[Pkg-clamav-commits] [SCM] Debian repository for ClamAV branch, debian/unstable, updated. debian/0.95+dfsg-1-6156-g094ec9b

Török Edvin edwin at clamav.net
Sun Apr 4 01:15:53 UTC 2010 

The following commit has been merged in the debian/unstable branch:
commit e5d112d86bcf47156903b52536d6fbb717e162cb
Author: Török Edvin <edwin at clamav.net>
Date:   Wed Jan 20 17:16:27 2010 +0200

    disasm_x86 api.

diff --git a/libclamav/bytecode_api.c b/libclamav/bytecode_api.c
index 066cad9..429cd98 100644
--- a/libclamav/bytecode_api.c
+++ b/libclamav/bytecode_api.c
@@ -40,6 +40,7 @@
 #include "bytecode_api_impl.h"
 #include "others.h"
 #include "pe.h"
+#include "disasm.h"
 
 uint32_t cli_bcapi_test0(struct cli_bc_ctx *ctx, struct foo* s, uint32_t u)
 {
@@ -103,8 +104,18 @@ uint32_t cli_bcapi_setvirusname(struct cli_bc_ctx* ctx, const uint8_t *name, uin
 
 uint32_t cli_bcapi_disasm_x86(struct cli_bc_ctx *ctx, struct DISASM_RESULT *res, uint32_t len)
 {
-    //TODO: call disasm_x86_wrap, which outputs a MARIO struct
-    return -1;
+    int n;
+    const char *buf;
+    const char* next;
+    if (!res || !ctx->fmap || ctx->off >= ctx->fmap->len)
+	return -1;
+    /* FIXME: 4096 is an overestimate, how long is the longest instruction? */
+    n = MIN(4096, ctx->fmap->len - ctx->off);
+    buf = fmap_need_off_once(ctx->fmap, ctx->off, n);
+    next = cli_disasm_one(buf, n, res, 0);
+    if (!next)
+	return -1;
+    return ctx->off + next - buf;
 }
 
 /* TODO: field in ctx, id of last bytecode that called magicscandesc, reset
diff --git a/libclamav/disasm.c b/libclamav/disasm.c
index 0c58464..57ed698 100644
--- a/libclamav/disasm.c
+++ b/libclamav/disasm.c
@@ -1254,7 +1254,7 @@ static void spam_x86(struct DISASMED *s, char *hr) {
 #define GETSIZE(X) (x86ops[table][s->table_op].X!=SIZE_WD?x86ops[table][s->table_op].X:((s->opsize)?SIZE_WORD:SIZE_DWORD))
 
 
-static uint8_t *disasm_x86(uint8_t *command, unsigned int len, struct DISASMED *s) {
+static const uint8_t *disasm_x86(const uint8_t *command, unsigned int len, struct DISASMED *s) {
   unsigned int reversed=0, i;
   uint8_t b;
   unsigned int table = 0;
@@ -1679,52 +1679,63 @@ static uint8_t *disasm_x86(uint8_t *command, unsigned int len, struct DISASMED *
   }
 }
 
-int disasmbuf(uint8_t *buff, unsigned int len, int fd) {
-  uint8_t *next = buff;
-  unsigned int counter=0;
-  int gotsome=0;
+const uint8_t* cli_disasm_one(const uint8_t* buff, unsigned int len,
+			      struct DISASM_RESULT *w, int spam)
+{
   struct DISASMED s;
-  struct DISASM_RESULT w;
-  memset(&w.extra[0], 0, sizeof(w.extra));
+  int i;
 
-  while(len && counter++<200) {
-    int i;
-    if(!(next = disasm_x86(next, len, &s))) {
-      /* TODO: invd opcode or buff over */
-      return gotsome;
-    }
-    if(cli_debug_flag) {
+  memset(&w->extra[0], 0, sizeof(w->extra));
+  buff = disasm_x86(buff, len, &s);
+  if (!buff)
+      return NULL;
+  if (spam) {
       char hr[128];
       spam_x86(&s, hr);
       cli_dbgmsg("%s\n", hr);
-    }
-    
-    len -= next-buff;
-    buff=next;
-
-    w.real_op = le16_to_host(s.real_op);
-    w.opsize = s.opsize;
-    w.adsize = s.adsize;
-    w.segment = s.segment;
+  }
+  w->real_op = le16_to_host(s.real_op);
+  w->opsize = s.opsize;
+  w->adsize = s.adsize;
+  w->segment = s.segment;
 
-    for (i=0; i<3; i++) {
-      w.arg[i][0] = s.args[i].access;
-      w.arg[i][1] = s.args[i].size;
+  for (i=0; i<3; i++) {
+      w->arg[i][0] = s.args[i].access;
+      w->arg[i][1] = s.args[i].size;
       switch(s.args[i].access) {
       case ACCESS_MEM:
-	w.arg[i][2]=s.args[i].arg.marg.r1;
-	w.arg[i][3]=s.args[i].arg.marg.r2;
-	w.arg[i][4]=s.args[i].arg.marg.scale;
-	w.arg[i][5]=0;
-	cli_writeint32(&w.arg[i][6], s.args[i].arg.marg.disp);
+	w->arg[i][2]=s.args[i].arg.marg.r1;
+	w->arg[i][3]=s.args[i].arg.marg.r2;
+	w->arg[i][4]=s.args[i].arg.marg.scale;
+	w->arg[i][5]=0;
+	cli_writeint32(&w->arg[i][6], s.args[i].arg.marg.disp);
 	break;
       case ACCESS_REG:
-	w.arg[i][1] = s.args[i].reg;
+	w->arg[i][1] = s.args[i].reg;
       default:
-	cli_writeint32(&w.arg[i][2], s.args[i].arg.q);
-	cli_writeint32(&w.arg[i][6], s.args[i].arg.q>>32);
+	cli_writeint32(&w->arg[i][2], s.args[i].arg.q);
+	cli_writeint32(&w->arg[i][6], s.args[i].arg.q>>32);
       }
+  }
+  return buff;
+}
+
+int disasmbuf(const uint8_t *buff, unsigned int len, int fd) {
+  const uint8_t *next = buff;
+  unsigned int counter=0;
+  int gotsome=0;
+  struct DISASM_RESULT w;
+  memset(&w.extra[0], 0, sizeof(w.extra));
+
+  while(len && counter++<200) {
+    if(!(next = cli_disasm_one(next, len, &w, cli_debug_flag))) {
+      /* TODO: invd opcode or buff over */
+      return gotsome;
     }
+    
+    len -= next-buff;
+    buff=next;
+
     cli_writen(fd, &w, sizeof(w));
     gotsome = 1;
   }
diff --git a/libclamav/disasm.h b/libclamav/disasm.h
index 5a4bc15..8e2e4fe 100644
--- a/libclamav/disasm.h
+++ b/libclamav/disasm.h
@@ -27,6 +27,7 @@
 
 #include "others.h"
 
-int disasmbuf(uint8_t *, unsigned int, int);
+const uint8_t* cli_disasm_one(const uint8_t*, unsigned, struct DISASM_RESULT*, int);
+int disasmbuf(const uint8_t *, unsigned int, int);
 
 #endif

-- 
Debian repository for ClamAV

More information about the Pkg-clamav-commits mailing list