...
|
...
|
@@ -253,7 +253,7 @@ int cli_parse_add(struct cli_matcher *root, const char *virname, const char *hex
|
253
|
253
|
}
|
254
|
254
|
bm_new->length = hexlen / 2;
|
255
|
255
|
|
256
|
|
- bm_new->virname = cli_mpool_virname(root->mempool, (char *) virname, options & CL_DB_OFFICIAL);
|
|
256
|
+ bm_new->virname = cli_mpool_virname(root->mempool, virname, options & CL_DB_OFFICIAL);
|
257
|
257
|
if(!bm_new->virname) {
|
258
|
258
|
mpool_free(root->mempool, bm_new->pattern);
|
259
|
259
|
mpool_free(root->mempool, bm_new);
|
...
|
...
|
@@ -409,7 +409,7 @@ static int cli_chkign(const struct cli_matcher *ignored, const char *signame, co
|
409
|
409
|
if(!ignored || !signame || !entry)
|
410
|
410
|
return 0;
|
411
|
411
|
|
412
|
|
- if(cli_bm_scanbuff(signame, strlen(signame), &md5_expected, NULL, ignored, 0, NULL, NULL) == CL_VIRUS) {
|
|
412
|
+ if(cli_bm_scanbuff((const unsigned char *) signame, strlen(signame), &md5_expected, NULL, ignored, 0, NULL, NULL) == CL_VIRUS) {
|
413
|
413
|
if(md5_expected) {
|
414
|
414
|
cli_md5_init(&md5ctx);
|
415
|
415
|
cli_md5_update(&md5ctx, entry, strlen(entry));
|
...
|
...
|
@@ -462,7 +462,7 @@ static int cli_chkpua(const char *signame, const char *pua_cats, unsigned int op
|
462
|
462
|
|
463
|
463
|
static int cli_loaddb(FILE *fs, struct cl_engine *engine, unsigned int *signo, unsigned int options, struct cli_dbio *dbio, const char *dbname)
|
464
|
464
|
{
|
465
|
|
- char buffer[FILEBUFF], *buffer_cpy, *pt, *start;
|
|
465
|
+ char buffer[FILEBUFF], *buffer_cpy = NULL, *pt, *start;
|
466
|
466
|
unsigned int line = 0, sigs = 0;
|
467
|
467
|
int ret = 0;
|
468
|
468
|
struct cli_matcher *root;
|
...
|
...
|
@@ -528,7 +528,7 @@ static int cli_loaddb(FILE *fs, struct cl_engine *engine, unsigned int *signo, u
|
528
|
528
|
static int cli_loadidb(FILE *fs, struct cl_engine *engine, unsigned int *signo, unsigned int options, struct cli_dbio *dbio)
|
529
|
529
|
{
|
530
|
530
|
const char *tokens[ICO_TOKENS + 1];
|
531
|
|
- char buffer[FILEBUFF], *buffer_cpy;
|
|
531
|
+ char buffer[FILEBUFF], *buffer_cpy = NULL;
|
532
|
532
|
uint8_t *hash;
|
533
|
533
|
int ret = CL_SUCCESS;
|
534
|
534
|
unsigned int line = 0, sigs = 0, tokens_count, i, size, enginesize;
|
...
|
...
|
@@ -796,7 +796,7 @@ static int cli_loadpdb(FILE *fs, struct cl_engine *engine, unsigned int *signo,
|
796
|
796
|
static int cli_loadndb(FILE *fs, struct cl_engine *engine, unsigned int *signo, unsigned short sdb, unsigned int options, struct cli_dbio *dbio, const char *dbname)
|
797
|
797
|
{
|
798
|
798
|
const char *tokens[NDB_TOKENS + 1];
|
799
|
|
- char buffer[FILEBUFF], *buffer_cpy;
|
|
799
|
+ char buffer[FILEBUFF], *buffer_cpy = NULL;
|
800
|
800
|
const char *sig, *virname, *offset, *pt;
|
801
|
801
|
struct cli_matcher *root;
|
802
|
802
|
int line = 0, sigs = 0, ret = 0, tokens_count;
|
...
