git-svn: trunk@1359
Tomasz Kojm authored on 2005/02/27 10:31:02... | ... |
@@ -1,3 +1,8 @@ |
1 |
+Sun Feb 27 02:26:42 CET 2005 (tk) |
|
2 |
+--------------------------------- |
|
3 |
+ * libclamav: improve metadata scanner |
|
4 |
+ * sigtool: add support for .zmd files |
|
5 |
+ |
|
1 | 6 |
Thu Feb 24 18:37:45 CET 2005 (tk) |
2 | 7 |
--------------------------------- |
3 | 8 |
* libclamav/scanners.c: fix NULL pointer dereference in metadata scanner |
... | ... |
@@ -818,6 +818,34 @@ static int cli_loadzmd(FILE *fd, struct cl_node **root, unsigned int *signo) |
818 | 818 |
free(pt); |
819 | 819 |
} |
820 | 820 |
|
821 |
+ if(!(pt = cli_strtok(buffer, 7, ":"))) { |
|
822 |
+ free(new->filename); |
|
823 |
+ free(new->virname); |
|
824 |
+ free(new); |
|
825 |
+ ret = CL_EMALFDB; |
|
826 |
+ break; |
|
827 |
+ } else { |
|
828 |
+ if(!strcmp(pt, "*")) |
|
829 |
+ new->fileno = 0; |
|
830 |
+ else |
|
831 |
+ new->fileno = atoi(pt); |
|
832 |
+ free(pt); |
|
833 |
+ } |
|
834 |
+ |
|
835 |
+ if(!(pt = cli_strtok(buffer, 8, ":"))) { |
|
836 |
+ free(new->filename); |
|
837 |
+ free(new->virname); |
|
838 |
+ free(new); |
|
839 |
+ ret = CL_EMALFDB; |
|
840 |
+ break; |
|
841 |
+ } else { |
|
842 |
+ if(!strcmp(pt, "*")) |
|
843 |
+ new->maxdepth = 0; |
|
844 |
+ else |
|
845 |
+ new->maxdepth = atoi(pt); |
|
846 |
+ free(pt); |
|
847 |
+ } |
|
848 |
+ |
|
821 | 849 |
new->next = (*root)->zip_mlist; |
822 | 850 |
(*root)->zip_mlist = new; |
823 | 851 |
} |
... | ... |
@@ -923,6 +951,7 @@ int cl_loaddbdir(const char *dirname, struct cl_node **root, unsigned int *signo |
923 | 923 |
cli_strbcasestr(dent->d_name, ".db3") || |
924 | 924 |
cli_strbcasestr(dent->d_name, ".hdb") || |
925 | 925 |
cli_strbcasestr(dent->d_name, ".ndb") || |
926 |
+ cli_strbcasestr(dent->d_name, ".zmd") || |
|
926 | 927 |
cli_strbcasestr(dent->d_name, ".cvd"))) { |
927 | 928 |
|
928 | 929 |
dbfile = (char *) cli_calloc(strlen(dent->d_name) + strlen(dirname) + 2, sizeof(char)); |
... | ... |
@@ -1000,6 +1029,7 @@ int cl_statinidir(const char *dirname, struct cl_stat *dbstat) |
1000 | 1000 |
cli_strbcasestr(dent->d_name, ".db3") || |
1001 | 1001 |
cli_strbcasestr(dent->d_name, ".hdb") || |
1002 | 1002 |
cli_strbcasestr(dent->d_name, ".ndb") || |
1003 |
+ cli_strbcasestr(dent->d_name, ".zmd") || |
|
1003 | 1004 |
cli_strbcasestr(dent->d_name, ".cvd"))) { |
1004 | 1005 |
|
1005 | 1006 |
dbstat->no++; |
... | ... |
@@ -1068,6 +1098,7 @@ int cl_statchkdir(const struct cl_stat *dbstat) |
1068 | 1068 |
cli_strbcasestr(dent->d_name, ".db3") || |
1069 | 1069 |
cli_strbcasestr(dent->d_name, ".hdb") || |
1070 | 1070 |
cli_strbcasestr(dent->d_name, ".ndb") || |
1071 |
+ cli_strbcasestr(dent->d_name, ".zmd") || |
|
1071 | 1072 |
cli_strbcasestr(dent->d_name, ".cvd"))) { |
1072 | 1073 |
|
1073 | 1074 |
fname = cli_calloc(strlen(dbstat->dir) + strlen(dent->d_name) + 2, sizeof(char)); |
... | ... |
@@ -320,6 +320,7 @@ static int cli_scanzip(int desc, const char **virname, long int *scanned, const |
320 | 320 |
} |
321 | 321 |
|
322 | 322 |
while(zzip_dir_read(zdir, &zdirent)) { |
323 |
+ files++; |
|
323 | 324 |
|
324 | 325 |
if(!zdirent.d_name || !strlen(zdirent.d_name)) { /* Mimail fix */ |
325 | 326 |
