... | ... |
@@ -207,15 +207,15 @@ am_libclamav_la_OBJECTS = libclamav_la-matcher-ac.lo \ |
207 | 207 |
libclamav_la-aspack.lo libclamav_la-packlibs.lo \ |
208 | 208 |
libclamav_la-fsg.lo libclamav_la-mew.lo libclamav_la-upack.lo \ |
209 | 209 |
libclamav_la-line.lo libclamav_la-untar.lo \ |
210 |
- libclamav_la-unzip.lo libclamav_la-inflate64.lo \ |
|
211 |
- libclamav_la-special.lo libclamav_la-binhex.lo \ |
|
212 |
- libclamav_la-is_tar.lo libclamav_la-tnef.lo \ |
|
213 |
- libclamav_la-autoit.lo libclamav_la-unarj.lo \ |
|
214 |
- libclamav_la-bzlib.lo libclamav_la-nulsft.lo \ |
|
215 |
- libclamav_la-infblock.lo libclamav_la-pdf.lo \ |
|
216 |
- libclamav_la-spin.lo libclamav_la-yc.lo libclamav_la-elf.lo \ |
|
217 |
- libclamav_la-sis.lo libclamav_la-uuencode.lo \ |
|
218 |
- libclamav_la-phishcheck.lo \ |
|
210 |
+ libclamav_la-unzip.lo libclamav_la-ooxml.lo \ |
|
211 |
+ libclamav_la-inflate64.lo libclamav_la-special.lo \ |
|
212 |
+ libclamav_la-binhex.lo libclamav_la-is_tar.lo \ |
|
213 |
+ libclamav_la-tnef.lo libclamav_la-autoit.lo \ |
|
214 |
+ libclamav_la-unarj.lo libclamav_la-bzlib.lo \ |
|
215 |
+ libclamav_la-nulsft.lo libclamav_la-infblock.lo \ |
|
216 |
+ libclamav_la-pdf.lo libclamav_la-spin.lo libclamav_la-yc.lo \ |
|
217 |
+ libclamav_la-elf.lo libclamav_la-sis.lo \ |
|
218 |
+ libclamav_la-uuencode.lo libclamav_la-phishcheck.lo \ |
|
219 | 219 |
libclamav_la-phish_domaincheck_db.lo \ |
220 | 220 |
libclamav_la-phish_whitelist.lo libclamav_la-regex_list.lo \ |
221 | 221 |
libclamav_la-regex_suffix.lo libclamav_la-mspack.lo \ |
... | ... |
@@ -786,45 +786,45 @@ libclamav_la_SOURCES = matcher-ac.c matcher-ac.h matcher-bm.c \ |
786 | 786 |
rebuildpe.c rebuildpe.h petite.c petite.h wwunpack.c \ |
787 | 787 |
wwunpack.h unsp.c unsp.h aspack.c aspack.h packlibs.c \ |
788 | 788 |
packlibs.h fsg.c fsg.h mew.c mew.h upack.c upack.h line.c \ |
789 |
- line.h untar.c untar.h unzip.c unzip.h inflate64.c inflate64.h \ |
|
790 |
- inffixed64.h inflate64_priv.h special.c special.h binhex.c \ |
|
791 |
- binhex.h is_tar.c is_tar.h tnef.c tnef.h autoit.c autoit.h \ |
|
792 |
- unarj.c unarj.h nsis/bzlib.c nsis/bzlib_private.h \ |
|
793 |
- nsis/nsis_bzlib.h nsis/nulsft.c nsis/nulsft.h nsis/infblock.c \ |
|
794 |
- nsis/nsis_zconf.h nsis/nsis_zlib.h nsis/nsis_zutil.h pdf.c \ |
|
795 |
- pdf.h spin.c spin.h yc.c yc.h elf.c elf.h execs.h sis.c sis.h \ |
|
796 |
- uuencode.c uuencode.h phishcheck.c phishcheck.h \ |
|
797 |
- phish_domaincheck_db.c phish_domaincheck_db.h \ |
|
798 |
- phish_whitelist.c phish_whitelist.h iana_cctld.h iana_tld.h \ |
|
799 |
- regex_list.c regex_list.h regex_suffix.c regex_suffix.h \ |
|
800 |
- mspack.c mspack.h cab.c cab.h entconv.c entconv.h entitylist.h \ |
|
801 |
- encoding_aliases.h hashtab.c hashtab.h dconf.c dconf.h \ |
|
802 |
- lzma_iface.c lzma_iface.h 7z_iface.c 7z_iface.h 7z/7z.h \ |
|
803 |
- 7z/7zAlloc.c 7z/7zAlloc.h 7z/7zBuf.c 7z/7zBuf.h 7z/7zBuf2.c \ |
|
804 |
- 7z/7zCrc.c 7z/7zCrc.h 7z/7zDec.c 7z/7zFile.c 7z/7zFile.h \ |
|
805 |
- 7z/7zIn.c 7z/7zStream.c 7z/7zVersion.h 7z/Bcj2.c 7z/Bcj2.h \ |
|
806 |
- 7z/Bra.c 7z/Bra.h 7z/Bra86.c 7z/CpuArch.h 7z/Lzma2Dec.c \ |
|
807 |
- 7z/Lzma2Dec.h 7z/LzmaDec.c 7z/LzmaDec.h 7z/Ppmd.h 7z/Ppmd7.c \ |
|
808 |
- 7z/Ppmd7.h 7z/Ppmd7Dec.c 7z/Types.h 7z/Xz.c 7z/Xz.h \ |
|
809 |
- 7z/XzCrc64.c 7z/XzCrc64.h 7z/XzDec.c 7z/XzIn.c 7z/Delta.c \ |
|
810 |
- 7z/Delta.h 7z/Alloc.h 7z/BraIA64.c 7z/CpuArch.c 7z/CpuArch.h \ |
|
811 |
- 7z/7zCrcOpt.c 7z/RotateDefs.h explode.c explode.h textnorm.c \ |
|
812 |
- textnorm.h dlp.c dlp.h jsparse/js-norm.c jsparse/js-norm.h \ |
|
813 |
- jsparse/lexglobal.h jsparse/textbuf.h uniq.c uniq.h version.c \ |
|
814 |
- version.h mpool.c mpool.h filtering.h filtering.c fmap.c \ |
|
815 |
- fmap.h perflogging.c perflogging.h default.h bytecode.c \ |
|
816 |
- bytecode.h bytecode_vm.c bytecode_priv.h clambc.h cpio.c \ |
|
817 |
- cpio.h macho.c macho.h ishield.c ishield.h type_desc.h \ |
|
818 |
- bcfeatures.h bytecode_api.c bytecode_api_decl.c bytecode_api.h \ |
|
819 |
- bytecode_api_impl.h bytecode_hooks.h cache.c cache.h \ |
|
820 |
- bytecode_detect.c bytecode_detect.h builtin_bytecodes.h \ |
|
821 |
- events.c events.h adc.c adc.h dmg.c dmg.h xar.c xar.h mbr.c \ |
|
822 |
- mbr.h gpt.c gpt.h apm.c apm.h prtn_intxn.c prtn_intxn.h \ |
|
823 |
- json_api.c json_api.h xz_iface.c xz_iface.h sf_base64decode.c \ |
