git-svn: trunk@3386
Tomasz Kojm authored on 2007/12/11 00:33:46... | ... |
@@ -239,12 +239,17 @@ static int ea05(int desc, cli_ctx *ctx, char *tmpd) { |
239 | 239 |
cli_dbgmsg("autoit: bad file size - giving up\n"); |
240 | 240 |
return CL_CLEAN; |
241 | 241 |
} |
242 |
+ |
|
243 |
+ lseek(desc, 16, SEEK_CUR); |
|
244 |
+ |
|
245 |
+ if(!UNP.csize) { |
|
246 |
+ cli_dbgmsg("autoit: skipping empty file\n"); |
|
247 |
+ continue; |
|
248 |
+ } |
|
242 | 249 |
cli_dbgmsg("autoit: compressed size: %x\n", UNP.csize); |
243 | 250 |
cli_dbgmsg("autoit: advertised uncompressed size %x\n", cli_readint32((char *)buf+5) ^ 0x45aa); |
244 | 251 |
cli_dbgmsg("autoit: ref chksum: %x\n", cli_readint32((char *)buf+9) ^ 0xc3d2); |
245 | 252 |
|
246 |
- lseek(desc, 16, SEEK_CUR); |
|
247 |
- |
|
248 | 253 |
if(ctx->limits && ctx->limits->maxfilesize && UNP.csize > ctx->limits->maxfilesize) { |
249 | 254 |
cli_dbgmsg("autoit: skipping file due to size limit (%u, max: %lu)\n", UNP.csize, ctx->limits->maxfilesize); |
250 | 255 |
lseek(desc, UNP.csize, SEEK_CUR); |
... | ... |
@@ -268,7 +273,8 @@ static int ea05(int desc, cli_ctx *ctx, char *tmpd) { |
268 | 268 |
continue; |
269 | 269 |
} |
270 | 270 |
|
271 |
- UNP.usize = be32_to_host(*(uint32_t *)(buf+4)); |
|
271 |
+ if(!(UNP.usize = be32_to_host(*(uint32_t *)(buf+4)))) |
|
272 |
+ UNP.usize = UNP.csize; /* only a specifically crafted or badly corrupted sample should land here */ |
|
272 | 273 |
if(ctx->limits && ctx->limits->maxfilesize && UNP.usize > ctx->limits->maxfilesize) { |
273 | 274 |
cli_dbgmsg("autoit: skipping file due to size limit (%u, max: %lu)\n", UNP.csize, ctx->limits->maxfilesize); |
274 | 275 |
free(buf); |
... | ... |
@@ -538,12 +544,17 @@ static int ea06(int desc, cli_ctx *ctx, char *tmpd) { |
538 | 538 |
cli_dbgmsg("autoit: bad file size - giving up\n"); |
539 | 539 |
return CL_CLEAN; |
540 | 540 |
} |
541 |
+ |
|
542 |
+ lseek(desc, 16, SEEK_CUR); |
|
543 |
+ |
|
544 |
+ if(!UNP.csize) { |
|
545 |
+ cli_dbgmsg("autoit: skipping empty file\n"); |
|
546 |
+ continue; |
|
547 |
+ } |
|
541 | 548 |
cli_dbgmsg("autoit: compressed size: %x\n", UNP.csize); |
542 | 549 |
cli_dbgmsg("autoit: advertised uncompressed size %x\n", cli_readint32((char *)buf+5) ^ 0x87bc); |
543 | 550 |
cli_dbgmsg("autoit: ref chksum: %x\n", cli_readint32((char *)buf+9) ^ 0xa685); |
544 | 551 |
|
545 |
- lseek(desc, 16, SEEK_CUR); |
|
546 |
- |
|
547 | 552 |
if(ctx->limits && ctx->limits->maxfilesize && UNP.csize > ctx->limits->maxfilesize) { |
548 | 553 |
cli_dbgmsg("autoit: skipping file due to size limit (%u, max: %lu)\n", UNP.csize, ctx->limits->maxfilesize); |
549 | 554 |
lseek(desc, UNP.csize, SEEK_CUR); |
... | ... |
@@ -568,7 +579,8 @@ static int ea06(int desc, cli_ctx *ctx, char *tmpd) { |
568 | 568 |
continue; |
