[Pkg-clamav-commits] [SCM] Debian repository for ClamAV branch, debian/unstable, updated. debian/0.95+dfsg-1-6156-g094ec9b

aCaB acab at clamav.net
Sun Apr 4 01:20:05 UTC 2010 

The following commit has been merged in the debian/unstable branch:
commit 32b1e04e64f7d2c80f9bab9e2889ec88d074242a
Author: aCaB <acab at clamav.net>
Date:   Sun Feb 14 12:29:37 2010 +0100

    simplify checkfp

diff --git a/ChangeLog b/ChangeLog
index 5947b3c..9dd1fca 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+Sun Feb 14 12:28:52 CET 2010 (acab)
+-----------------------------------
+ * libclamav: refactor checkfp logic
+
 Sat Feb 13 02:55:55 CET 2010 (acab)
 -----------------------------------
  * libclamav: refactor binhex processor with one pass decoder (bb#1236)
diff --git a/libclamav/matcher.c b/libclamav/matcher.c
index bc306d2..bc118ce 100644
--- a/libclamav/matcher.c
+++ b/libclamav/matcher.c
@@ -353,54 +353,23 @@ int cli_caloff(const char *offstr, struct cli_target_info *info, fmap_t *map, un
     return CL_SUCCESS;
 }
 
-int cli_checkfp(int fd, cli_ctx *ctx)
+int cli_checkfp(unsigned char *digest, size_t size, cli_ctx *ctx)
 {
-	unsigned char *digest;
 	char md5[33];
 	unsigned int i;
 	const char *virname;
-	off_t pos;
-	struct stat sb;
 	const struct cli_bm_patt *patt = NULL;
 
 
-    if((pos = lseek(fd, 0, SEEK_CUR)) == -1) {
-	cli_errmsg("cli_checkfp(): lseek() failed\n");
-	return 0;
-    }
-
-    lseek(fd, 0, SEEK_SET);
-
-    if(ctx->engine->md5_fp) {
-	if(fstat(fd, &sb) == -1) {
-	    cli_errmsg("cli_checkfp(): fstat(%d) failed\n", fd);
-	    lseek(fd, pos, SEEK_SET);
-	    return 0;
-	}
-
-	if(!(digest = cli_md5digest(fd))) {
-	    cli_errmsg("cli_checkfp(): Can't generate MD5 checksum\n");
-	    lseek(fd, pos, SEEK_SET);
-	    return 0;
-	}
-
-	if(cli_bm_scanbuff(digest, 16, &virname, &patt, ctx->engine->md5_fp, 0, NULL, NULL) == CL_VIRUS && patt->filesize == sb.st_size) {
-	    cli_dbgmsg("cli_checkfp(): Found false positive detection (fp sig: %s)\n", virname);
-	    free(digest);
-	    lseek(fd, pos, SEEK_SET);
-	    return 1;
-	}
-
-	for(i = 0; i < 16; i++)
-	    sprintf(md5 + i * 2, "%02x", digest[i]);
-	md5[32] = 0;
-	cli_dbgmsg("FP SIGNATURE: %s:%u:%s\n", md5, (unsigned int) sb.st_size, *ctx->virname ? *ctx->virname : "Name");
-
-	free(digest);
+    if(ctx->engine->md5_fp && cli_bm_scanbuff(digest, 16, &virname, &patt, ctx->engine->md5_fp, 0, NULL, NULL) == CL_VIRUS && patt->filesize == size) {
+	cli_dbgmsg("cli_checkfp(): Found false positive detection (fp sig: %s)\n", virname);
+	return CL_CLEAN;
     }
-
-    lseek(fd, pos, SEEK_SET);
-    return 0;
+    for(i = 0; i < 16; i++)
+	sprintf(md5 + i * 2, "%02x", digest[i]);
+    md5[32] = 0;
+    cli_dbgmsg("FP SIGNATURE: %s:%u:%s\n", md5, (unsigned int) size, *ctx->virname ? *ctx->virname : "Name");
+    return CL_VIRUS;
 }
 
