[Pkg-clamav-commits] [SCM] Debian repository for ClamAV branch, debian/unstable, updated. debian/0.95+dfsg-1-6156-g094ec9b
Török Edvin
edwin at clamav.net
Sun Apr 4 01:15:46 UTC 2010
The following commit has been merged in the debian/unstable branch:
commit 565e677f95b40ee0c36355e9a9df6f78cf4fee72
Author: Török Edvin <edwin at clamav.net>
Date: Wed Jan 20 16:19:18 2010 +0200
file_find, file_byteat bytecode APIs.
diff --git a/libclamav/bytecode_api.c b/libclamav/bytecode_api.c
index 64a398c..066cad9 100644
--- a/libclamav/bytecode_api.c
+++ b/libclamav/bytecode_api.c
@@ -30,6 +30,7 @@
#include <stdlib.h>
#include <fcntl.h>
#include <errno.h>
+#include <string.h>
#include "cltypes.h"
#include "clambc.h"
#include "bytecode.h"
@@ -252,3 +253,60 @@ uint32_t cli_bcapi_pe_rawaddr(struct cli_bc_ctx *ctx, uint32_t rva, uint32_t dum
return PE_INVALID_RVA;
return ret;
}
+
+static inline const char* cli_memmem(const char *haystack, unsigned hlen,
+ const unsigned char *needle, unsigned nlen)
+{
+ const char *p;
+ unsigned char c;
+ if (!needle || !haystack)
+ return NULL;
+ c = *needle++;
+ if (nlen == 1)
+ return memchr(haystack, c, hlen);
+
+ while (hlen >= nlen) {
+ p = haystack;
+ haystack = memchr(haystack, c, hlen - nlen + 1);
+ if (!haystack)
+ return NULL;
+ p = haystack + 1;
+ if (!memcmp(p, needle, nlen-1))
+ return haystack;
+ hlen -= p - haystack;
+ haystack = p;
+ }
+ return NULL;
+}
+
+int32_t cli_bcapi_file_find(struct cli_bc_ctx *ctx, const uint8_t* data, uint32_t len)
+{
+ char buf[4096];
+ fmap_t *map = ctx->fmap;
+ uint32_t off = ctx->off, newoff;
+ int n;
+
+ if (!map || len > sizeof(buf)/4 || len <= 0)
+ return -1;
+ for (;;) {
+ const char *p;
+ n = fmap_readn(map, buf, off, sizeof(buf));
+ if ((unsigned)n < len)
+ return -1;
+ p = cli_memmem(buf, n, data, len);
+ if (p)
+ return off + p - buf;
+ off += n-len;
+ }
+ return -1;
+}
+
+int32_t cli_bcapi_file_byteat(struct cli_bc_ctx *ctx, uint32_t off, uint32_t dummy)
+{
+ unsigned char c;
+ if (!ctx->fmap)
+ return -1;
+ if (fmap_readn(ctx->fmap, &c, off, 1) != 1)
+ return -1;
+ return c;
+}
diff --git a/libclamav/bytecode_api.h b/libclamav/bytecode_api.h
index d81f083..9142253 100644
--- a/libclamav/bytecode_api.h
+++ b/libclamav/bytecode_api.h
@@ -178,5 +178,17 @@ uint32_t trace_ptr(const uint8_t* ptr, uint32_t dummy);
*/
uint32_t pe_rawaddr(uint32_t rva, uint32_t dummy);
+/** Looks for the specified sequence of bytes in the current file.
