[Pkg-clamav-commits] [SCM] Debian repository for ClamAV branch, debian/unstable, updated. debian/0.95+dfsg-1-6156-g094ec9b
Tomasz Kojm
tkojm at clamav.net
Sun Apr 4 01:17:46 UTC 2010
The following commit has been merged in the debian/unstable branch:
commit baf2e702e25d98ac5fd293eaa5a58a553fd63ffe
Author: Tomasz Kojm <tkojm at clamav.net>
Date: Thu Jan 28 12:54:28 2010 +0100
libclamav: provide information about lsig matches to bytecode (bb#1799)
diff --git a/ChangeLog b/ChangeLog
index 7bb50a3..d03bd5e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+Thu Jan 28 12:53:45 CET 2010 (tk)
+---------------------------------
+ * libclamav: provide information about lsig matches to bytecode (bb#1799)
+
Wed Jan 27 18:33:09 CET 2010 (tk)
---------------------------------
* libclamav: provide offset in cli_ac_result (bb#1799)
diff --git a/libclamav/bytecode.c b/libclamav/bytecode.c
index adf2358..6b9b9b5 100644
--- a/libclamav/bytecode.c
+++ b/libclamav/bytecode.c
@@ -1624,7 +1624,7 @@ int cli_bytecode_context_setfile(struct cli_bc_ctx *ctx, fmap_t *map)
return 0;
}
-int cli_bytecode_runlsig(cli_ctx *cctx, const struct cli_all_bc *bcs, const struct cli_bc *bc, const char **virname, const uint32_t* lsigcnt, fmap_t *map)
+int cli_bytecode_runlsig(cli_ctx *cctx, const struct cli_all_bc *bcs, const struct cli_bc *bc, const char **virname, const uint32_t* lsigcnt, const uint32_t *lsigsuboff, fmap_t *map)
{
int ret;
struct cli_bc_ctx ctx;
diff --git a/libclamav/bytecode.h b/libclamav/bytecode.h
index b268644..7366756 100644
--- a/libclamav/bytecode.h
+++ b/libclamav/bytecode.h
@@ -108,7 +108,7 @@ void cli_bytecode_describe(const struct cli_bc *bc);
/* Hooks */
struct cli_exe_info;
struct cli_ctx_tag;
-int cli_bytecode_runlsig(struct cli_ctx_tag *ctx, const struct cli_all_bc *bcs, const struct cli_bc* bc, const char **virname, const uint32_t* lsigcnt, fmap_t *fmap);
+int cli_bytecode_runlsig(struct cli_ctx_tag *ctx, const struct cli_all_bc *bcs, const struct cli_bc *bc, const char **virname, const uint32_t* lsigcnt, const uint32_t *lsigsuboff, fmap_t *map);
int cli_bytecode_runhook(struct cli_ctx_tag *cctx, const struct cl_engine *engine, struct cli_bc_ctx *ctx, unsigned id, fmap_t *map, const char **virname);
#ifdef __cplusplus
diff --git a/libclamav/matcher-ac.c b/libclamav/matcher-ac.c
index 45b3b78..50e92ab 100644
--- a/libclamav/matcher-ac.c
+++ b/libclamav/matcher-ac.c
@@ -864,7 +864,7 @@ inline static int ac_findmatch(const unsigned char *buffer, uint32_t offset, uin
int cli_ac_initdata(struct cli_ac_data *data, uint32_t partsigs, uint32_t lsigs, uint32_t reloffsigs, uint8_t tracklen)
{
- unsigned int i;
+ unsigned int i, j;
if(!data) {
@@ -919,6 +919,38 @@ int cli_ac_initdata(struct cli_ac_data *data, uint32_t partsigs, uint32_t lsigs,
}
for(i = 1; i < lsigs; i++)
data->lsigcnt[i] = data->lsigcnt[0] + 64 * i;
+
+ /* subsig offsets */
