git-svn: trunk@1845
Tomasz Kojm authored on 2006/02/15 09:41:40... | ... |
@@ -1,3 +1,9 @@ |
1 |
+Wed Feb 15 01:39:12 CET 2006 (tk) |
|
2 |
+--------------------------------- |
|
3 |
+ * libclamav: simplify internal function declarations by passing a context |
|
4 |
+ structure. Patch by Andrey J. Melnikoff (TEMHOTA) |
|
5 |
+ <temnota*kmv.ru> |
|
6 |
+ |
|
1 | 7 |
Thu Feb 9 21:42:22 GMT 2006 (njh) |
2 | 8 |
---------------------------------- |
3 | 9 |
* clamav-milter: Improved handling of messages with no body |
... | ... |
@@ -34,8 +34,6 @@ |
34 | 34 |
#include "clamav.h" |
35 | 35 |
#include "execs.h" |
36 | 36 |
|
37 |
-#define DETECT_BROKEN (options & CL_SCAN_BLOCKBROKEN) |
|
38 |
- |
|
39 | 37 |
static short need_conversion = 0; |
40 | 38 |
|
41 | 39 |
static inline uint16_t EC16(uint16_t v) |
... | ... |
@@ -54,7 +52,7 @@ static inline uint32_t EC32(uint32_t v) |
54 | 54 |
return ((v >> 24) | ((v & 0x00FF0000) >> 8) | ((v & 0x0000FF00) << 8) | (v << 24)); |
55 | 55 |
} |
56 | 56 |
|
57 |
-int cli_scanelf(int desc, const char **virname, long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec) |
|
57 |
+int cli_scanelf(int desc, cli_ctx *ctx) |
|
58 | 58 |
{ |
59 | 59 |
struct elf_file_hdr32 file_hdr; |
60 | 60 |
struct elf_section_hdr32 *section_hdr; |
... | ... |
@@ -172,8 +170,8 @@ int cli_scanelf(int desc, const char **virname, long int *scanned, const struct |
172 | 172 |
if(shnum > 256) { |
173 | 173 |
cli_dbgmsg("ELF: Suspicious number of sections\n"); |
174 | 174 |
if(DETECT_BROKEN) { |
175 |
- if(virname) |
|
176 |
- *virname = "Broken.Executable"; |
|
175 |
+ if(ctx->virname) |
|
176 |
+ *ctx->virname = "Broken.Executable"; |
|
177 | 177 |
return CL_VIRUS; |
178 | 178 |
} |
179 | 179 |
return CL_EFORMAT; |
... | ... |
@@ -183,8 +181,8 @@ int cli_scanelf(int desc, const char **virname, long int *scanned, const struct |
183 | 183 |
if(shentsize != sizeof(struct elf_section_hdr32)) { |
184 | 184 |
cli_dbgmsg("ELF: shentsize != sizeof(struct elf_section_hdr32)\n"); |
185 | 185 |
if(DETECT_BROKEN) { |
186 |
- if(virname) |
|
187 |
- *virname = "Broken.Executable"; |
|
186 |
+ if(ctx->virname) |
|
187 |
+ *ctx->virname = "Broken.Executable"; |
|
188 | 188 |
return CL_VIRUS; |
189 | 189 |
} |
190 | 190 |
return CL_EFORMAT; |
... | ... |
@@ -195,8 +193,8 @@ int cli_scanelf(int desc, const char **virname, long int *scanned, const struct |
195 | 195 |
if(lseek(desc, shoff, SEEK_SET) != shoff) { |
196 | 196 |
/* Possibly broken end of file */ |
197 | 197 |
if(DETECT_BROKEN) { |
198 |
- if(virname) |
|
199 |
- *virname = "Broken.Executable"; |
|
198 |
+ if(ctx->virname) |
|
199 |
+ *ctx->virname = "Broken.Executable"; |
|
200 | 200 |
return CL_VIRUS; |
201 | 201 |
} |
202 | 202 |
return CL_CLEAN; |
... | ... |
@@ -217,8 +215,8 @@ int cli_scanelf(int desc, const char **virname, long int *scanned, const struct |
217 | 217 |
