@@ -1,3 +1,10 @@

+Tue Aug 31 00:09:42 CEST 2004 (tk)

+----------------------------------

+  * sigtool: --md5 now can generate MD5 sigs from file list (requested by

+	     Christoph Cordes)

+  * Fix minor file descriptor leaks (reported by Christophe GRENIER

+    <grenier*cgsecurity.org>)

+

 Tue Aug 31 10:46:48 CEST 2004 (acab)

 ------------------------------------

   * libclamav/petite.c: Fixed inflooping (thx Christoph)

@@ -14,7 +21,7 @@ Mon Aug 30 14:00:43 CEST 2004 (tk)

 Mon Aug 30 12:36:49 BST 2004 (njh)

 ----------------------------------

   * libclamav/blob.c:	Fix compilation errors on AIX and OSF reported by

-				Fajar A. Nugraha <fajar@telkom.co.id>

+				Fajar A. Nugraha <fajar*telkom.co.id>

 Sat Aug 28 20:25:44 CEST 2004 (tk)

 ----------------------------------

@@ -165,7 +172,7 @@ Sat Aug 21 12:59:43 BST 2004 (njh)

 ----------------------------------

   * libclamav:	Changed the handling of miltipart messages, that is scanning

 			emails with attachments. Reports on impact on memory

-			usage and speed welcome to clamav-devel@lists.sf.net.

+			usage and speed welcome to clamav-devel*lists.sf.net.

 Fri Aug 20 21:05:04 CEST 2004 (tk)

 ----------------------------------

@@ -1,5 +1,5 @@

 .\" Manual page created by Tomasz Kojm, 20020629

-.TH "sigtool" "1" "August 18, 2004" "Tomasz Kojm" "Clam AntiVirus"

+.TH "sigtool" "1" "August 31, 2004" "Tomasz Kojm" "Clam AntiVirus"

 .SH "NAME"

 .LP 

 sigtool \- signature and database management tool

@@ -29,8 +29,8 @@ Write all messages to standard output (stdout), instead of standard error output

 \fB\-\-hex\-dump\fR

 Read data from stdin and write hex string to stdout.

 .TP 

-\fB\-\-md5\fR

-Generate MD5 checksum from stdin.

+\fB\-\-md5 [FILES]\fR

+Generate MD5 checksum from stdin or MD5 sigs for FILES.

 .TP 

 \fB\-i, \-\-info\fR

 Print a CVD information and verify MD5 and a digital signature.

@@ -564,11 +564,15 @@ int get_database(const char *dbfile, int socketfd, const char *file, const char

     if ((bread = recv(socketfd, buffer, FILEBUFF, 0)) == -1) {

       mprintf("@Error while reading database from %s\n", hostname);

+      close(fd);

+      unlink(file);

       return 52;

     }

     if ((strstr(buffer, "HTTP/1.1 404")) != NULL) { 

       mprintf("@%s not found on remote server\n", dbfile);

+      close(fd);

+      unlink(file);

       return 58;

     }

@@ -124,6 +124,7 @@ int cli_untgz(int fd, const char *destdir)

 		cli_errmsg("Invalid size in header.\n");

 		free(fullname);

 	        gzclose(infile);

+		fclose(outfile);

 		return -1;

 	    }

@@ -369,8 +370,12 @@ int cli_cvdload(FILE *fd, struct cl_node **root, int *virnum)

 		return CL_ETMPFILE;

 	    }

-	    if(!(buffer = (char *) cli_malloc(FILEBUFF)))

+	    if(!(buffer = (char *) cli_malloc(FILEBUFF))) {

+		free(dir);

+		free(tmp);

+		fclose(tmpd);

 		return CL_EMEM;

+	    }

 	    while((bytes = fread(buffer, 1, FILEBUFF, fd)) > 0)

 		fwrite(buffer, 1, bytes, tmpd);

@@ -384,6 +389,7 @@ int cli_cvdload(FILE *fd, struct cl_node **root, int *virnum)

 		cli_errmsg("cli_cvdload(): Can't unpack CVD file.\n");

 		cli_rmdirs(dir);

 		free(dir);

+		fclose(tmpd);

 		unlink(tmp);

 		free(tmp);

 		return CL_ECVDEXTR;

@@ -123,10 +123,8 @@ struct cfgstruct *parsecfg(const char *cfgfile, int messages)

 	};

-    if((fs = fopen(cfgfile, "r")) == NULL) {

+    if((fs = fopen(cfgfile, "r")) == NULL)

 	return NULL;