+ data->lsigsuboff = (uint32_t **) cli_malloc(lsigs * sizeof(uint32_t *));
+ if(!data->lsigsuboff) {
+ free(data->lsigcnt[0]);
+ free(data->lsigcnt);
+ if(partsigs)
+ free(data->offmatrix);
+ if(reloffsigs)
+ free(data->offset);
+ cli_errmsg("cli_ac_init: Can't allocate memory for data->lsigsuboff\n");
+ return CL_EMEM;
+ }
+ data->lsigsuboff[0] = (uint32_t *) cli_calloc(lsigs * 64, sizeof(uint32_t));
+ if(!data->lsigsuboff[0]) {
+ free(data->lsigsuboff);
+ free(data->lsigcnt[0]);
+ free(data->lsigcnt);
+ if(partsigs)
+ free(data->offmatrix);
+ if(reloffsigs)
+ free(data->offset);
+ cli_errmsg("cli_ac_init: Can't allocate memory for data->lsigsuboff[0]\n");
+ return CL_EMEM;
+ }
+ for(j = 0; j < 64; j++)
+ data->lsigsuboff[0][j] = CLI_OFF_NONE;
+ for(i = 1; i < lsigs; i++) {
+ data->lsigsuboff[i] = data->lsigsuboff[0] + 64 * i;
+ for(j = 0; j < 64; j++)
+ data->lsigsuboff[i][j] = CLI_OFF_NONE;
+ }
}
return CL_SUCCESS;
@@ -977,6 +1009,8 @@ void cli_ac_freedata(struct cli_ac_data *data)
if(data && data->lsigs) {
free(data->lsigcnt[0]);
free(data->lsigcnt);
+ free(data->lsigsuboff[0]);
+ free(data->lsigsuboff);
data->lsigs = 0;
}
@@ -1177,6 +1211,8 @@ int cli_ac_scanbuff(const unsigned char *buffer, uint32_t length, const char **v
} else { /* !pt->type */
if(pt->lsigid[0]) {
mdata->lsigcnt[pt->lsigid[1]][pt->lsigid[2]]++;
+ if(mdata->lsigsuboff[pt->lsigid[1]][pt->lsigid[2]] == CLI_OFF_NONE)
+ mdata->lsigsuboff[pt->lsigid[1]][pt->lsigid[2]] = realoff;
pt = pt->next_same;
continue;
}
@@ -1220,6 +1256,8 @@ int cli_ac_scanbuff(const unsigned char *buffer, uint32_t length, const char **v
} else {
if(pt->lsigid[0]) {
mdata->lsigcnt[pt->lsigid[1]][pt->lsigid[2]]++;
+ if(mdata->lsigsuboff[pt->lsigid[1]][pt->lsigid[2]] == CLI_OFF_NONE)
+ mdata->lsigsuboff[pt->lsigid[1]][pt->lsigid[2]] = realoff;
pt = pt->next_same;
continue;
}
diff --git a/libclamav/matcher-ac.h b/libclamav/matcher-ac.h
index b6fb896..6fb2761 100644
--- a/libclamav/matcher-ac.h
+++ b/libclamav/matcher-ac.h
@@ -37,6 +37,7 @@ struct cli_ac_data {
int32_t ***offmatrix;
uint32_t partsigs, lsigs, reloffsigs;
uint32_t **lsigcnt;
+ uint32_t **lsigsuboff;
uint32_t *offset;
/** Hashset for versioninfo matching */
struct cli_hashset vinfo;
diff --git a/libclamav/matcher.c b/libclamav/matcher.c
index ffd17d3..ac3d364 100644
--- a/libclamav/matcher.c
+++ b/libclamav/matcher.c
@@ -512,7 +512,7 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli
ret = CL_VIRUS; \
break; \
} \
- if(cli_bytecode_runlsig(ctx, &ctx->engine->bcs, xroot->ac_lsigtable[i]->bc, ctx->virname, xdata.lsigcnt[i], map) == CL_VIRUS) { \
+ if(cli_bytecode_runlsig(ctx, &ctx->engine->bcs, xroot->ac_lsigtable[i]->bc, ctx->virname, xdata.lsigcnt[i], xdata.lsigsuboff[i], map) == CL_VIRUS) { \
ret = CL_VIRUS; \
break; \
} \
--
Debian repository for ClamAV
More information about the Pkg-clamav-commits
mailing list