GitList

Browse code

git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@1408 77e5149b-7576-45b1-b177-96237e5ba77b

Tomasz Kojm authored on 2005/03/19 09:02:47
Showing 4 changed files

@@ -1,3 +1,7 @@
                     +Sat Mar 19 00:58:19 CET 2005 (tk)
                     +---------------------------------
                     +  * libclamav: call cli_check_jpeg_exploit() independently of pattern matcher
+                    +
                      Fri Mar 18 22:03:10 CET 2005 (tk)
                      ---------------------------------
                        * libclamav: fix compiler warnings

@@ -218,22 +218,6 @@ int cli_validatesig(unsigned short target, unsigned short ftype, const char *off
+                     	}
+                         }
                     -    if(ftype == CL_TYPE_GRAPHICS && virname && !strncmp(virname, "Exploit.JPEG.Comment", 20)) {
                     -	    int old;
+                    -
                     -	if((old = lseek(desc, 0, SEEK_CUR)) == -1) {
                     -	    cli_dbgmsg("Invalid descriptor\n");
                     -	    return 0;
                     -	}
                     -	lseek(desc, 0, SEEK_SET);
                     -	if(cli_check_jpeg_exploit(desc) != 1) {
                     -	    cli_dbgmsg("Eliminated false positive match of Exploit.JPEG.Comment\n");
                     -	    lseek(desc, old, SEEK_SET);
                     -	    return 0;
                     -	}
                     -	lseek(desc, old, SEEK_SET);
                     -    }
+                    -
                          return 1;
+                     }

@@ -534,6 +534,10 @@ static int cli_loadndb(FILE *fd, struct cl_node **root, unsigned int *signo)
                          while(fgets(buffer, FILEBUFF, fd)) {
                      	line++;
+                    +
                     +	if(!strncmp(buffer, "Exploit.JPEG.Comment", 20)) /* temporary */
                     +	    continue;
+                    +
                      	sigs++;
                      	cli_chomp(buffer);

@@ -1240,6 +1240,18 @@ static int cli_scanriff(int desc, const char **virname)
                          return ret;
+                     }
                     +static int cli_scanjpeg(int desc, const char **virname)
                     +{
                     +	int ret = CL_CLEAN;
+                    +
                     +    if(cli_check_jpeg_exploit(desc) == 1) {
                     +	ret = CL_VIRUS;
                     +	*virname = "Exploit.W32.MS04-028";
                     +    }
+                    +
                     +    return ret;
                     +}
+                    +
                      static int cli_scanmail(int desc, const char **virname, long int *scanned, const struct cl_node *root, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec)
+                     {
                      	char *dir;
@@ -1394,6 +1406,10 @@ int cli_magic_scandesc(int desc, const char **virname, long int *scanned, const
                      	    ret = cli_scanriff(desc, virname);
                      	    break;
                     +	case CL_TYPE_GRAPHICS:
                     +	    ret = cli_scanjpeg(desc, virname);
                     +	    break;
+                    +
                      	case CL_TYPE_DATA:
                      	    /* it could be a false positive and a standard DOS .COM file */
+                     	    {