[Pkg-clamav-commits] [SCM] Debian repository for ClamAV branch, debian/unstable, updated. debian/0.95+dfsg-1-6156-g094ec9b
aCaB
acab at clamav.net
Sun Apr 4 01:11:26 UTC 2010
The following commit has been merged in the debian/unstable branch:
commit cca29953514fd8d267ede4ebec2ea144c529af2a
Author: aCaB <acab at clamav.net>
Date: Fri Dec 11 00:52:16 2009 +0100
icon matching functions
diff --git a/libclamav/others.h b/libclamav/others.h
index d834c6d..dc2f907 100644
--- a/libclamav/others.h
+++ b/libclamav/others.h
@@ -114,6 +114,7 @@ typedef struct {
} cli_ctx;
struct icomtr {
+ uint32_t group[2];
unsigned int color_avg[3];
unsigned int color_x[3];
unsigned int color_y[3];
@@ -139,6 +140,13 @@ struct icomtr {
char *name;
};
+struct icon_matcher {
+ char **group_names[2];
+ unsigned int group_counts[2];
+ struct icomtr *icons[3];
+ unsigned int icon_counts[3];
+};
+
struct cl_engine {
uint32_t refcount; /* reference counter */
uint32_t sdb;
@@ -204,8 +212,7 @@ struct cl_engine {
char *pua_cats;
/* Icon reference storage */
- struct icomtr *icons[3];
- unsigned int icon_counts[3];
+ struct icon_matcher *iconcheck;
/* Used for memory pools */
mpool_t *mempool;
diff --git a/libclamav/pe.c b/libclamav/pe.c
index 464c00c..b6df349 100644
--- a/libclamav/pe.c
+++ b/libclamav/pe.c
@@ -471,7 +471,7 @@ static void cli_parseres_special(uint32_t base, uint32_t rva, fmap_t *map, struc
fmap_unneed_ptr(map, oentry, entries*8);
}
-int cli_scanpe(cli_ctx *ctx)
+int cli_scanpe(cli_ctx *ctx, unsigned int *icongrps1, unsigned int *icongrps2)
{
uint16_t e_magic; /* DOS signature ("MZ") */
uint16_t nsections;
@@ -1042,11 +1042,13 @@ int cli_scanpe(cli_ctx *ctx)
cli_dbgmsg("EntryPoint offset: 0x%x (%d)\n", ep, ep);
- if(!dll && dirs[2].Size) { /* RES */
- if(scanicon(EC32(dirs[2].VirtualAddress), ctx, exe_sections, nsections, hdr_size) == CL_VIRUS) {
- free(exe_sections);
- return CL_VIRUS;
- }
+ if(icongrps1 || icongrps2){
+ if(!dll && dirs[2].Size && scanicon(icongrps1, icongrps2, EC32(dirs[2].VirtualAddress), ctx, exe_sections, nsections, hdr_size) == CL_VIRUS) {
+ free(exe_sections);
+ return CL_VIRUS;
+ }
+ free(exe_sections);
+ return CL_CLEAN;
}
if(pe_plus) { /* Do not continue for PE32+ files */
diff --git a/libclamav/pe.h b/libclamav/pe.h
index b451f6d..bfe416d 100644
--- a/libclamav/pe.h
+++ b/libclamav/pe.h
@@ -129,7 +129,7 @@ struct pe_image_section_hdr {
uint32_t Characteristics;
};
-int cli_scanpe(cli_ctx *ctx);
+int cli_scanpe(cli_ctx *ctx, unsigned int *icongrp1, unsigned int *icongrp2);
int cli_peheader(fmap_t *map, struct cli_exe_info *peinfo);
diff --git a/libclamav/pe_icons.c b/libclamav/pe_icons.c
index 11652e0..58ce44b 100644
--- a/libclamav/pe_icons.c
+++ b/libclamav/pe_icons.c
@@ -74,9 +74,9 @@ static int icon_cb(void *ptr, uint32_t type, uint32_t name, uint32_t lang, uint3
}