|
824 |
- sf_base64decode.h hfsplus.c hfsplus.h swf.c swf.h jpeg.c \ |
|
825 |
- jpeg.h png.c png.h iso9660.c iso9660.h arc4.c arc4.h \ |
|
826 |
- rijndael.c rijndael.h crtmgr.c crtmgr.h asn1.c asn1.h fpu.c \ |
|
827 |
- fpu.h stats.c stats.h www.c www.h json.c json.h hostid.c \ |
|
789 |
+ line.h untar.c untar.h unzip.c unzip.h ooxml.c ooxml.h \ |
|
790 |
+ inflate64.c inflate64.h inffixed64.h inflate64_priv.h \ |
|
791 |
+ special.c special.h binhex.c binhex.h is_tar.c is_tar.h tnef.c \ |
|
792 |
+ tnef.h autoit.c autoit.h unarj.c unarj.h nsis/bzlib.c \ |
|
793 |
+ nsis/bzlib_private.h nsis/nsis_bzlib.h nsis/nulsft.c \ |
|
794 |
+ nsis/nulsft.h nsis/infblock.c nsis/nsis_zconf.h \ |
|
795 |
+ nsis/nsis_zlib.h nsis/nsis_zutil.h pdf.c pdf.h spin.c spin.h \ |
|
796 |
+ yc.c yc.h elf.c elf.h execs.h sis.c sis.h uuencode.c \ |
|
797 |
+ uuencode.h phishcheck.c phishcheck.h phish_domaincheck_db.c \ |
|
798 |
+ phish_domaincheck_db.h phish_whitelist.c phish_whitelist.h \ |
|
799 |
+ iana_cctld.h iana_tld.h regex_list.c regex_list.h \ |
|
800 |
+ regex_suffix.c regex_suffix.h mspack.c mspack.h cab.c cab.h \ |
|
801 |
+ entconv.c entconv.h entitylist.h encoding_aliases.h hashtab.c \ |
|
802 |
+ hashtab.h dconf.c dconf.h lzma_iface.c lzma_iface.h 7z_iface.c \ |
|
803 |
+ 7z_iface.h 7z/7z.h 7z/7zAlloc.c 7z/7zAlloc.h 7z/7zBuf.c \ |
|
804 |
+ 7z/7zBuf.h 7z/7zBuf2.c 7z/7zCrc.c 7z/7zCrc.h 7z/7zDec.c \ |
|
805 |
+ 7z/7zFile.c 7z/7zFile.h 7z/7zIn.c 7z/7zStream.c 7z/7zVersion.h \ |
|
806 |
+ 7z/Bcj2.c 7z/Bcj2.h 7z/Bra.c 7z/Bra.h 7z/Bra86.c 7z/CpuArch.h \ |
|
807 |
+ 7z/Lzma2Dec.c 7z/Lzma2Dec.h 7z/LzmaDec.c 7z/LzmaDec.h \ |
|
808 |
+ 7z/Ppmd.h 7z/Ppmd7.c 7z/Ppmd7.h 7z/Ppmd7Dec.c 7z/Types.h \ |
|
809 |
+ 7z/Xz.c 7z/Xz.h 7z/XzCrc64.c 7z/XzCrc64.h 7z/XzDec.c 7z/XzIn.c \ |
|
810 |
+ 7z/Delta.c 7z/Delta.h 7z/Alloc.h 7z/BraIA64.c 7z/CpuArch.c \ |
|
811 |
+ 7z/CpuArch.h 7z/7zCrcOpt.c 7z/RotateDefs.h explode.c explode.h \ |
|
812 |
+ textnorm.c textnorm.h dlp.c dlp.h jsparse/js-norm.c \ |
|
813 |
+ jsparse/js-norm.h jsparse/lexglobal.h jsparse/textbuf.h uniq.c \ |
|
814 |
+ uniq.h version.c version.h mpool.c mpool.h filtering.h \ |
|
815 |
+ filtering.c fmap.c fmap.h perflogging.c perflogging.h \ |
|
816 |
+ default.h bytecode.c bytecode.h bytecode_vm.c bytecode_priv.h \ |
|
817 |
+ clambc.h cpio.c cpio.h macho.c macho.h ishield.c ishield.h \ |
|
818 |
+ type_desc.h bcfeatures.h bytecode_api.c bytecode_api_decl.c \ |
|
819 |
+ bytecode_api.h bytecode_api_impl.h bytecode_hooks.h cache.c \ |
|
820 |
+ cache.h bytecode_detect.c bytecode_detect.h \ |
|
821 |
+ builtin_bytecodes.h events.c events.h adc.c adc.h dmg.c dmg.h \ |
|
822 |
+ xar.c xar.h mbr.c mbr.h gpt.c gpt.h apm.c apm.h prtn_intxn.c \ |
|
823 |
+ prtn_intxn.h json_api.c json_api.h xz_iface.c xz_iface.h \ |
|
824 |
+ sf_base64decode.c sf_base64decode.h hfsplus.c hfsplus.h swf.c \ |
|
825 |
+ swf.h jpeg.c jpeg.h png.c png.h iso9660.c iso9660.h arc4.c \ |
|
826 |
+ arc4.h rijndael.c rijndael.h crtmgr.c crtmgr.h asn1.c asn1.h \ |
|
827 |
+ fpu.c fpu.h stats.c stats.h www.c www.h json.c json.h hostid.c \ |
|
828 | 828 |
hostid.h openioc.c openioc.h bignum.h bignum_fast.h \ |
829 | 829 |
tomsfastmath/addsub/fp_add.c tomsfastmath/addsub/fp_add_d.c \ |
830 | 830 |
tomsfastmath/addsub/fp_addmod.c tomsfastmath/addsub/fp_cmp.c \ |
... | ... |
@@ -1179,6 +1179,7 @@ distclean-compile: |
1179 | 1179 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-mspack.Plo@am__quote@ |
1180 | 1180 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-nulsft.Plo@am__quote@ |
1181 | 1181 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-ole2_extract.Plo@am__quote@ |
1182 |
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-ooxml.Plo@am__quote@ |
|
1182 | 1183 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-openioc.Plo@am__quote@ |
1183 | 1184 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-others.Plo@am__quote@ |
1184 | 1185 |
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-packlibs.Plo@am__quote@ |
... | ... |
@@ -1525,6 +1526,13 @@ libclamav_la-unzip.lo: unzip.c |
1525 | 1525 |
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ |
1526 | 1526 |
@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libclamav_la_CFLAGS) $(CFLAGS) -c -o libclamav_la-unzip.lo `test -f 'unzip.c' || echo '$(srcdir)/'`unzip.c |
1527 | 1527 |
|
1528 |
+libclamav_la-ooxml.lo: ooxml.c |