-    }

-

     while(fgets(buff, LINE_LENGTH, fs)) {

@@ -138,6 +136,7 @@ struct cfgstruct *parsecfg(const char *cfgfile, int messages)

 	if(!strncmp("Example", buff, 7)) {

 	    if(messages)

 		fprintf(stderr, "ERROR: Please edit the example config file %s.\n", cfgfile);

+	    fclose(fs);

 	    return NULL;

 	}

@@ -155,6 +154,7 @@ struct cfgstruct *parsecfg(const char *cfgfile, int messages)

 				if(!arg) {

 				    if(messages)

 					fprintf(stderr, "ERROR: Parse error at line %d: Option %s requires string as argument.\n", line, name);

+				    fclose(fs);

 				    return NULL;

 				}

 				copt = regcfg(copt, name, arg, 0);

@@ -163,6 +163,7 @@ struct cfgstruct *parsecfg(const char *cfgfile, int messages)

 				if(!arg) {

 				    if(messages)

 					fprintf(stderr, "ERROR: Parse error at line %d: Option %s requires string as argument.\n", line, name);

+				    fclose(fs);

 				    return NULL;

 				}

 				/* FIXME: this one is an ugly hack of the above case */

@@ -175,6 +176,7 @@ struct cfgstruct *parsecfg(const char *cfgfile, int messages)

 				if(!arg || !isnumb(arg)) {

 				    if(messages)

 					fprintf(stderr, "ERROR: Parse error at line %d: Option %s requires numerical argument.\n", line, name);

+				    fclose(fs);

 				    return NULL;

 				}

 				copt = regcfg(copt, name, NULL, atoi(arg));

@@ -184,6 +186,7 @@ struct cfgstruct *parsecfg(const char *cfgfile, int messages)

 				if(!arg) {

 				    if(messages)

 					fprintf(stderr, "ERROR: Parse error at line %d: Option %s requires argument.\n", line, name);

+				    fclose(fs);

 				    return NULL;

 				}

 				ctype = tolower(arg[strlen(arg) - 1]);

@@ -193,6 +196,7 @@ struct cfgstruct *parsecfg(const char *cfgfile, int messages)

 				    if(!isnumb(cpy)) {

 					if(messages)

 					    fprintf(stderr, "ERROR: Parse error at line %d: Option %s requires numerical (raw/K/M) argument.\n", line, name);

+					fclose(fs);

 					return NULL;

 				    }

 				    if(ctype == 'm')

@@ -204,6 +208,7 @@ struct cfgstruct *parsecfg(const char *cfgfile, int messages)

 				    if(!isnumb(arg)) {

 					if(messages)

 					    fprintf(stderr, "ERROR: Parse error at line %d: Option %s requires numerical (raw/K/M) argument.\n", line, name);

+					fclose(fs);

 					return NULL;

 				    }

 				    calc = atoi(arg);

@@ -215,6 +220,7 @@ struct cfgstruct *parsecfg(const char *cfgfile, int messages)

 				if(arg) {

 				    if(messages)

 					fprintf(stderr, "ERROR: Parse error at line %d: Option %s doesn't support arguments (got '%s').\n", line, name, arg);

+				    fclose(fs);

 				    return NULL;

 				}

 				copt = regcfg(copt, name, NULL, 0);

@@ -237,6 +243,7 @@ struct cfgstruct *parsecfg(const char *cfgfile, int messages)

 	    if(!found) {

 		if(messages)

 		    fprintf(stderr, "ERROR: Parse error at line %d: Unknown option %s.\n", line, name);

+		fclose(fs);

 		return NULL;

 	    }

 	}

@@ -1,5 +1,5 @@

 /*

- *  Copyright (C) 2001-2003 Tomasz Kojm <zolw@konarski.edu.pl>

+ *  Copyright (C) 2001-2002 Tomasz Kojm <zolw@konarski.edu.pl>

  *

  *  This program is free software; you can redistribute it and/or modify

  *  it under the terms of the GNU General Public License as published by

@@ -14,6 +14,7 @@

  *  You should have received a copy of the GNU General Public License

  *  along with this program; if not, write to the Free Software

  *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.

