... | ... |
@@ -1,5 +1,5 @@ |
1 | 1 |
/* |
2 |
- * Copyright (C) 2015 Cisco Systems, Inc. and/or its affiliates. All rights reserved. |
|
2 |
+ * Copyright (C) 2015, 2018 Cisco Systems, Inc. and/or its affiliates. All rights reserved. |
|
3 | 3 |
* Copyright (C) 2007-2013 Sourcefire, Inc. |
4 | 4 |
* |
5 | 5 |
* Authors: Tomasz Kojm |
... | ... |
@@ -1342,37 +1342,33 @@ static int cli_scanscript(cli_ctx *ctx) |
1342 | 1342 |
return CL_CLEAN; |
1343 | 1343 |
} |
1344 | 1344 |
|
1345 |
- /* dump to disk only if explicitly asked to |
|
1346 |
- * or if necessary to check relative offsets, |
|
1347 |
- * otherwise we can process just in-memory */ |
|
1348 |
- if(ctx->engine->keeptmp || (troot && troot->ac_reloff_num > 0)) { |
|
1349 |
- if((ret = cli_gentempfd(ctx->engine->tmpdir, &tmpname, &ofd))) { |
|
1350 |
- cli_dbgmsg("cli_scanscript: Can't generate temporary file/descriptor\n"); |
|
1351 |
- return ret; |
|
1352 |
- } |
|
1353 |
- if (ctx->engine->keeptmp) |
|
1354 |
- cli_dbgmsg("cli_scanscript: saving normalized file to %s\n", tmpname); |
|
1355 |
- } |
|
1356 |
- |
|
1357 | 1345 |
if(!(normalized = cli_malloc(SCANBUFF + maxpatlen))) { |
1358 | 1346 |
cli_dbgmsg("cli_scanscript: Unable to malloc %u bytes\n", SCANBUFF); |
1359 |
- free(tmpname); |
|
1360 | 1347 |
return CL_EMEM; |
1361 | 1348 |
} |
1362 |
- |
|
1363 | 1349 |
text_normalize_init(&state, normalized, SCANBUFF + maxpatlen); |
1364 |
- ret = CL_CLEAN; |
|
1365 |
- |
|
1366 | 1350 |
|
1367 | 1351 |
if ((ret = cli_ac_initdata(&tmdata, troot?troot->ac_partsigs:0, troot?troot->ac_lsigs:0, troot?troot->ac_reloff_num:0, CLI_DEFAULT_AC_TRACKLEN))) { |
1368 |
- free(tmpname); |
|
1369 |
- return ret; |
|
1352 |
+ free(normalized); |
|
1353 |
+ return ret; |
|
1370 | 1354 |
} |
1371 | 1355 |
|
1372 | 1356 |
if ((ret = cli_ac_initdata(&gmdata, groot->ac_partsigs, groot->ac_lsigs, groot->ac_reloff_num, CLI_DEFAULT_AC_TRACKLEN))) { |
1373 |
- cli_ac_freedata(&tmdata); |
|
1374 |
- free(tmpname); |
|
1375 |
- return ret; |
|
1357 |
+ cli_ac_freedata(&tmdata); |
|
1358 |
+ free(normalized); |
|
1359 |
+ return ret; |
|
1360 |
+ } |
|
1361 |
+ |
|
1362 |
+ /* dump to disk only if explicitly asked to |
|
1363 |
+ * or if necessary to check relative offsets, |
|
1364 |
+ * otherwise we can process just in-memory */ |
|
1365 |
+ if(ctx->engine->keeptmp || (troot && troot->ac_reloff_num > 0)) { |
|
1366 |
+ if((ret = cli_gentempfd(ctx->engine->tmpdir, &tmpname, &ofd))) { |
|
1367 |
+ cli_dbgmsg("cli_scanscript: Can't generate temporary file/descriptor\n"); |
|
1368 |
+ goto done; |
|
1369 |
+ } |
|
1370 |
+ if (ctx->engine->keeptmp) |
|
1371 |
+ cli_dbgmsg("cli_scanscript: saving normalized file to %s\n", tmpname); |
|
1376 | 1372 |
} |
1377 | 1373 |
|