|
1529 |
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libclamav_la_CFLAGS) $(CFLAGS) -MT libclamav_la-ooxml.lo -MD -MP -MF $(DEPDIR)/libclamav_la-ooxml.Tpo -c -o libclamav_la-ooxml.lo `test -f 'ooxml.c' || echo '$(srcdir)/'`ooxml.c |
|
1530 |
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libclamav_la-ooxml.Tpo $(DEPDIR)/libclamav_la-ooxml.Plo |
|
1531 |
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ooxml.c' object='libclamav_la-ooxml.lo' libtool=yes @AMDEPBACKSLASH@ |
|
1532 |
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ |
|
1533 |
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libclamav_la_CFLAGS) $(CFLAGS) -c -o libclamav_la-ooxml.lo `test -f 'ooxml.c' || echo '$(srcdir)/'`ooxml.c |
|
1534 |
+ |
|
1528 | 1535 |
libclamav_la-inflate64.lo: inflate64.c |
1529 | 1536 |
@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libclamav_la_CFLAGS) $(CFLAGS) -MT libclamav_la-inflate64.lo -MD -MP -MF $(DEPDIR)/libclamav_la-inflate64.Tpo -c -o libclamav_la-inflate64.lo `test -f 'inflate64.c' || echo '$(srcdir)/'`inflate64.c |
1530 | 1537 |
@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libclamav_la-inflate64.Tpo $(DEPDIR)/libclamav_la-inflate64.Plo |
1531 | 1538 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,313 @@ |
0 |
+/* |
|
1 |
+ * OOXML JSON Internals |
|
2 |
+ * |
|
3 |
+ * Copyright (C) 2014 Cisco Systems, Inc. and/or its affiliates. All rights reserved. |
|
4 |
+ * |
|
5 |
+ * Authors: Kevin Lin |
|
6 |
+ * |
|
7 |
+ * This program is free software; you can redistribute it and/or modify it under |
|
8 |
+ * the terms of the GNU General Public License version 2 as published by the |
|
9 |
+ * Free Software Foundation. |
|
10 |
+ * |
|
11 |
+ * This program is distributed in the hope that it will be useful, but WITHOUT |
|
12 |
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
13 |
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for |
|
14 |
+ * more details. |
|
15 |
+ * |
|
16 |
+ * You should have received a copy of the GNU General Public License along with |
|
17 |
+ * this program; if not, write to the Free Software Foundation, Inc., 51 |
|
18 |
+ * Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
|
19 |
+ */ |
|
20 |
+ |
|
21 |
+#if HAVE_CONFIG_H |
|
22 |
+#include "clamav-config.h" |
|
23 |
+#endif |
|
24 |
+ |
|
25 |
+#include <openssl/ssl.h> |
|
26 |
+#include <openssl/err.h> |
|
27 |
+#include "libclamav/crypto.h" |
|
28 |
+ |
|
29 |
+#include "cltypes.h" |
|
30 |
+#include "others.h" |
|
31 |
+#include "unzip.h" |
|
32 |
+#include "json_api.h" |
|
33 |
+ |
|
34 |
+#if HAVE_LIBXML2 |
|
35 |
+#ifdef _WIN32 |
|
36 |
+#ifndef LIBXML_WRITER_ENABLED |
|
37 |
+#define LIBXML_WRITER_ENABLED 1 |
|
38 |
+#endif |
|
39 |
+#endif |
|
40 |
+#include <libxml/xmlreader.h> |
|
41 |
+#endif |
|
42 |
+ |
|
43 |
+#define OOXML_JSON_RECLEVEL 16 |
|
44 |
+#define OOXML_JSON_RECLEVEL_MAX 32 |
|
45 |
+ |
|
46 |
+static int ooxml_is_int(const char *value, size_t len, int32_t *val2) |
|
47 |
+{ |
|
48 |
+ long val3; |
|
49 |
+ char *endptr = NULL; |
|
50 |
+ |
|
51 |
+ val3 = strtol(value, &endptr, 10); |
|
52 |
+ if (endptr != value+len) { |
|
53 |
+ return 0; |
|
54 |
+ } |
|
55 |
+ |
|
56 |
+ *val2 = (int32_t)(val3 & 0x0000ffff); |
|
57 |
+ |
|
58 |
+ return 1; |
|
59 |
+} |
|
60 |
+ |
|
61 |
+static int ooxml_basic_json(int fd, cli_ctx *ctx, const char *key) |
|
62 |
+{ |
|
63 |
+#if HAVE_LIBXML2 |
|
64 |
+#if HAVE_JSON |
|
65 |
+ const xmlChar *stack[OOXML_JSON_RECLEVEL]; |
|
66 |
+ json_object *summary, *wrkptr; |
|
67 |
+ int type, rlvl = 0, ret = CL_SUCCESS; |
|
68 |
+ int32_t val2; |
|
69 |
+ const xmlChar *name, *value; |
|
70 |
+ xmlTextReaderPtr reader = NULL; |
|
71 |
+ |
|
72 |
+ cli_dbgmsg("in ooxml_basic_json\n"); |
|
73 |
+ |
|
74 |
+ reader = xmlReaderForFd(fd, "properties.xml", NULL, 0); |
|
75 |
+ if (reader == NULL) { |
|
76 |
+ cli_dbgmsg("ooxml_basic_json: xmlReaderForFd error for %s\n", key); |
|
77 |
+ return CL_SUCCESS; // libxml2 failed! |
|
78 |
+ } |
|
79 |
+ |
|
80 |
+ summary = json_object_new_object(); |
|
81 |
+ if (NULL == summary) { |
|
82 |
+ cli_errmsg("ooxml_basic_json: no memory for json object.\n"); |
|
83 |
+ ret = CL_EFORMAT; |
|
84 |
+ goto ooxml_basic_exit; |
|
85 |
+ } |
|
86 |
+ |
|
87 |
+ while (xmlTextReaderRead(reader) == 1) { |
|
88 |
+ name = xmlTextReaderConstLocalName(reader); |
|
89 |
