@@ -1,3 +1,7 @@

+Tue Sep  7 16:55:43 CEST 2010 (tk)

+----------------------------------

+ * libclamav: versioninfo hashset was not properly cached (bb#2065)

+

 Thu Sep  2 21:21:58 EEST 2010 (edwin)

 -------------------------------------

  * libclamav/c++/bytecode2llvm.cpp: fix hung clamd on FreeBSD (bb #2235)

@@ -55,7 +55,7 @@ struct cli_exe_info {

     /** Number of sections*/

     uint16_t nsections;

     /** Hashset for versioninfo matching */

-    struct cli_hashset *vinfo;

+    struct cli_hashset vinfo;

     /** Resrources RVA - PE ONLY */

     uint32_t res_addr;

     /** Address size - PE ONLY */

@@ -888,8 +888,6 @@ int cli_ac_initdata(struct cli_ac_data *data, uint32_t partsigs, uint32_t lsigs,

 	return CL_ENULLARG;

     }

-    cli_hashset_init_noalloc(&data->vinfo);

-

     data->reloffsigs = reloffsigs;

     if(reloffsigs) {

 	data->offset = (uint32_t *) cli_malloc(reloffsigs * 2 * sizeof(uint32_t));

@@ -980,7 +978,8 @@ int cli_ac_caloff(const struct cli_matcher *root, struct cli_ac_data *data, cons

 	unsigned int i;

 	struct cli_ac_patt *patt;

-    /* info.exeinfo.vinfo = &data->vinfo; */

+    if(info)

+	data->vinfo = &info->exeinfo.vinfo;

     for(i = 0; i < root->ac_reloff_num; i++) {

 	patt = root->ac_reloff[i];

@@ -1001,8 +1000,6 @@ void cli_ac_freedata(struct cli_ac_data *data)

 {

 	uint32_t i;

-    cli_hashset_destroy(&data->vinfo);

-

     if(data && data->partsigs) {

 	for(i = 0; i < data->partsigs; i++) {

 	    if(data->offmatrix[i]) {

@@ -1176,7 +1173,7 @@ int cli_ac_scanbuff(const unsigned char *buffer, uint32_t length, const char **v

 			}

 			realoff = offset + bp - pt->prefix_length;

 			if(pt->offdata[0] == CLI_OFF_VERSION) {

-			    if(!cli_hashset_contains_maybe_noalloc(&mdata->vinfo, realoff)) {

+			    if(!cli_hashset_contains_maybe_noalloc(mdata->vinfo, realoff)) {

 				pt = pt->next_same;

 				continue;

 			    }

@@ -41,7 +41,7 @@ struct cli_ac_data {

     uint32_t *offset;

     uint32_t macro_lastmatch[32];

     /** Hashset for versioninfo matching */

-    struct cli_hashset vinfo;

+    struct cli_hashset *vinfo;

 };

 struct cli_ac_special {

@@ -361,6 +361,7 @@ static void targetinfo(struct cli_target_info *info, unsigned int target, fmap_t

     memset(info, 0, sizeof(struct cli_target_info));

     info->fsize = map->len;

+    cli_hashset_init_noalloc(&info->exeinfo.vinfo);

     if(target == 1)

 	einfo = cli_peheader;

@@ -612,6 +613,7 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli

 	if((ret = cli_ac_initdata(&gdata, groot->ac_partsigs, groot->ac_lsigs, groot->ac_reloff_num, CLI_DEFAULT_AC_TRACKLEN)) || (ret = cli_ac_caloff(groot, &gdata, &info))) {

 	    if(info.exeinfo.section)

 		free(info.exeinfo.section);

+	    cli_hashset_destroy(&info.exeinfo.vinfo);

 	    return ret;

 	}

@@ -621,6 +623,7 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli

 		cli_ac_freedata(&gdata);

 	    if(info.exeinfo.section)

 		free(info.exeinfo.section);

+	    cli_hashset_destroy(&info.exeinfo.vinfo);

 	    return ret;

 	}

 	if(troot->bm_offmode) {

@@ -631,6 +634,7 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli

 		    cli_ac_freedata(&tdata);

 		    if(info.exeinfo.section)

 			free(info.exeinfo.section);

+		    cli_hashset_destroy(&info.exeinfo.vinfo);

 		    return ret;

 		}

 		bm_offmode = 1;

@@ -659,6 +663,7 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli

 		    cli_bm_freeoff(&toff);

 		if(info.exeinfo.section)

 		    free(info.exeinfo.section);

+		cli_hashset_destroy(&info.exeinfo.vinfo);

 		return ret;

 	    }

 	}

@@ -675,6 +680,7 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli

 		}

 		if(info.exeinfo.section)

 		    free(info.exeinfo.section);

+		cli_hashset_destroy(&info.exeinfo.vinfo);

 		return ret;

 	    } else if((acmode & AC_SCAN_FT) && ret >= CL_TYPENO) {

 		if(ret > type)

@@ -704,6 +710,7 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli

     if(info.exeinfo.section)

 	free(info.exeinfo.section);

+    cli_hashset_destroy(&info.exeinfo.vinfo);

     if(ret == CL_VIRUS)

 	return CL_VIRUS;

@@ -2461,7 +2461,7 @@ int cli_peheader(fmap_t *map, struct cli_exe_info *peinfo)

     else

 	peinfo->res_addr = EC32(dirs[2].VirtualAddress);

-    while(dirs[2].Size && peinfo->vinfo) {

+    while(dirs[2].Size) {

 	struct vinfo_list vlist;

 	uint8_t *vptr, *baseptr;

     	uint32_t rva, res_sz;

@@ -2470,7 +2470,7 @@ int cli_peheader(fmap_t *map, struct cli_exe_info *peinfo)

 	memset(&vlist, 0, sizeof(vlist));

     	findres(0x10, 0xffffffff, EC32(dirs[2].VirtualAddress), map, peinfo->section, peinfo->nsections, hdr_size, versioninfo_cb, &vlist);

 	if(!vlist.count) break; /* No version_information */

-	if(cli_hashset_init(peinfo->vinfo, 32, 80)) {

+	if(cli_hashset_init(&peinfo->vinfo, 32, 80)) {

 	    cli_errmsg("cli_peheader: Unable to init vinfo hashset\n");

 	    free(section_hdr);

 	    free(peinfo->section);

@@ -2595,9 +2595,9 @@ int cli_peheader(fmap_t *map, struct cli_exe_info *peinfo)

 				continue;

 			    }

-			    if(cli_hashset_addkey(peinfo->vinfo, (uint32_t)(vptr - baseptr + 6))) {

+			    if(cli_hashset_addkey(&peinfo->vinfo, (uint32_t)(vptr - baseptr + 6))) {

 				cli_errmsg("cli_peheader: Unable to add rva to vinfo hashset\n");

-				cli_hashset_destroy(peinfo->vinfo);

+				cli_hashset_destroy(&peinfo->vinfo);

 				free(section_hdr);

 				free(peinfo->section);

 				peinfo->section = NULL;