-static int parseicon(uint32_t rva, cli_ctx *ctx, struct cli_exe_section *exe_sections, uint16_t nsections, uint32_t hdr_size);
+static int parseicon(unsigned int *grp1, unsigned int *grp2, uint32_t rva, cli_ctx *ctx, struct cli_exe_section *exe_sections, uint16_t nsections, uint32_t hdr_size);
-int scanicon(uint32_t resdir_rva, cli_ctx *ctx, struct cli_exe_section *exe_sections, uint16_t nsections, uint32_t hdr_size) {
+int scanicon(unsigned int *grp1, unsigned int *grp2, uint32_t resdir_rva, cli_ctx *ctx, struct cli_exe_section *exe_sections, uint16_t nsections, uint32_t hdr_size) {
struct GICONS gicons;
struct ICONS icons;
unsigned int curicon, err;
@@ -122,7 +122,7 @@ int scanicon(uint32_t resdir_rva, cli_ctx *ctx, struct cli_exe_section *exe_sect
}
for(curicon=0; curicon<icons.cnt; curicon++) {
- if(parseicon(icons.rvas[curicon], ctx, exe_sections, nsections, hdr_size) == CL_VIRUS)
+ if(parseicon(grp1, grp2, icons.rvas[curicon], ctx, exe_sections, nsections, hdr_size) == CL_VIRUS)
return CL_VIRUS;
}
return 0;
@@ -747,6 +747,7 @@ static int getmetrics(unsigned int side, unsigned int *imagedata, struct icomtr
unsigned int x, y, xk, yk, i, j, *tmp;
unsigned int ksize = side / 4, bwonly = 0;
unsigned int edge_avg[6], edge_x[6], edge_y[6], noedge_avg[6], noedge_x[6], noedge_y[6];
+ double *sobel;
if(!(tmp = cli_malloc(side*side*4*2)))
return CL_EMEM;
@@ -909,13 +910,13 @@ static int getmetrics(unsigned int side, unsigned int *imagedata, struct icomtr
/* Sobel 1 - gradients */
i = 0;
#ifdef USE_FLOATS
- double *sobel = cli_malloc(side * side * sizeof(double));
+ sobel = cli_malloc(side * side * sizeof(double));
if(!sobel) {
free(tmp);
return CL_EMEM;
}
#else
- unsigned int *sobel = imagedata;
+#define sobel imagedata
#endif
for(y=0; y<side; y++) {
for(x=0; x<side; x++) {
@@ -1098,7 +1099,7 @@ static int getmetrics(unsigned int side, unsigned int *imagedata, struct icomtr
cli_dbgmsg("edge areas: %u@(%u,%u) %u@(%u,%u) %u@(%u,%u)\n", res->edge_avg[0], res->edge_x[0], res->edge_y[0], res->edge_avg[1], res->edge_x[1], res->edge_y[1], res->edge_avg[2], res->edge_x[2], res->edge_y[2]);
cli_dbgmsg("noedge areas: %u@(%u,%u) %u@(%u,%u) %u@(%u,%u)\n", res->noedge_avg[0], res->noedge_x[0], res->noedge_y[0], res->noedge_avg[1], res->noedge_x[1], res->noedge_y[1], res->noedge_avg[2], res->noedge_x[2], res->noedge_y[2]);
cli_dbgmsg("%s areas: %u@(%u,%u) %u@(%u,%u) %u@(%u,%u)\n", bwonly?"edge(2nd)":"color", res->color_avg[0], res->color_x[0], res->color_y[0], res->color_avg[1], res->color_x[1], res->color_y[1], res->color_avg[2], res->color_x[2], res->color_y[2]);
- cli_dbgmsg("%s areas: %u@(%u,%u) %u@(%u,%u) %u@(%u,%u)\n", bwonly?"noedge":"gray", res->gray_avg[0], res->gray_x[0], res->gray_y[0], res->gray_avg[1], res->gray_x[1], res->gray_y[1], res->gray_avg[2], res->gray_x[2], res->gray_y[2]);