+ value = xmlTextReaderConstValue(reader); |
|
90 |
+ type = xmlTextReaderNodeType(reader); |
|
91 |
+ |
|
92 |
+ cli_dbgmsg("%s [%i]: %s\n", name, type, value); |
|
93 |
+ |
|
94 |
+ switch (type) { |
|
95 |
+ case XML_READER_TYPE_ELEMENT: |
|
96 |
+ stack[rlvl] = name; |
|
97 |
+ rlvl++; |
|
98 |
+ break; |
|
99 |
+ case XML_READER_TYPE_TEXT: |
|
100 |
+ { |
|
101 |
+ wrkptr = summary; |
|
102 |
+ if (rlvl > 2) { /* 0 is root xml object */ |
|
103 |
+ int i; |
|
104 |
+ for (i = 1; i < rlvl-1; ++i) { |
|
105 |
+ json_object *newptr = json_object_object_get(wrkptr, stack[i]); |
|
106 |
+ if (!newptr) { |
|
107 |
+ newptr = json_object_new_object(); |
|
108 |
+ if (NULL == newptr) { |
|
109 |
+ cli_errmsg("ooxml_basic_json: no memory for json object.\n"); |
|
110 |
+ ret = CL_EMEM; |
|
111 |
+ goto ooxml_basic_exit; |
|
112 |
+ } |
|
113 |
+ json_object_object_add(wrkptr, stack[i], newptr); |
|
114 |
+ } |
|
115 |
+ else { |
|
116 |
+ /* object already exists */ |
|
117 |
+ if (!json_object_is_type(newptr, json_type_object)) { |
|
118 |
+ cli_warnmsg("ooxml_content_cb: json object already exists as not an object\n"); |
|
119 |
+ ret = CL_EFORMAT; |
|
120 |
+ goto ooxml_basic_exit; |
|
121 |
+ } |
|
122 |
+ } |
|
123 |
+ wrkptr = newptr; |
|
124 |
+ cli_dbgmsg("stack %d: %s\n", i, stack[i]); |
|
125 |
+ } |
|
126 |
+ } |
|
127 |
+ |
|
128 |
+ if (ooxml_is_int(value, xmlStrlen(value), &val2)) { |
|
129 |
+ ret = cli_jsonint(wrkptr, stack[rlvl-1], val2); |
|
130 |
+ } |
|
131 |
+ else if (!xmlStrcmp(value, "true")) { |
|
132 |
+ ret = cli_jsonbool(wrkptr, stack[rlvl-1], 1); |
|
133 |
+ } |
|
134 |
+ else if (!xmlStrcmp(value, "false")) { |
|
135 |
+ ret = cli_jsonbool(wrkptr, stack[rlvl-1], 0); |
|
136 |
+ } |
|
137 |
+ else { |
|
138 |
+ ret = cli_jsonstr(wrkptr, stack[rlvl-1], value); |
|
139 |
+ } |
|
140 |
+ |
|
141 |
+ if (ret != CL_SUCCESS) |
|
142 |
+ goto ooxml_basic_exit; |
|
143 |
+ } |
|
144 |
+ break; |
|
145 |
+ case XML_READER_TYPE_END_ELEMENT: |
|
146 |
+ rlvl--; |
|
147 |
+ break; |
|
148 |
+ default: |
|
149 |
+ cli_dbgmsg("ooxml_content_cb: unhandled xml node %s [%i]: %s\n", name, type, value); |
|
150 |
+ ret = CL_EFORMAT; |
|
151 |
+ goto ooxml_basic_exit; |
|
152 |
+ } |
|
153 |
+ } |
|
154 |
+ |
|
155 |
+ json_object_object_add(ctx->wrkproperty, key, summary); |
|
156 |
+ |
|
157 |
+ if (rlvl != 0) { |
|
158 |
+ cli_warnmsg("ooxml_basic_json: office property file has unbalanced tags\n"); |
|
159 |
+ /* FAIL */ |
|
160 |
+ } |
|
161 |
+ |
|
162 |
+ ooxml_basic_exit: |
|
163 |
+ xmlTextReaderClose(reader); |
|
164 |
+ xmlFreeTextReader(reader); |
|
165 |
+#else |
|
166 |
+ cli_dbgmsg("ooxml_basic_json: libjson needs to enabled!\n"); |
|
167 |
+#endif |
|
168 |
+#else |
|
169 |
+ cli_dbgmsg("ooxml_basic_json: libxml2 needs to enabled!\n"); |
|
170 |
+#endif |
|
171 |
+ return ret; |
|
172 |
+} |
|
173 |
+ |
|
174 |
+static int ooxml_core_cb(int fd, cli_ctx *ctx) |
|
175 |
+{ |
|
176 |
+ cli_dbgmsg("in ooxml_core_cb\n"); |
|
177 |
+ return ooxml_basic_json(fd, ctx, "CoreProperties"); |
|
178 |
+} |
|
179 |
+ |
|
180 |
+static int ooxml_extn_cb(int fd, cli_ctx *ctx) |
|
181 |
+{ |
|
182 |
+ cli_dbgmsg("in ooxml_extn_cb\n"); |
|
183 |
+ return ooxml_basic_json(fd, ctx, "ExtendedProperties"); |
|
184 |
+} |
|
185 |
+ |
|
186 |
+static int ooxml_content_cb(int fd, cli_ctx *ctx) |
|
187 |
+{ |
|
188 |
+#if HAVE_LIBXML2 |
|
189 |
+ int ret = CL_SUCCESS; |
|
190 |
+ int core=0, extn=0, cust=0; |
|
191 |
+ const xmlChar *name, *value, *CT, *PN; |
|
192 |
+ xmlTextReaderPtr reader = NULL; |
|
193 |
+ uint32_t loff; |
|
194 |
+ |
|
195 |
+ cli_dbgmsg("in ooxml_content_cb\n"); |
|
196 |
+ |
|
197 |
+ reader = xmlReaderForFd(fd, "[Content_Types].xml", NULL, 0); |
|
198 |
+ if (reader == NULL) { |
|
199 |
+ cli_dbgmsg("ooxml_content_cb: xmlReaderForFd error for ""[Content_Types].xml""\n"); |
|
200 |
+ return CL_SUCCESS; // libxml2 failed! |
|
201 |
+ } |
|
202 |
+ |
|
203 |
+ /* locate core-properties, extended-properties, and custom-properties (optional) */ |
|
204 |
+ while (xmlTextReaderRead(reader) == 1) { |
|
205 |
+ name = xmlTextReaderConstLocalName(reader); |
|
206 |
+ if (name == NULL) continue; |
|
207 |
+ |
|
208 |
+ if (strcmp(name, "Override")) continue; |
|
209 |
+ |
|
210 |
+ if (!xmlTextReaderHasAttributes(reader)) continue; |
|
211 |
+ |
|
212 |
+ CT = NULL; PN = NULL; |
|
213 |
