This reverts commit 84a7f402887fd5fcfa5409e1295db2eb1c33ffbc.
Micah Snyder authored on 2017/09/21 01:37:07... | ... |
@@ -15,13 +15,10 @@ |
15 | 15 |
struct mscab_compressor * |
16 | 16 |
mspack_create_cab_compressor(struct mspack_system *sys) |
17 | 17 |
{ |
18 |
- (void) sys; |
|
19 | 18 |
/* todo */ |
20 | 19 |
return NULL; |
21 | 20 |
} |
22 | 21 |
|
23 | 22 |
void mspack_destroy_cab_compressor(struct mscab_compressor *self) { |
24 |
- (void) self; |
|
25 | 23 |
/* todo */ |
26 |
- return; |
|
27 | 24 |
} |
... | ... |
@@ -15,13 +15,10 @@ |
15 | 15 |
struct mschm_compressor * |
16 | 16 |
mspack_create_chm_compressor(struct mspack_system *sys) |
17 | 17 |
{ |
18 |
- (void) sys; |
|
19 | 18 |
/* todo */ |
20 | 19 |
return NULL; |
21 | 20 |
} |
22 | 21 |
|
23 | 22 |
void mspack_destroy_chm_compressor(struct mschm_compressor *self) { |
24 |
- (void) self; |
|
25 | 23 |
/* todo */ |
26 |
- return; |
|
27 | 24 |
} |
... | ... |
@@ -1371,22 +1371,16 @@ static int chmd_error(struct mschm_decompressor *base) { |
1371 | 1371 |
* are accepted, offsets beyond that cause an error message. |
1372 | 1372 |
*/ |
1373 | 1373 |
static int read_off64(off_t *var, unsigned char *mem, |
1374 |
- struct mspack_system *sys, struct mspack_file *fh) |
|
1374 |
+ struct mspack_system *sys, struct mspack_file *fh) |
|
1375 | 1375 |
{ |
1376 |
- (void) sys; |
|
1377 |
- |
|
1378 | 1376 |
#ifdef LARGEFILE_SUPPORT |
1379 |
- (void) fh; |
|
1380 |
- |
|
1381 |
- *var = EndGetI64(mem); |
|
1377 |
+ *var = EndGetI64(mem); |
|
1382 | 1378 |
#else |
1383 |
- *var = EndGetI32(mem); |
|
1384 |
- |
|
1385 |
- if ((*var & 0x80000000) || EndGetI32(mem + 4)) |
|
1386 |
- { |
|
1387 |
- sys->message(fh, (char *)largefile_msg); |
|
1388 |
- return 1; |
|
1389 |
- } |
|
1379 |
+ *var = EndGetI32(mem); |
|
1380 |
+ if ((*var & 0x80000000) || EndGetI32(mem+4)) { |
|
1381 |
+ sys->message(fh, (char *)largefile_msg); |
|
1382 |
+ return 1; |
|
1383 |
+ } |
|
1390 | 1384 |
#endif |
1391 |
- return 0; |
|
1385 |
+ return 0; |
|
1392 | 1386 |
} |
... | ... |
@@ -15,13 +15,10 @@ |
15 | 15 |
struct mshlp_compressor * |
16 | 16 |
mspack_create_hlp_compressor(struct mspack_system *sys) |
17 | 17 |
{ |
18 |
- (void) sys; |
|
19 | 18 |
/* todo */ |
20 | 19 |
return NULL; |
21 | 20 |
} |
22 | 21 |
|
23 | 22 |
void mspack_destroy_hlp_compressor(struct mshlp_compressor *self) { |
24 |
- (void) self; |
|
25 | 23 |
/* todo */ |
26 |
- return; |
|
27 | 24 |
} |
... | ... |
@@ -15,13 +15,10 @@ |
15 | 15 |
struct mshlp_decompressor * |
16 | 16 |
mspack_create_hlp_decompressor(struct mspack_system *sys) |
17 | 17 |
{ |
18 |
- (void) sys; |
|
19 | 18 |
/* todo */ |
20 | 19 |
return NULL; |
21 | 20 |
} |
22 | 21 |
|
23 | 22 |
void mspack_destroy_hlp_decompressor(struct mshlp_decompressor *self) { |
24 |
- (void) self; |
|
25 | 23 |
/* todo */ |
26 |
- return; |
|
27 | 24 |
} |
... | ... |
@@ -15,13 +15,10 @@ |
15 | 15 |
struct mskwaj_compressor * |
16 | 16 |
mspack_create_kwaj_compressor(struct mspack_system *sys) |
17 | 17 |
{ |
18 |
- (void) sys; |
|
19 | 18 |
/* todo */ |
20 | 19 |
return NULL; |
21 | 20 |
} |
22 | 21 |
|
23 | 22 |
void mspack_destroy_kwaj_compressor(struct mskwaj_compressor *self) { |
24 |
- (void) self; |
|
25 | 23 |
/* todo */ |
26 |
- return; |
|
27 | 24 |
} |
... | ... |
@@ -15,13 +15,10 @@ |
15 | 15 |
struct mslit_compressor * |
16 | 16 |
mspack_create_lit_compressor(struct mspack_system *sys) |
17 | 17 |
{ |
18 |
- (void) sys; |
|
19 | 18 |
/* todo */ |
20 | 19 |
return NULL; |
21 | 20 |
} |
22 | 21 |
|
23 | 22 |
void mspack_destroy_lit_compressor(struct mslit_compressor *self) { |
24 |
- (void) self; |
|
25 | 23 |
/* todo */ |
26 |
- return; |
|
27 | 24 |
} |
... | ... |
@@ -15,13 +15,10 @@ |
15 | 15 |
struct mslit_decompressor * |
16 | 16 |
mspack_create_lit_decompressor(struct mspack_system *sys) |
17 | 17 |
{ |
18 |
- (void) sys; |
|
19 | 18 |
/* todo */ |
20 | 19 |
return NULL; |
21 | 20 |
} |
22 | 21 |
|
23 | 22 |
void mspack_destroy_lit_decompressor(struct mslit_decompressor *self) { |
24 |
- (void) self; |
|
25 | 23 |
/* todo */ |
26 |
- return; |
|
27 | 24 |
} |
... | ... |
@@ -15,13 +15,10 @@ |
15 | 15 |
struct msoab_compressor * |
16 | 16 |
mspack_create_oab_compressor(struct mspack_system *sys) |
17 | 17 |
{ |
18 |
- (void) sys; |
|
19 | 18 |
/* todo */ |
20 | 19 |
return NULL; |
21 | 20 |
} |
22 | 21 |
|
23 | 22 |
void mspack_destroy_oab_compressor(struct msoab_compressor *self) { |
24 |
- (void) self; |
|
25 | 23 |
/* todo */ |
26 |
- return; |
|
27 | 24 |
} |
... | ... |
@@ -118,8 +118,6 @@ static struct mspack_file *msp_open(struct mspack_system *self, |
118 | 118 |
struct mspack_file_p *fh; |
119 | 119 |
const char *fmode; |
120 | 120 |
|
121 |
- (void) self; |
|
122 |
- |
|
123 | 121 |
switch (mode) { |
124 | 122 |
case MSPACK_SYS_OPEN_READ: fmode = "rb"; break; |
125 | 123 |
case MSPACK_SYS_OPEN_WRITE: fmode = "wb"; break; |
... | ... |
@@ -203,12 +201,10 @@ static void *msp_alloc(struct mspack_system *self, size_t bytes) { |
203 | 203 |
#ifdef DEBUG |
204 | 204 |
/* make uninitialised data obvious */ |
205 | 205 |
char *buf = malloc(bytes + 8); |
206 |
- (void) self; |
|
207 | 206 |
if (buf) memset(buf, 0xDC, bytes); |
208 | 207 |
*((size_t *)buf) = bytes; |
209 | 208 |
return &buf[8]; |
210 | 209 |
#else |
211 |
- (void) self; |
|
212 | 210 |
return malloc(bytes); |
213 | 211 |
#endif |
214 | 212 |
} |
... | ... |
@@ -15,13 +15,10 @@ |
15 | 15 |
struct msszdd_compressor * |
16 | 16 |
mspack_create_szdd_compressor(struct mspack_system *sys) |
17 | 17 |
{ |
18 |
- (void) sys; |
|
19 | 18 |
/* todo */ |
20 | 19 |
return NULL; |
21 | 20 |
} |
22 | 21 |
|
23 | 22 |
void mspack_destroy_szdd_compressor(struct msszdd_compressor *self) { |
24 |
- (void) self; |
|
25 | 23 |
/* todo */ |
26 |
- return; |
|
27 | 24 |
} |
... | ... |
@@ -307,6 +307,7 @@ static int cli_ac_addpatt_recursive(struct cli_matcher *root, struct cli_ac_patt |
307 | 307 |
|
308 | 308 |
int cli_ac_addpatt(struct cli_matcher *root, struct cli_ac_patt *pattern) |
309 | 309 |
{ |
310 |
+ struct cli_ac_node *pt; |
|
310 | 311 |
struct cli_ac_patt **newtable; |
311 | 312 |
uint16_t len = MIN(root->ac_maxdepth, pattern->length[0]); |
312 | 313 |
uint8_t i; |
... | ... |
@@ -1274,7 +1275,7 @@ int cli_ac_initdata(struct cli_ac_data *data, uint32_t partsigs, uint32_t lsigs, |
1274 | 1274 |
|
1275 | 1275 |
data->partsigs = partsigs; |
1276 | 1276 |
if(partsigs) { |
1277 |
