8139fd99 |
/* |
1ccd6e94 |
* Copyright (C) 2003 - 2006 Tomasz Kojm <tkojm@clamav.net> |
8139fd99 |
*
* untgz() is based on public domain minitar utility by Charles G. Waldman
*
* This program is free software; you can redistribute it and/or modify |
bb34cb31 |
* it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation. |
8139fd99 |
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software |
48b7b4a7 |
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
* MA 02110-1301, USA. |
8139fd99 |
*/
|
6d6e8271 |
#if HAVE_CONFIG_H
#include "clamav-config.h"
#endif
|
8139fd99 |
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h> |
b58fdfc2 |
#ifdef HAVE_UNISTD_H |
5ff81952 |
#include <unistd.h> |
b58fdfc2 |
#endif
#include "zlib.h" |
c48c9d2b |
#include <time.h> |
b58fdfc2 |
#include <errno.h> |
8139fd99 |
#include "clamav.h" |
6a2532ca |
#include "others.h"
#include "dsig.h" |
e4ae7726 |
#include "str.h" |
079229d6 |
#include "cvd.h" |
8139fd99 |
#define TAR_BLOCKSIZE 512
int cli_untgz(int fd, const char *destdir)
{
char *fullname, osize[13], name[101], type;
char block[TAR_BLOCKSIZE];
int nbytes, nread, nwritten, in_block = 0;
unsigned int size;
FILE *outfile = NULL;
gzFile *infile;
cli_dbgmsg("in cli_untgz()\n");
if((infile = gzdopen(fd, "rb")) == NULL) { |
b58fdfc2 |
cli_errmsg("Can't gzdopen() descriptor %d, errno = %d\n", fd, errno); |
8139fd99 |
return -1;
}
|
e12c29d2 |
fullname = (char *) cli_calloc(sizeof(char), strlen(destdir) + 100 + 5);
if(!fullname) {
cli_errmsg("cli_untgz: Can't allocate memory for fullname\n");
return -1;
} |
8139fd99 |
while(1) {
nread = gzread(infile, block, TAR_BLOCKSIZE);
if(!in_block && nread == 0)
break;
if(nread != TAR_BLOCKSIZE) {
cli_errmsg("Incomplete block read.\n");
free(fullname); |
9e431a95 |
gzclose(infile); |
8139fd99 |
return -1;
}
if(!in_block) {
if (block[0] == '\0') /* We're done */
break;
|
658f19f8 |
strncpy(name, block, 100);
name[100] = '\0'; |
4fac726f |
if(strchr(name, '/')) {
cli_errmsg("Slash separators are not allowed in CVD.\n");
free(fullname);
gzclose(infile);
return -1;
}
|
8139fd99 |
strcpy(fullname, destdir);
strcat(fullname, "/");
strcat(fullname, name);
cli_dbgmsg("Unpacking %s\n",fullname);
type = block[156];
switch(type) {
case '0':
case '\0':
break;
case '5':
cli_errmsg("Directories in CVD are not supported.\n");
free(fullname); |
9e431a95 |
gzclose(infile); |
8139fd99 |
return -1;
default:
cli_errmsg("Unknown type flag %c.\n",type);
free(fullname); |
9e431a95 |
gzclose(infile); |
8139fd99 |
return -1;
}
in_block = 1;
if(outfile) {
if(fclose(outfile)) {
cli_errmsg("Cannot close file %s.\n", fullname);
free(fullname); |
9e431a95 |
gzclose(infile); |
8139fd99 |
return -1;
}
outfile = NULL;
}
if(!(outfile = fopen(fullname, "wb"))) {
cli_errmsg("Cannot create file %s.\n", fullname);
free(fullname); |
9e431a95 |
gzclose(infile); |
8139fd99 |
return -1;
}
|
658f19f8 |
strncpy(osize, block + 124, 12);
osize[12] = '\0'; |
8139fd99 |
|
bddfdc19 |
if((sscanf(osize, "%o", &size)) == 0) { |
8139fd99 |
cli_errmsg("Invalid size in header.\n");
free(fullname); |
9e431a95 |
gzclose(infile); |
bcf3dc79 |
fclose(outfile); |
8139fd99 |
return -1;
}
} else { /* write or continue writing file contents */
nbytes = size > TAR_BLOCKSIZE ? TAR_BLOCKSIZE : size;
nwritten = fwrite(block, 1, nbytes, outfile);
if(nwritten != nbytes) {
cli_errmsg("Wrote %d instead of %d (%s).\n", nwritten, nbytes, fullname);