569 | 569 |
} |
570 | 570 |
|
571 |
- UNP.usize = be32_to_host(*(uint32_t *)(buf+4)); |
|
571 |
+ if(!(UNP.usize = be32_to_host(*(uint32_t *)(buf+4)))) |
|
572 |
+ UNP.usize = UNP.csize; /* only a specifically crafted or badly corrupted sample should land here */ |
|
572 | 573 |
if(ctx->limits && ctx->limits->maxfilesize && UNP.usize > ctx->limits->maxfilesize) { |
573 | 574 |
free(buf); |
574 | 575 |
continue; |
... | ... |
@@ -421,7 +421,7 @@ int cab_open(int fd, off_t offset, struct cab_archive *cab) |
421 | 421 |
if(fidx < 0xfffd) { |
422 | 422 |
if(fidx > cab->nfolders) { |
423 | 423 |
if(bscore < 3) |
424 |
- cli_warnmsg("cab_open: File %s is not associated with any folder\n", file->name); |
|
424 |
+ cli_dbgmsg("cab_open: File %s is not associated with any folder\n", file->name); |
|
425 | 425 |
bscore++; |
426 | 426 |
free(file->name); |
427 | 427 |
free(file); |
... | ... |
@@ -465,7 +465,7 @@ static int cab_read_block(int fd, struct cab_state *state, uint16_t resdata) |
465 | 465 |
|
466 | 466 |
|
467 | 467 |
if(cli_readn(fd, &block_hdr, sizeof(block_hdr)) != sizeof(block_hdr)) { |
468 |
- cli_errmsg("cab_read_block: Can't read block header\n"); |
|
468 |
+ cli_dbgmsg("cab_read_block: Can't read block header\n"); |
|
469 | 469 |
return CL_EIO; |
470 | 470 |
} |
471 | 471 |
|
... | ... |
@@ -77,7 +77,7 @@ static char *sis_utf16_decode(const char *str, uint32_t length) |
77 | 77 |
|
78 | 78 |
|
79 | 79 |
if(!length || length % 2) { |
80 |
- cli_warnmsg("SIS: sis_utf16_decode: Broken filename (length == %d)\n", length); |
|
80 |
+ cli_dbgmsg("SIS: sis_utf16_decode: Broken filename (length == %d)\n", length); |
|
81 | 81 |
return NULL; |
82 | 82 |
} |
83 | 83 |
|
... | ... |
@@ -294,7 +294,7 @@ static int sis_extract_simple(int fd, char *mfile, uint32_t length, uint32_t off |
294 | 294 |
} |
295 | 295 |
|
296 | 296 |
if(uncompress((Bytef *) buff, &osize , (Bytef *) mfile + fileoff, csize) != Z_OK) { |
297 |
- cli_errmsg("SIS: sis_extract_simple: File decompression failed\n"); |
|
297 |
+ cli_dbgmsg("SIS: sis_extract_simple: File decompression failed\n"); |
|
298 | 298 |
free(buff); |
299 | 299 |
free(subdir); |
300 | 300 |
free(fname); |
... | ... |
@@ -246,7 +246,7 @@ static int __zip_parse_root_directory(int fd, struct zip_disk_trailer *trailer, |
246 | 246 |
|
247 | 247 |
bfcnt = 0; |
248 | 248 |
if(!hdr->d_compr && hdr->d_csize != hdr->d_usize) { |
249 |
- cli_warnmsg("Unzip: __zip_parse_root_directory: File claims to be stored but csize != usize\n"); |
|
249 |
+ cli_dbgmsg("Unzip: __zip_parse_root_directory: File claims to be stored but csize != usize\n"); |
|
250 | 250 |
cli_dbgmsg("Unzip: __zip_parse_root_directory: Also checking for method 'deflated'\n"); |
251 | 251 |
hdr->d_bf[bfcnt] = ZIP_METHOD_DEFLATED; |
252 | 252 |
bfcnt++; |