[Pkg-clamav-commits] [SCM] Debian repository for ClamAV branch, debian/unstable, updated. debian/0.95+dfsg-1-6156-g094ec9b

Török Edvin edwin at clamav.net
Sun Apr 4 01:15:46 UTC 2010 

The following commit has been merged in the debian/unstable branch:
commit 565e677f95b40ee0c36355e9a9df6f78cf4fee72
Author: Török Edvin <edwin at clamav.net>
Date:   Wed Jan 20 16:19:18 2010 +0200

    file_find, file_byteat bytecode APIs.

diff --git a/libclamav/bytecode_api.c b/libclamav/bytecode_api.c
index 64a398c..066cad9 100644
--- a/libclamav/bytecode_api.c
+++ b/libclamav/bytecode_api.c
@@ -30,6 +30,7 @@
 #include <stdlib.h>
 #include <fcntl.h>
 #include <errno.h>
+#include <string.h>
 #include "cltypes.h"
 #include "clambc.h"
 #include "bytecode.h"
@@ -252,3 +253,60 @@ uint32_t cli_bcapi_pe_rawaddr(struct cli_bc_ctx *ctx, uint32_t rva, uint32_t dum
     return PE_INVALID_RVA;
   return ret;
 }
+
+static inline const char* cli_memmem(const char *haystack, unsigned hlen,
+				     const unsigned char *needle, unsigned nlen)
+{
+    const char *p;
+    unsigned char c;
+    if (!needle || !haystack)
+	return NULL;
+    c = *needle++;
+    if (nlen == 1)
+	return memchr(haystack, c, hlen);
+
+    while (hlen >= nlen) {
+	p = haystack;
+	haystack = memchr(haystack, c, hlen - nlen + 1);
+	if (!haystack)
+	    return NULL;
+	p = haystack + 1;
+	if (!memcmp(p, needle, nlen-1))
+	    return haystack;
+	hlen -= p - haystack;
+	haystack = p;
+    }
+    return NULL;
+}
+
+int32_t cli_bcapi_file_find(struct cli_bc_ctx *ctx, const uint8_t* data, uint32_t len)
+{
+    char buf[4096];
+    fmap_t *map = ctx->fmap;
+    uint32_t off = ctx->off, newoff;
+    int n;
+
+    if (!map || len > sizeof(buf)/4 || len <= 0)
+	return -1;
+    for (;;) {
+	const char *p;
+	n = fmap_readn(map, buf, off, sizeof(buf));
+	if ((unsigned)n < len)
+	    return -1;
+	p = cli_memmem(buf, n, data, len);
+	if (p)
+	    return off + p - buf;
+	off += n-len;
+    }
+    return -1;
+}
+
+int32_t cli_bcapi_file_byteat(struct cli_bc_ctx *ctx, uint32_t off, uint32_t dummy)
+{
+    unsigned char c;
+    if (!ctx->fmap)
+	return -1;
+    if (fmap_readn(ctx->fmap, &c, off, 1) != 1)
+	return -1;
+    return c;
+}
diff --git a/libclamav/bytecode_api.h b/libclamav/bytecode_api.h
index d81f083..9142253 100644
--- a/libclamav/bytecode_api.h
+++ b/libclamav/bytecode_api.h
@@ -178,5 +178,17 @@ uint32_t trace_ptr(const uint8_t* ptr, uint32_t dummy);
   */
 uint32_t pe_rawaddr(uint32_t rva, uint32_t dummy);
 