+ while (xmlTextReaderMoveToNextAttribute(reader) == 1) { |
|
214 |
+ name = xmlTextReaderConstLocalName(reader); |
|
215 |
+ value = xmlTextReaderConstValue(reader); |
|
216 |
+ if (name == NULL || value == NULL) continue; |
|
217 |
+ |
|
218 |
+ if (!xmlStrcmp(name, "ContentType")) { |
|
219 |
+ CT = value; |
|
220 |
+ } |
|
221 |
+ else if (!xmlStrcmp(name, "PartName")) { |
|
222 |
+ PN = value; |
|
223 |
+ } |
|
224 |
+ |
|
225 |
+ cli_dbgmsg("%s: %s\n", name, value); |
|
226 |
+ } |
|
227 |
+ |
|
228 |
+ if (!CT && !PN) continue; |
|
229 |
+ |
|
230 |
+ if (!core && !xmlStrcmp(CT, "application/vnd.openxmlformats-package.core-properties+xml")) { |
|
231 |
+ /* default: /docProps/core.xml*/ |
|
232 |
+ if (unzip_search(ctx, PN+1, xmlStrlen(PN)-1, &loff) != CL_VIRUS) { |
|
233 |
+ cli_dbgmsg("cli_process_ooxml: failed to find core properties file \"%s\"!\n", PN); |
|
234 |
+ } |
|
235 |
+ else { |
|
236 |
+ cli_dbgmsg("ooxml_content_cb: found core properties file \"%s\" @ %x\n", PN, loff); |
|
237 |
+ ret = unzip_single_internal(ctx, loff, ooxml_core_cb); |
|
238 |
+ } |
|
239 |
+ core = 1; |
|
240 |
+ } |
|
241 |
+ else if (!extn && !xmlStrcmp(CT, "application/vnd.openxmlformats-officedocument.extended-properties+xml")) { |
|
242 |
+ /* default: /docProps/app.xml */ |
|
243 |
+ if (unzip_search(ctx, PN+1, xmlStrlen(PN)-1, &loff) != CL_VIRUS) { |
|
244 |
+ cli_dbgmsg("cli_process_ooxml: failed to find extended properties file \"%s\"!\n", PN); |
|
245 |
+ } |
|
246 |
+ else { |
|
247 |
+ cli_dbgmsg("ooxml_content_cb: found extended properties file \"%s\" @ %x\n", PN, loff); |
|
248 |
+ ret = unzip_single_internal(ctx, loff, ooxml_extn_cb); |
|
249 |
+ } |
|
250 |
+ extn = 1; |
|
251 |
+ } |
|
252 |
+ else if (!cust && !xmlStrcmp(CT, "application/vnd.openxmlformats-officedocument.custom-properties+xml")) { |
|
253 |
+ /* default: /docProps/custom.xml */ |
|
254 |
+ if (unzip_search(ctx, PN+1, xmlStrlen(PN)-1, &loff) != CL_VIRUS) { |
|
255 |
+ cli_dbgmsg("cli_process_ooxml: failed to find custom properties file \"%s\"!\n", PN); |
|
256 |
+ } |
|
257 |
+ else { |
|
258 |
+ cli_dbgmsg("ooxml_content_cb: found custom properties file \"%s\" @ %x\n", PN, loff); |
|
259 |
+ /* custom properties ignored for now */ |
|
260 |
+ //ret = unzip_single_internal(ctx, loff, ooxml_cust_cb); |
|
261 |
+ } |
|
262 |
+ cust = 1; |
|
263 |
+ } |
|
264 |
+ |
|
265 |
+ if (ret != CL_SUCCESS) |
|
266 |
+ goto ooxml_content_exit; |
|
267 |
+ } |
|
268 |
+ |
|
269 |
+ if (!core) { |
|
270 |
+ cli_dbgmsg("cli_process_ooxml: file does not contain core properties file\n"); |
|
271 |
+ } |
|
272 |
+ if (!extn) { |
|
273 |
+ cli_dbgmsg("cli_process_ooxml: file does not contain extended properties file\n"); |
|
274 |
+ } |
|
275 |
+ if (!cust) { |
|
276 |
+ cli_dbgmsg("cli_process_ooxml: file does not contain custom properties file\n"); |
|
277 |
+ } |
|
278 |
+ |
|
279 |
+ ooxml_content_exit: |
|
280 |
+ xmlTextReaderClose(reader); |
|
281 |
+ xmlFreeTextReader(reader); |
|
282 |
+ return ret; |
|
283 |
+#else |
|
284 |
+ cli_dbgmsg("ooxml_content_cb: libxml2 needs to enabled!"); |
|
285 |
+ return CL_SUCCESS; |
|
286 |
+#endif |
|
287 |
+} |
|
288 |
+ |
|
289 |
+int cli_process_ooxml(cli_ctx *ctx) |
|
290 |
+{ |
|
291 |
+#if HAVE_LIBXML2 |
|
292 |
+ uint32_t loff = 0; |
|
293 |
+ |
|
294 |
+ cli_dbgmsg("in cli_processooxml\n"); |
|
295 |
+ if (!ctx) { |
|
296 |
+ return CL_ENULLARG; |
|
297 |
+ } |
|
298 |
+ |
|
299 |
+ /* find "[Content Types].xml" */ |
|
300 |
+ if (unzip_search(ctx, "[Content_Types].xml", 18, &loff) != CL_VIRUS) { |
|
301 |
+ cli_dbgmsg("cli_process_ooxml: failed to find ""[Content_Types].xml""!\n"); |
|
302 |
+ return CL_EFORMAT; |
|
303 |
+ } |
|
304 |
+ cli_dbgmsg("cli_process_ooxml: found ""[Content_Types].xml"" @ %x\n", loff); |
|
305 |
+ |
|
306 |
+ return unzip_single_internal(ctx, loff, ooxml_content_cb); |
|
307 |
+#else |
|
308 |
+ cli_dbgmsg("in cli_processooxml\n"); |
|
309 |
+ cli_dbgmsg("cli_process_ooxml: libxml2 needs to enabled!"); |
|
310 |
+ return CL_SUCCESS; |
|
311 |
+#endif |
|
312 |
+} |
0 | 313 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,31 @@ |
0 |
+/* |
|
1 |
+ * Copyright (C) 2014 Cisco Systems, Inc. and/or its affiliates. All rights reserved. |
|
2 |
+ * |
|
3 |
+ * Authors: Kevin Lin |
|
4 |
+ * |
|
5 |
+ * This program is free software; you can redistribute it and/or modify |
|
6 |