+ cli_dbgmsg("%s areas: %u@(%u,%u) %u@(%u,%u) %u@(%u,%u)\n", bwonly?"noedge(2nd)":"gray", res->gray_avg[0], res->gray_x[0], res->gray_y[0], res->gray_avg[1], res->gray_x[1], res->gray_y[1], res->gray_avg[2], res->gray_x[2], res->gray_y[2]);
cli_dbgmsg("bright areas: %u@(%u,%u) %u@(%u,%u) %u@(%u,%u)\n", res->bright_avg[0], res->bright_x[0], res->bright_y[0], res->bright_avg[1], res->bright_x[1], res->bright_y[1], res->bright_avg[2], res->bright_x[2], res->bright_y[2]);
cli_dbgmsg("dark areas: %u@(%u,%u) %u@(%u,%u) %u@(%u,%u)\n", res->dark_avg[0], res->dark_x[0], res->dark_y[0], res->dark_avg[1], res->dark_x[1], res->dark_y[1], res->dark_avg[2], res->dark_x[2], res->dark_y[2]);
if(!bwonly)
@@ -1152,7 +1153,7 @@ static int getmetrics(unsigned int side, unsigned int *imagedata, struct icomtr
}
-static int parseicon(uint32_t rva, cli_ctx *ctx, struct cli_exe_section *exe_sections, uint16_t nsections, uint32_t hdr_size) {
+static int parseicon(unsigned int *grp1, unsigned int *grp2, uint32_t rva, cli_ctx *ctx, struct cli_exe_section *exe_sections, uint16_t nsections, uint32_t hdr_size) {
struct {
unsigned int sz;
unsigned int w;
@@ -1174,6 +1175,10 @@ static int parseicon(uint32_t rva, cli_ctx *ctx, struct cli_exe_section *exe_sec
unsigned int err, scalemode = 2, enginesize;
fmap_t *map = *ctx->fmap;
uint32_t icoff = cli_rawaddr(rva, exe_sections, nsections, &err, map->len, hdr_size);
+ struct icon_matcher *matcher;
+
+ if(!ctx || !ctx->engine || !(matcher=ctx->engine->iconcheck))
+ return CL_SUCCESS;
/* read the bitmap header */
if(err || !(imagedata = fmap_need_off_once(map, icoff, 4))) {
@@ -1405,35 +1410,49 @@ static int parseicon(uint32_t rva, cli_ctx *ctx, struct cli_exe_section *exe_sec
free(imagedata);
enginesize = (width >> 3) - 2;
- for(x=0; x<ctx->engine->icon_counts[enginesize]; x++) {
+ for(x=0; x<matcher->icon_counts[enginesize]; x++) {
unsigned int color = 0, gray = 0, bright, dark, edge, noedge, reds, greens, blues, ccount;
unsigned int colors, confidence, bwmatch = 0, positivematch = 64 + 4*(2-enginesize);
+ unsigned int i, j;
- if(!metrics.ccount && !ctx->engine->icons[enginesize][x].ccount) {
+ if(grp1) {
+ unsigned int *g1 = grp1;
+ while(*g1 && *g1 != matcher->icons[enginesize][x].group[0]+1)
+ g1++;
+ if(!*g1) continue;
+ }
+ if(grp2) {
+ unsigned int *g2 = grp2;
+ while(*g2 && *g2 != matcher->icons[enginesize][x].group[1]+1)
+ g2++;
+ if(!*g2) continue;
+ }
+
+ if(!metrics.ccount && !matcher->icons[enginesize][x].ccount) {
/* BW matching */
- edge = matchbwpoint(width, metrics.edge_x, metrics.edge_y, metrics.edge_avg, metrics.color_x, metrics.color_y, metrics.color_avg, ctx->engine->icons[enginesize][x].edge_x, ctx->engine->icons[enginesize][x].edge_y, ctx->engine->icons[enginesize][x].edge_avg, ctx->engine->icons[enginesize][x].color_x, ctx->engine->icons[enginesize][x].color_y, ctx->engine->icons[enginesize][x].color_avg);