+/** Looks for the specified sequence of bytes in the current file.
+  * @param[in] data the sequence of bytes to look for
+  * @param len length of \p data, cannot be more than 1024
+  * @return offset in the current file if match is found, -1 otherwise */
+int32_t file_find(const uint8_t* data, uint32_t len); 
+
+/** Read a single byte from current file
+  * @param offset file offset
+  * @return byte at offset \p off in the current file, or -1 if offset is
+  * invalid */
+int32_t file_byteat(uint32_t offset, uint32_t dummy);
+
 #endif
 #endif
diff --git a/libclamav/bytecode_api_decl.c b/libclamav/bytecode_api_decl.c
index 7fbdd51..d084a32 100644
--- a/libclamav/bytecode_api_decl.c
+++ b/libclamav/bytecode_api_decl.c
@@ -49,6 +49,8 @@ uint32_t cli_bcapi_trace_op(struct cli_bc_ctx *ctx, const const uint8_t*, uint32
 uint32_t cli_bcapi_trace_value(struct cli_bc_ctx *ctx, const const uint8_t*, uint32_t);
 uint32_t cli_bcapi_trace_ptr(struct cli_bc_ctx *ctx, const const uint8_t*, uint32_t);
 uint32_t cli_bcapi_pe_rawaddr(struct cli_bc_ctx *ctx, uint32_t, uint32_t);
+int32_t cli_bcapi_file_find(struct cli_bc_ctx *ctx, const const uint8_t*, uint32_t);
+int32_t cli_bcapi_file_byteat(struct cli_bc_ctx *ctx, uint32_t, uint32_t);
 
 const struct cli_apiglobal cli_globals[] = {
 /* Bytecode globals BEGIN */
@@ -141,14 +143,17 @@ const struct cli_apicall cli_apicalls[]={
 	{"trace_op", 17, 9, 1},
 	{"trace_value", 17, 10, 1},
 	{"trace_ptr", 17, 11, 1},
-	{"pe_rawaddr", 16, 3, 0}
+	{"pe_rawaddr", 16, 3, 0},
+	{"file_find", 17, 12, 1},
+	{"file_byteat", 16, 4, 0}
 /* Bytecode APIcalls END */
 };
 const cli_apicall_int2 cli_apicalls0[] = {
 	(cli_apicall_int2)cli_bcapi_test1,
 	(cli_apicall_int2)cli_bcapi_seek,
 	(cli_apicall_int2)cli_bcapi_debug_print_uint,
-	(cli_apicall_int2)cli_bcapi_pe_rawaddr
+	(cli_apicall_int2)cli_bcapi_pe_rawaddr,
+	(cli_apicall_int2)cli_bcapi_file_byteat
 };
 const cli_apicall_pointer cli_apicalls1[] = {
 	(cli_apicall_pointer)cli_bcapi_test0,
@@ -162,6 +167,7 @@ const cli_apicall_pointer cli_apicalls1[] = {
 	(cli_apicall_pointer)cli_bcapi_trace_source,
 	(cli_apicall_pointer)cli_bcapi_trace_op,
 	(cli_apicall_pointer)cli_bcapi_trace_value,
-	(cli_apicall_pointer)cli_bcapi_trace_ptr
+	(cli_apicall_pointer)cli_bcapi_trace_ptr,
+	(cli_apicall_pointer)cli_bcapi_file_find
 };
 const unsigned cli_apicall_maxapi = sizeof(cli_apicalls)/sizeof(cli_apicalls[0]);
diff --git a/libclamav/bytecode_api_impl.h b/libclamav/bytecode_api_impl.h
index 109d919..96baed5 100644
--- a/libclamav/bytecode_api_impl.h
+++ b/libclamav/bytecode_api_impl.h
@@ -46,5 +46,7 @@ uint32_t cli_bcapi_trace_op(struct cli_bc_ctx *ctx, const const uint8_t*, uint32
 uint32_t cli_bcapi_trace_value(struct cli_bc_ctx *ctx, const const uint8_t*, uint32_t);
 uint32_t cli_bcapi_trace_ptr(struct cli_bc_ctx *ctx, const const uint8_t*, uint32_t);
 uint32_t cli_bcapi_pe_rawaddr(struct cli_bc_ctx *ctx, uint32_t, uint32_t);
+int32_t cli_bcapi_file_find(struct cli_bc_ctx *ctx, const const uint8_t*, uint32_t);
+int32_t cli_bcapi_file_byteat(struct cli_bc_ctx *ctx, uint32_t, uint32_t);
 
 #endif

-- 
Debian repository for ClamAV

More information about the Pkg-clamav-commits mailing list