free(fullname); |
9e431a95 |
gzclose(infile); |
8139fd99 |
return -1;
}
size -= nbytes;
if(size == 0)
in_block = 0;
}
}
|
6a2532ca |
if(outfile)
fclose(outfile);
|
9e431a95 |
gzclose(infile);
free(fullname); |
8139fd99 |
return 0;
}
|
e4ae7726 |
struct cl_cvd *cl_cvdparse(const char *head) |
8139fd99 |
{ |
e4ae7726 |
char *pt; |
8139fd99 |
struct cl_cvd *cvd; |
6a2532ca |
if(strncmp(head, "ClamAV-VDB:", 11)) { |
e4ae7726 |
cli_dbgmsg("Not a CVD head.\n"); |
6a2532ca |
return NULL;
} |
8139fd99 |
cvd = (struct cl_cvd *) cli_calloc(1, sizeof(struct cl_cvd)); |
e12c29d2 |
if(!cvd) {
cli_errmsg("cl_cvdparse: Can't allocate memory for cvd\n");
return NULL;
} |
8139fd99 |
|
2d70a403 |
if(!(cvd->time = cli_strtok(head, 1, ":"))) { |
976bcd2a |
cli_errmsg("CVD -> Can't extract time from header.\n");
free(cvd);
return NULL;
}
|
2d70a403 |
if(!(pt = cli_strtok(head, 2, ":"))) { |
976bcd2a |
cli_errmsg("CVD -> Can't extract version from header.\n");
free(cvd->time);
free(cvd);
return NULL;
} |
8139fd99 |
cvd->version = atoi(pt);
free(pt);
|
2d70a403 |
if(!(pt = cli_strtok(head, 3, ":"))) { |
976bcd2a |
cli_errmsg("CVD -> Can't extract signature number from header.\n");
free(cvd->time);
free(cvd);
return NULL;
} |
8139fd99 |
cvd->sigs = atoi(pt);
free(pt);
|
2d70a403 |
if(!(pt = cli_strtok(head, 4, ":"))) { |
976bcd2a |
cli_errmsg("CVD -> Can't extract functionality level from header.\n");
free(cvd->time);
free(cvd);
return NULL;
} |
b5134815 |
cvd->fl = atoi(pt); |
8139fd99 |
free(pt);
|
2d70a403 |
if(!(cvd->md5 = cli_strtok(head, 5, ":"))) { |
976bcd2a |
cli_errmsg("CVD -> Can't extract MD5 checksum from header.\n");
free(cvd->time);
free(cvd);
return NULL;
}
|
2d70a403 |
if(!(cvd->dsig = cli_strtok(head, 6, ":"))) { |
976bcd2a |
cli_errmsg("CVD -> Can't extract digital signature from header.\n");
free(cvd->time);
free(cvd->md5);
free(cvd);
return NULL;
}
|
2d70a403 |
if(!(cvd->builder = cli_strtok(head, 7, ":"))) { |
976bcd2a |
cli_errmsg("CVD -> Can't extract builder name from header.\n");
free(cvd->time);
free(cvd->md5);
free(cvd->dsig);
free(cvd);
return NULL;
} |
8139fd99 |
|
c48c9d2b |
if((pt = cli_strtok(head, 8, ":"))) {
cvd->stime = atoi(pt);
free(pt);
} else
cli_dbgmsg("CVD -> No creation time in seconds (old file format)\n");
|
8139fd99 |
return cvd;
}
struct cl_cvd *cl_cvdhead(const char *file)
{ |
1ccd6e94 |
FILE *fs; |
bd5f3ce0 |
char head[513], *pt; |
e4ae7726 |
int i; |
b4bd1749 |
unsigned int bread;
|
8139fd99 |
|
1ccd6e94 |
if((fs = fopen(file, "rb")) == NULL) { |
e4ae7726 |
cli_dbgmsg("Can't open CVD file %s\n", file); |
8139fd99 |
return NULL;
}
|
b4bd1749 |
if(!(bread = fread(head, 1, 512, fs))) {
cli_errmsg("Can't read CVD header of %s\n", file); |
1ccd6e94 |
fclose(fs); |
e4ae7726 |
return NULL;
}
|
1ccd6e94 |
fclose(fs); |
e4ae7726 |
|
b4bd1749 |
head[bread] = 0; |
bd5f3ce0 |
if((pt = strpbrk(head, "\n\r")))
*pt = 0;
|
b4bd1749 |
for(i = bread - 1; i > 0 && (head[i] == ' ' || head[i] == '\n' || head[i] == '\r'); head[i] = 0, i--); |
e4ae7726 |
return cl_cvdparse(head); |
8139fd99 |
}
void cl_cvdfree(struct cl_cvd *cvd)
{
free(cvd->time);
free(cvd->md5);
free(cvd->dsig);
free(cvd->builder);
free(cvd);
}
|
1ccd6e94 |
static int cli_cvdverify(FILE *fs, struct cl_cvd *cvdpt) |
6a2532ca |
{ |
e4ae7726 |
struct cl_cvd *cvd;
char *md5, head[513];
int i;
|
1ccd6e94 |
fseek(fs, 0, SEEK_SET);