- noedge = matchbwpoint(width, metrics.noedge_x, metrics.noedge_y, metrics.noedge_avg, metrics.gray_x, metrics.gray_y, metrics.gray_avg, ctx->engine->icons[enginesize][x].noedge_x, ctx->engine->icons[enginesize][x].noedge_y, ctx->engine->icons[enginesize][x].noedge_avg, ctx->engine->icons[enginesize][x].gray_x, ctx->engine->icons[enginesize][x].gray_y, ctx->engine->icons[enginesize][x].gray_avg);
+ edge = matchbwpoint(width, metrics.edge_x, metrics.edge_y, metrics.edge_avg, metrics.color_x, metrics.color_y, metrics.color_avg, matcher->icons[enginesize][x].edge_x, matcher->icons[enginesize][x].edge_y, matcher->icons[enginesize][x].edge_avg, matcher->icons[enginesize][x].color_x, matcher->icons[enginesize][x].color_y, matcher->icons[enginesize][x].color_avg);
+ noedge = matchbwpoint(width, metrics.noedge_x, metrics.noedge_y, metrics.noedge_avg, metrics.gray_x, metrics.gray_y, metrics.gray_avg, matcher->icons[enginesize][x].noedge_x, matcher->icons[enginesize][x].noedge_y, matcher->icons[enginesize][x].noedge_avg, matcher->icons[enginesize][x].gray_x, matcher->icons[enginesize][x].gray_y, matcher->icons[enginesize][x].gray_avg);
bwmatch = 1;
} else {
- edge = matchpoint(width, metrics.edge_x, metrics.edge_y, metrics.edge_avg, ctx->engine->icons[enginesize][x].edge_x, ctx->engine->icons[enginesize][x].edge_y, ctx->engine->icons[enginesize][x].edge_avg, 255);
- noedge = matchpoint(width, metrics.noedge_x, metrics.noedge_y, metrics.noedge_avg, ctx->engine->icons[enginesize][x].noedge_x, ctx->engine->icons[enginesize][x].noedge_y, ctx->engine->icons[enginesize][x].noedge_avg, 255);
- if(metrics.ccount && ctx->engine->icons[enginesize][x].ccount) {
+ edge = matchpoint(width, metrics.edge_x, metrics.edge_y, metrics.edge_avg, matcher->icons[enginesize][x].edge_x, matcher->icons[enginesize][x].edge_y, matcher->icons[enginesize][x].edge_avg, 255);
+ noedge = matchpoint(width, metrics.noedge_x, metrics.noedge_y, metrics.noedge_avg, matcher->icons[enginesize][x].noedge_x, matcher->icons[enginesize][x].noedge_y, matcher->icons[enginesize][x].noedge_avg, 255);
+ if(metrics.ccount && matcher->icons[enginesize][x].ccount) {
/* color matching */
- color = matchpoint(width, metrics.color_x, metrics.color_y, metrics.color_avg, ctx->engine->icons[enginesize][x].color_x, ctx->engine->icons[enginesize][x].color_y, ctx->engine->icons[enginesize][x].color_avg, 4072);
- gray = matchpoint(width, metrics.gray_x, metrics.gray_y, metrics.gray_avg, ctx->engine->icons[enginesize][x].gray_x, ctx->engine->icons[enginesize][x].gray_y, ctx->engine->icons[enginesize][x].gray_avg, 4072);
+ color = matchpoint(width, metrics.color_x, metrics.color_y, metrics.color_avg, matcher->icons[enginesize][x].color_x, matcher->icons[enginesize][x].color_y, matcher->icons[enginesize][x].color_avg, 4072);
+ gray = matchpoint(width, metrics.gray_x, metrics.gray_y, metrics.gray_avg, matcher->icons[enginesize][x].gray_x, matcher->icons[enginesize][x].gray_y, matcher->icons[enginesize][x].gray_avg, 4072);