- data->offmatrix = (uint32_t ***) cli_calloc(partsigs, sizeof(uint32_t **)); |
|
1277 |
+ data->offmatrix = (int32_t ***) cli_calloc(partsigs, sizeof(int32_t **)); |
|
1278 | 1278 |
if(!data->offmatrix) { |
1279 | 1279 |
cli_errmsg("cli_ac_init: Can't allocate memory for data->offmatrix\n"); |
1280 | 1280 |
|
... | ... |
@@ -1528,6 +1529,7 @@ int lsig_sub_matched(const struct cli_matcher *root, struct cli_ac_data *mdata, |
1528 | 1528 |
} |
1529 | 1529 |
|
1530 | 1530 |
if (ac_lsig->type & CLI_YARA_OFFSET && realoff != CLI_OFF_NONE) { |
1531 |
+ uint32_t * offs; |
|
1531 | 1532 |
struct cli_subsig_matches * ss_matches; |
1532 | 1533 |
struct cli_lsig_matches * ls_matches; |
1533 | 1534 |
cli_dbgmsg("lsig_sub_matched lsig %u:%u at %u\n", lsigid1, lsigid2, realoff); |
... | ... |
@@ -1622,19 +1624,7 @@ int cli_ac_chkmacro(struct cli_matcher *root, struct cli_ac_data *data, unsigned |
1622 | 1622 |
} |
1623 | 1623 |
|
1624 | 1624 |
|
1625 |
-int cli_ac_scanbuff( |
|
1626 |
- const unsigned char *buffer, |
|
1627 |
- uint32_t length, |
|
1628 |
- const char **virname, |
|
1629 |
- void **customdata, |
|
1630 |
- struct cli_ac_result **res, |
|
1631 |
- const struct cli_matcher *root, |
|
1632 |
- struct cli_ac_data *mdata, |
|
1633 |
- uint32_t offset, |
|
1634 |
- cli_file_t ftype, |
|
1635 |
- struct cli_matched_type **ftoffset, |
|
1636 |
- unsigned int mode, |
|
1637 |
- cli_ctx *ctx) |
|
1625 |
+int cli_ac_scanbuff(const unsigned char *buffer, uint32_t length, const char **virname, void **customdata, struct cli_ac_result **res, const struct cli_matcher *root, struct cli_ac_data *mdata, uint32_t offset, cli_file_t ftype, struct cli_matched_type **ftoffset, unsigned int mode, cli_ctx *ctx) |
|
1638 | 1626 |
{ |
1639 | 1627 |
struct cli_ac_node *current; |
1640 | 1628 |
struct cli_ac_list *pattN, *ptN; |
... | ... |
@@ -1642,7 +1632,7 @@ int cli_ac_scanbuff( |
1642 | 1642 |
uint32_t i, bp, exptoff[2], realoff, matchstart, matchend; |
1643 | 1643 |
uint16_t j; |
1644 | 1644 |
uint8_t found, viruses_found = 0; |
1645 |
- uint32_t **offmatrix, swp; |
|
1645 |
+ int32_t **offmatrix, swp; |
|
1646 | 1646 |
int type = CL_CLEAN; |
1647 | 1647 |
struct cli_ac_result *newres; |
1648 | 1648 |
int rc; |
... | ... |
@@ -1751,14 +1741,14 @@ int cli_ac_scanbuff( |
1751 | 1751 |
return CL_EMEM; |
1752 | 1752 |
} |
1753 | 1753 |
|
1754 |
- mdata->offmatrix[pt->sigid - 1][0] = cli_malloc(pt->parts * (CLI_DEFAULT_AC_TRACKLEN + 2) * sizeof(uint32_t)); |
|
1754 |
+ mdata->offmatrix[pt->sigid - 1][0] = cli_malloc(pt->parts * (CLI_DEFAULT_AC_TRACKLEN + 2) * sizeof(int32_t)); |
|
1755 | 1755 |
if(!mdata->offmatrix[pt->sigid - 1][0]) { |
1756 | 1756 |
cli_errmsg("cli_ac_scanbuff: Can't allocate memory for mdata->offmatrix[%u][0]\n", pt->sigid - 1); |
1757 | 1757 |
free(mdata->offmatrix[pt->sigid - 1]); |
1758 | 1758 |
mdata->offmatrix[pt->sigid - 1] = NULL; |
1759 | 1759 |
return CL_EMEM; |
1760 | 1760 |
} |
1761 |
- memset(mdata->offmatrix[pt->sigid - 1][0], (uint32_t)-1, pt->parts * (CLI_DEFAULT_AC_TRACKLEN + 2) * sizeof(uint32_t)); |
|
1761 |
+ memset(mdata->offmatrix[pt->sigid - 1][0], -1, pt->parts * (CLI_DEFAULT_AC_TRACKLEN + 2) * sizeof(int32_t)); |
|
1762 | 1762 |
mdata->offmatrix[pt->sigid - 1][0][0] = 0; |
1763 | 1763 |
for(j = 1; j < pt->parts; j++) { |
1764 | 1764 |
mdata->offmatrix[pt->sigid - 1][j] = mdata->offmatrix[pt->sigid - 1][0] + j * (CLI_DEFAULT_AC_TRACKLEN + 2); |
... | ... |
@@ -1769,7 +1759,7 @@ int cli_ac_scanbuff( |
1769 | 1769 |
|
1770 | 1770 |
found = 0; |
1771 | 1771 |
if(pt->partno != 1) { |
1772 |
- for(j = 1; j <= CLI_DEFAULT_AC_TRACKLEN + 1 && offmatrix[pt->partno - 2][j] != (uint32_t)-1; j++) { |
|
1772 |
+ for(j = 1; j <= CLI_DEFAULT_AC_TRACKLEN + 1 && offmatrix[pt->partno - 2][j] != -1; j++) { |
|
1773 | 1773 |
found = j; |
1774 | 1774 |
if(realoff < offmatrix[pt->partno - 2][j]) |
1775 | 1775 |
found = 0; |
... | ... |
@@ -1820,12 +1810,12 @@ int cli_ac_scanbuff( |
1820 | 1820 |
/* FIXME: the first offset in the array is most likely the correct one but |
1821 | 1821 |
* it may happen it is not |
1822 | 1822 |
*/ |
1823 |
- for(j = 1; j <= CLI_DEFAULT_AC_TRACKLEN + 1 && offmatrix[0][j] != (uint32_t)-1; j++) |
|
1823 |
+ for(j = 1; j <= CLI_DEFAULT_AC_TRACKLEN + 1 && offmatrix[0][j] != -1; j++) |
|
1824 | 1824 |
if(ac_addtype(ftoffset, type, offmatrix[pt->parts - 1][j], ctx)) |
1825 | 1825 |
return CL_EMEM; |
1826 | 1826 |
} |
1827 | 1827 |
|
1828 |
- memset(offmatrix[0], (uint32_t)-1, pt->parts * (CLI_DEFAULT_AC_TRACKLEN + 2) * sizeof(uint32_t)); |
|
1828 |
+ memset(offmatrix[0], -1, pt->parts * (CLI_DEFAULT_AC_TRACKLEN + 2) * sizeof(int32_t)); |
|
1829 | 1829 |
for(j = 0; j < pt->parts; j++) |
1830 | 1830 |
offmatrix[j][0] = 0; |
1831 | 1831 |
} |
... | ... |
@@ -1848,7 +1838,7 @@ int cli_ac_scanbuff( |
1848 | 1848 |
newres->virname = pt->virname; |
1849 | 1849 |
newres->customdata = pt->customdata; |
1850 | 1850 |
newres->next = *res; |
1851 |
- newres->offset = (off_t)offmatrix[pt->parts - 1][1]; |
|
1851 |
+ newres->offset = offmatrix[pt->parts - 1][1]; |
|
1852 | 1852 |
*res = newres; |
1853 | 1853 |
|
1854 | 1854 |
ptN = ptN->next_same; |
... | ... |
@@ -1902,7 +1892,7 @@ int cli_ac_scanbuff( |
1902 | 1902 |
} |
1903 | 1903 |
newres->virname = pt->virname; |
1904 | 1904 |
newres->customdata = pt->customdata; |
1905 |
- newres->offset = (off_t)realoff; |
|
1905 |
+ newres->offset = realoff; |
|
1906 | 1906 |
newres->next = *res; |
1907 | 1907 |
*res = newres; |
1908 | 1908 |
|
... | ... |
@@ -1956,8 +1946,7 @@ static int qcompare_fstr(const void *arg, const void *a, const void *b) |
1956 | 1956 |
/* returns if level of nesting, end set to MATCHING paren, start AFTER staring paren */ |
1957 | 1957 |
inline static int find_paren_end(char *hexstr, char **end) |
1958 | 1958 |
{ |
1959 |
- unsigned long i; |
|
1960 |
- int nest = 0, level = 0; |
|
1959 |
+ int i, nest = 0, level = 0; |
|
1961 | 1960 |
|
1962 | 1961 |
*end = NULL; |
1963 | 1962 |
for (i = 0; i < strlen(hexstr); i++) { |
... | ... |
@@ -1981,8 +1970,7 @@ inline static int find_paren_end(char *hexstr, char **end) |
1981 | 1981 |
* counts applied to start of expr (not end, i.e. numexpr starts at 1 for the first expr */ |
1982 | 1982 |
inline static int ac_analyze_expr(char *hexstr, int *fixed_len, int *sub_len) |
1983 | 1983 |
{ |
1984 |
- unsigned long i; |
|
1985 |
- int level = 0, len = 0, numexpr = 1; |
|
1984 |
+ int i, level = 0, len = 0, numexpr = 1; |
|