+ *

  */

 #if HAVE_CONFIG_H

@@ -27,14 +28,9 @@

 #define _GNU_SOURCE

 #include "getopt.h"

-#if defined(C_LINUX) && defined(CL_DEBUG)

-#include <sys/resource.h>

-#endif

-

 #include "options.h"

-#include "others.h"

-#include "output.h"

 #include "memory.h"

+#include "output.h"

 void sigtool(struct optstruct *opt);

@@ -43,7 +39,7 @@ int main(int argc, char **argv)

 	int ret, opt_index, i, len;

 	struct optstruct *opt;

-	const char *getopt_parameters = "hvVc:s:f:b:i:u:l::";

+	const char *getopt_parameters = "hvVb:i:u:l::";

 	static struct option long_options[] = {

 	    {"help", 0, 0, 'h'},

@@ -64,18 +60,11 @@ int main(int argc, char **argv)

 	    {0, 0, 0, 0}

     	};

-#if defined(C_LINUX) && defined(CL_DEBUG)

-	/* njh@bandsman.co.uk: create a dump if needed */

-	struct rlimit rlim;

-

-    rlim.rlim_cur = rlim.rlim_max = RLIM_INFINITY;

-    if(setrlimit(RLIMIT_CORE, &rlim) < 0)

-	perror("setrlimit");

-#endif

-    opt=(struct optstruct*)mcalloc(1, sizeof(struct optstruct));

+    opt=(struct optstruct*) mcalloc(1, sizeof(struct optstruct));

     opt->optlist = NULL;

+

     while(1) {

 	opt_index=0;

@@ -90,9 +79,13 @@ int main(int argc, char **argv)

 		break;

     	    default:

-		if(strchr(getopt_parameters, ret))

-		    register_char_option(opt, ret);

-		else {

+		if(strchr(getopt_parameters, ret)) {

+		    if(opt_index)

+			register_char_option(opt, ret, long_options[opt_index].name);

+		    else

+			register_char_option(opt, ret, NULL);

+

+		} else {

 		    mprintf("!Unknown option passed.\n");

 		    free_opt(opt);

 		    exit(40);

@@ -115,23 +108,22 @@ int main(int argc, char **argv)

         for(i=optind; i<argc; i++) {

 	    strncat(opt->filename, argv[i], strlen(argv[i]));

 	    if(i != argc-1)

-		strncat(opt->filename, " ", 1);

+		strncat(opt->filename, "\t", 1);

 	}

-    } else

-	/* FIXME !!! Without this, we have segfault */

-	opt->filename=(char*)mcalloc(1, sizeof(char));

-

+    }

     sigtool(opt);

+    free_opt(opt);

-    return(0);

+    return 0;

 }

-void register_char_option(struct optstruct *opt, char ch)

+void register_char_option(struct optstruct *opt, char ch, const char *longname)

 {

 	struct optnode *newnode;

+

     newnode = (struct optnode *) mmalloc(sizeof(struct optnode));

     newnode->optchar = ch;

     if(optarg != NULL) {

@@ -148,6 +140,7 @@ void register_long_option(struct optstruct *opt, const char *optname)

 {

 	struct optnode *newnode;

+

     newnode = (struct optnode *) mmalloc(sizeof(struct optnode));

     newnode->optchar = 0;

     if(optarg != NULL) {

@@ -231,10 +224,9 @@ void free_opt(struct optstruct *opt)

 {

 	struct optnode *handler, *prev;

-    if(!opt || !opt->optlist)

+    if(!opt)

 	return;

-    mprintf("*Freeing option list... ");

     handler = opt->optlist;

     while(handler != NULL) {

@@ -246,7 +238,7 @@ void free_opt(struct optstruct *opt)

 	free(prev);

     }

-    free(opt->filename);

+    if (opt->filename)

+    	free(opt->filename);

     free(opt);

-    mprintf("*done\n");

 }

@@ -33,14 +33,10 @@ struct optstruct {

 int optc(const struct optstruct *opt, char ch);

 int optl(const struct optstruct *opt, const char *optname);

-void register_char_option(struct optstruct *opt, char ch);

+void register_char_option(struct optstruct *opt, char ch, const char *longname);

 void register_long_option(struct optstruct *opt, const char *optname);

 char *getargc(const struct optstruct *opt, char ch);

-char *getfirstargc(const struct optstruct *opt, char ch, struct optnode **optnode);

-char *getnextargc(struct optnode **optnode, char ch);

 char *getargl(const struct optstruct *opt, const char *optname);

-char *getfirstargl(const struct optstruct *opt, const char *optname, struct optnode **optnode);

-char *getnextargl(struct optnode **optnode, const char *optname);

 void free_opt(struct optstruct *opt);