cli_dbgmsg("Zip: strlen(zdirent.d_name) == %d\n", strlen(zdirent.d_name)); |
... | ... |
@@ -333,7 +334,6 @@ static int cli_scanzip(int desc, const char **virname, long int *scanned, const |
333 | 333 |
cli_dbgmsg("Zip: %s, crc32: 0x%x, encrypted: %d, compressed: %u, normal: %u, ratio: %d (max: %d)\n", zdirent.d_name, zdirent.d_crc32, encrypted, zdirent.d_csize, zdirent.st_size, zdirent.d_csize ? (zdirent.st_size / zdirent.d_csize) : 0, limits ? limits->maxratio : -1); |
334 | 334 |
|
335 | 335 |
if(!zdirent.st_size) { |
336 |
- files++; |
|
337 | 336 |
if(zdirent.d_crc32) { |
338 | 337 |
cli_dbgmsg("Zip: Broken file or modified information in local header part of archive\n"); |
339 | 338 |
*virname = "Suspected.Zip"; |
... | ... |
@@ -361,7 +361,13 @@ static int cli_scanzip(int desc, const char **virname, long int *scanned, const |
361 | 361 |
if(mdata->compr >= 0 && mdata->compr != zdirent.d_compr) |
362 | 362 |
continue; |
363 | 363 |
|
364 |
- /* FIXME: add support for regex */ |
|
364 |
+ if(mdata->fileno && mdata->fileno != files) |
|
365 |
+ continue; |
|
366 |
+ |
|
367 |
+ if(mdata->maxdepth && *arec > mdata->maxdepth) |
|
368 |
+ continue; |
|
369 |
+ |
|
370 |
+ /* TODO add support for regex */ |
|
365 | 371 |
/*if(mdata->filename && !strstr(zdirent.d_name, mdata->filename))*/ |
366 | 372 |
if(mdata->filename && strcmp(zdirent.d_name, mdata->filename)) |
367 | 373 |
continue; |
... | ... |
@@ -388,7 +394,6 @@ static int cli_scanzip(int desc, const char **virname, long int *scanned, const |
388 | 388 |
|
389 | 389 |
/* work-around for problematic zips (zziplib crashes with them) */ |
390 | 390 |
if(zdirent.d_csize <= 0 || zdirent.st_size < 0) { |
391 |
- files++; |
|
392 | 391 |
cli_dbgmsg("Zip: Malformed archive detected.\n"); |
393 | 392 |
*virname = "Suspected.Zip"; |
394 | 393 |
ret = CL_VIRUS; |
... | ... |
@@ -402,7 +407,6 @@ static int cli_scanzip(int desc, const char **virname, long int *scanned, const |
402 | 402 |
} |
403 | 403 |
|
404 | 404 |
if(DETECT_ENCRYPTED && encrypted) { |
405 |
- files++; |
|
406 | 405 |
cli_dbgmsg("Zip: Encrypted files found in archive.\n"); |
407 | 406 |
lseek(desc, 0, SEEK_SET); |
408 | 407 |
ret = cli_scandesc(desc, virname, scanned, root, 0, 0); |
... | ... |
@@ -418,7 +422,6 @@ static int cli_scanzip(int desc, const char **virname, long int *scanned, const |
418 | 418 |
if(limits) { |
419 | 419 |
if(limits->maxfilesize && (zdirent.st_size > limits->maxfilesize)) { |
420 | 420 |
cli_dbgmsg("Zip: %s: Size exceeded (%d, max: %ld)\n", zdirent.d_name, zdirent.st_size, limits->maxfilesize); |
421 |
- files++; |
|
422 | 421 |
/* ret = CL_EMAXSIZE; */ |
423 | 422 |
if(BLOCKMAX) { |
424 | 423 |
*virname = "Zip.ExceededFileSize"; |
... | ... |
@@ -494,7 +497,6 @@ static int cli_scanzip(int desc, const char **virname, long int *scanned, const |
494 | 494 |
fclose(tmp); |
495 | 495 |
tmp = NULL; |
496 | 496 |
} |
497 |
- files++; |
|
498 | 497 |
} |
499 | 498 |
|
500 | 499 |
zzip_dir_close(zdir); |
... | ... |
@@ -219,11 +219,14 @@ int countlines(const char *filename) |
219 | 219 |
char buff[65536]; |
220 | 220 |
int lines = 0; |
221 | 221 |
|
222 |
+ |
|
222 | 223 |
if((fd = fopen(filename, "r")) == NULL) |
223 | 224 |
return 0; |
