[Pkg-clamav-commits] [SCM] Debian repository for ClamAV branch, debian/unstable, updated. debian/0.95+dfsg-1-6156-g094ec9b

Sun Apr 4 01:22:26 UTC 2010

The following commit has been merged in the debian/unstable branch:
commit dcd3e8019b4b30277773e4d392fe9ee04f7e5d31
Author: Török Edvin <edwin at clamav.net>
Date:   Wed Mar 10 12:20:06 2010 +0200

    nullcheck.

diff --git a/clambc/bcrun.c b/clambc/bcrun.c
index 837e79c..6bb734d 100644
--- a/clambc/bcrun.c
+++ b/clambc/bcrun.c
@@ -251,6 +251,7 @@ int main(int argc, char *argv[])
     } else if (optget(opts, "printsrc")->enabled) {
         print_src(opts->filename[0]);
     } else {
+	bc->trusted = 1;
 	rc = cli_bytecode_prepare(&bcs, BYTECODE_ENGINE_MASK);
 	if (rc != CL_SUCCESS) {
 	    fprintf(stderr,"Unable to prepare bytecode: %s\n", cl_strerror(rc));
diff --git a/libclamav/c++/ClamBCRTChecks.cpp b/libclamav/c++/ClamBCRTChecks.cpp
index ef401c5..fe6d4ff 100644
--- a/libclamav/c++/ClamBCRTChecks.cpp
+++ b/libclamav/c++/ClamBCRTChecks.cpp
@@ -318,6 +318,29 @@ namespace {
       LHS = SE->getNoopOrZeroExtend(LHS, LTy);
       RHS = SE->getNoopOrZeroExtend(RHS, LTy);
     }
+    bool checkCondition(CallInst *CI, Instruction *I)
+    {
+      for (Value::use_iterator U=CI->use_begin(),UE=CI->use_end();
+           U != UE; ++U) {
+        if (ICmpInst *ICI = dyn_cast<ICmpInst>(U)) {
+          if (ICI->getOperand(0)->stripPointerCasts() == CI &&
+              isa<ConstantPointerNull>(ICI->getOperand(1))) {
+            for (Value::use_iterator JU=ICI->use_begin(),JUE=ICI->use_end();
+                 JU != JUE; ++JU) {
+              if (BranchInst *BI = dyn_cast<BranchInst>(JU)) {
+                if (!BI->isConditional())
+                  continue;
+                BasicBlock *S = BI->getSuccessor(ICI->getPredicate() ==
+                                                 ICmpInst::ICMP_EQ);
+                if (DT->dominates(S, I->getParent()))
+                  return true;
+              }
+            }
+          }
+        }
+      }
+      return false;
+    }
     bool validateAccess(Value *Pointer, Value *Length, Instruction *I)
     {
         // get base
@@ -333,6 +356,21 @@ namespace {
           return false;
         }
 
+        if (CallInst *CI = dyn_cast<CallInst>(Base->stripPointerCasts())) {
+          if (I->getParent() == CI->getParent()) {
+            errs() << "No null pointer check after function call " << *Base
+              << "\n";
+            errs() << " before use in same block at " << *I << "\n";
+            return false;
+          }
+          if (!checkCondition(CI, I)) {
+            errs() << "No null pointer check after function call " << *Base
+              << "\n";
+            errs() << " before use at " << *I << "\n";
+            return false;
+          }
+        }
+
         const Type *I64Ty =
           Type::getInt64Ty(Base->getContext());
         const SCEV *SLen = SE->getSCEV(Length);
@@ -370,7 +408,7 @@ namespace {
         if (Max == Limit)
           return true;
         DEBUG(dbgs() << "Max != Limit: " << *Max << ", " << *Limit << "\n");
-        //TODO: insert check
+
         return insertCheck(OffsetP, Limit, I);
     }
 

-- 
Debian repository for ClamAV