if(fread(head, 1, 512, fs) != 512) { |
e4ae7726 |
cli_dbgmsg("Can't read CVD head from stream\n");
return CL_ECVD;
}
head[512] = 0;
for(i = 511; i > 0 && (head[i] == ' ' || head[i] == 10); head[i] = 0, i--); |
6a2532ca |
|
e4ae7726 |
if((cvd = cl_cvdparse(head)) == NULL) |
6a2532ca |
return CL_ECVD;
|
e685f551 |
if(cvdpt) |
c48c9d2b |
memcpy(cvdpt, cvd, sizeof(struct cl_cvd)); |
6a2532ca |
|
1ccd6e94 |
md5 = cli_md5stream(fs, NULL); |
6a2532ca |
cli_dbgmsg("MD5(.tar.gz) = %s\n", md5);
|
e4ae7726 |
if(strncmp(md5, cvd->md5, 32)) { |
6a2532ca |
cli_dbgmsg("MD5 verification error.\n"); |
9e431a95 |
free(md5);
cl_cvdfree(cvd); |
6a2532ca |
return CL_EMD5;
}
#ifdef HAVE_GMP |
e4ae7726 |
if(cli_versig(md5, cvd->dsig)) { |
6a2532ca |
cli_dbgmsg("Digital signature verification error.\n"); |
9e431a95 |
free(md5);
cl_cvdfree(cvd); |
6a2532ca |
return CL_EDSIG;
}
#endif
|
e4ae7726 |
free(md5); |
9e431a95 |
cl_cvdfree(cvd); |
6a2532ca |
return 0;
}
|
e4ae7726 |
int cl_cvdverify(const char *file) |
6a2532ca |
{ |
1ccd6e94 |
FILE *fs; |
e4ae7726 |
int ret; |
6a2532ca |
|
1ccd6e94 |
if((fs = fopen(file, "rb")) == NULL) { |
6a2532ca |
cli_errmsg("Can't open CVD file %s\n", file); |
e4ae7726 |
return CL_EOPEN; |
6a2532ca |
}
|
1ccd6e94 |
ret = cli_cvdverify(fs, NULL);
fclose(fs); |
e4ae7726 |
return ret; |
6a2532ca |
}
|
1ccd6e94 |
int cli_cvdload(FILE *fs, struct cl_engine **engine, unsigned int *signo, short warn, unsigned int options) |
8139fd99 |
{ |
1ccd6e94 |
char *dir; |
c48c9d2b |
struct cl_cvd cvd; |
5ff81952 |
int ret, fd; |
fc83da82 |
time_t s_time; |
c48c9d2b |
|
8139fd99 |
cli_dbgmsg("in cli_cvdload()\n");
|
6a2532ca |
/* verify */ |
8139fd99 |
|
1ccd6e94 |
if((ret = cli_cvdverify(fs, &cvd))) |
6a2532ca |
return ret; |
8139fd99 |
|
37743d67 |
if(cvd.stime && warn) { |
fc83da82 |
time(&s_time);
if((int) s_time - cvd.stime > 604800) { |
c48c9d2b |
cli_warnmsg("**************************************************\n");
cli_warnmsg("*** The virus database is older than 7 days. ***\n");
cli_warnmsg("*** Please update it IMMEDIATELY! ***\n");
cli_warnmsg("**************************************************\n");
}
}
|
059662de |
if(cvd.fl > cl_retflevel()) { |
61409916 |
cli_warnmsg("***********************************************************\n");
cli_warnmsg("*** This version of the ClamAV engine is outdated. ***\n");
cli_warnmsg("*** DON'T PANIC! Read http://www.clamav.net/support/faq ***\n");
cli_warnmsg("***********************************************************\n"); |
059662de |
}
|
5ff81952 |
if((fd = dup(fileno(fs))) == -1) {
cli_errmsg("cli_cvdload(): Can't duplicate descriptor %d\n", fileno(fs));
return CL_EIO;
}
if(lseek(fd, 512, SEEK_SET) == -1) {
cli_errmsg("cli_cvdload(): Can't lseek descriptor %d\n", fd);
close(fd);
return CL_EIO;
} |
8139fd99 |
|
0c7019c5 |
dir = cli_gentemp(NULL); |
8139fd99 |
if(mkdir(dir, 0700)) { |
5ff81952 |
cli_errmsg("cli_cvdload(): Can't create temporary directory %s\n", dir); |
1ccd6e94 |
free(dir); |
5ff81952 |
close(fd); |
8139fd99 |
return CL_ETMPDIR;
}
|
5ff81952 |
if(cli_untgz(fd, dir)) { |
b58fdfc2 |
close(fd); |
8139fd99 |
cli_errmsg("cli_cvdload(): Can't unpack CVD file.\n"); |
45490c5c |
free(dir); |
8139fd99 |
return CL_ECVDEXTR;
}
/* load extracted directory */ |
45490c5c |
ret = cl_load(dir, engine, signo, options); |
8139fd99 |
cli_rmdirs(dir);
free(dir);
|
45490c5c |
return ret; |
8139fd99 |
} |