224 | 225 |
|
225 |
- while(fgets(buff, sizeof(buff), fd)) |
|
226 |
+ while(fgets(buff, sizeof(buff), fd)) { |
|
227 |
+ if(buff[0] == '#') continue; |
|
226 | 228 |
lines++; |
229 |
+ } |
|
227 | 230 |
|
228 | 231 |
fclose(fd); |
229 | 232 |
return lines; |
... | ... |
@@ -248,7 +251,7 @@ int build(struct optstruct *opt) |
248 | 248 |
exit(1); |
249 | 249 |
} |
250 | 250 |
|
251 |
- if(stat("main.db", &foo) == -1 && stat("daily.db", &foo) == -1 && stat("main.hdb", &foo) == -1 && stat("daily.hdb", &foo) == -1 && stat("main.ndb", &foo) == -1 && stat("daily.ndb", &foo) == -1) { |
|
251 |
+ if(stat("main.db", &foo) == -1 && stat("daily.db", &foo) == -1 && stat("main.hdb", &foo) == -1 && stat("daily.hdb", &foo) == -1 && stat("main.ndb", &foo) == -1 && stat("daily.ndb", &foo) == -1 && stat("main.zmd", &foo) == -1 && stat("daily.zmd", &foo) == -1) { |
|
252 | 252 |
mprintf("Virus database not found in current working directory.\n"); |
253 | 253 |
exit(1); |
254 | 254 |
} |
... | ... |
@@ -268,7 +271,7 @@ int build(struct optstruct *opt) |
268 | 268 |
mprintf("WARNING: There are no signatures in the database(s).\n"); |
269 | 269 |
} else { |
270 | 270 |
mprintf("Signatures: %d\n", no); |
271 |
- realno = countlines("main.db") + countlines("daily.db") + countlines("main.hdb") + countlines("daily.hdb") + countlines("main.ndb") + countlines("daily.ndb"); |
|
271 |
+ realno = countlines("main.db") + countlines("daily.db") + countlines("main.hdb") + countlines("daily.hdb") + countlines("main.ndb") + countlines("daily.ndb") + countlines("main.zmd") + countlines("daily.zmd"); |
|
272 | 272 |
if(realno != no) { |
273 | 273 |
mprintf("!Signatures in database: %d. Loaded: %d.\n", realno, no); |
274 | 274 |
mprintf("Please check the current directory and remove unnecessary databases\n"); |
... | ... |
@@ -285,7 +288,7 @@ int build(struct optstruct *opt) |
285 | 285 |
exit(1); |
286 | 286 |
case 0: |
287 | 287 |
{ |
288 |
- char *args[] = { "tar", "-cvf", NULL, "COPYING", "main.db", "daily.db", "Notes", "viruses.db3", "main.hdb", "daily.hdb", "main.ndb", "daily.ndb", NULL }; |
|
288 |
+ char *args[] = { "tar", "-cvf", NULL, "COPYING", "main.db", "daily.db", "Notes", "viruses.db3", "main.hdb", "daily.hdb", "main.ndb", "daily.ndb", "main.zmd", "daily.zmd", NULL }; |
|
289 | 289 |
args[2] = tarfile; |
290 | 290 |
execv("/bin/tar", args); |
291 | 291 |
mprintf("!Can't execute tar\n"); |
... | ... |
@@ -702,7 +705,7 @@ int listdb(const char *filename) |
702 | 702 |
free(start); |
703 | 703 |
} |
704 | 704 |
|
705 |
- } else if(cli_strbcasestr(filename, ".ndb")) { |
|
705 |
+ } else if(cli_strbcasestr(filename, ".ndb") || cli_strbcasestr(filename, ".zmd")) { |
|
706 | 706 |
|
707 | 707 |
while(fgets(buffer, FILEBUFF, fd)) { |
708 | 708 |
line++; |
... | ... |
@@ -751,6 +754,7 @@ int listdir(const char *dirname) |
751 | 751 |
cli_strbcasestr(dent->d_name, ".db2") || |
752 | 752 |
cli_strbcasestr(dent->d_name, ".hdb") || |
753 | 753 |
cli_strbcasestr(dent->d_name, ".ndb") || |
754 |
+ cli_strbcasestr(dent->d_name, ".zmd") || |
|
754 | 755 |
cli_strbcasestr(dent->d_name, ".cvd"))) { |
755 | 756 |
|
756 | 757 |
dbfile = (char *) mcalloc(strlen(dent->d_name) + strlen(dirname) + 2, sizeof(char)); |