cli_dbgmsg("ELF: Possibly broken ELF file\n"); |
218 | 218 |
free(section_hdr); |
219 | 219 |
if(DETECT_BROKEN) { |
220 |
- if(virname) |
|
221 |
- *virname = "Broken.Executable"; |
|
220 |
+ if(ctx->virname) |
|
221 |
+ *ctx->virname = "Broken.Executable"; |
|
222 | 222 |
return CL_VIRUS; |
223 | 223 |
} |
224 | 224 |
return CL_CLEAN; |
... | ... |
@@ -25,6 +25,7 @@ |
25 | 25 |
#include "cltypes.h" |
26 | 26 |
#include "clamav.h" |
27 | 27 |
#include "execs.h" |
28 |
+#include "others.h" |
|
28 | 29 |
|
29 | 30 |
struct elf_file_hdr32 { |
30 | 31 |
unsigned char e_ident[16]; |
... | ... |
@@ -56,7 +57,7 @@ struct elf_section_hdr32 { |
56 | 56 |
uint32_t sh_entsize; |
57 | 57 |
}; |
58 | 58 |
|
59 |
-int cli_scanelf(int desc, const char **virname, long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec); |
|
59 |
+int cli_scanelf(int desc, cli_ctx *ctx); |
|
60 | 60 |
|
61 | 61 |
int cli_elfheader(int desc, struct cli_exe_info *elfinfo); |
62 | 62 |
|
... | ... |
@@ -274,25 +274,25 @@ int cli_validatesig(unsigned short target, unsigned short ftype, const char *off |
274 | 274 |
return 1; |
275 | 275 |
} |
276 | 276 |
|
277 |
-int cli_scandesc(int desc, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, unsigned short otfrec, unsigned short ftype, struct cli_matched_type **ftoffset) |
|
277 |
+int cli_scandesc(int desc, cli_ctx *ctx, unsigned short otfrec, unsigned short ftype, struct cli_matched_type **ftoffset) |
|
278 | 278 |
{ |
279 | 279 |
char *buffer, *buff, *endbl, *pt; |
280 | 280 |
int bytes, buffsize, length, ret, *gpartcnt, *tpartcnt; |
281 | 281 |
int type = CL_CLEAN, i, tid = 0; |
282 | 282 |
unsigned int maxpatlen; |
283 | 283 |
unsigned long int *gpartoff, *tpartoff, offset = 0; |
284 |
- MD5_CTX ctx; |
|
284 |
+ MD5_CTX md5ctx; |
|
285 | 285 |
unsigned char digest[16]; |
286 | 286 |
struct cli_md5_node *md5_node; |
287 | 287 |
struct cli_matcher *groot, *troot = NULL; |
288 | 288 |
|
289 | 289 |
|
290 |
- if(!engine) { |
|
290 |
+ if(!ctx->engine) { |
|
291 | 291 |
cli_errmsg("cli_scandesc: engine == NULL\n"); |
292 | 292 |
return CL_ENULLARG; |
293 | 293 |
} |
294 | 294 |
|
295 |
- groot = engine->root[0]; /* generic signatures */ |
|
295 |
+ groot = ctx->engine->root[0]; /* generic signatures */ |
|
296 | 296 |
|
297 | 297 |
if(ftype) { |
298 | 298 |
for(i = 0; i < CL_TARGET_TABLE_SIZE; i++) { |
... | ... |
@@ -302,7 +302,7 @@ int cli_scandesc(int desc, const char **virname, unsigned long int *scanned, con |
302 | 302 |
} |
303 | 303 |
} |
304 | 304 |
if(tid) |
305 |
- troot = engine->root[tid]; |
|
305 |
+ troot = ctx->engine->root[tid]; |
|
306 | 306 |
} |
307 | 307 |
|
308 | 308 |
if(troot) |
... | ... |
@@ -350,8 +350,8 @@ int cli_scandesc(int desc, const char **virname, unsigned long int *scanned, con |
350 | 350 |
} |
351 | 351 |
} |
352 | 352 |
|
353 |
- if(engine->md5_hlist) |
|
354 |
- MD5_Init(&ctx); |