1986 | 1985 |
int flen, slen; |
1987 | 1986 |
|
1988 | 1987 |
flen = 1; |
... | ... |
@@ -2038,7 +2026,7 @@ inline static int ac_analyze_expr(char *hexstr, int *fixed_len, int *sub_len) |
2038 | 2038 |
|
2039 | 2039 |
inline static int ac_uicmp(uint16_t *a, size_t alen, uint16_t *b, size_t blen, int *wild) |
2040 | 2040 |
{ |
2041 |
- uint16_t awild, bwild, side_wild; |
|
2041 |
+ uint16_t cmp, awild, bwild, side_wild; |
|
2042 | 2042 |
size_t i, minlen = MIN(alen, blen); |
2043 | 2043 |
|
2044 | 2044 |
side_wild = 0; |
... | ... |
@@ -2416,7 +2404,7 @@ int cli_ac_addsig(struct cli_matcher *root, const char *virname, const char *hex |
2416 | 2416 |
char *pt, *pt2, *hex = NULL, *hexcpy = NULL; |
2417 | 2417 |
uint16_t i, j, ppos = 0, pend, *dec, nzpos = 0; |
2418 | 2418 |
uint8_t wprefix = 0, zprefix = 1, plen = 0, nzplen = 0; |
2419 |
- struct cli_ac_special *newspecial, **newtable; |
|
2419 |
+ struct cli_ac_special *newspecial, *specialpt, **newtable; |
|
2420 | 2420 |
int ret, error = CL_SUCCESS; |
2421 | 2421 |
|
2422 | 2422 |
|
... | ... |
@@ -1,5 +1,5 @@ |
1 | 1 |
/* |
2 |
- * Copyright (C) 2015, 2017 Cisco Systems, Inc. and/or its affiliates. All rights reserved. |
|
2 |
+ * Copyright (C) 2015 Cisco Systems, Inc. and/or its affiliates. All rights reserved. |
|
3 | 3 |
* Copyright (C) 2007-2009 Sourcefire, Inc. |
4 | 4 |
* |
5 | 5 |
* Authors: Tomasz Kojm |
... | ... |
@@ -57,7 +57,7 @@ struct cli_lsig_matches { |
57 | 57 |
}; |
58 | 58 |
|
59 | 59 |
struct cli_ac_data { |
60 |
- uint32_t ***offmatrix; |
|
60 |
+ int32_t ***offmatrix; |
|
61 | 61 |
uint32_t partsigs, lsigs, reloffsigs; |
62 | 62 |
uint32_t **lsigcnt; |
63 | 63 |
uint32_t **lsigsuboff_last, **lsigsuboff_first; |
... | ... |
@@ -1,5 +1,5 @@ |
1 | 1 |
/* |
2 |
- * Copyright (C) 2015, 2017 Cisco Systems, Inc. and/or its affiliates. All rights reserved. |
|
2 |
+ * Copyright (C) 2015 Cisco Systems, Inc. and/or its affiliates. All rights reserved. |
|
3 | 3 |
* Copyright (C) 2007-2013 Sourcefire, Inc. |
4 | 4 |
* All Rights Reserved. |
5 | 5 |
* |
... | ... |
@@ -802,11 +802,8 @@ static int yara_eval(cli_ctx *ctx, struct cli_matcher *root, struct cli_ac_data |
802 | 802 |
{ |
803 | 803 |
struct cli_ac_lsig *ac_lsig = root->ac_lsigtable[lsid]; |
804 | 804 |
int rc; |
805 |
- YR_SCAN_CONTEXT context; |
|
806 |
- |
|
807 |
- (void)hash; |
|
805 |
+ YR_SCAN_CONTEXT context = {0}; |
|
808 | 806 |
|
809 |
- memset(&context, 0, sizeof(YR_SCAN_CONTEXT)); |
|
810 | 807 |
context.fmap = *ctx->fmap; |
811 | 808 |
context.file_size = (*ctx->fmap)->len; |
812 | 809 |
if (target_info != NULL) { |
... | ... |
@@ -855,9 +852,9 @@ int cli_exp_eval(cli_ctx *ctx, struct cli_matcher *root, struct cli_ac_data *acd |
855 | 855 |
int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli_matched_type **ftoffset, unsigned int acmode, struct cli_ac_result **acres, unsigned char *refhash) |
856 | 856 |
{ |
857 | 857 |
const unsigned char *buff; |
858 |
- int ret = CL_CLEAN, type = CL_CLEAN, compute_hash[CLI_HASH_AVAIL_TYPES]; |
|
858 |
+ int ret = CL_CLEAN, type = CL_CLEAN, bytes, compute_hash[CLI_HASH_AVAIL_TYPES]; |
|
859 | 859 |
unsigned int i = 0, j = 0, bm_offmode = 0; |
860 |
- uint32_t maxpatlen, bytes, offset = 0; |
|
860 |
+ uint32_t maxpatlen, offset = 0; |
|
861 | 861 |
struct cli_ac_data gdata, tdata; |
862 | 862 |
struct cli_bm_off toff; |
863 | 863 |
struct cli_pcre_off gpoff, tpoff; |
... | ... |
@@ -1268,17 +1265,16 @@ int cli_matchmeta(cli_ctx *ctx, const char *fname, size_t fsizec, size_t fsizer, |
1268 | 1268 |
if(cdb->res1 && (cdb->ctype == CL_TYPE_ZIP || cdb->ctype == CL_TYPE_RAR) && cdb->res1 != res1) |
1269 | 1269 |
continue; |
1270 | 1270 |
|
1271 |
- #define CDBRANGE(field, val) \ |
|
1272 |
- if (field[0] != CLI_OFF_ANY) \ |
|
1273 |
- { \ |
|
1274 |
- if (field[0] == field[1] && field[0] != val) \ |
|
1275 |
- continue; \ |
|
1276 |
- else if (field[0] != field[1] && ((field[0] && field[0] > val) || \ |
|
1277 |
- (field[1] && field[1] < val))) \ |
|
1278 |
- continue; \ |
|
1279 |
- } |
|
1271 |
+#define CDBRANGE(field, val) \ |
|
1272 |
+ if(field[0] != CLI_OFF_ANY) { \ |
|
1273 |
+ if(field[0] == field[1] && field[0] != val) \ |
|
1274 |
+ continue; \ |
|
1275 |
+ else if(field[0] != field[1] && ((field[0] && field[0] > val) ||\ |
|
1276 |
+ (field[1] && field[1] < val))) \ |
|
1277 |
+ continue; \ |
|
1278 |
+ } |
|
1280 | 1279 |
|
1281 |
- CDBRANGE(cdb->csize, cli_get_container_size(ctx, -1)); |
|
1280 |
+ CDBRANGE(cdb->csize, cli_get_container_size(ctx, -1)); |
|
1282 | 1281 |
CDBRANGE(cdb->fsizec, fsizec); |
1283 | 1282 |
CDBRANGE(cdb->fsizer, fsizer); |
1284 | 1283 |
CDBRANGE(cdb->filepos, filepos); |
... | ... |
@@ -1,5 +1,5 @@ |
1 | 1 |
/* |
2 |
- * Copyright (C) 2015, 2017 Cisco Systems, Inc. and/or its affiliates. All rights reserved. |
|
2 |
+ * Copyright (C) 2015 Cisco Systems, Inc. and/or its affiliates. All rights reserved. |
|
3 | 3 |
* Copyright (C) 2007-2013 Sourcefire, Inc. |
4 | 4 |
* |
5 | 5 |
* Authors: Tomasz Kojm |
... | ... |
@@ -143,18 +143,18 @@ struct cli_matcher { |
143 | 143 |
|
144 | 144 |
struct cli_cdb |
145 | 145 |
{ |
146 |
- char *virname; /* virus name */ |
|
147 |
- cli_file_t ctype; /* container type */ |
|
148 |
- regex_t name; /* filename regex */ |
|
149 |
- size_t csize[2]; /* container size (min, max); if csize[0] != csize[1] |
|
150 |
- * then value of 0 makes the field ignored |
|
151 |
- */ |
|
152 |
- size_t fsizec[2]; /* file size in container */ |
|
153 |
- size_t fsizer[2]; /* real file size */ |
|
154 |
- int encrypted; /* file is encrypted; 2 == ignore */ |
|
155 |
- unsigned int filepos[2]; /* file position in container */ |
|
156 |
- int res1; /* reserved / format specific */ |
|
157 |
- void *res2; /* reserved / format specific */ |
|
146 |
+ char *virname; /* virus name */ |
|
147 |
+ cli_file_t ctype; /* container type */ |
|
148 |
+ regex_t name; /* filename regex */ |
|
149 |
+ size_t csize[2]; /* container size (min, max); if csize[0] != csize[1] |
|
150 |
+ * then value of 0 makes the field ignored |
|
151 |
+ */ |
|
152 |
+ size_t fsizec[2]; /* file size in container */ |
|
153 |
+ size_t fsizer[2]; /* real file size */ |
|
154 |
+ int encrypted; /* file is encrypted; 2 == ignore */ |
|
155 |
+ int filepos[2]; /* file position in container */ |
|
156 |
+ int res1; /* reserved / format specific */ |
|
157 |
+ void *res2; /* reserved / format specific */ |
|
158 | 158 |
|
159 | 159 |
struct cli_cdb *next; |