+ * it under the terms of the GNU General Public License version 2 as |
|
7 |
+ * published by the Free Software Foundation. |
|
8 |
+ * |
|
9 |
+ * This program is distributed in the hope that it will be useful, |
|
10 |
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
11 |
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
12 |
+ * GNU General Public License for more details. |
|
13 |
+ * |
|
14 |
+ * You should have received a copy of the GNU General Public License |
|
15 |
+ * along with this program; if not, write to the Free Software |
|
16 |
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, |
|
17 |
+ * MA 02110-1301, USA. |
|
18 |
+ */ |
|
19 |
+ |
|
20 |
+#ifndef __OOXML_H__ |
|
21 |
+#define __OOXML_H__ |
|
22 |
+ |
|
23 |
+#if HAVE_CONFIG_H |
|
24 |
+#include "clamav-config.h" |
|
25 |
+#endif |
|
26 |
+ |
|
27 |
+#include "others.h" |
|
28 |
+int cli_process_ooxml(cli_ctx *); |
|
29 |
+ |
|
30 |
+#endif |
... | ... |
@@ -591,7 +591,6 @@ int cli_unzip_single(cli_ctx *ctx, off_t lhoffl) { |
591 | 591 |
return unzip_single_internal(ctx, lhoffl, zip_scan_cb); |
592 | 592 |
} |
593 | 593 |
|
594 |
-/* re-factored zip processing */ |
|
595 | 594 |
int unzip_search(cli_ctx *ctx, const char *name, size_t nlen, uint32_t *loff) |
596 | 595 |
{ |
597 | 596 |
unsigned int fc = 0; |
... | ... |
@@ -654,284 +653,3 @@ int unzip_search(cli_ctx *ctx, const char *name, size_t nlen, uint32_t *loff) |
654 | 654 |
return ret; |
655 | 655 |
} |
656 | 656 |
|
657 |
-/* -------------------- */ |
|
658 |
-#if HAVE_LIBXML2 |
|
659 |
-#ifdef _WIN32 |
|
660 |
-#ifndef LIBXML_WRITER_ENABLED |
|
661 |
-#define LIBXML_WRITER_ENABLED 1 |
|
662 |
-#endif |
|
663 |
-#endif |
|
664 |
-#include <libxml/xmlreader.h> |
|
665 |
-#endif |
|
666 |
-#include "json_api.h" |
|
667 |
- |
|
668 |
-#define OOXML_JSON_RECLEVEL 16 |
|
669 |
-#define OOXML_JSON_RECLEVEL_MAX 32 |
|
670 |
- |
|
671 |
-static int ooxml_is_int(const char *value, size_t len, int32_t *val2) |
|
672 |
-{ |
|
673 |
- long val3; |
|
674 |
- char *endptr = NULL; |
|
675 |
- |
|
676 |
- val3 = strtol(value, &endptr, 10); |
|
677 |
- if (endptr != value+len) { |
|
678 |
- return 0; |
|
679 |
- } |
|
680 |
- |
|
681 |
- *val2 = (int32_t)(val3 & 0x0000ffff); |
|
682 |
- |
|
683 |
- return 1; |
|
684 |
-} |
|
685 |
- |
|
686 |
-static int ooxml_basic_json(int fd, cli_ctx *ctx, const char *key) |
|
687 |
-{ |
|
688 |
-#if HAVE_LIBXML2 |
|
689 |
-#if HAVE_JSON |
|
690 |
- const xmlChar *stack[OOXML_JSON_RECLEVEL]; |
|
691 |
- json_object *summary, *wrkptr; |
|
692 |
- int type, rlvl = 0, ret = CL_SUCCESS; |
|
693 |
- int32_t val2; |
|
694 |
- const xmlChar *name, *value; |
|
695 |
- xmlTextReaderPtr reader = NULL; |
|
696 |
- |
|
697 |
- cli_dbgmsg("in ooxml_basic_json\n"); |
|
698 |
- |
|
699 |
- reader = xmlReaderForFd(fd, "properties.xml", NULL, 0); |
|
700 |
- if (reader == NULL) { |
|
701 |
- cli_dbgmsg("ooxml_basic_json: xmlReaderForFd error for %s\n", key); |
|
702 |
- return CL_SUCCESS; // libxml2 failed! |
|
703 |
- } |
|
704 |
- |
|
705 |
- summary = json_object_new_object(); |
|
706 |
- if (NULL == summary) { |
|
707 |
- cli_errmsg("ooxml_basic_json: no memory for json object.\n"); |
|
708 |
- ret = CL_EFORMAT; |
|
709 |
- goto ooxml_basic_exit; |
|
710 |
- } |
|
711 |
- |
|
712 |
- while (xmlTextReaderRead(reader) == 1) { |
|
713 |
- name = xmlTextReaderConstLocalName(reader); |
|
714 |
- value = xmlTextReaderConstValue(reader); |
|
715 |
- type = xmlTextReaderNodeType(reader); |
|
716 |
- |
|
717 |
- cli_dbgmsg("%s [%i]: %s\n", name, type, value); |
|
718 |
- |
|
719 |
- switch (type) { |
|
720 |
- case XML_READER_TYPE_ELEMENT: |
|
721 |
- stack[rlvl] = name; |
|
722 |
- rlvl++; |
|
723 |
- break; |
|
724 |
- case XML_READER_TYPE_TEXT: |
|
725 |
- { |
|
726 |
- wrkptr = summary; |
|
727 |
- if (rlvl > 2) { /* 0 is root xml object */ |
|
728 |
- int i; |
|
729 |
- for (i = 1; i < rlvl-1; ++i) { |
|
730 |
- json_object *newptr = json_object_object_get(wrkptr, stack[i]); |
|
731 |
- if (!newptr) { |
|
732 |
- newptr = json_object_new_object(); |
|
733 |
- if (NULL == newptr) { |
|
734 |
- cli_errmsg("ooxml_basic_json: no memory for json object.\n"); |
|
735 |
- ret = CL_EMEM; |
|
736 |
- goto ooxml_basic_exit; |
|
737 |
- } |
|
738 |
- json_object_object_add(wrkptr, stack[i], newptr); |
|
739 |
- } |
|
740 |
- else { |
|
741 |
- /* object already exists */ |