|
353 |
+ if(ctx->engine->md5_hlist) |
|
354 |
+ MD5_Init(&md5ctx); |
|
355 | 355 |
|
356 | 356 |
|
357 | 357 |
buff = buffer; |
... | ... |
@@ -364,15 +364,15 @@ int cli_scandesc(int desc, const char **virname, unsigned long int *scanned, con |
364 | 364 |
length = SCANBUFF; |
365 | 365 |
while((bytes = cli_readn(desc, buff, SCANBUFF)) > 0) { |
366 | 366 |
|
367 |
- if(scanned) |
|
368 |
- *scanned += bytes / CL_COUNT_PRECISION; |
|
367 |
+ if(ctx->scanned) |
|
368 |
+ *ctx->scanned += bytes / CL_COUNT_PRECISION; |
|
369 | 369 |
|
370 | 370 |
if(bytes < SCANBUFF) |
371 | 371 |
length -= SCANBUFF - bytes; |
372 | 372 |
|
373 | 373 |
if(troot) { |
374 |
- if(troot->ac_only || (ret = cli_bm_scanbuff(pt, length, virname, troot, offset, ftype, desc)) != CL_VIRUS) |
|
375 |
- ret = cli_ac_scanbuff(pt, length, virname, troot, tpartcnt, otfrec, offset, tpartoff, ftype, desc, ftoffset); |
|
374 |
+ if(troot->ac_only || (ret = cli_bm_scanbuff(pt, length, ctx->virname, troot, offset, ftype, desc)) != CL_VIRUS) |
|
375 |
+ ret = cli_ac_scanbuff(pt, length, ctx->virname, troot, tpartcnt, otfrec, offset, tpartoff, ftype, desc, ftoffset); |
|
376 | 376 |
|
377 | 377 |
if(ret == CL_VIRUS) { |
378 | 378 |
free(buffer); |
... | ... |
@@ -382,15 +382,15 @@ int cli_scandesc(int desc, const char **virname, unsigned long int *scanned, con |
382 | 382 |
free(tpartoff); |
383 | 383 |
|
384 | 384 |
lseek(desc, 0, SEEK_SET); |
385 |
- if(cli_checkfp(desc, engine)) |
|
385 |
+ if(cli_checkfp(desc, ctx->engine)) |
|
386 | 386 |
return CL_CLEAN; |
387 | 387 |
else |
388 | 388 |
return CL_VIRUS; |
389 | 389 |
} |
390 | 390 |
} |
391 | 391 |
|
392 |
- if(groot->ac_only || (ret = cli_bm_scanbuff(pt, length, virname, groot, offset, ftype, desc)) != CL_VIRUS) |
|
393 |
- ret = cli_ac_scanbuff(pt, length, virname, groot, gpartcnt, otfrec, offset, gpartoff, ftype, desc, ftoffset); |
|
392 |
+ if(groot->ac_only || (ret = cli_bm_scanbuff(pt, length, ctx->virname, groot, offset, ftype, desc)) != CL_VIRUS) |
|
393 |
+ ret = cli_ac_scanbuff(pt, length, ctx->virname, groot, gpartcnt, otfrec, offset, gpartoff, ftype, desc, ftoffset); |
|
394 | 394 |
|
395 | 395 |
if(ret == CL_VIRUS) { |
396 | 396 |
free(buffer); |
... | ... |
@@ -401,7 +401,7 @@ int cli_scandesc(int desc, const char **virname, unsigned long int *scanned, con |
401 | 401 |
free(tpartoff); |
402 | 402 |
} |
403 | 403 |
lseek(desc, 0, SEEK_SET); |
404 |
- if(cli_checkfp(desc, engine)) |
|
404 |
+ if(cli_checkfp(desc, ctx->engine)) |
|
405 | 405 |
return CL_CLEAN; |
406 | 406 |
else |
407 | 407 |
return CL_VIRUS; |
... | ... |
@@ -423,8 +423,8 @@ int cli_scandesc(int desc, const char **virname, unsigned long int *scanned, con |
423 | 423 |
} |
424 | 424 |
} |
425 | 425 |
|
426 |
- if(engine->md5_hlist) |
|
427 |
- MD5_Update(&ctx, buff, bytes); |
|
426 |
+ if(ctx->engine->md5_hlist) |
|
427 |
+ MD5_Update(&md5ctx, buff, bytes); |