|
...
|
@@ -1105,7 +1105,7 @@ static int lsigattribs(char *attribs, struct cli_lsig_tdb *tdb)
|
1105
|
1105
|
} while(0);
|
1106
|
1106
|
|
1107
|
1107
|
#define LDB_TOKENS 67
|
1108
|
|
-static int load_oneldb(char *buffer, int chkpua, int chkign, struct cl_engine *engine, unsigned int options, const char *dbname, unsigned line, unsigned *sigs, struct cli_bc *bc, const char *buffer_cpy)
|
|
1108
|
+static int load_oneldb(char *buffer, int chkpua, int chkign, struct cl_engine *engine, unsigned int options, const char *dbname, unsigned int line, unsigned int *sigs, struct cli_bc *bc, const char *buffer_cpy)
|
1109
|
1109
|
{
|
1110
|
1110
|
const char *sig, *virname, *offset, *logic;
|
1111
|
1111
|
struct cli_ac_lsig **newtable, *lsig;
|
...
|
...
|
@@ -1162,7 +1162,7 @@ static int load_oneldb(char *buffer, int chkpua, int chkign, struct cl_engine *e
|
1162
|
1162
|
FREE_TDB(tdb);
|
1163
|
1163
|
if(ret == 1) {
|
1164
|
1164
|
cli_dbgmsg("cli_loadldb: Not supported attribute(s) in logical signature for %s, skipping\n", virname);
|
1165
|
|
- *sigs--;
|
|
1165
|
+ (*sigs)--;
|
1166
|
1166
|
return CL_SUCCESS;
|
1167
|
1167
|
}
|
1168
|
1168
|
return CL_EMALFDB;
|
...
|
...
|
@@ -1175,7 +1175,7 @@ static int load_oneldb(char *buffer, int chkpua, int chkign, struct cl_engine *e
|
1175
|
1175
|
} else if(tdb.target[0] >= CLI_MTARGETS) {
|
1176
|
1176
|
cli_dbgmsg("cli_loadldb: Not supported target type in logical signature for %s, skipping\n", virname);
|
1177
|
1177
|
FREE_TDB(tdb);
|
1178
|
|
- *sigs--;
|
|
1178
|
+ (*sigs)--;
|
1179
|
1179
|
return CL_SUCCESS;
|
1180
|
1180
|
}
|
1181
|
1181
|
|
...
|
...
|
@@ -1244,11 +1244,11 @@ static int load_oneldb(char *buffer, int chkpua, int chkign, struct cl_engine *e
|
1244
|
1244
|
if(tdb.engine[0] > cl_retflevel()) {
|
1245
|
1245
|
cli_dbgmsg("cli_loadldb: Signature for %s not loaded (required f-level: %u)\n", virname, tdb.engine[0]);
|
1246
|
1246
|
FREE_TDB(tdb);
|
1247
|
|
- *sigs--;
|
|
1247
|
+ (*sigs)--;
|
1248
|
1248
|
return CL_SUCCESS;
|
1249
|
1249
|
} else if(tdb.engine[1] < cl_retflevel()) {
|
1250
|
1250
|
FREE_TDB(tdb);
|
1251
|
|
- *sigs--;
|
|
1251
|
+ (*sigs)--;
|
1252
|
1252
|
return CL_SUCCESS;
|
1253
|
1253
|
}
|
1254
|
1254
|
}
|
...
|
...
|
@@ -1258,7 +1258,7 @@ static int load_oneldb(char *buffer, int chkpua, int chkign, struct cl_engine *e
|
1258
|
1258
|
|
1259
|
1259
|
static int cli_loadldb(FILE *fs, struct cl_engine *engine, unsigned int *signo, unsigned int options, struct cli_dbio *dbio, const char *dbname)
|
1260
|
1260
|
{
|
1261
|
|
- char buffer[CLI_DEFAULT_LSIG_BUFSIZE + 1], *buffer_cpy;
|
|
1261
|
+ char buffer[CLI_DEFAULT_LSIG_BUFSIZE + 1], *buffer_cpy = NULL;
|
1262
|
1262
|
unsigned int line = 0, sigs = 0;
|
1263
|
1263
|
int ret;
|
1264
|
1264
|
|
...