160 | 160 |
}; |
... | ... |
@@ -1,5 +1,5 @@ |
1 | 1 |
/* |
2 |
- * Copyright (C) 2015, 2017 Cisco Systems, Inc. and/or its affiliates. All rights reserved. |
|
2 |
+ * Copyright (C) 2015 Cisco Systems, Inc. and/or its affiliates. All rights reserved. |
|
3 | 3 |
* Copyright (C) 2007-2010 Sourcefire, Inc. |
4 | 4 |
* |
5 | 5 |
* Authors: Tomasz Kojm, Trog |
... | ... |
@@ -1171,37 +1171,35 @@ void cli_set_container(cli_ctx *ctx, cli_file_t type, size_t size) |
1171 | 1171 |
|
1172 | 1172 |
cli_file_t cli_get_container(cli_ctx *ctx, int index) |
1173 | 1173 |
{ |
1174 |
- if (index < 0) |
|
1175 |
- index = ctx->recursion + index + 1; |
|
1176 |
- while (index >= 0 && index <= (int)ctx->recursion) |
|
1177 |
- { |
|
1178 |
- if (ctx->containers[index].flag & CONTAINER_FLAG_VALID) |
|
1179 |
- return ctx->containers[index].type; |
|
1180 |
- index--; |
|
1181 |
- } |
|
1182 |
- return CL_TYPE_ANY; |
|
1174 |
+ if (index < 0) |
|
1175 |
+ index = ctx->recursion + index + 1; |
|
1176 |
+ while (index >= 0 && index <= ctx->recursion) { |
|
1177 |
+ if (ctx->containers[index].flag & CONTAINER_FLAG_VALID) |
|
1178 |
+ return ctx->containers[index].type; |
|
1179 |
+ index--; |
|
1180 |
+ } |
|
1181 |
+ return CL_TYPE_ANY; |
|
1183 | 1182 |
} |
1184 | 1183 |
|
1185 | 1184 |
cli_file_t cli_get_container_intermediate(cli_ctx *ctx, int index) |
1186 | 1185 |
{ |
1187 |
- if (index < 0) |
|
1188 |
- index = ctx->recursion + index + 1; |
|
1189 |
- if (index >= 0 && index <= (int)ctx->recursion) |
|
1190 |
- return ctx->containers[index].type; |
|
1191 |
- return CL_TYPE_ANY; |
|
1186 |
+ if (index < 0) |
|
1187 |
+ index = ctx->recursion + index + 1; |
|
1188 |
+ if (index >= 0 && index <= ctx->recursion) |
|
1189 |
+ return ctx->containers[index].type; |
|
1190 |
+ return CL_TYPE_ANY; |
|
1192 | 1191 |
} |
1193 | 1192 |
|
1194 | 1193 |
size_t cli_get_container_size(cli_ctx *ctx, int index) |
1195 | 1194 |
{ |
1196 |
- if (index < 0) |
|
1197 |
- index = ctx->recursion + index + 1; |
|
1198 |
- while (index >= 0 && index <= (int)ctx->recursion) |
|
1199 |
- { |
|
1200 |
- if (ctx->containers[index].flag & CONTAINER_FLAG_VALID) |
|
1201 |
- return ctx->containers[index].size; |
|
1202 |
- index--; |
|
1203 |
- } |
|
1204 |
- return ctx->containers[0].size; |
|
1195 |
+ if (index < 0) |
|
1196 |
+ index = ctx->recursion + index + 1; |
|
1197 |
+ while (index >= 0 && index <= ctx->recursion) { |
|
1198 |
+ if (ctx->containers[index].flag & CONTAINER_FLAG_VALID) |
|
1199 |
+ return ctx->containers[index].size; |
|
1200 |
+ index--; |
|
1201 |
+ } |
|
1202 |
+ return ctx->containers[0].size; |
|
1205 | 1203 |
} |
1206 | 1204 |
|
1207 | 1205 |
|
... | ... |
@@ -126,8 +126,7 @@ char *cli_virname(const char *virname, unsigned int official) |
126 | 126 |
int cli_sigopts_handler(struct cli_matcher *root, const char *virname, const char *hexsig, uint8_t sigopts, uint16_t rtype, uint16_t type, const char *offset, uint8_t target, const uint32_t *lsigid, unsigned int options) |
127 | 127 |
{ |
128 | 128 |
char *hexcpy, *start, *end; |
129 |
- unsigned int i; |
|
130 |
- int ret = CL_SUCCESS; |
|
129 |
+ int i, ret = CL_SUCCESS; |
|
131 | 130 |
|
132 | 131 |
/* |
133 | 132 |
* cyclic loops with cli_parse_add are impossible now as cli_parse_add |
... | ... |
@@ -304,6 +303,7 @@ int cli_parse_add(struct cli_matcher *root, const char *virname, const char *hex |
304 | 304 |
int ret, asterisk = 0, range; |
305 | 305 |
unsigned int i, j, hexlen, nest, parts = 0; |
306 | 306 |
int mindist = 0, maxdist = 0, error = 0; |
307 |
+ size_t hexcpysz; |
|
307 | 308 |
|
308 | 309 |
hexlen = strlen(hexsig); |
309 | 310 |
if (hexsig[0] == '$') { |
... | ... |
@@ -1820,7 +1820,7 @@ static int load_oneldb(char *buffer, int chkpua, struct cl_engine *engine, unsig |
1820 | 1820 |
sigopts = subtokens[3]; |
1821 | 1821 |
|
1822 | 1822 |
if(sigopts) { /* signature modifiers */ |
1823 |
- for(j = 0; j < (int)strlen(sigopts); j++) |
|
1823 |
+ for(j = 0; j < strlen(sigopts); j++) |
|
1824 | 1824 |
switch(sigopts[j]) { |
1825 | 1825 |
case 'i': |
1826 | 1826 |
subsig_opts |= ACPATT_OPTION_NOCASE; |
... | ... |
@@ -2687,7 +2687,7 @@ static int cli_loadmd(FILE *fs, struct cl_engine *engine, unsigned int *signo, i |
2687 | 2687 |
|
2688 | 2688 |
/* tokens[6] - not used */ |
2689 | 2689 |
|
2690 |
- new->filepos[0] = new->filepos[1] = strcmp(tokens[7], "*") ? (unsigned int) atoi(tokens[7]) : (unsigned int) CLI_OFF_ANY; |
|
2690 |
+ new->filepos[0] = new->filepos[1] = strcmp(tokens[7], "*") ? atoi(tokens[7]) : (int) CLI_OFF_ANY; |
|
2691 | 2691 |
|
2692 | 2692 |
/* tokens[8] - not used */ |
2693 | 2693 |
|
... | ... |
@@ -2812,46 +2812,36 @@ static int cli_loadcdb(FILE *fs, struct cl_engine *engine, unsigned int *signo, |
2812 | 2812 |
break; |
2813 | 2813 |
} |
2814 | 2814 |
|
2815 |
- #define CDBRANGE(token_str, dest) \ |
|
2816 |
- if (strcmp(token_str, "*")) \ |
|
2817 |
- { \ |
|
2818 |
- if (strchr(token_str, '-')) \ |
|
2819 |
- { \ |
|
2820 |
- if (sscanf(token_str, "%u-%u", &n0, &n1) != 2) \ |
|
2821 |
- { \ |
|
2822 |
- ret = CL_EMALFDB; \ |
|
2823 |
- } \ |
|
2824 |
- else \ |
|
2825 |
- { \ |
|
2826 |
- dest[0] = n0; \ |
|
2827 |
- dest[1] = n1; \ |
|
2828 |
- } \ |
|
2829 |
- } \ |
|
2830 |
- else \ |
|
2831 |
- { \ |
|
2832 |
- if (!cli_isnumber(token_str)) \ |
|
2833 |
- ret = CL_EMALFDB; \ |
|
2834 |
- else \ |
|
2835 |
- dest[0] = dest[1] = (unsigned int)atoi(token_str); \ |
|
2836 |
- } \ |
|
2837 |
- if (ret != CL_SUCCESS) \ |
|
2838 |
- { \ |
|
2839 |
- cli_errmsg("cli_loadcdb: Invalid value %s in signature for %s\n", \ |
|
2840 |
- token_str, tokens[0]); \ |
|
2841 |
- if (new->name.re_magic) \ |
|
2842 |
- cli_regfree(&new->name); \ |
|
2843 |
- mpool_free(engine->mempool, new->virname); \ |
|
2844 |
- mpool_free(engine->mempool, new); \ |
|
2845 |
- ret = CL_EMEM; \ |
|
2846 |
- break; \ |
|
2847 |
- } \ |
|
2848 |
- } \ |
|
2849 |
- else \ |
|
2850 |
- { \ |
|
2851 |
- dest[0] = dest[1] = CLI_OFF_ANY; \ |
|
2852 |
- } |
|
2815 |
+#define CDBRANGE(token_str, dest) \ |
|
2816 |
+ if(strcmp(token_str, "*")) { \ |
|
2817 |
+ if(strchr(token_str, '-')) { \ |
|
2818 |
+ if(sscanf(token_str, "%u-%u", &n0, &n1) != 2) { \ |
|
2819 |
+ ret = CL_EMALFDB; \ |
|
2820 |
+ } else { \ |
|
2821 |
+ dest[0] = n0; \ |
|
2822 |
+ dest[1] = n1; \ |
|
2823 |
+ } \ |
|
2824 |
+ } else { \ |
|
2825 |
+ if(!cli_isnumber(token_str)) \ |
|
2826 |
+ ret = CL_EMALFDB; \ |
|
2827 |