|
428 | 428 |
} |
429 | 429 |
|
430 | 430 |
free(buffer); |
... | ... |
@@ -435,8 +435,8 @@ int cli_scandesc(int desc, const char **virname, unsigned long int *scanned, con |
435 | 435 |
free(tpartoff); |
436 | 436 |
} |
437 | 437 |
|
438 |
- if(engine->md5_hlist) { |
|
439 |
- MD5_Final(digest, &ctx); |
|
438 |
+ if(ctx->engine->md5_hlist) { |
|
439 |
+ MD5_Final(digest, &md5ctx); |
|
440 | 440 |
|
441 | 441 |
if(cli_debug_flag) { |
442 | 442 |
char md5str[33]; |
... | ... |
@@ -450,7 +450,7 @@ int cli_scandesc(int desc, const char **virname, unsigned long int *scanned, con |
450 | 450 |
md5str[32] = 0; |
451 | 451 |
} |
452 | 452 |
|
453 |
- if((md5_node = cli_vermd5(digest, engine)) && !md5_node->fp) { |
|
453 |
+ if((md5_node = cli_vermd5(digest, ctx->engine)) && !md5_node->fp) { |
|
454 | 454 |
struct stat sb; |
455 | 455 |
|
456 | 456 |
if(fstat(desc, &sb)) |
... | ... |
@@ -459,8 +459,8 @@ int cli_scandesc(int desc, const char **virname, unsigned long int *scanned, con |
459 | 459 |
if((unsigned int) sb.st_size != md5_node->size) { |
460 | 460 |
cli_warnmsg("Detected false positive MD5 match. Please report.\n"); |
461 | 461 |
} else { |
462 |
- if(virname) |
|
463 |
- *virname = md5_node->virname; |
|
462 |
+ if(ctx->virname) |
|
463 |
+ *ctx->virname = md5_node->virname; |
|
464 | 464 |
|
465 | 465 |
return CL_VIRUS; |
466 | 466 |
} |
... | ... |
@@ -21,10 +21,11 @@ |
21 | 21 |
|
22 | 22 |
#include "clamav.h" |
23 | 23 |
#include "filetypes.h" |
24 |
+#include "others.h" |
|
24 | 25 |
|
25 | 26 |
#define CL_TARGET_TABLE_SIZE 7 |
26 | 27 |
|
27 |
-int cli_scandesc(int desc, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, unsigned short otfrec, unsigned short ftype, struct cli_matched_type **ftoffset); |
|
28 |
+int cli_scandesc(int desc, cli_ctx *ctx, unsigned short otfrec, unsigned short ftype, struct cli_matched_type **ftoffset); |
|
28 | 29 |
|
29 | 30 |
int cli_scanbuff(const char *buffer, unsigned int length, const char **virname, const struct cl_engine *engine, unsigned short ftype); |
30 | 31 |
|
... | ... |
@@ -31,6 +31,28 @@ |
31 | 31 |
(bb_size > 0 && sb_size >= 0 && sb_size <= bb_size \ |
32 | 32 |
&& sb >= bb && sb + sb_size <= bb + bb_size && sb + sb_size >= bb) |
33 | 33 |
|
34 |
+/* internal clamav context */ |
|
35 |
+typedef struct { |
|
36 |
+ const char **virname; |
|
37 |
+ unsigned long int *scanned; |
|
38 |
+ const struct cli_matcher *root; |
|
39 |
+ const struct cl_engine *engine; |
|
40 |
+ const struct cl_limits *limits; |
|
41 |
+ unsigned int options; |
|
42 |
+ unsigned int arec; |
|
43 |
+ unsigned int mrec; |
|
44 |
+} cli_ctx; |
|
45 |
+ |
|
46 |
+#define SCAN_ARCHIVE (ctx->options & CL_SCAN_ARCHIVE) |
|
47 |
+#define SCAN_MAIL (ctx->options & CL_SCAN_MAIL) |
|
48 |
+#define SCAN_OLE2 (ctx->options & CL_SCAN_OLE2) |
|
49 |
+#define SCAN_HTML (ctx->options & CL_SCAN_HTML) |