1378 | 1374 |
mdata[0] = &tmdata; |
... | ... |
@@ -1387,10 +1383,9 @@ static int cli_scanscript(cli_ctx *ctx) |
1387 | 1387 |
map_off += written; |
1388 | 1388 |
|
1389 | 1389 |
if (write(ofd, state.out, state.out_pos) == -1) { |
1390 |
- cli_errmsg("cli_scanscript: can't write to file %s\n",tmpname); |
|
1391 |
- close(ofd); |
|
1392 |
- free(tmpname); |
|
1393 |
- return CL_EWRITE; |
|
1390 |
+ cli_errmsg("cli_scanscript: can't write to file %s\n",tmpname); |
|
1391 |
+ ret = CL_EWRITE; |
|
1392 |
+ goto done; |
|
1394 | 1393 |
} |
1395 | 1394 |
text_normalize_reset(&state); |
1396 | 1395 |
} |
... | ... |
@@ -1409,11 +1404,6 @@ static int cli_scanscript(cli_ctx *ctx) |
1409 | 1409 |
funmap(*ctx->fmap); |
1410 | 1410 |
} |
1411 | 1411 |
*ctx->fmap = map; |
1412 |
- |
|
1413 |
- /* If we aren't keeping temps, delete the normalized file after scan. */ |
|
1414 |
- if(!(ctx->engine->keeptmp)) |
|
1415 |
- if (cli_unlink(tmpname)) ret = CL_EUNLINK; |
|
1416 |
- |
|
1417 | 1412 |
} else { |
1418 | 1413 |
/* Since the above is moderately costly all in all, |
1419 | 1414 |
* do the old stuff if there's no relative offsets. */ |
... | ... |
@@ -1421,11 +1411,8 @@ static int cli_scanscript(cli_ctx *ctx) |
1421 | 1421 |
if (troot) { |
1422 | 1422 |
cli_targetinfo(&info, 7, map); |
1423 | 1423 |
ret = cli_ac_caloff(troot, &tmdata, &info); |
1424 |
- if (ret) { |
|
1425 |
- cli_ac_freedata(&tmdata); |
|
1426 |
- free(tmpname); |
|
1427 |
- return ret; |
|
1428 |
- } |
|
1424 |
+ if (ret) |
|
1425 |
+ goto done; |
|
1429 | 1426 |
} |
1430 | 1427 |
|
1431 | 1428 |
while(1) { |
... | ... |
@@ -1466,13 +1453,6 @@ static int cli_scanscript(cli_ctx *ctx) |
1466 | 1466 |
|
1467 | 1467 |
} |
1468 | 1468 |
|
1469 |
- if(ctx->engine->keeptmp) { |
|
1470 |
- free(tmpname); |
|
1471 |
- if (ofd >= 0) |
|
1472 |
- close(ofd); |
|
1473 |
- } |
|
1474 |
- free(normalized); |
|
1475 |
- |
|
1476 | 1469 |
if(ret != CL_VIRUS || SCAN_ALL) { |
1477 | 1470 |
if ((ret = cli_exp_eval(ctx, troot, &tmdata, NULL, NULL)) == CL_VIRUS) |
1478 | 1471 |
viruses_found++; |
... | ... |
@@ -1481,11 +1461,21 @@ static int cli_scanscript(cli_ctx *ctx) |
1481 | 1481 |
viruses_found++; |
1482 | 1482 |
} |
1483 | 1483 |
|
1484 |
+ done: |
|
1485 |
+ free(normalized); |
|
1484 | 1486 |
cli_ac_freedata(&tmdata); |
1485 | 1487 |
cli_ac_freedata(&gmdata); |
1486 | 1488 |
|
1489 |
+ if (ofd != -1) |
|
1490 |
+ close(ofd); |
|
1491 |
+ if (tmpname != NULL) { |
|
1492 |
+ if (!ctx->engine->keeptmp) |
|
1493 |
+ cli_unlink(tmpname); |
|
1494 |
+ free(tmpname); |
|
1495 |
+ } |
|
1496 |
+ |
|
1487 | 1497 |
if (SCAN_ALL && viruses_found) |
1488 |
- return CL_VIRUS; |
|
1498 |
+ return CL_VIRUS; |
|
1489 | 1499 |
|
1490 | 1500 |
return ret; |
1491 | 1501 |
} |