|
742 |
- if (!json_object_is_type(newptr, json_type_object)) { |
|
743 |
- cli_warnmsg("ooxml_content_cb: json object already exists as not an object\n"); |
|
744 |
- ret = CL_EFORMAT; |
|
745 |
- goto ooxml_basic_exit; |
|
746 |
- } |
|
747 |
- } |
|
748 |
- wrkptr = newptr; |
|
749 |
- cli_dbgmsg("stack %d: %s\n", i, stack[i]); |
|
750 |
- } |
|
751 |
- } |
|
752 |
- |
|
753 |
- if (ooxml_is_int(value, xmlStrlen(value), &val2)) { |
|
754 |
- ret = cli_jsonint(wrkptr, stack[rlvl-1], val2); |
|
755 |
- } |
|
756 |
- else if (!xmlStrcmp(value, "true")) { |
|
757 |
- ret = cli_jsonbool(wrkptr, stack[rlvl-1], 1); |
|
758 |
- } |
|
759 |
- else if (!xmlStrcmp(value, "false")) { |
|
760 |
- ret = cli_jsonbool(wrkptr, stack[rlvl-1], 0); |
|
761 |
- } |
|
762 |
- else { |
|
763 |
- ret = cli_jsonstr(wrkptr, stack[rlvl-1], value); |
|
764 |
- } |
|
765 |
- |
|
766 |
- if (ret != CL_SUCCESS) |
|
767 |
- goto ooxml_basic_exit; |
|
768 |
- } |
|
769 |
- break; |
|
770 |
- case XML_READER_TYPE_END_ELEMENT: |
|
771 |
- rlvl--; |
|
772 |
- break; |
|
773 |
- default: |
|
774 |
- cli_dbgmsg("ooxml_content_cb: unhandled xml node %s [%i]: %s\n", name, type, value); |
|
775 |
- ret = CL_EFORMAT; |
|
776 |
- goto ooxml_basic_exit; |
|
777 |
- } |
|
778 |
- } |
|
779 |
- |
|
780 |
- json_object_object_add(ctx->wrkproperty, key, summary); |
|
781 |
- |
|
782 |
- if (rlvl != 0) { |
|
783 |
- cli_warnmsg("ooxml_basic_json: office property file has unbalanced tags\n"); |
|
784 |
- /* FAIL */ |
|
785 |
- } |
|
786 |
- |
|
787 |
- ooxml_basic_exit: |
|
788 |
- xmlTextReaderClose(reader); |
|
789 |
- xmlFreeTextReader(reader); |
|
790 |
-#else |
|
791 |
- cli_dbgmsg("ooxml_basic_json: libjson needs to enabled!\n"); |
|
792 |
-#endif |
|
793 |
-#else |
|
794 |
- cli_dbgmsg("ooxml_basic_json: libxml2 needs to enabled!\n"); |
|
795 |
-#endif |
|
796 |
- return ret; |
|
797 |
-} |
|
798 |
- |
|
799 |
-static int ooxml_core_cb(int fd, cli_ctx *ctx) |
|
800 |
-{ |
|
801 |
- cli_dbgmsg("in ooxml_core_cb\n"); |
|
802 |
- return ooxml_basic_json(fd, ctx, "CoreProperties"); |
|
803 |
-} |
|
804 |
- |
|
805 |
-static int ooxml_extn_cb(int fd, cli_ctx *ctx) |
|
806 |
-{ |
|
807 |
- cli_dbgmsg("in ooxml_extn_cb\n"); |
|
808 |
- return ooxml_basic_json(fd, ctx, "ExtendedProperties"); |
|
809 |
-} |
|
810 |
- |
|
811 |
-static int ooxml_content_cb(int fd, cli_ctx *ctx) |
|
812 |
-{ |
|
813 |
-#if HAVE_LIBXML2 |
|
814 |
- int ret = CL_SUCCESS; |
|
815 |
- int core=0, extn=0, cust=0; |
|
816 |
- const xmlChar *name, *value, *CT, *PN; |
|
817 |
- xmlTextReaderPtr reader = NULL; |
|
818 |
- uint32_t loff; |
|
819 |
- |
|
820 |
- cli_dbgmsg("in ooxml_content_cb\n"); |
|
821 |
- |
|
822 |
- reader = xmlReaderForFd(fd, "[Content_Types].xml", NULL, 0); |
|
823 |
- if (reader == NULL) { |
|
824 |
- cli_dbgmsg("ooxml_content_cb: xmlReaderForFd error for ""[Content_Types].xml""\n"); |
|
825 |
- return CL_SUCCESS; // libxml2 failed! |
|
826 |
- } |
|
827 |
- |
|
828 |
- /* locate core-properties, extended-properties, and custom-properties (optional) */ |
|
829 |
- while (xmlTextReaderRead(reader) == 1) { |
|
830 |
- name = xmlTextReaderConstLocalName(reader); |
|
831 |
- if (name == NULL) continue; |
|
832 |
- |
|
833 |
- if (strcmp(name, "Override")) continue; |
|
834 |
- |
|
835 |
- if (!xmlTextReaderHasAttributes(reader)) continue; |
|
836 |
- |
|
837 |
- CT = NULL; PN = NULL; |
|
838 |
- while (xmlTextReaderMoveToNextAttribute(reader) == 1) { |
|
839 |
- name = xmlTextReaderConstLocalName(reader); |
|
840 |
- value = xmlTextReaderConstValue(reader); |
|
841 |
- if (name == NULL || value == NULL) continue; |
|
842 |
- |
|
843 |
- if (!xmlStrcmp(name, "ContentType")) { |
|
844 |
- CT = value; |
|
845 |
- } |
|
846 |
- else if (!xmlStrcmp(name, "PartName")) { |
|
847 |
- PN = value; |
|
848 |
- } |
|
849 |
- |
|
850 |
- cli_dbgmsg("%s: %s\n", name, value); |
|
851 |
- } |
|
852 |
- |
|
853 |
- if (!CT && !PN) continue; |
|
854 |
- |
|
855 |
- if (!core && !xmlStrcmp(CT, "application/vnd.openxmlformats-package.core-properties+xml")) { |
|
856 |
- /* default: /docProps/core.xml*/ |
|
857 |
- if (unzip_search(ctx, PN+1, xmlStrlen(PN)-1, &loff) != CL_VIRUS) { |
|
858 |
- cli_dbgmsg("cli_process_ooxml: failed to find core properties file \"%s\"!\n", PN); |
|
859 |
- } |
|
860 |
- else { |
|
861 |
- cli_dbgmsg("ooxml_content_cb: found core properties file \"%s\" @ %x\n", PN, loff); |