|
50 |
+#define SCAN_PE (ctx->options & CL_SCAN_PE) |
|
51 |
+#define SCAN_ALGO (ctx->options & CL_SCAN_ALGO) |
|
52 |
+#define DETECT_ENCRYPTED (ctx->options & CL_SCAN_BLOCKENCRYPTED) |
|
53 |
+#define BLOCKMAX (ctx->options & CL_SCAN_BLOCKMAX) |
|
54 |
+#define DETECT_BROKEN (ctx->options & CL_SCAN_BLOCKBROKEN) |
|
55 |
+ |
|
34 | 56 |
typedef struct bitset_tag |
35 | 57 |
{ |
36 | 58 |
unsigned char *bitset; |
... | ... |
@@ -51,10 +51,6 @@ |
51 | 51 |
#define PE32_SIGNATURE 0x010b |
52 | 52 |
#define PE32P_SIGNATURE 0x020b |
53 | 53 |
|
54 |
-#define DETECT_BROKEN (options & CL_SCAN_BLOCKBROKEN) |
|
55 |
-#define BLOCKMAX (options & CL_SCAN_BLOCKMAX) |
|
56 |
-#define SCAN_ALGO (options & CL_SCAN_ALGO) |
|
57 |
- |
|
58 | 54 |
#define UPX_NRV2B "\x11\xdb\x11\xc9\x01\xdb\x75\x07\x8b\x1e\x83\xee\xfc\x11\xdb\x11\xc9\x11\xc9\x75\x20\x41\x01\xdb" |
59 | 55 |
#define UPX_NRV2D "\x83\xf0\xff\x74\x78\xd1\xf8\x89\xc5\xeb\x0b\x01\xdb\x75\x07\x8b\x1e\x83\xee\xfc\x11\xdb\x11\xc9" |
60 | 56 |
#define UPX_NRV2E "\xeb\x52\x31\xc9\x83\xe8\x03\x72\x11\xc1\xe0\x08\x8a\x06\x46\x83\xf0\xff\x74\x75\xd1\xf8\x89\xc5" |
... | ... |
@@ -152,7 +148,7 @@ static int cli_ddump(int desc, int offset, int size, const char *file) |
152 | 152 |
} |
153 | 153 |
*/ |
154 | 154 |
|
155 |
-int cli_scanpe(int desc, const char **virname, long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec) |
|
155 |
+int cli_scanpe(int desc, cli_ctx *ctx) |
|
156 | 156 |
{ |
157 | 157 |
uint16_t e_magic; /* DOS signature ("MZ") */ |
158 | 158 |
uint16_t nsections; |
... | ... |
@@ -190,8 +186,8 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
190 | 190 |
cli_dbgmsg("Can't read new header address\n"); |
191 | 191 |
/* truncated header? */ |
192 | 192 |
if(DETECT_BROKEN) { |
193 |
- if(virname) |
|
194 |
- *virname = "Broken.Executable"; |
|
193 |
+ if(ctx->virname) |
|
194 |
+ *ctx->virname = "Broken.Executable"; |
|
195 | 195 |
return CL_VIRUS; |
196 | 196 |
} |
197 | 197 |
return CL_CLEAN; |
... | ... |
@@ -325,8 +321,8 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
325 | 325 |
nsections = EC16(file_hdr.NumberOfSections); |
326 | 326 |
if(nsections < 1) { |
327 | 327 |
if(DETECT_BROKEN) { |
328 |
- if(virname) |
|
329 |
- *virname = "Broken.Executable"; |
|
328 |
+ if(ctx->virname) |
|
329 |
+ *ctx->virname = "Broken.Executable"; |
|
330 | 330 |
return CL_VIRUS; |
331 | 331 |
} |
332 | 332 |
cli_warnmsg("PE file contains no sections\n"); |
... | ... |
@@ -346,8 +342,8 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
346 | 346 |
} else { |
347 | 347 |
cli_dbgmsg("Incorrect value of SizeOfOptionalHeader\n"); |
348 | 348 |
if(DETECT_BROKEN) { |
349 |
- if(virname) |
|
350 |
- *virname = "Broken.Executable"; |
|
349 |
+ if(ctx->virname) |
|
350 |
+ *ctx->virname = "Broken.Executable"; |
|
351 | 351 |
return CL_VIRUS; |
352 | 352 |
} |
353 | 353 |
return CL_CLEAN; |
