------------------------------
+ * libclamav/readdb.c: return error if lsig contains redundant subsigs
+
Sun Nov 1 21:26:10 CET 2009 (acab)
-----------------------------------
* win32: improve build system
diff --git a/libclamav/readdb.c b/libclamav/readdb.c
index 64d392f..0a56fcb 100644
--- a/libclamav/readdb.c
+++ b/libclamav/readdb.c
@@ -856,7 +856,7 @@ static int lsigattribs(char *attribs, struct cli_lsig_tdb *tdb)
#define LDB_TOKENS 67
static int cli_loadldb(FILE *fs, struct cl_engine *engine, unsigned int *signo, unsigned int options, struct cli_dbio *dbio, const char *dbname)
{
- char *tokens[LDB_TOKENS];
+ char *tokens[LDB_TOKENS + 1];
char buffer[CLI_DEFAULT_LSIG_BUFSIZE + 1], *buffer_cpy, *pt;
const char *sig, *virname, *offset, *logic;
struct cli_matcher *root;
@@ -882,7 +882,7 @@ static int cli_loadldb(FILE *fs, struct cl_engine *engine, unsigned int *signo,
if(engine->ignored)
strcpy(buffer_cpy, buffer);
- tokens_count = cli_strtokenize(buffer, ';', LDB_TOKENS, (const char **) tokens);
+ tokens_count = cli_strtokenize(buffer, ';', LDB_TOKENS + 1, (const char **) tokens);
if(tokens_count < 4) {
ret = CL_EMALFDB;
break;
@@ -911,6 +911,12 @@ static int cli_loadldb(FILE *fs, struct cl_engine *engine, unsigned int *signo,
break;
}
+ if(subsigs != tokens_count - 3) {
+ cli_errmsg("cli_loadldb: The number of subsignatures (== %u) doesn't match the IDs in the logical expression (== %u)\n", tokens_count - 3, subsigs);
+ ret = CL_EMALFDB;
+ break;
+ }
+
/* TDB */
memset(&tdb, 0, sizeof(tdb));
#ifdef USE_MPOOL
@@ -984,11 +990,6 @@ static int cli_loadldb(FILE *fs, struct cl_engine *engine, unsigned int *signo,
root->ac_lsigtable = newtable;
for(i = 0; i < subsigs; i++) {
- if(i + 3 >= tokens_count) {
- cli_errmsg("cli_loadldb: Missing subsignature id %u\n", i);
- ret = CL_EMALFDB;
- break;
- }
lsigid[1] = i;
sig = tokens[3 + i];
--
Debian repository for ClamAV
More information about the Pkg-clamav-commits
mailing list