@@ -1,3 +1,8 @@

+Wed Aug  4 17:34:46 CEST 2004 (tk)

+----------------------------------

+  * libclamav: petite: big-endian fixes

+  * libclamav: pe: activate Petite unpacker

+

 Tue Aug  3 20:20:11 CEST 2004 (tk)

 ----------------------------------

   * libclamav: matcher-bm: fix segfault with short files (problem reported by

@@ -37,6 +37,7 @@ libclamav_la_SOURCES = \

         others.c \

         others.h \

         readdb.c \

+	readdb.h \

 	cvd.c \

 	cvd.h \

 	dsig.c \

@@ -246,6 +246,7 @@ libclamav_la_SOURCES = \

         others.c \

         others.h \

         readdb.c \

+	readdb.h \

 	cvd.c \

 	cvd.h \

 	dsig.c \

@@ -556,7 +556,6 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c

     /* Petite */

-    /*

     found = 2;

     lseek(desc, ep, SEEK_SET);

@@ -646,7 +645,6 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c

 	    }

 	}

     }

-    */

     /* to be continued ... */

@@ -60,14 +60,8 @@

 #include "others.h"

 #if WORDS_BIGENDIAN == 0

-#define EC16(v)	(v)

 #define EC32(v) (v)

 #else

-static inline uint16_t EC16(uint16_t v)

-{

-    return ((v >> 8) + (v << 8));

-}

-

 static inline uint32_t EC32(uint32_t v)

 {

     return ((v >> 24) | ((v & 0x00FF0000) >> 8) | ((v & 0x0000FF00) << 8) | (v << 24));

@@ -178,18 +172,19 @@ int petite_inflate2x_1to9(char *buf, uint32_t minrva, int bufsz, struct pe_image

 	  while ( (char *)thunk >=buf && (char *)thunk<buf+bufsz-4 && dummy ) {

 	    uint32_t api;

-	    

+

 	    if (! *thunk ) {

 	      workdone = 1;

 	      break;

 	    }

-	    imports = (uint32_t *) (adjbuf + *thunk++);

+	    imports = (uint32_t *) (adjbuf + EC32(*thunk++));

 	    dummy = 0;

 	    while ( (char *)imports >=buf && (char *)imports<buf+bufsz-4 ) {

 	      dummy = 0;	    

-	      if ( ! (api = *imports++) ) {

+

+	      if ( ! (api = EC32(*imports++)) ) {

 		dummy  = 1;

 		break;

 	      }

@@ -32,6 +32,10 @@

 ** Raw alignment is a waste and therefore is not performed.

 */

+#if HAVE_CONFIG_H

+#include "clamav-config.h"

+#endif

+

 #include <stdio.h>

 #include <string.h>

 #include <stdlib.h>

@@ -40,7 +44,21 @@

 #include "rebuildpe.h"

 #include "others.h"

-#define cli_writeint32(offset,value) *(uint32_t *)(offset) = (value)

+#if WORDS_BIGENDIAN == 0

+#define EC32(v) (v)

+#define EC16(v) (v)

+#else

+static inline uint32_t EC32(uint32_t v)

+{

+    return ((v >> 24) | ((v & 0x00FF0000) >> 8) | ((v & 0x0000FF00) << 8) | (v << 24));

+}

+static inline uint16_t EC16(uint16_t v)

+{

+    return ((v >> 8) + (v << 8));

+}

+#endif

+

+#define cli_writeint32(offset,value) *(uint32_t *)(offset) = EC32(value)

 struct IMAGE_PE_HEADER {

     uint32_t Signature;

@@ -126,12 +144,12 @@ char *rebuildpe(char *buffer, struct SECTION *sections, int sects, uint32_t base

     memcpy(pefile, HEADERS, 0x148);

     fakepe = (struct IMAGE_PE_HEADER *)(pefile+0xd0);

-    fakepe->NumberOfSections=sects;

-    fakepe->AddressOfEntryPoint=ep;

-    fakepe->ImageBase=base;

+    fakepe->NumberOfSections = EC16(sects);

+    fakepe->AddressOfEntryPoint = EC32(ep);

+    fakepe->ImageBase = EC32(base);

     memset(pefile+0x148, 0, 0x80);

-    *(uint32_t*)(pefile+0x148+0x10) = ResRva;

-    *(uint32_t*)(pefile+0x148+0x14) = ResSize;

+    cli_writeint32(pefile+0x148+0x10, ResRva);

+    cli_writeint32(pefile+0x148+0x14, ResSize);

     curpe = pefile+0x148+0x80;

     for (i=0; i < sects; i++) {