... | ... |
@@ -359,8 +355,8 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
359 | 359 |
if(read(desc, &optional_hdr32, sizeof(struct pe_image_optional_hdr32)) != sizeof(struct pe_image_optional_hdr32)) { |
360 | 360 |
cli_dbgmsg("Can't optional file header\n"); |
361 | 361 |
if(DETECT_BROKEN) { |
362 |
- if(virname) |
|
363 |
- *virname = "Broken.Executable"; |
|
362 |
+ if(ctx->virname) |
|
363 |
+ *ctx->virname = "Broken.Executable"; |
|
364 | 364 |
return CL_VIRUS; |
365 | 365 |
} |
366 | 366 |
return CL_CLEAN; |
... | ... |
@@ -369,8 +365,8 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
369 | 369 |
if(EC16(optional_hdr32.Magic) != PE32_SIGNATURE) { |
370 | 370 |
cli_warnmsg("Incorrect magic number in optional header\n"); |
371 | 371 |
if(DETECT_BROKEN) { |
372 |
- if(virname) |
|
373 |
- *virname = "Broken.Executable"; |
|
372 |
+ if(ctx->virname) |
|
373 |
+ *ctx->virname = "Broken.Executable"; |
|
374 | 374 |
return CL_VIRUS; |
375 | 375 |
} |
376 | 376 |
} |
... | ... |
@@ -396,8 +392,8 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
396 | 396 |
if(read(desc, &optional_hdr64, sizeof(struct pe_image_optional_hdr64)) != sizeof(struct pe_image_optional_hdr64)) { |
397 | 397 |
cli_dbgmsg("Can't optional file header\n"); |
398 | 398 |
if(DETECT_BROKEN) { |
399 |
- if(virname) |
|
400 |
- *virname = "Broken.Executable"; |
|
399 |
+ if(ctx->virname) |
|
400 |
+ *ctx->virname = "Broken.Executable"; |
|
401 | 401 |
return CL_VIRUS; |
402 | 402 |
} |
403 | 403 |
return CL_CLEAN; |
... | ... |
@@ -406,8 +402,8 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
406 | 406 |
if(EC16(optional_hdr64.Magic) != PE32P_SIGNATURE) { |
407 | 407 |
cli_warnmsg("Incorrect magic number in optional header\n"); |
408 | 408 |
if(DETECT_BROKEN) { |
409 |
- if(virname) |
|
410 |
- *virname = "Broken.Executable"; |
|
409 |
+ if(ctx->virname) |
|
410 |
+ *ctx->virname = "Broken.Executable"; |
|
411 | 411 |
return CL_VIRUS; |
412 | 412 |
} |
413 | 413 |
} |
... | ... |
@@ -490,8 +486,8 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
490 | 490 |
cli_dbgmsg("Possibly broken PE file\n"); |
491 | 491 |
free(section_hdr); |
492 | 492 |
if(DETECT_BROKEN) { |
493 |
- if(virname) |
|
494 |
- *virname = "Broken.Executable"; |
|
493 |
+ if(ctx->virname) |
|
494 |
+ *ctx->virname = "Broken.Executable"; |
|
495 | 495 |
return CL_VIRUS; |
496 | 496 |
} |
497 | 497 |
return CL_CLEAN; |
... | ... |
@@ -530,8 +526,8 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
530 | 530 |
if(!CLI_ISCONTAINED2(0, (uint32_t) fsize, EC32(section_hdr[i].PointerToRawData), EC32(section_hdr[i].SizeOfRawData)) || EC32(section_hdr[i].PointerToRawData) > fsize) { |
531 | 531 |
cli_dbgmsg("Possibly broken PE file - Section %d out of file (Offset@ %d, Rsize %d, Total filesize %d)\n", i, EC32(section_hdr[i].PointerToRawData), EC32(section_hdr[i].SizeOfRawData), fsize); |