}
}
- bright = matchpoint(width, metrics.bright_x, metrics.bright_y, metrics.bright_avg, ctx->engine->icons[enginesize][x].bright_x, ctx->engine->icons[enginesize][x].bright_y, ctx->engine->icons[enginesize][x].bright_avg, 255);
- dark = matchpoint(width, metrics.dark_x, metrics.dark_y, metrics.dark_avg, ctx->engine->icons[enginesize][x].dark_x, ctx->engine->icons[enginesize][x].dark_y, ctx->engine->icons[enginesize][x].dark_avg, 255);
+ bright = matchpoint(width, metrics.bright_x, metrics.bright_y, metrics.bright_avg, matcher->icons[enginesize][x].bright_x, matcher->icons[enginesize][x].bright_y, matcher->icons[enginesize][x].bright_avg, 255);
+ dark = matchpoint(width, metrics.dark_x, metrics.dark_y, metrics.dark_avg, matcher->icons[enginesize][x].dark_x, matcher->icons[enginesize][x].dark_y, matcher->icons[enginesize][x].dark_avg, 255);
- reds = abs((int)metrics.rsum - (int)ctx->engine->icons[enginesize][x].rsum) * 10;
+ reds = abs((int)metrics.rsum - (int)matcher->icons[enginesize][x].rsum) * 10;
reds = (reds < 100) * (100 - reds);
- greens = abs((int)metrics.gsum - (int)ctx->engine->icons[enginesize][x].gsum) * 10;
+ greens = abs((int)metrics.gsum - (int)matcher->icons[enginesize][x].gsum) * 10;
greens = (greens < 100) * (100 - greens);
- blues = abs((int)metrics.bsum - (int)ctx->engine->icons[enginesize][x].bsum) * 10;
+ blues = abs((int)metrics.bsum - (int)matcher->icons[enginesize][x].bsum) * 10;
blues = (blues < 100) * (100 - blues);
- ccount = abs((int)metrics.ccount - (int)ctx->engine->icons[enginesize][x].ccount) * 10;
+ ccount = abs((int)metrics.ccount - (int)matcher->icons[enginesize][x].ccount) * 10;
ccount = (ccount < 100) * (100 - ccount);
colors = (reds + greens + blues + ccount) / 4;
@@ -1459,7 +1478,7 @@ static int parseicon(uint32_t rva, cli_ctx *ctx, struct cli_exe_section *exe_sec
cli_warnmsg("confidence: %u\n", confidence);
if(ctx->virname)
- *ctx->virname = ctx->engine->icons[enginesize][x].name;
+ *ctx->virname = matcher->icons[enginesize][x].name;
#ifdef DUMPMATCHING
snprintf(name, sizeof(name), "match-%s-%u%%", *ctx->virname, confidence);
makebmp(name, width, height, imagedata2);
@@ -1474,3 +1493,25 @@ static int parseicon(uint32_t rva, cli_ctx *ctx, struct cli_exe_section *exe_sec
#endif
return CL_SUCCESS;
}
+
+
+int cli_match_icon(cli_ctx *ctx, unsigned int *icongrp1, unsigned int *icongrp2) {
+ if(!ctx || !ctx->engine || !ctx->engine->iconcheck || !ctx->engine->iconcheck->group_counts[0] || !ctx->engine->iconcheck->group_counts[1])
+ return CL_CLEAN;
+ return cli_scanpe(ctx, icongrp1, icongrp2);
+}
+
+int cli_icon_getgroup(const char *group, unsigned int type, cli_ctx *ctx) {
+ struct icon_matcher *matcher;
+ unsigned int i;
+
+ if(type>1 || !ctx || !ctx->engine || !ctx->engine->iconcheck || !ctx->engine->iconcheck->group_counts[type])
+ return 0;
+
+ matcher = ctx->engine->iconcheck;