+ * @param[in] data the sequence of bytes to look for
+ * @param len length of \p data, cannot be more than 1024
+ * @return offset in the current file if match is found, -1 otherwise */
+int32_t file_find(const uint8_t* data, uint32_t len);
+
+/** Read a single byte from current file
+ * @param offset file offset
+ * @return byte at offset \p off in the current file, or -1 if offset is
+ * invalid */
+int32_t file_byteat(uint32_t offset, uint32_t dummy);
+
#endif
#endif
diff --git a/libclamav/bytecode_api_decl.c b/libclamav/bytecode_api_decl.c
index 7fbdd51..d084a32 100644
--- a/libclamav/bytecode_api_decl.c
+++ b/libclamav/bytecode_api_decl.c
@@ -49,6 +49,8 @@ uint32_t cli_bcapi_trace_op(struct cli_bc_ctx *ctx, const const uint8_t*, uint32
uint32_t cli_bcapi_trace_value(struct cli_bc_ctx *ctx, const const uint8_t*, uint32_t);
uint32_t cli_bcapi_trace_ptr(struct cli_bc_ctx *ctx, const const uint8_t*, uint32_t);
uint32_t cli_bcapi_pe_rawaddr(struct cli_bc_ctx *ctx, uint32_t, uint32_t);
+int32_t cli_bcapi_file_find(struct cli_bc_ctx *ctx, const const uint8_t*, uint32_t);
+int32_t cli_bcapi_file_byteat(struct cli_bc_ctx *ctx, uint32_t, uint32_t);
const struct cli_apiglobal cli_globals[] = {
/* Bytecode globals BEGIN */
@@ -141,14 +143,17 @@ const struct cli_apicall cli_apicalls[]={
{"trace_op", 17, 9, 1},
{"trace_value", 17, 10, 1},
{"trace_ptr", 17, 11, 1},
- {"pe_rawaddr", 16, 3, 0}
+ {"pe_rawaddr", 16, 3, 0},
+ {"file_find", 17, 12, 1},
+ {"file_byteat", 16, 4, 0}
/* Bytecode APIcalls END */
};
const cli_apicall_int2 cli_apicalls0[] = {
(cli_apicall_int2)cli_bcapi_test1,
(cli_apicall_int2)cli_bcapi_seek,
(cli_apicall_int2)cli_bcapi_debug_print_uint,
- (cli_apicall_int2)cli_bcapi_pe_rawaddr
+ (cli_apicall_int2)cli_bcapi_pe_rawaddr,
+ (cli_apicall_int2)cli_bcapi_file_byteat
};
const cli_apicall_pointer cli_apicalls1[] = {
(cli_apicall_pointer)cli_bcapi_test0,
@@ -162,6 +167,7 @@ const cli_apicall_pointer cli_apicalls1[] = {
(cli_apicall_pointer)cli_bcapi_trace_source,
(cli_apicall_pointer)cli_bcapi_trace_op,
(cli_apicall_pointer)cli_bcapi_trace_value,
- (cli_apicall_pointer)cli_bcapi_trace_ptr
+ (cli_apicall_pointer)cli_bcapi_trace_ptr,
+ (cli_apicall_pointer)cli_bcapi_file_find
};
const unsigned cli_apicall_maxapi = sizeof(cli_apicalls)/sizeof(cli_apicalls[0]);
diff --git a/libclamav/bytecode_api_impl.h b/libclamav/bytecode_api_impl.h
index 109d919..96baed5 100644
--- a/libclamav/bytecode_api_impl.h
+++ b/libclamav/bytecode_api_impl.h
@@ -46,5 +46,7 @@ uint32_t cli_bcapi_trace_op(struct cli_bc_ctx *ctx, const const uint8_t*, uint32
uint32_t cli_bcapi_trace_value(struct cli_bc_ctx *ctx, const const uint8_t*, uint32_t);
uint32_t cli_bcapi_trace_ptr(struct cli_bc_ctx *ctx, const const uint8_t*, uint32_t);
uint32_t cli_bcapi_pe_rawaddr(struct cli_bc_ctx *ctx, uint32_t, uint32_t);
+int32_t cli_bcapi_file_find(struct cli_bc_ctx *ctx, const const uint8_t*, uint32_t);
+int32_t cli_bcapi_file_byteat(struct cli_bc_ctx *ctx, uint32_t, uint32_t);
#endif
--
Debian repository for ClamAV
More information about the Pkg-clamav-commits
mailing list