git-svn: trunk@4117
Tomasz Kojm authored on 2008/08/18 19:09:56... | ... |
@@ -1,3 +1,8 @@ |
1 |
+Mon Aug 18 12:01:10 CEST 2008 (tk) |
|
2 |
+---------------------------------- |
|
3 |
+ * libclamunrar_iface, libclamav: improve detection of encrypted RAR archives |
|
4 |
+ (bb#1134) |
|
5 |
+ |
|
1 | 6 |
Sun Aug 17 19:30:25 CEST 2008 (tk) |
2 | 7 |
---------------------------------- |
3 | 8 |
* clamd/server-th.c: add missing proto for cli_initengine() (bb#1136) |
... | ... |
@@ -292,10 +292,21 @@ static int cli_scanrar(int desc, cli_ctx *ctx, off_t sfx_offset, uint32_t *sfx_c |
292 | 292 |
if(!cli_leavetemps_flag) |
293 | 293 |
cli_rmdirs(dir); |
294 | 294 |
free(dir); |
295 |
- if(ret == UNRAR_EMEM) |
|
295 |
+ if(ret == UNRAR_PASSWD) { |
|
296 |
+ cli_dbgmsg("RAR: Encrypted main header\n"); |
|
297 |
+ if(DETECT_ENCRYPTED) { |
|
298 |
+ lseek(desc, 0, SEEK_SET); |
|
299 |
+ ret = cli_scandesc(desc, ctx, 0, 0, NULL, AC_SCAN_VIR); |
|
300 |
+ if(ret != CL_VIRUS) |
|
301 |
+ *ctx->virname = "Encrypted.RAR"; |
|
302 |
+ return CL_VIRUS; |
|
303 |
+ } |
|
304 |
+ return CL_CLEAN; |
|
305 |
+ } if(ret == UNRAR_EMEM) { |
|
296 | 306 |
return CL_EMEM; |
297 |
- else |
|
307 |
+ } else { |
|
298 | 308 |
return CL_ERAR; |
309 |
+ } |
|
299 | 310 |
} |
300 | 311 |
|
301 | 312 |
do { |
... | ... |
@@ -264,61 +264,53 @@ int unrar_open(int fd, const char *dirname, unrar_state_t *state) |
264 | 264 |
if(!is_rar_archive(fd)) |
265 | 265 |
return UNRAR_ERR; |
266 | 266 |
|
267 |
- unpack_data = (unpack_data_t *) malloc(sizeof(unpack_data_t)); |
|
268 |
- if(!unpack_data) { |
|
269 |
- unrar_dbgmsg("UNRAR: malloc failed for unpack_data\n"); |
|
270 |
- return UNRAR_EMEM; |
|
271 |
- } |
|
272 |
- unpack_data->rarvm_data.mem = NULL; |
|
273 |
- unpack_data->old_filter_lengths = NULL; |
|
274 |
- unpack_data->PrgStack.array = unpack_data->Filters.array = NULL; |
|
275 |
- unpack_data->PrgStack.num_items = unpack_data->Filters.num_items = 0; |
|
276 |
- unpack_data->unp_crc = 0xffffffff; |
|
277 |
- |
|
278 |
- ppm_constructor(&unpack_data->ppm_data); |
|
279 | 267 |
main_hdr = read_header(fd, MAIN_HEAD); |
280 |
- if(!main_hdr) { |
|
281 |
- ppm_destructor(&unpack_data->ppm_data); |
|
282 |
- rar_init_filters(unpack_data); |
|
283 |
- unpack_free_data(unpack_data); |
|
284 |
- free(unpack_data); |
|
268 |
+ if(!main_hdr) |
|
285 | 269 |
return UNRAR_ERR; |
286 |
- } |
|
270 |
+ |
|
287 | 271 |
unrar_dbgmsg("UNRAR: Head CRC: %.4x\n", main_hdr->head_crc); |
288 | 272 |
unrar_dbgmsg("UNRAR: Head Type: %.2x\n", main_hdr->head_type); |
289 | 273 |
unrar_dbgmsg("UNRAR: Flags: %.4x\n", main_hdr->flags); |
290 | 274 |
unrar_dbgmsg("UNRAR: Head Size: %.4x\n", main_hdr->head_size); |
291 | 275 |
|
276 |
+ if(main_hdr->flags & MHD_PASSWORD) { |
|
277 |
+ free(main_hdr); |
|
278 |
+ return UNRAR_PASSWD; |
|
279 |
+ } |
|
280 |
+ |
|
292 | 281 |
snprintf(filename,1024,"%s/comments", dirname); |
293 | 282 |
if(mkdir(filename,0700)) { |
294 | 283 |
unrar_dbgmsg("UNRAR: Unable to create comment temporary directory\n"); |
295 | 284 |
free(main_hdr); |
296 |
- ppm_destructor(&unpack_data->ppm_data); |
|
297 |
- rar_init_filters(unpack_data); |
|
298 |
- unpack_free_data(unpack_data); |
|
299 |
- free(unpack_data); |
|
300 | 285 |
return UNRAR_ERR; |
301 | 286 |
} |
302 | 287 |
state->comment_dir = strdup(filename); |
303 | 288 |
if(!state->comment_dir) { |
304 | 289 |
free(main_hdr); |
305 |
- ppm_destructor(&unpack_data->ppm_data); |
|
306 |
- rar_init_filters(unpack_data); |
|
307 |
- unpack_free_data(unpack_data); |
|
308 |
- free(unpack_data); |
|
309 | 290 |
return UNRAR_EMEM; |
310 | 291 |
} |
311 | 292 |
|
312 | 293 |
if(main_hdr->head_size < SIZEOF_NEWMHD) { |
313 | 294 |
free(main_hdr); |
314 |
- ppm_destructor(&unpack_data->ppm_data); |
|
315 |
- rar_init_filters(unpack_data); |
|
316 |
- unpack_free_data(unpack_data); |
|
317 |
- free(unpack_data); |
|
318 | 295 |
free(state->comment_dir); |
319 | 296 |
return UNRAR_ERR; |
320 | 297 |
} |
321 | 298 |
|
299 |
+ unpack_data = (unpack_data_t *) malloc(sizeof(unpack_data_t)); |
|
300 |
+ if(!unpack_data) { |
|
301 |
+ free(main_hdr); |
|
302 |
+ free(state->comment_dir); |
|
303 |
+ unrar_dbgmsg("UNRAR: malloc failed for unpack_data\n"); |
|
304 |
+ return UNRAR_EMEM; |
|
305 |
+ } |
|
306 |
+ unpack_data->rarvm_data.mem = NULL; |
|
307 |
+ unpack_data->old_filter_lengths = NULL; |
|
308 |
+ unpack_data->PrgStack.array = unpack_data->Filters.array = NULL; |
|
309 |
+ unpack_data->PrgStack.num_items = unpack_data->Filters.num_items = 0; |
|
310 |
+ unpack_data->unp_crc = 0xffffffff; |
|
311 |
+ |
|
312 |
+ ppm_constructor(&unpack_data->ppm_data); |
|
313 |
+ |
|
322 | 314 |
if(main_hdr->flags & MHD_COMMENT) { |
323 | 315 |
unrar_comment_header_t *comment_header; |
324 | 316 |
unrar_dbgmsg("UNRAR: RAR main comment\n"); |