532 | 532 |
if(DETECT_BROKEN) { |
533 |
- if(virname) |
|
534 |
- *virname = "Broken.Executable"; |
|
533 |
+ if(ctx->virname) |
|
534 |
+ *ctx->virname = "Broken.Executable"; |
|
535 | 535 |
free(section_hdr); |
536 | 536 |
return CL_VIRUS; |
537 | 537 |
} |
... | ... |
@@ -560,8 +556,8 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
560 | 560 |
cli_dbgmsg("Possibly broken PE file\n"); |
561 | 561 |
free(section_hdr); |
562 | 562 |
if(DETECT_BROKEN) { |
563 |
- if(virname) |
|
564 |
- *virname = "Broken.Executable"; |
|
563 |
+ if(ctx->virname) |
|
564 |
+ *ctx->virname = "Broken.Executable"; |
|
565 | 565 |
return CL_VIRUS; |
566 | 566 |
} |
567 | 567 |
return CL_CLEAN; |
... | ... |
@@ -581,7 +577,7 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
581 | 581 |
|
582 | 582 |
pt += 15; |
583 | 583 |
if(((dw1 = cli_readint32(pt)) ^ (dw2 = cli_readint32(pt + 4))) == 0x505a4f && ((dw1 = cli_readint32(pt + 8)) ^ (dw2 = cli_readint32(pt + 12))) == 0xffffb && ((dw1 = cli_readint32(pt + 16)) ^ (dw2 = cli_readint32(pt + 20))) == 0xb8) { |
584 |
- *virname = "W32.Parite.B"; |
|
584 |
+ *ctx->virname = "W32.Parite.B"; |
|
585 | 585 |
free(section_hdr); |
586 | 586 |
return CL_VIRUS; |
587 | 587 |
} |
... | ... |
@@ -602,7 +598,7 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
602 | 602 |
lseek(desc, EC32(section_hdr[nsections - 1].PointerToRawData) + rsize - bw, SEEK_SET); |
603 | 603 |
if(read(desc, buff, 4096) == 4096) { |
604 | 604 |
if(cli_memstr(buff, 4091, "\xe8\x2c\x61\x00\x00", 5)) { |
605 |
- *virname = "W32.Magistr.A"; |
|
605 |
+ *ctx->virname = "W32.Magistr.A"; |
|
606 | 606 |
free(section_hdr); |
607 | 607 |
return CL_VIRUS; |
608 | 608 |
} |
... | ... |
@@ -614,7 +610,7 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
614 | 614 |
lseek(desc, EC32(section_hdr[nsections - 1].PointerToRawData) + rsize - bw, SEEK_SET); |
615 | 615 |
if(read(desc, buff, 4096) == 4096) { |
616 | 616 |
if(cli_memstr(buff, 4091, "\xe8\x04\x72\x00\x00", 5)) { |
617 |
- *virname = "W32.Magistr.B"; |
|
617 |
+ *ctx->virname = "W32.Magistr.B"; |
|
618 | 618 |
free(section_hdr); |
619 | 619 |
return CL_VIRUS; |
620 | 620 |
} |
... | ... |
@@ -671,11 +667,11 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
671 | 671 |
while(found) { |
672 | 672 |
uint32_t newesi, newedi, newebx, newedx; |
673 | 673 |
|
674 |
- if(limits && limits->maxfilesize && (ssize > limits->maxfilesize || dsize > limits->maxfilesize)) { |
|
675 |
- cli_dbgmsg("FSG: Sizes exceeded (ssize: %d, dsize: %d, max: %lu)\n", ssize, dsize , limits->maxfilesize); |
|
674 |
+ if(ctx->limits && ctx->limits->maxfilesize && (ssize > ctx->limits->maxfilesize || dsize > ctx->limits->maxfilesize)) { |
|
675 |
+ cli_dbgmsg("FSG: Sizes exceeded (ssize: %d, dsize: %d, max: %lu)\n", ssize, dsize , ctx->limits->maxfilesize); |
|
676 | 676 |
free(section_hdr); |
677 | 677 |