+ else \ |
|
2828 |
+ dest[0] = dest[1] = atoi(token_str); \ |
|
2829 |
+ } \ |
|
2830 |
+ if(ret != CL_SUCCESS) { \ |
|
2831 |
+ cli_errmsg("cli_loadcdb: Invalid value %s in signature for %s\n",\ |
|
2832 |
+ token_str, tokens[0]); \ |
|
2833 |
+ if(new->name.re_magic) \ |
|
2834 |
+ cli_regfree(&new->name); \ |
|
2835 |
+ mpool_free(engine->mempool, new->virname); \ |
|
2836 |
+ mpool_free(engine->mempool, new); \ |
|
2837 |
+ ret = CL_EMEM; \ |
|
2838 |
+ break; \ |
|
2839 |
+ } \ |
|
2840 |
+ } else { \ |
|
2841 |
+ dest[0] = dest[1] = CLI_OFF_ANY; \ |
|
2842 |
+ } |
|
2853 | 2843 |
|
2854 |
- CDBRANGE(tokens[2], new->csize); |
|
2844 |
+ CDBRANGE(tokens[2], new->csize); |
|
2855 | 2845 |
CDBRANGE(tokens[4], new->fsizec); |
2856 | 2846 |
CDBRANGE(tokens[5], new->fsizer); |
2857 | 2847 |
CDBRANGE(tokens[7], new->filepos); |
... | ... |
@@ -3123,6 +3113,7 @@ static char *parse_yara_hex_string(YR_STRING *string, int *ret) |
3123 | 3123 |
{ |
3124 | 3124 |
char *res, *str, *ovr; |
3125 | 3125 |
size_t slen, reslen=0, i, j; |
3126 |
+ int sqr = 0; |
|
3126 | 3127 |
|
3127 | 3128 |
if (!(string) || !(string->string)) { |
3128 | 3129 |
if (ret) *ret = CL_ENULLARG; |
... | ... |
@@ -3251,7 +3242,6 @@ struct cli_ytable { |
3251 | 3251 |
|
3252 | 3252 |
static int32_t ytable_lookup(const char *hexsig) |
3253 | 3253 |
{ |
3254 |
- (void) hexsig; |
|
3255 | 3254 |
/* TODO - WRITE ME! */ |
3256 | 3255 |
return -1; |
3257 | 3256 |
} |
... | ... |
@@ -3259,6 +3249,7 @@ static int32_t ytable_lookup(const char *hexsig) |
3259 | 3259 |
static int ytable_add_attrib(struct cli_ytable *ytable, const char *hexsig, const char *value, int type) |
3260 | 3260 |
{ |
3261 | 3261 |
int32_t lookup; |
3262 |
+ char **attrib; |
|
3262 | 3263 |
|
3263 | 3264 |
if (!ytable || !value) |
3264 | 3265 |
return CL_ENULLARG; |
... | ... |
@@ -3358,7 +3349,7 @@ static int ytable_add_string(struct cli_ytable *ytable, const char *hexsig) |
3358 | 3358 |
|
3359 | 3359 |
static void ytable_delete(struct cli_ytable *ytable) |
3360 | 3360 |
{ |
3361 |
- int32_t i; |
|
3361 |
+ uint32_t i; |
|
3362 | 3362 |
if (!ytable) |
3363 | 3363 |
return; |
3364 | 3364 |
|
... | ... |
@@ -3413,17 +3404,17 @@ static int load_oneyara(YR_RULE *rule, int chkpua, struct cl_engine *engine, uns |
3413 | 3413 |
{ |
3414 | 3414 |
YR_STRING *string; |
3415 | 3415 |
struct cli_ytable ytable; |
3416 |
- size_t i; |
|
3417 |
- int str_error = 0, ret = CL_SUCCESS; |
|
3416 |
+ int str_error = 0, i = 0, ret = CL_SUCCESS; |
|
3418 | 3417 |
struct cli_lsig_tdb tdb; |
3419 | 3418 |
uint32_t lsigid[2]; |
3420 | 3419 |
struct cli_matcher *root; |
3421 | 3420 |
struct cli_ac_lsig **newtable, *lsig, *tsig = NULL; |
3422 | 3421 |
unsigned short target = 0; |
3422 |
+ size_t lsize; |
|
3423 | 3423 |
char *logic = NULL, *target_str = NULL; |
3424 |
+ uint8_t has_short_string; |
|
3425 |
+ char *exp_op = "|"; |
|
3424 | 3426 |
char *newident = NULL; |
3425 |
- /* size_t lsize; */ // only used in commented out code |
|
3426 |
- /* char *exp_op = "|"; */ // only used in commented out code |
|
3427 | 3427 |
|
3428 | 3428 |
cli_yaramsg("load_oneyara: attempting to load %s\n", rule->identifier); |
3429 | 3429 |
|
... | ... |
@@ -3868,10 +3859,10 @@ static int load_oneyara(YR_RULE *rule, int chkpua, struct cl_engine *engine, uns |
3868 | 3868 |
tdb.subsigs = ytable.tbl_cnt; |
3869 | 3869 |
|
3870 | 3870 |
/*** loading step - put things into the AC trie ***/ |
3871 |
- for (i = 0; i < (size_t)ytable.tbl_cnt; ++i) { |
|
3871 |
+ for (i = 0; i < ytable.tbl_cnt; ++i) { |
|
3872 | 3872 |
lsigid[1] = i; |
3873 | 3873 |
|
3874 |
- cli_yaramsg("%zu: [%s] [%s] [%s%s%s%s]\n", i, ytable.table[i]->hexstr, ytable.table[i]->offset, |
|
3874 |
+ cli_yaramsg("%d: [%s] [%s] [%s%s%s%s]\n", i, ytable.table[i]->hexstr, ytable.table[i]->offset, |
|
3875 | 3875 |
(ytable.table[i]->sigopts & ACPATT_OPTION_NOCASE) ? "i" : "", |
3876 | 3876 |
(ytable.table[i]->sigopts & ACPATT_OPTION_FULLWORD) ? "f" : "", |
3877 | 3877 |
(ytable.table[i]->sigopts & ACPATT_OPTION_WIDE) ? "w" : "", |
... | ... |
@@ -3981,7 +3972,7 @@ void cli_yara_free(struct cl_engine * engine) |
3981 | 3981 |
//TODO - pua? dbio? |
3982 | 3982 |
static int cli_loadyara(FILE *fs, struct cl_engine *engine, unsigned int *signo, unsigned int options, struct cli_dbio *dbio, const char *filename) |
3983 | 3983 |
{ |
3984 |
- YR_COMPILER compiler; |
|
3984 |
+ YR_COMPILER compiler = {0}; |
|
3985 | 3985 |
YR_NAMESPACE ns; |
3986 | 3986 |
YR_RULE *rule; |
3987 | 3987 |
unsigned int sigs = 0, rules = 0, rule_errors = 0; |
... | ... |
@@ -3992,8 +3983,6 @@ static int cli_loadyara(FILE *fs, struct cl_engine *engine, unsigned int *signo, |
3992 | 3992 |
if((rc = cli_initroots(engine, options))) |
3993 | 3993 |
return rc; |
3994 | 3994 |
|
3995 |
- memset(&compiler, 0, sizeof(YR_COMPILER)); |
|
3996 |
- |
|
3997 | 3995 |
compiler.last_result = ERROR_SUCCESS; |
3998 | 3996 |
STAILQ_INIT(&compiler.rule_q); |
3999 | 3997 |
STAILQ_INIT(&compiler.current_rule_string_q); |
... | ... |
@@ -4106,7 +4095,7 @@ static int cli_loadpwdb(FILE *fs, struct cl_engine *engine, unsigned int options |
4106 | 4106 |
char *attribs; |
4107 | 4107 |
char buffer[FILEBUFF]; |
4108 | 4108 |
unsigned int line = 0, skip = 0, pwcnt = 0, tokens_count; |
4109 |
- struct cli_pwdb *new; |
|
4109 |
+ struct cli_pwdb *new, *ins; |
|
4110 | 4110 |
cl_pwdb_t container; |
4111 | 4111 |
struct cli_lsig_tdb tdb; |
4112 | 4112 |
int ret = CL_SUCCESS, pwstype; |
... | ... |
@@ -43,7 +43,7 @@ |
43 | 43 |
#ifdef RAR_HIGH_DEBUG |
44 | 44 |
#define rar_dbgmsg printf |
45 | 45 |
#else |
46 |
-static void rar_dbgmsg(const char* fmt,...){(void)fmt;} |
|
46 |
+static void rar_dbgmsg(const char* fmt,...){} |
|
47 | 47 |
#endif |
48 | 48 |
|
49 | 49 |
static void insert_old_dist(unpack_data_t *unpack_data, unsigned int distance) |
... | ... |
@@ -113,16 +113,17 @@ int rar_unp_read_buf(int fd, unpack_data_t *unpack_data) |
113 | 113 |
|
114 | 114 |
/* Is buffer read pos more than half way? */ |
115 | 115 |
if (unpack_data->in_addr > MAX_BUF_SIZE/2) { |
116 |
- memmove(unpack_data->in_buf, unpack_data->in_buf+unpack_data->in_addr, |
|
117 |
- data_size); |
|
118 |
- |
|
116 |
+ if (data_size > 0) { |
|
117 |
+ memmove(unpack_data->in_buf, unpack_data->in_buf+unpack_data->in_addr, |
|
118 |
+ data_size); |
|
119 |
+ } |
|
119 | 120 |
unpack_data->in_addr = 0; |
120 | 121 |
unpack_data->read_top = data_size; |
121 | 122 |
} else { |