+ for(i=0; i<matcher->group_counts[type]; i++) {
+ if(!strcmp(group, matcher->group_names[type][i]))
+ return i+1;
+ }
+ return 0;
+}
diff --git a/libclamav/pe_icons.h b/libclamav/pe_icons.h
index feadf50..1bcebfd 100644
--- a/libclamav/pe_icons.h
+++ b/libclamav/pe_icons.h
@@ -22,6 +22,7 @@
#define __PE_ICONS_H
#include "pe.h"
-int scanicon(uint32_t resdir_rva, cli_ctx *ctx, struct cli_exe_section *exe_sections, uint16_t nsections, uint32_t hdr_size);
-
+int scanicon(unsigned int *icongrp1, unsigned int *icongrp2, uint32_t resdir_rva, cli_ctx *ctx, struct cli_exe_section *exe_sections, uint16_t nsections, uint32_t hdr_size);
+int cli_match_icon(cli_ctx *ctx, unsigned int *icongrp1, unsigned int *icongrp2);
+int cli_icon_getgroup(const char *group, unsigned int type, cli_ctx *ctx);
#endif
diff --git a/libclamav/readdb.c b/libclamav/readdb.c
index 52c9a92..861c11d 100644
--- a/libclamav/readdb.c
+++ b/libclamav/readdb.c
@@ -521,7 +521,7 @@ static int cli_loaddb(FILE *fs, struct cl_engine *engine, unsigned int *signo, u
return CL_SUCCESS;
}
-#define ICO_TOKENS 2
+#define ICO_TOKENS 4
static int cli_loadidb(FILE *fs, struct cl_engine *engine, unsigned int *signo, unsigned int options, struct cli_dbio *dbio)
{
const char *tokens[ICO_TOKENS + 1];
@@ -530,7 +530,12 @@ static int cli_loadidb(FILE *fs, struct cl_engine *engine, unsigned int *signo,
int ret = CL_SUCCESS;
unsigned int line = 0, sigs = 0, tokens_count, i, size, enginesize;
struct icomtr *metric;
+ struct icon_matcher *matcher;
+
+ if(!(matcher = (struct icon_matcher *)mpool_calloc(engine->mempool, sizeof(*matcher),1)))
+ return CL_EMEM;
+
if(engine->ignored)
if(!(buffer_cpy = cli_malloc(FILEBUFF)))
return CL_EMEM;
@@ -550,7 +555,7 @@ static int cli_loadidb(FILE *fs, struct cl_engine *engine, unsigned int *signo,
break;
}
- if(strlen(tokens[1]) != 124) {
+ if(strlen(tokens[3]) != 124) {
ret = CL_EMALFDB;
break;
}
@@ -558,7 +563,7 @@ static int cli_loadidb(FILE *fs, struct cl_engine *engine, unsigned int *signo,
if(engine->ignored && cli_chkign(engine->ignored, tokens[0], buffer_cpy))
continue;
- hash = (uint8_t *)tokens[1];
+ hash = (uint8_t *)tokens[3];
if(cli_hexnibbles((char *)hash, 124)) {
cli_errmsg("cli_loadidb: Malformed hash at line %u (bad chars)\n", line);
ret = CL_EMALFDB;
@@ -573,15 +578,15 @@ static int cli_loadidb(FILE *fs, struct cl_engine *engine, unsigned int *signo,
enginesize = (size >> 3) - 2;
hash+=2;
- metric = (struct icomtr *) mpool_realloc(engine->mempool, engine->icons[enginesize], sizeof(struct icomtr) * (engine->icon_counts[enginesize] + 1));
+ metric = (struct icomtr *)mpool_realloc(engine->mempool, matcher->icons[enginesize], sizeof(struct icomtr) * (matcher->icon_counts[enginesize] + 1));
if(!metric) {
ret = CL_EMEM;
break;
}
- engine->icons[enginesize] = metric;
- metric += engine->icon_counts[enginesize];
- engine->icon_counts[enginesize]++;
+ matcher->icons[enginesize] = metric;