|
862 |
- ret = unzip_single_internal(ctx, loff, ooxml_core_cb); |
|
863 |
- } |
|
864 |
- core = 1; |
|
865 |
- } |
|
866 |
- else if (!extn && !xmlStrcmp(CT, "application/vnd.openxmlformats-officedocument.extended-properties+xml")) { |
|
867 |
- /* default: /docProps/app.xml */ |
|
868 |
- if (unzip_search(ctx, PN+1, xmlStrlen(PN)-1, &loff) != CL_VIRUS) { |
|
869 |
- cli_dbgmsg("cli_process_ooxml: failed to find extended properties file \"%s\"!\n", PN); |
|
870 |
- } |
|
871 |
- else { |
|
872 |
- cli_dbgmsg("ooxml_content_cb: found extended properties file \"%s\" @ %x\n", PN, loff); |
|
873 |
- ret = unzip_single_internal(ctx, loff, ooxml_extn_cb); |
|
874 |
- } |
|
875 |
- extn = 1; |
|
876 |
- } |
|
877 |
- else if (!cust && !xmlStrcmp(CT, "application/vnd.openxmlformats-officedocument.custom-properties+xml")) { |
|
878 |
- /* default: /docProps/custom.xml */ |
|
879 |
- if (unzip_search(ctx, PN+1, xmlStrlen(PN)-1, &loff) != CL_VIRUS) { |
|
880 |
- cli_dbgmsg("cli_process_ooxml: failed to find custom properties file \"%s\"!\n", PN); |
|
881 |
- } |
|
882 |
- else { |
|
883 |
- cli_dbgmsg("ooxml_content_cb: found custom properties file \"%s\" @ %x\n", PN, loff); |
|
884 |
- /* custom properties ignored for now */ |
|
885 |
- //ret = unzip_single_internal(ctx, loff, ooxml_cust_cb); |
|
886 |
- } |
|
887 |
- cust = 1; |
|
888 |
- } |
|
889 |
- |
|
890 |
- if (ret != CL_SUCCESS) |
|
891 |
- goto ooxml_content_exit; |
|
892 |
- } |
|
893 |
- |
|
894 |
- if (!core) { |
|
895 |
- cli_dbgmsg("cli_process_ooxml: file does not contain core properties file\n"); |
|
896 |
- } |
|
897 |
- if (!extn) { |
|
898 |
- cli_dbgmsg("cli_process_ooxml: file does not contain extended properties file\n"); |
|
899 |
- } |
|
900 |
- if (!cust) { |
|
901 |
- cli_dbgmsg("cli_process_ooxml: file does not contain custom properties file\n"); |
|
902 |
- } |
|
903 |
- |
|
904 |
- ooxml_content_exit: |
|
905 |
- xmlTextReaderClose(reader); |
|
906 |
- xmlFreeTextReader(reader); |
|
907 |
- return ret; |
|
908 |
-#else |
|
909 |
- cli_dbgmsg("ooxml_content_cb: libxml2 needs to enabled!"); |
|
910 |
- return CL_SUCCESS; |
|
911 |
-#endif |
|
912 |
-} |
|
913 |
- |
|
914 |
-int cli_process_ooxml(cli_ctx *ctx) |
|
915 |
-{ |
|
916 |
-#if HAVE_LIBXML2 |
|
917 |
- uint32_t loff = 0; |
|
918 |
- |
|
919 |
- cli_dbgmsg("in cli_processooxml\n"); |
|
920 |
- if (!ctx) { |
|
921 |
- return CL_ENULLARG; |
|
922 |
- } |
|
923 |
- |
|
924 |
- /* find "[Content Types].xml" */ |
|
925 |
- if (unzip_search(ctx, "[Content_Types].xml", 18, &loff) != CL_VIRUS) { |
|
926 |
- cli_dbgmsg("cli_process_ooxml: failed to find ""[Content_Types].xml""!\n"); |
|
927 |
- return CL_EFORMAT; |
|
928 |
- } |
|
929 |
- cli_dbgmsg("cli_process_ooxml: found ""[Content_Types].xml"" @ %x\n", loff); |
|
930 |
- |
|
931 |
- return unzip_single_internal(ctx, loff, ooxml_content_cb); |
|
932 |
-#else |
|
933 |
- cli_dbgmsg("in cli_processooxml\n"); |
|
934 |
- cli_dbgmsg("cli_process_ooxml: libxml2 needs to enabled!"); |
|
935 |
- return CL_SUCCESS; |
|
936 |
-#endif |
|
937 |
-} |
... | ... |
@@ -33,7 +33,6 @@ int cli_unzip(cli_ctx *); |
33 | 33 |
int cli_unzip_single_internal(cli_ctx *, off_t, zip_cb); |
34 | 34 |
int cli_unzip_single(cli_ctx *, off_t); |
35 | 35 |
int unzip_search(cli_ctx *, const char *, size_t, uint32_t *); |
36 |
-int cli_process_ooxml(cli_ctx *); |
|
37 | 36 |
|
38 | 37 |
#ifdef UNZIP_PRIVATE |
39 | 38 |
#define F_ENCR (1<<0) |
... | ... |
@@ -364,6 +364,7 @@ |
364 | 364 |
<ClCompile Include="..\libclamav\nsis\infblock.c" /> |
365 | 365 |
<ClCompile Include="..\libclamav\nsis\nulsft.c" /> |
366 | 366 |
<ClCompile Include="..\libclamav\ole2_extract.c" /> |
367 |
+ <ClCompile Include="..\libclamav\ooxml.c" /> |
|
367 | 368 |
<ClCompile Include="..\libclamav\others.c" /> |
368 | 369 |
<ClCompile Include="..\libclamav\others_common.c" /> |
369 | 370 |
<ClCompile Include="..\libclamav\packlibs.c" /> |
... | ... |
@@ -201,6 +201,9 @@ |
201 | 201 |
<ClCompile Include="..\libclamav\ole2_extract.c"> |
202 | 202 |
<Filter>Source Files</Filter> |
203 | 203 |
</ClCompile> |
204 |
+ <ClCompile Include="..\libclamav\ooxml.c"> |
|
205 |
+ <Filter>Source Files</Filter> |
|
206 |
+ </ClCompile> |
|
204 | 207 |
<ClCompile Include="..\libclamav\others.c"> |
205 | 208 |
<Filter>Source Files</Filter> |
206 | 209 |
</ClCompile> |