|
...
|
@@ -1495,7 +1495,7 @@ static int cli_loadign(FILE *fs, struct cl_engine *engine, unsigned int options,
|
1495
|
1495
|
{
|
1496
|
1496
|
const char *tokens[IGN_MAX_TOKENS + 1], *signame, *hash = NULL;
|
1497
|
1497
|
char buffer[FILEBUFF];
|
1498
|
|
- unsigned int line = 0, tokens_count, i, len;
|
|
1498
|
+ unsigned int line = 0, tokens_count, len;
|
1499
|
1499
|
struct cli_bm_patt *new;
|
1500
|
1500
|
int ret = CL_SUCCESS;
|
1501
|
1501
|
|
...
|
...
|
@@ -1541,14 +1541,14 @@ static int cli_loadign(FILE *fs, struct cl_engine *engine, unsigned int options,
|
1541
|
1541
|
ret = CL_EMEM;
|
1542
|
1542
|
break;
|
1543
|
1543
|
}
|
1544
|
|
- new->pattern = cli_mpool_strdup(engine->mempool, signame);
|
|
1544
|
+ new->pattern = (unsigned char *) cli_mpool_strdup(engine->mempool, signame);
|
1545
|
1545
|
if(!new->pattern) {
|
1546
|
1546
|
mpool_free(engine->mempool, new);
|
1547
|
1547
|
ret = CL_EMEM;
|
1548
|
1548
|
break;
|
1549
|
1549
|
}
|
1550
|
1550
|
if(hash) {
|
1551
|
|
- if(strlen(hash) != 32 || !(new->virname = (unsigned char *) cli_mpool_hex2str(engine->mempool, hash))) {
|
|
1551
|
+ if(strlen(hash) != 32 || !(new->virname = (char *) cli_mpool_hex2str(engine->mempool, hash))) {
|
1552
|
1552
|
cli_errmsg("cli_loadign: Malformed MD5 string at line %u\n", line);
|
1553
|
1553
|
mpool_free(engine->mempool, new->pattern);
|
1554
|
1554
|
mpool_free(engine->mempool, new);
|
...
|
...
|
@@ -1619,7 +1619,7 @@ static int cli_md5db_init(struct cl_engine *engine, unsigned int mode)
|
1619
|
1619
|
static int cli_loadmd5(FILE *fs, struct cl_engine *engine, unsigned int *signo, unsigned int mode, unsigned int options, struct cli_dbio *dbio, const char *dbname)
|
1620
|
1620
|
{
|
1621
|
1621
|
const char *tokens[MD5_TOKENS + 1];
|
1622
|
|
- char buffer[FILEBUFF], *buffer_cpy;
|
|
1622
|
+ char buffer[FILEBUFF], *buffer_cpy = NULL;
|
1623
|
1623
|
const char *pt;
|
1624
|
1624
|
int ret = CL_SUCCESS;
|
1625
|
1625
|
unsigned int size_field = 1, md5_field = 0, line = 0, sigs = 0, tokens_count;
|
...
|
...
|
@@ -1678,7 +1678,7 @@ static int cli_loadmd5(FILE *fs, struct cl_engine *engine, unsigned int *signo,
|
1678
|
1678
|
|
1679
|
1679
|
new->filesize = atoi(tokens[size_field]);
|
1680
|
1680
|
|
1681
|
|
- new->virname = cli_mpool_virname(engine->mempool, (char *) tokens[2], options & CL_DB_OFFICIAL);
|
|
1681
|
+ new->virname = cli_mpool_virname(engine->mempool, tokens[2], options & CL_DB_OFFICIAL);
|
1682
|
1682
|
if(!new->virname) {
|
1683
|
1683
|
mpool_free(engine->mempool, new->pattern);
|
1684
|
1684
|
mpool_free(engine->mempool, new);
|
...