+ metric += matcher->icon_counts[enginesize];
+ matcher->icon_counts[enginesize]++;
for(i=0; i<3; i++) {
if((metric->color_avg[i] = (hash[0] << 8) | (hash[1] << 4) | hash[2]) > 4072)
@@ -684,6 +689,34 @@ static int cli_loadidb(FILE *fs, struct cl_engine *engine, unsigned int *signo,
break;
}
+ for(i=0; i<matcher->group_counts[0]; i++) {
+ if(!strcmp(tokens[1], matcher->group_names[0][i]))
+ break;
+ }
+ if(i==matcher->group_counts[0]) {
+ if(!(matcher->group_names[0] = mpool_realloc(engine->mempool, matcher->group_names[0], sizeof(char *) * (i + 1))) ||
+ !(matcher->group_names[0][i] = cli_mpool_strdup(engine->mempool, tokens[1]))) {
+ ret = CL_EMEM;
+ break;
+ }
+ matcher->group_counts[0]++;
+ }
+ metric->group[0] = i;
+
+ for(i=0; i<matcher->group_counts[1]; i++) {
+ if(!strcmp(tokens[2], matcher->group_names[1][i]))
+ break;
+ }
+ if(i==matcher->group_counts[1]) {
+ if(!(matcher->group_names[1] = mpool_realloc(engine->mempool, matcher->group_names[1], sizeof(char *) * (i + 1))) ||
+ !(matcher->group_names[1][i] = cli_mpool_strdup(engine->mempool, tokens[2]))) {
+ ret = CL_EMALFDB;
+ break;
+ }
+ matcher->group_counts[1]++;
+ }
+ metric->group[1] = i;
+
sigs++;
}
if(engine->ignored)
@@ -702,6 +735,7 @@ static int cli_loadidb(FILE *fs, struct cl_engine *engine, unsigned int *signo,
if(signo)
*signo += sigs;
+ engine->iconcheck = matcher;
return CL_SUCCESS;
}
@@ -2358,12 +2392,26 @@ int cl_engine_free(struct cl_engine *engine)
if(engine->pua_cats)
mpool_free(engine->mempool, engine->pua_cats);
- for(i=0; i<3; i++) {
- if(engine->icons[i]) {
- mpool_free(engine->mempool, engine->icons[i]->name);
- mpool_free(engine->mempool, engine->icons[i]);
+ if(engine->iconcheck) {
+ struct icon_matcher *iconcheck = engine->iconcheck;
+ for(i=0; i<3; i++) {
+ if(iconcheck->icons[i]) {
+ mpool_free(engine->mempool, iconcheck->icons[i]->name);
+ mpool_free(engine->mempool, iconcheck->icons[i]);
+ }
}
- }
+ if(iconcheck->group_names[0]) {
+ for(i=0; i<iconcheck->group_counts[0]; i++)
+ mpool_free(engine->mempool, iconcheck->group_names[0][i]);
+ mpool_free(engine->mempool, iconcheck->group_names[0]);
+ }
+ if(iconcheck->group_names[1]) {
+ for(i=0; i<iconcheck->group_counts[1]; i++)
+ mpool_free(engine->mempool, iconcheck->group_names[1][i]);
+ mpool_free(engine->mempool, iconcheck->group_names[1]);
+ }
+ mpool_free(engine->mempool, iconcheck);
+ }
if(engine->tmpdir)
mpool_free(engine->mempool, engine->tmpdir);
diff --git a/libclamav/scanners.c b/libclamav/scanners.c
index 6cf355d..e381e6a 100644
--- a/libclamav/scanners.c
+++ b/libclamav/scanners.c
@@ -2148,7 +2148,7 @@ int cli_magic_scandesc(int desc, cli_ctx *ctx)
*/
case CL_TYPE_MSEXE:
if(SCAN_PE && ctx->dconf->pe)
- ret = cli_scanpe(ctx);
+ ret = cli_scanpe(ctx, NULL, NULL);
break;
default:
--
Debian repository for ClamAV
More information about the Pkg-clamav-commits
mailing list