 #endif

@@ -21,7 +21,6 @@

 #include "clamav-config.h"

 #endif

-

 #include <stdio.h>

 #include <stdlib.h>

 #include <string.h>

@@ -52,10 +51,6 @@

 #include "../libclamav/others.h"

 #include "../libclamav/str.h"

-#define LINE 1024

-

-#define MIN_LENGTH 15

-#define MAX_LENGTH 200

 void help(void);

 char *getdsig(const char *host, const char *user, const char *data);

@@ -65,21 +60,16 @@ int unpack(struct optstruct *opt);

 int listdb(const char *filename);

 int listdir(const char *dirname);

 void listsigs(struct optstruct *opt);

-int cli_rmdirs(const char *dirname); /* libclamav's internal */

 void sigtool(struct optstruct *opt)

 {

-	    char buffer[FILEBUFF];

-	    int bytes;

-	    char *pt;

-

-    if(optl(opt, "quiet")) mprintf_quiet = 1;

-    else mprintf_quiet = 0;

+    if(optl(opt, "quiet"))

+	mprintf_quiet = 1;

-    if(optl(opt, "stdout")) mprintf_stdout = 1;

-    else mprintf_stdout = 0;

+    if(optl(opt, "stdout"))

+	mprintf_stdout = 1;

     if(optl(opt, "debug"))

 	cl_debug();

@@ -95,6 +85,9 @@ void sigtool(struct optstruct *opt)

     }

     if(optl(opt, "hex-dump")) {

+	    char buffer[FILEBUFF];

+	    int bytes;

+	    char *pt;

 	while((bytes = read(0, buffer, FILEBUFF)) > 0) {

 	    pt = cli_str2hex(buffer, bytes);

@@ -103,10 +96,37 @@ void sigtool(struct optstruct *opt)

 	}

     } else if(optl(opt, "md5")) {

+	    char *md5, *filename;

+	    int i;

+	    struct stat sb;

-	char *md5 = cli_md5stream(stdin);

-	mprintf("%s\n", md5);

-	free(md5);

+	mprintf_stdout = 1;

+

+	if(opt->filename) {

+

+	    for(i = 0; (filename = cli_strtok(opt->filename, i, "\t")); i++) {

+		if(stat(filename, &sb) == -1) {

+		    mprintf("!Can't access file %s\n", filename);

+		    perror(filename);

+		} else {

+		    if((sb.st_mode & S_IFMT) == S_IFREG) {

+			if((md5 = cli_md5file(filename))) {

+			    mprintf("%s:%d:%s\n", md5, sb.st_size, filename);

+			    free(md5);

+			} else

+			    mprintf("!Can't generate MD5 checksum for %s\n", filename);

+		    }

+		}

+

+		free(filename);

+	    }

+

+	} else {

+

+	    md5 = cli_md5stream(stdin);

+	    mprintf("%s\n", md5);

+	    free(md5);

+	}

     } else if(optc(opt, 'b')) {

 	if(!optl(opt, "server")) {

@@ -137,7 +157,6 @@ void sigtool(struct optstruct *opt)

 	help();

     }

-    free_opt(opt);

 }

 int countlines(const char *filename)

@@ -539,6 +558,7 @@ int listdb(const char *filename)

     if(!(buffer = (char *) mmalloc(FILEBUFF))) {

 	mprintf("!listdb(): Can't allocate memory.\n");

+	fclose(fd);

 	return -1;

     }

@@ -596,6 +616,7 @@ int listdb(const char *filename)

 	    mprintf("!listdb(): Can't unpack CVD file.\n");

 	    cli_rmdirs(dir);

 	    free(dir);

+	    fclose(tmpd);

 	    unlink(tmp);

 	    free(tmp);

 	    free(buffer);

@@ -718,7 +739,8 @@ void help(void)

     mprintf("    --stdout                               write to stdout instead of stderr\n");

     mprintf("    --hex-dump                             convert data from stdin to a hex\n");

     mprintf("                                           string and print it on stdout\n");

-    mprintf("    --md5                                  generate MD5 checksum from stdin\n");

+    mprintf("    --md5 [FILES]                          generate MD5 checksum from stdin\n");

+    mprintf("                                           or MD5 sigs for FILES\n");

     mprintf("    --info=FILE            -i FILE         print database information\n");

     mprintf("    --build=NAME           -b NAME         build a CVD file\n");

     mprintf("    --server=ADDR                          ClamAV Signing Service address\n");