 static int matchicon(cli_ctx *ctx, const char *grp1, const char *grp2)
diff --git a/libclamav/matcher.h b/libclamav/matcher.h
index 1ed6ac4..d7ae8a3 100644
--- a/libclamav/matcher.h
+++ b/libclamav/matcher.h
@@ -167,7 +167,7 @@ int cli_scandesc(int desc, cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struc
 int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli_matched_type **ftoffset, unsigned int acmode, unsigned char *digest);
 int cli_caloff(const char *offstr, struct cli_target_info *info, fmap_t *map, unsigned int target, uint32_t *offdata, uint32_t *offset_min, uint32_t *offset_max);
 
-int cli_checkfp(int fd, cli_ctx *ctx);
+int cli_checkfp(unsigned char *digest, size_t size, cli_ctx *ctx);
 
 int cli_matchmeta(cli_ctx *ctx, const char *fname, size_t fsizec, size_t fsizer, int encrypted, int filepos, int res1, void *res2);
 
diff --git a/libclamav/scanners.c b/libclamav/scanners.c
index 9268a2a..1fd822b 100644
--- a/libclamav/scanners.c
+++ b/libclamav/scanners.c
@@ -1929,7 +1929,7 @@ int cli_magic_scandesc(int desc, cli_ctx *ctx)
 
     if(type != CL_TYPE_IGNORED && ctx->engine->sdb) {
 	if((ret = cli_scanraw(ctx, type, 0, &dettype)) == CL_VIRUS) {
-	    ret = cli_checkfp(desc, ctx) ? CL_CLEAN : CL_VIRUS;
+	    ret = cli_checkfp(hash, hashed_size, ctx);
 	    funmap(*ctx->fmap);
 	    ctx->fmap--;
 	    cli_bitset_free(ctx->hook_lsig_matches);
@@ -2178,7 +2178,7 @@ int cli_magic_scandesc(int desc, cli_ctx *ctx)
     ctx->container_size = current_container_size;
 
     if(ret == CL_VIRUS) {
-	ret = cli_checkfp(desc, ctx) ? CL_CLEAN : CL_VIRUS;
+	ret = cli_checkfp(hash, hashed_size, ctx);
 	funmap(*ctx->fmap);
 	ctx->fmap--;
 	cli_bitset_free(ctx->hook_lsig_matches);
@@ -2196,7 +2196,7 @@ int cli_magic_scandesc(int desc, cli_ctx *ctx)
     /* CL_TYPE_HTML: raw HTML files are not scanned, unless safety measure activated via DCONF */
     if(type != CL_TYPE_IGNORED && (type != CL_TYPE_HTML || !(DCONF_DOC & DOC_CONF_HTML_SKIPRAW)) && !ctx->engine->sdb) {
 	if(cli_scanraw(ctx, type, typercg, &dettype) == CL_VIRUS) {
-	    ret =  cli_checkfp(desc, ctx) ? CL_CLEAN : CL_VIRUS;
+	    ret =  cli_checkfp(hash, hashed_size, ctx);
 	    funmap(*ctx->fmap);
 	    ctx->fmap--;
 	    cli_bitset_free(ctx->hook_lsig_matches);
@@ -2238,7 +2238,7 @@ int cli_magic_scandesc(int desc, cli_ctx *ctx)
     ctx->hook_lsig_matches = old_hook_lsig_matches;
 
     if(ret == CL_VIRUS)
-	ret = cli_checkfp(desc, ctx) ? CL_CLEAN : CL_VIRUS;
+	ret = cli_checkfp(hash, hashed_size, ctx);
 
     switch(ret) {
 	case CL_EFORMAT:

-- 
Debian repository for ClamAV

More information about the Pkg-clamav-commits mailing list