[Pkg-clamav-commits] [SCM] Debian repository for ClamAV branch, debian/unstable, updated. debian/0.95+dfsg-1-6156-g094ec9b
Tomasz Kojm
tkojm at clamav.net
Sun Apr 4 01:14:31 UTC 2010
The following commit has been merged in the debian/unstable branch:
commit 4168b01087629529434babecfb86b1a76df1e6aa
Author: Tomasz Kojm <tkojm at clamav.net>
Date: Tue Jan 12 14:41:44 2010 +0100
libclamav: allow lsigs be anchored to specific containers (bb#1293), eg. Container:CL_TYPE_ZIP
diff --git a/ChangeLog b/ChangeLog
index d6c2478..8e3534e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+Tue Jan 12 14:39:55 CET 2010 (tk)
+---------------------------------
+ * libclamav: allow lsigs be anchored to specific containers (bb#1293),
+ eg. Container:CL_TYPE_ZIP
+
Tue Jan 12 12:14:08 CET 2010 (tk)
---------------------------------
* libclamav/readdb.c: when some lsig's attribute is unknown ignore the
diff --git a/libclamav/matcher.c b/libclamav/matcher.c
index e7eaaa6..002062d 100644
--- a/libclamav/matcher.c
+++ b/libclamav/matcher.c
@@ -473,6 +473,8 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli
evalcnt = 0; \
evalids = 0; \
if(cli_ac_chklsig(xroot->ac_lsigtable[i]->logic, xroot->ac_lsigtable[i]->logic + strlen(xroot->ac_lsigtable[i]->logic), xdata.lsigcnt[i], &evalcnt, &evalids, 0) == 1) { \
+ if(xroot->ac_lsigtable[i]->tdb.container && xroot->ac_lsigtable[i]->tdb.container[0] != ctx->container_type) \
+ continue; \
if(xroot->ac_lsigtable[i]->tdb.filesize && (xroot->ac_lsigtable[i]->tdb.filesize[0] > map->len || xroot->ac_lsigtable[i]->tdb.filesize[1] < map->len)) \
continue; \
\
diff --git a/libclamav/matcher.h b/libclamav/matcher.h
index 61c54e5..8d7f37a 100644
--- a/libclamav/matcher.h
+++ b/libclamav/matcher.h
@@ -48,12 +48,14 @@ struct cli_lsig_tdb {
#define CLI_TDB_RANGE 1
#define CLI_TDB_STR 2
#define CLI_TDB_RANGE2 3
+#define CLI_TDB_FTYPE 4
uint32_t *val, *range;
char *str;
uint32_t cnt[3];
const uint32_t *target;
const uint32_t *engine, *nos, *ep, *filesize;
+ const uint32_t *container;
/*
const uint32_t *sectoff, *sectrva, *sectvsz, *sectraw, *sectrsz,
*secturva, *sectuvsz, *secturaw, *sectursz;
diff --git a/libclamav/readdb.c b/libclamav/readdb.c
index 5f93e65..0ade69c 100644
--- a/libclamav/readdb.c
+++ b/libclamav/readdb.c
@@ -923,7 +923,7 @@ struct lsig_attrib {
static int lsigattribs(char *attribs, struct cli_lsig_tdb *tdb)
{
struct lsig_attrib attrtab[] = {
-#define ATTRIB_TOKENS 7
+#define ATTRIB_TOKENS 8
{ "Target", CLI_TDB_UINT, (void **) &tdb->target },
{ "Engine", CLI_TDB_RANGE, (void **) &tdb->engine },
@@ -934,6 +934,7 @@ static int lsigattribs(char *attribs, struct cli_lsig_tdb *tdb)
{ "IconGroup1", CLI_TDB_STR, (void **) &tdb->icongrp1 },
{ "IconGroup2", CLI_TDB_STR, (void **) &tdb->icongrp2 },
+ { "Container", CLI_TDB_FTYPE, (void **) &tdb->container },
/*
{ "SectOff", CLI_TDB_RANGE2, (void **) &tdb->sectoff },
{ "SectRVA", CLI_TDB_RANGE2, (void **) &tdb->sectrva },
@@ -990,6 +991,20 @@ static int lsigattribs(char *attribs, struct cli_lsig_tdb *tdb)
tdb->val[cnt] = atoi(pt);
break;
+ case CLI_TDB_FTYPE:
+ if((v1 = cli_ftcode(pt)) == CL_TYPE_ERROR) {
+ cli_dbgmsg("lsigattribs: Unknown file type in %s\n", tokens[i]);
+ return 1; /* skip */
+ }
+ off[i] = cnt = tdb->cnt[CLI_TDB_UINT]++;
+ tdb->val = (uint32_t *) mpool_realloc2(tdb->mempool, tdb->val, tdb->cnt[CLI_TDB_UINT] * sizeof(uint32_t));
+ if(!tdb->val) {
+ tdb->cnt[CLI_TDB_UINT] = 0;
+ return -1;
+ }
+ tdb->val[cnt] = v1;
+ break;
+
case CLI_TDB_RANGE:
if(!(pt2 = strchr(pt, '-'))) {
cli_errmsg("lsigattribs: Incorrect parameters in '%s'\n", tokens[i]);
@@ -1062,6 +1077,7 @@ static int lsigattribs(char *attribs, struct cli_lsig_tdb *tdb)
continue;
switch(apt->type) {
case CLI_TDB_UINT:
+ case CLI_TDB_FTYPE:
*apt->pt = (uint32_t *) &tdb->val[off[i]];
break;
--
Debian repository for ClamAV
More information about the Pkg-clamav-commits
mailing list