122 | 123 |
data_size = unpack_data->read_top; |
123 | 124 |
} |
124 | 125 |
/* RAR2 depends on us only reading upto the end of the current compressed file */ |
125 |
- if (unpack_data->pack_size < (uint32_t)((MAX_BUF_SIZE-data_size)&~0xf)) { |
|
126 |
+ if (unpack_data->pack_size < ((MAX_BUF_SIZE-data_size)&~0xf)) { |
|
126 | 127 |
read_size = unpack_data->pack_size; |
127 | 128 |
} else { |
128 | 129 |
read_size = (MAX_BUF_SIZE-data_size)&~0xf; |
... | ... |
@@ -217,7 +218,7 @@ static void unp_write_buf(unpack_data_t *unpack_data) |
217 | 217 |
struct UnpackFilter *flt, *next_filter; |
218 | 218 |
struct rarvm_prepared_program *prg, *next_prg; |
219 | 219 |
uint8_t *filtered_data; |
220 |
- size_t i, j; |
|
220 |
+ int i, j; |
|
221 | 221 |
|
222 | 222 |
rar_dbgmsg("in unp_write_buf\n"); |
223 | 223 |
written_border = unpack_data->wr_ptr; |
... | ... |
@@ -540,11 +541,9 @@ static int add_vm_code(unpack_data_t *unpack_data, unsigned int first_byte, |
540 | 540 |
unsigned char *vmcode, int code_size) |
541 | 541 |
{ |
542 | 542 |
rarvm_input_t rarvm_input; |
543 |
- unsigned int filter_pos, new_filter, block_start, init_mask, cur_size, data_size; |
|
543 |
+ unsigned int filter_pos, new_filter, block_start, init_mask, cur_size; |
|
544 | 544 |
struct UnpackFilter *filter, *stack_filter; |
545 |
- size_t i, empty_count, stack_pos; |
|
546 |
- unsigned int vm_codesize; |
|
547 |
- long static_size; |
|
545 |
+ int i, empty_count, stack_pos, vm_codesize, static_size, data_size; |
|
548 | 546 |
unsigned char *vm_code, *global_data; |
549 | 547 |
|
550 | 548 |
rar_dbgmsg("in add_vm_code first_byte=0x%x code_size=%d\n", first_byte, code_size); |
... | ... |
@@ -564,7 +563,7 @@ static int add_vm_code(unpack_data_t *unpack_data, unsigned int first_byte, |
564 | 564 |
filter_pos = unpack_data->last_filter; |
565 | 565 |
} |
566 | 566 |
rar_dbgmsg("filter_pos = %u\n", filter_pos); |
567 |
- if ((size_t) filter_pos > unpack_data->Filters.num_items || |
|
567 |
+ if (filter_pos > unpack_data->Filters.num_items || |
|
568 | 568 |
filter_pos > unpack_data->old_filter_lengths_size) { |
569 | 569 |
rar_dbgmsg("filter_pos check failed\n"); |
570 | 570 |
return FALSE; |
... | ... |
@@ -654,7 +653,7 @@ static int add_vm_code(unpack_data_t *unpack_data, unsigned int first_byte, |
654 | 654 |
} |
655 | 655 |
if (new_filter) { |
656 | 656 |
vm_codesize = rarvm_read_data(&rarvm_input); |
657 |
- if (vm_codesize >= 0x1000 || vm_codesize == 0 || vm_codesize > (unsigned int)rarvm_input.buf_size) { |
|
657 |
+ if (vm_codesize >= 0x1000 || vm_codesize == 0 || (vm_codesize > rarvm_input.buf_size) || vm_codesize < 0) { |
|
658 | 658 |
rar_dbgmsg("ERROR: vm_codesize=0x%x buf_size=0x%x\n", vm_codesize, rarvm_input.buf_size); |
659 | 659 |
return FALSE; |
660 | 660 |
} |
... | ... |
@@ -663,11 +662,11 @@ static int add_vm_code(unpack_data_t *unpack_data, unsigned int first_byte, |
663 | 663 |
rar_dbgmsg("unrar: add_vm_code: rar_malloc failed for vm_code\n"); |
664 | 664 |
return FALSE; |
665 | 665 |
} |
666 |
- for (i=0 ; i < (size_t) vm_codesize ; i++) { |
|
666 |
+ for (i=0 ; i < vm_codesize ; i++) { |
|
667 | 667 |
vm_code[i] = rarvm_getbits(&rarvm_input) >> 8; |
668 | 668 |
rarvm_addbits(&rarvm_input, 8); |
669 | 669 |
} |
670 |
- if(!rarvm_prepare(&unpack_data->rarvm_data, &rarvm_input, &vm_code[0], (int) vm_codesize, &filter->prg)) { |
|
670 |
+ if(!rarvm_prepare(&unpack_data->rarvm_data, &rarvm_input, &vm_code[0], vm_codesize, &filter->prg)) { |
|
671 | 671 |
rar_dbgmsg("unrar: add_vm_code: rarvm_prepare failed\n"); |
672 | 672 |
free(vm_code); |
673 | 673 |
return FALSE; |
... | ... |
@@ -715,10 +714,10 @@ static int add_vm_code(unpack_data_t *unpack_data, unsigned int first_byte, |
715 | 715 |
if (data_size >= 0x10000) { |
716 | 716 |
return FALSE; |
717 | 717 |
} |
718 |
- cur_size = (unsigned int)stack_filter->prg.global_size; |
|
719 |
- if (cur_size < data_size + VM_FIXEDGLOBALSIZE) { |
|
720 |
- stack_filter->prg.global_size += (long)data_size + VM_FIXEDGLOBALSIZE - cur_size; |
|
721 |
- stack_filter->prg.global_data = (unsigned char*)rar_realloc2(stack_filter->prg.global_data, |
|
718 |
+ cur_size = stack_filter->prg.global_size; |
|
719 |
+ if (cur_size < data_size+VM_FIXEDGLOBALSIZE) { |
|
720 |
+ stack_filter->prg.global_size += data_size+VM_FIXEDGLOBALSIZE-cur_size; |
|
721 |
+ stack_filter->prg.global_data = rar_realloc2(stack_filter->prg.global_data, |
|
722 | 722 |
stack_filter->prg.global_size); |
723 | 723 |
if(!stack_filter->prg.global_data) { |
724 | 724 |
rar_dbgmsg("unrar: add_vm_code: rar_realloc2 failed for stack_filter->prg.global_data\n"); |
... | ... |
@@ -726,8 +725,8 @@ static int add_vm_code(unpack_data_t *unpack_data, unsigned int first_byte, |
726 | 726 |
} |
727 | 727 |
} |
728 | 728 |
global_data = &stack_filter->prg.global_data[VM_FIXEDGLOBALSIZE]; |
729 |
- for (i=0 ; i < (size_t)data_size ; i++) { |
|
730 |
- if (rarvm_input.in_addr + 2 > rarvm_input.buf_size) { |
|
729 |
+ for (i=0 ; i< data_size ; i++) { |
|
730 |
+ if ((rarvm_input.in_addr+2) > rarvm_input.buf_size) { |
|
731 | 731 |
rar_dbgmsg("Buffer truncated\n"); |
732 | 732 |
return FALSE; |
733 | 733 |
} |
... | ... |
@@ -209,7 +209,7 @@ typedef struct unpack_data_tag |
209 | 209 |
rar_filter_array_t Filters; |
210 | 210 |
rar_filter_array_t PrgStack; |
211 | 211 |
int *old_filter_lengths; |
212 |
- unsigned int last_filter, old_filter_lengths_size; |
|
212 |
+ int last_filter, old_filter_lengths_size; |
|
213 | 213 |
int64_t written_size; |
214 | 214 |
int64_t true_size; |
215 | 215 |
int64_t max_size; |
... | ... |
@@ -119,18 +119,16 @@ static void copy_string15(unpack_data_t *unpack_data, unsigned int distance, |
119 | 119 |
} |
120 | 120 |
} |
121 | 121 |
|
122 |
-static unsigned int decode_num(unpack_data_t *unpack_data, unsigned int num, unsigned int start_pos, |
|
122 |
+static unsigned int decode_num(unpack_data_t *unpack_data, int num, unsigned int start_pos, |
|
123 | 123 |
unsigned int *dec_tab, unsigned int *pos_tab) |
124 | 124 |
{ |
125 | 125 |
int i; |
126 | 126 |
|
127 |
- for (num &= 0xfff0, i=0; dec_tab[i] <= num; i++) { |
|
127 |
+ for (num&=0xfff0, i=0 ; dec_tab[i] <= num ; i++) { |
|
128 | 128 |
start_pos++; |
129 | 129 |
} |
130 |
- |
|
131 | 130 |
rar_addbits(unpack_data, start_pos); |
132 |
- |
|
133 |
- return ( ((int)num - (i ? dec_tab[i-1] : 0)) >> (16 - start_pos) ) + pos_tab[start_pos]; |
|
131 |