|
...
|
@@ -1736,9 +1736,9 @@ static int cli_loadmd5(FILE *fs, struct cl_engine *engine, unsigned int *signo,
|
1736
|
1736
|
static int cli_loadmd(FILE *fs, struct cl_engine *engine, unsigned int *signo, int type, unsigned int options, struct cli_dbio *dbio, const char *dbname)
|
1737
|
1737
|
{
|
1738
|
1738
|
const char *tokens[MD_TOKENS + 1];
|
1739
|
|
- char buffer[FILEBUFF], *buffer_cpy;
|
|
1739
|
+ char buffer[FILEBUFF], *buffer_cpy = NULL;
|
1740
|
1740
|
unsigned int line = 0, sigs = 0, tokens_count;
|
1741
|
|
- int ret = CL_SUCCESS, crc;
|
|
1741
|
+ int ret = CL_SUCCESS;
|
1742
|
1742
|
struct cli_cdb *new;
|
1743
|
1743
|
|
1744
|
1744
|
|
...
|
...
|
@@ -1798,7 +1798,7 @@ static int cli_loadmd(FILE *fs, struct cl_engine *engine, unsigned int *signo, i
|
1798
|
1798
|
break;
|
1799
|
1799
|
}
|
1800
|
1800
|
|
1801
|
|
- new->virname = cli_mpool_virname(engine->mempool, (char *)tokens[0], options & CL_DB_OFFICIAL);
|
|
1801
|
+ new->virname = cli_mpool_virname(engine->mempool, tokens[0], options & CL_DB_OFFICIAL);
|
1802
|
1802
|
if(!new->virname) {
|
1803
|
1803
|
mpool_free(engine->mempool, new);
|
1804
|
1804
|
ret = CL_EMEM;
|
...
|
...
|
@@ -1883,7 +1883,7 @@ static int cli_loadmd(FILE *fs, struct cl_engine *engine, unsigned int *signo, i
|
1883
|
1883
|
static int cli_loadcdb(FILE *fs, struct cl_engine *engine, unsigned int *signo, unsigned int options, struct cli_dbio *dbio)
|
1884
|
1884
|
{
|
1885
|
1885
|
const char *tokens[CDB_TOKENS + 1];
|
1886
|
|
- char buffer[FILEBUFF], *buffer_cpy;
|
|
1886
|
+ char buffer[FILEBUFF], *buffer_cpy = NULL;
|
1887
|
1887
|
unsigned int line = 0, sigs = 0, tokens_count, n0, n1;
|
1888
|
1888
|
int ret = CL_SUCCESS;
|
1889
|
1889
|
struct cli_cdb *new;
|
...
|
...
|
@@ -1933,7 +1933,7 @@ static int cli_loadcdb(FILE *fs, struct cl_engine *engine, unsigned int *signo,
|
1933
|
1933
|
break;
|
1934
|
1934
|
}
|
1935
|
1935
|
|
1936
|
|
- new->virname = cli_mpool_virname(engine->mempool, (char *)tokens[0], options & CL_DB_OFFICIAL);
|
|
1936
|
+ new->virname = cli_mpool_virname(engine->mempool, tokens[0], options & CL_DB_OFFICIAL);
|
1937
|
1937
|
if(!new->virname) {
|
1938
|
1938
|
mpool_free(engine->mempool, new);
|
1939
|
1939
|
ret = CL_EMEM;
|
...
|
...
|
@@ -2675,7 +2675,6 @@ int cl_engine_free(struct cl_engine *engine)
|
2675
|
2675
|
}
|
2676
|
2676
|
|
2677
|
2677
|
if(engine->dconf->bytecode & BYTECODE_ENGINE_MASK) {
|
2678
|
|
- unsigned i;
|
2679
|
2678
|
if (engine->bcs.all_bcs)
|
2680
|
2679
|
for(i=0;i<engine->bcs.count;i++)
|
2681
|
2680
|
cli_bytecode_destroy(&engine->bcs.all_bcs[i]);
|