+ return (((num-(i ? dec_tab[i-1]:0)) >> (16-start_pos)) + pos_tab[start_pos]); |
|
134 | 132 |
} |
135 | 133 |
|
136 | 134 |
static void huff_decode(unpack_data_t *unpack_data) |
... | ... |
@@ -1,5 +1,5 @@ |
1 | 1 |
/* |
2 |
- * Copyright (C) 2015, 2017 Cisco Systems, Inc. and/or its affiliates. All rights reserved. |
|
2 |
+ * Copyright (C) 2015 Cisco Systems, Inc. and/or its affiliates. All rights reserved. |
|
3 | 3 |
* Copyright (C) 2007 Sourcefire, Inc. |
4 | 4 |
* |
5 | 5 |
* The unRAR sources may be used in any software to handle RAR |
... | ... |
@@ -19,7 +19,7 @@ |
19 | 19 |
#ifdef RAR_HIGH_DEBUG |
20 | 20 |
#define rar_dbgmsg printf |
21 | 21 |
#else |
22 |
-static void rar_dbgmsg(const char* fmt,...){(void)fmt;} |
|
22 |
+static void rar_dbgmsg(const char* fmt,...){} |
|
23 | 23 |
#endif |
24 | 24 |
|
25 | 25 |
#define RAR_MAX_ALLOCATION 184549376 |
... | ... |
@@ -27,7 +27,7 @@ |
27 | 27 |
#ifdef RAR_HIGH_DEBUG |
28 | 28 |
#define rar_dbgmsg printf |
29 | 29 |
#else |
30 |
-static void rar_dbgmsg(const char* fmt,...){(void)fmt;} |
|
30 |
+static void rar_dbgmsg(const char* fmt,...){} |
|
31 | 31 |
#endif |
32 | 32 |
|
33 | 33 |
#define MAX_O 64 |
... | ... |
@@ -754,20 +754,19 @@ static void update1(ppm_data_t *ppm_data, struct state_tag *p, struct ppm_contex |
754 | 754 |
static int ppm_decode_symbol1(ppm_data_t *ppm_data, struct ppm_context *context) |
755 | 755 |
{ |
756 | 756 |
struct state_tag *p; |
757 |
- int i, count; |
|
758 |
- uint8_t hi_cnt; |
|
757 |
+ int i, hi_cnt, count; |
|
759 | 758 |
|
760 | 759 |
rar_dbgmsg("in ppm_decode_symbol1\n"); |
761 | 760 |
ppm_data->coder.scale = context->con_ut.u.summ_freq; |
762 | 761 |
p = context->con_ut.u.stats; |
763 | 762 |
count = coder_get_current_count(&ppm_data->coder); |
764 |
- if (count >= (int)ppm_data->coder.scale) { |
|
763 |
+ if (count >= ppm_data->coder.scale) { |
|
765 | 764 |
return FALSE; |
766 | 765 |
} |
767 |
- if (count < (int)(hi_cnt = p->freq)) { |
|
768 |
- ppm_data->prev_success = (2 * (ppm_data->coder.high_count=(unsigned int)hi_cnt) > |
|
766 |
+ if (count < (hi_cnt = p->freq)) { |
|
767 |
+ ppm_data->prev_success = (2 * (ppm_data->coder.high_count=hi_cnt) > |
|
769 | 768 |
ppm_data->coder.scale); |
770 |
- ppm_data->run_length += (int)ppm_data->prev_success; |
|
769 |
+ ppm_data->run_length += ppm_data->prev_success; |
|
771 | 770 |
(ppm_data->found_state=p)->freq=(hi_cnt += 4); |
772 | 771 |
context->con_ut.u.summ_freq += 4; |
773 | 772 |
if (hi_cnt > MAX_FREQ) { |
... | ... |
@@ -783,9 +782,9 @@ static int ppm_decode_symbol1(ppm_data_t *ppm_data, struct ppm_context *context) |
783 | 783 |
while ((hi_cnt += (++p)->freq) <= count) { |
784 | 784 |
if (--i == 0) { |
785 | 785 |
ppm_data->hi_bits_flag = ppm_data->hb2flag[ppm_data->found_state->symbol]; |
786 |
- ppm_data->coder.low_count = (unsigned int)hi_cnt; |
|
786 |
+ ppm_data->coder.low_count = hi_cnt; |
|
787 | 787 |
ppm_data->char_mask[p->symbol] = ppm_data->esc_count; |
788 |
- i = (ppm_data->num_masked=(int)context->num_stats) - 1; |
|
788 |
+ i = (ppm_data->num_masked=context->num_stats) - 1; |
|
789 | 789 |
ppm_data->found_state = NULL; |
790 | 790 |
do { |
791 | 791 |
ppm_data->char_mask[(--p)->symbol] = ppm_data->esc_count; |
... | ... |
@@ -794,7 +793,7 @@ static int ppm_decode_symbol1(ppm_data_t *ppm_data, struct ppm_context *context) |
794 | 794 |
return TRUE; |
795 | 795 |
} |
796 | 796 |
} |
797 |
- ppm_data->coder.low_count = ( ppm_data->coder.high_count = (unsigned int)hi_cnt ) - (unsigned int)p->freq; |
|
797 |
+ ppm_data->coder.low_count = (ppm_data->coder.high_count = hi_cnt) - p->freq; |
|
798 | 798 |
update1(ppm_data, p, context); |
799 | 799 |
return TRUE; |
800 | 800 |
} |
... | ... |
@@ -868,13 +867,12 @@ static struct see2_context_tag *make_esc_freq(ppm_data_t *ppm_data, |
868 | 868 |
|
869 | 869 |
static int ppm_decode_symbol2(ppm_data_t *ppm_data, struct ppm_context *context) |
870 | 870 |
{ |
871 |
- int count, i; |
|
872 |
- uint8_t hi_cnt; |
|
871 |
+ int count, hi_cnt, i; |
|
873 | 872 |
struct see2_context_tag *psee2c; |
874 | 873 |
struct state_tag *ps[256], **pps, *p; |
875 | 874 |
|
876 | 875 |
rar_dbgmsg("in ppm_decode_symbol2\n"); |
877 |
- i = (int)context->num_stats - ppm_data->num_masked; |
|
876 |
+ i = context->num_stats - ppm_data->num_masked; |
|
878 | 877 |
psee2c = make_esc_freq(ppm_data, context, i); |
879 | 878 |
pps = ps; |
880 | 879 |
p = context->con_ut.u.stats - 1; |
... | ... |
@@ -889,28 +887,28 @@ static int ppm_decode_symbol2(ppm_data_t *ppm_data, struct ppm_context *context) |
889 | 889 |
} while (--i); |
890 | 890 |
ppm_data->coder.scale += hi_cnt; |
891 | 891 |
count = coder_get_current_count(&ppm_data->coder); |
892 |
- if (count >= (int)ppm_data->coder.scale) { |
|
892 |
+ if (count >= ppm_data->coder.scale) { |
|
893 | 893 |
return FALSE; |
894 | 894 |
} |
895 | 895 |
p=*(pps=ps); |
896 |
- if (count < (int)hi_cnt) { |
|
896 |
+ if (count < hi_cnt) { |
|
897 | 897 |
hi_cnt = 0; |
898 |
- while ((int)(hi_cnt += p->freq) <= count) { |
|
898 |
+ while ((hi_cnt += p->freq) <= count) { |
|
899 | 899 |
p=*++pps; |
900 | 900 |
} |
901 |
- ppm_data->coder.low_count = (ppm_data->coder.high_count=(unsigned int)hi_cnt) - (unsigned int)p->freq; |
|
901 |
+ ppm_data->coder.low_count = (ppm_data->coder.high_count=hi_cnt) - p->freq; |
|
902 | 902 |
update(psee2c); |
903 | 903 |
update2(ppm_data, p, context); |
904 | 904 |
} else { |
905 |
- ppm_data->coder.low_count = (unsigned int)hi_cnt; |
|
906 |
- ppm_data->coder.high_count = (unsigned int)ppm_data->coder.scale; |
|
907 |
- i = (int)context->num_stats - ppm_data->num_masked; |
|
905 |
+ ppm_data->coder.low_count = hi_cnt; |
|
906 |
+ ppm_data->coder.high_count = ppm_data->coder.scale; |
|
907 |
+ i = context->num_stats - ppm_data->num_masked; |
|
908 | 908 |
pps--; |
909 | 909 |
do { |
910 | 910 |
ppm_data->char_mask[(*++pps)->symbol] = ppm_data->esc_count; |
911 | 911 |
} while (--i); |
912 | 912 |
psee2c->summ += ppm_data->coder.scale; |
913 |
- ppm_data->num_masked = (int)context->num_stats; |
|
913 |
+ ppm_data->num_masked = context->num_stats; |
|
914 | 914 |
} |
915 | 915 |
return TRUE; |
916 | 916 |
} |
... | ... |
@@ -1015,7 +1013,7 @@ int ppm_decode_char(ppm_data_t *ppm_data, int fd, unpack_data_t *unpack_data) |
1015 | 1015 |
ppm_data->sub_alloc.heap_end) { |
1016 | 1016 |
return -1; |
1017 | 1017 |
} |
1018 |
- } while ((int)ppm_data->min_context->num_stats == ppm_data->num_masked); |
|
1018 |
+ } while (ppm_data->min_context->num_stats == ppm_data->num_masked); |
|
1019 | 1019 |
if (!ppm_decode_symbol2(ppm_data, ppm_data->min_context)) { |
1020 | 1020 |
return -1; |
1021 | 1021 |
} |
... | ... |
@@ -29,7 +29,7 @@ |
29 | 29 |
#ifdef RAR_HIGH_DEBUG |
30 | 30 |
#define rar_dbgmsg printf |
31 | 31 |
#else |
32 |
-static void rar_dbgmsg(const char* fmt,...){(void)fmt;} |
|
32 |
+static void rar_dbgmsg(const char* fmt,...){} |
|
33 | 33 |
#endif |
34 | 34 |
|
35 | 35 |
#define VMCF_OP0 0 |
... | ... |
@@ -42,28 +42,6 @@ static void rar_dbgmsg(const char* fmt,...){(void)fmt;} |
42 | 42 |
#define VMCF_USEFLAGS 32 |
43 | 43 |
#define VMCF_CHFLAGS 64 |
44 | 44 |
|
45 |
-#define UINT32(x) (sizeof(uint32_t)==4 ? (uint32_t)(x):((x)&0xffffffff)) |
|
46 |
- |
|
47 |
-#if WORDS_BIGENDIAN == 0 |
|
48 |
-#define GET_VALUE(byte_mode,addr) ((byte_mode) ? (*(unsigned char *)(addr)) : UINT32((*(unsigned int *)(addr)))) |
|
49 |
-#else |
|
50 |
-#define GET_VALUE(byte_mode,addr) ((byte_mode) ? (*(unsigned char *)(addr)) : (((unsigned char *)addr)[0] | ((unsigned char *)addr)[1]<<8 | ((unsigned char *)addr)[2]<<16 | ((unsigned char *)addr)[3]<<24)) |
|
51 |
-#endif |
|
52 |
- |
|
53 |
-#if WORDS_BIGENDIAN == 0 |
|
54 |
-#define SET_VALUE(byte_mode,addr,value) (void)(((byte_mode) ? (*(unsigned char *)(addr)=(value)):(*(uint32_t *)(addr)=((uint32_t)(value))))) |
|
55 |
-#else |
|
56 |
-#define SET_VALUE(byte_mode,addr,value) rarvm_set_value(byte_mode, (unsigned int *)addr, value); |
|
57 |
-#endif |
|
58 |
- |
|
59 |
-#define SET_IP(IP) \ |
|
60 |
- if ((IP)>=(unsigned int)code_size) \ |
|
61 |
- return TRUE; \ |
|
62 |
- if (--max_ops<=0) \ |
|
63 |
- return FALSE; \ |
|
64 |
- cmd=prepared_code+(IP); |
|
65 |
- |
|
66 |
- |
|
67 | 45 |
static uint8_t vm_cmdflags[]= |
68 | 46 |
{ |
69 | 47 |
/* VM_MOV */ VMCF_OP2 | VMCF_BYTEMODE , |
... | ... |
@@ -108,6 +86,37 @@ static uint8_t vm_cmdflags[]= |
108 | 108 |
/* VM_PRINT */ VMCF_OP0 |
109 | 109 |
}; |
110 | 110 |
|
111 |
+#define UINT32(x) (sizeof(uint32_t)==4 ? (uint32_t)(x):((x)&0xffffffff)) |
|
112 |
+ |
|
113 |
+#if WORDS_BIGENDIAN == 0 |
|
114 |
+#define GET_VALUE(byte_mode,addr) ((byte_mode) ? (*(unsigned char *)(addr)) : UINT32((*(unsigned int *)(addr)))) |
|
115 |
+#else |
|
116 |
+#define GET_VALUE(byte_mode,addr) ((byte_mode) ? (*(unsigned char *)(addr)) : (((unsigned char *)addr)[0] | ((unsigned char *)addr)[1]<<8 | ((unsigned char *)addr)[2]<<16 | ((unsigned char *)addr)[3]<<24)) |
|
117 |
+#endif |
|
118 |
+ |
|
119 |
+void rarvm_set_value(int byte_mode, unsigned int *addr, unsigned int value) |
|
120 |
+{ |
|
121 |
+ if (byte_mode) { |
|
122 |
+ *(unsigned char *)addr=value; |
|
123 |
+ } else { |
|
124 |
+#if WORDS_BIGENDIAN == 0 |
|
125 |
+ *(uint32_t *)addr = value; |
|
126 |
+#else |
|
127 |
+ ((unsigned char *)addr)[0]=(unsigned char)value; |
|
128 |
+ ((unsigned char *)addr)[1]=(unsigned char)(value>>8); |
|
129 |
+ ((unsigned char *)addr)[2]=(unsigned char)(value>>16); |
|
130 |
+ ((unsigned char *)addr)[3]=(unsigned char)(value>>24); |
|
131 |
+#endif |
|
132 |
+ } |
|
133 |
+} |
|
134 |
+ |
|
135 |
+ |
|
136 |
+#if WORDS_BIGENDIAN == 0 |
|
137 |
+#define SET_VALUE(byte_mode,addr,value) (void)(((byte_mode) ? (*(unsigned char *)(addr)=(value)):(*(uint32_t *)(addr)=((uint32_t)(value))))) |
|
138 |
+#else |
|
139 |
+#define SET_VALUE(byte_mode,addr,value) rarvm_set_value(byte_mode, (unsigned int *)addr, value); |
|
140 |
+#endif |
|
141 |
+ |
|
111 | 142 |
const uint32_t crc_tab[256]={ |
112 | 143 |
0x0, 0x77073096, 0xee0e612c, 0x990951ba, 0x76dc419, 0x706af48f, 0xe963a535, 0x9e6495a3, |
113 | 144 |
0xedb8832, 0x79dcb8a4, 0xe0d5e91e, 0x97d2d988, 0x9b64c2b, 0x7eb17cbd, 0xe7b82d07, 0x90bf1d91, |
... | ... |
@@ -143,26 +152,10 @@ const uint32_t crc_tab[256]={ |
143 | 143 |
0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94, 0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d |
144 | 144 |
}; |
145 | 145 |
|
146 |
-void rarvm_set_value(int byte_mode, unsigned int *addr, unsigned int value) |
|
147 |
-{ |
|
148 |
- if (byte_mode) { |
|
149 |
- *(unsigned char *)addr=value; |
|
150 |
- } else { |
|
151 |
-#if WORDS_BIGENDIAN == 0 |
|
152 |
- *(uint32_t *)addr = value; |
|
153 |
-#else |
|
154 |
- ((unsigned char *)addr)[0]=(unsigned char)value; |
|
155 |
- ((unsigned char *)addr)[1]=(unsigned char)(value>>8); |
|
156 |
- ((unsigned char *)addr)[2]=(unsigned char)(value>>16); |
|
157 |
- ((unsigned char *)addr)[3]=(unsigned char)(value>>24); |
|
158 |
-#endif |
|
159 |
- } |
|
160 |
-} |
|
161 |
- |
|
162 | 146 |
uint32_t rar_crc(uint32_t start_crc, void *addr, uint32_t size) |
163 | 147 |
{ |
164 | 148 |
unsigned char *data; |
165 |
- uint32_t i; |
|
149 |
+ int i; |
|
166 | 150 |
|
167 | 151 |
data = addr; |
168 | 152 |
#if WORDS_BIGENDIAN == 0 |
... | ... |
@@ -583,6 +576,13 @@ static void execute_standard_filter(rarvm_data_t *rarvm_data, rarvm_standard_fil |
583 | 583 |
break; |
584 | 584 |
} |
585 | 585 |
} |
586 |
+ |
|
587 |
+#define SET_IP(IP) \ |
|
588 |
+ if ((IP)>=code_size) \ |
|
589 |
+ return TRUE; \ |
|
590 |
+ if (--max_ops<=0) \ |
|
591 |
+ return FALSE; \ |
|
592 |
+ cmd=prepared_code+(IP); |
|
586 | 593 |
|
587 | 594 |
static int rarvm_execute_code(rarvm_data_t *rarvm_data, |
588 | 595 |
struct rarvm_prepared_command *prepared_code, int code_size) |
... | ... |
@@ -1,6 +1,6 @@ |
1 | 1 |
/* |
2 | 2 |
* Interface to libclamunrar |
3 |
- * Copyright (C) 2015, 2017 Cisco Systems, Inc. and/or its affiliates. All rights reserved. |
|
3 |
+ * Copyright (C) 2015 Cisco Systems, Inc. and/or its affiliates. All rights reserved. |
|
4 | 4 |
* Copyright (C) 2007-2013 Sourcefire, Inc. |
5 | 5 |
* Authors: Trog, Torok Edvin, Tomasz Kojm |
6 | 6 |
* |
... | ... |
@@ -53,7 +53,7 @@ static uint32_t unrar_endian_convert_32(uint32_t v) |
53 | 53 |
#ifdef RAR_DEBUG_MODE |
54 | 54 |
#define unrar_dbgmsg printf |
55 | 55 |
#else |
56 |
-static void unrar_dbgmsg(const char* fmt,...){(void)fmt;} |
|
56 |
+static void unrar_dbgmsg(const char* fmt,...){} |
|
57 | 57 |
#endif |
58 | 58 |
|
59 | 59 |
static void *read_header(int fd, header_type hdr_type) |
... | ... |
@@ -386,7 +386,6 @@ int unrar_extract_next_prepare(unrar_state_t *state, const char *dirname) |
386 | 386 |
int ofd; |
387 | 387 |
unrar_metadata_t *new_metadata; |
388 | 388 |
|
389 |
- (void)dirname; |
|
390 | 389 |
|
391 | 390 |
state->file_header = read_block(state->fd, FILE_HEAD); |
392 | 391 |
if(!state->file_header) |