if(BLOCKMAX) { |
678 |
- *virname = "PE.FSG.ExceededFileSize"; |
|
678 |
+ *ctx->virname = "PE.FSG.ExceededFileSize"; |
|
679 | 679 |
return CL_VIRUS; |
680 | 680 |
} else { |
681 | 681 |
return CL_CLEAN; |
... | ... |
@@ -777,7 +773,7 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
777 | 777 |
lseek(ndesc, 0, SEEK_SET); |
778 | 778 |
|
779 | 779 |
cli_dbgmsg("***** Scanning rebuilt PE file *****\n"); |
780 |
- if(cli_magic_scandesc(ndesc, virname, scanned, engine, limits, options, arec, mrec) == CL_VIRUS) { |
|
780 |
+ if(cli_magic_scandesc(ndesc, ctx) == CL_VIRUS) { |
|
781 | 781 |
free(section_hdr); |
782 | 782 |
close(ndesc); |
783 | 783 |
if(!cli_leavetemps_flag) |
... | ... |
@@ -830,11 +826,11 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
830 | 830 |
struct SECTION *sections; |
831 | 831 |
|
832 | 832 |
|
833 |
- if(limits && limits->maxfilesize && (ssize > limits->maxfilesize || dsize > limits->maxfilesize)) { |
|
834 |
- cli_dbgmsg("FSG: Sizes exceeded (ssize: %d, dsize: %d, max: %lu)\n", ssize, dsize, limits->maxfilesize); |
|
833 |
+ if(ctx->limits && ctx->limits->maxfilesize && (ssize > ctx->limits->maxfilesize || dsize > ctx->limits->maxfilesize)) { |
|
834 |
+ cli_dbgmsg("FSG: Sizes exceeded (ssize: %d, dsize: %d, max: %lu)\n", ssize, dsize, ctx->limits->maxfilesize); |
|
835 | 835 |
free(section_hdr); |
836 | 836 |
if(BLOCKMAX) { |
837 |
- *virname = "PE.FSG.ExceededFileSize"; |
|
837 |
+ *ctx->virname = "PE.FSG.ExceededFileSize"; |
|
838 | 838 |
return CL_VIRUS; |
839 | 839 |
} else { |
840 | 840 |
return CL_CLEAN; |
... | ... |
@@ -855,11 +851,11 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
855 | 855 |
lseek(desc, gp, SEEK_SET); |
856 | 856 |
gp = EC32(section_hdr[i + 1].PointerToRawData) - gp; |
857 | 857 |
|
858 |
- if(limits && limits->maxfilesize && (unsigned int) gp > limits->maxfilesize) { |
|
859 |
- cli_dbgmsg("FSG: Buffer size exceeded (size: %d, max: %lu)\n", gp, limits->maxfilesize); |
|
858 |
+ if(ctx->limits && ctx->limits->maxfilesize && (unsigned int) gp > ctx->limits->maxfilesize) { |
|
859 |
+ cli_dbgmsg("FSG: Buffer size exceeded (size: %d, max: %lu)\n", gp, ctx->limits->maxfilesize); |
|
860 | 860 |
free(section_hdr); |
861 | 861 |
if(BLOCKMAX) { |
862 |
- *virname = "PE.FSG.ExceededFileSize"; |
|
862 |
+ *ctx->virname = "PE.FSG.ExceededFileSize"; |
|
863 | 863 |
return CL_VIRUS; |
864 | 864 |
} else { |
865 | 865 |
return CL_CLEAN; |
... | ... |
@@ -979,7 +975,7 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
979 | 979 |
lseek(ndesc, 0, SEEK_SET); |
980 | 980 |
|
981 | 981 |
cli_dbgmsg("***** Scanning rebuilt PE file *****\n"); |
982 |
- if(cli_magic_scandesc(ndesc, virname, scanned, engine, limits, options, arec, mrec) == CL_VIRUS) { |
|
982 |
+ if(cli_magic_scandesc(ndesc, ctx) == CL_VIRUS) { |
|
983 | 983 |
free(section_hdr); |
984 | 984 |
close(ndesc); |
985 | 985 |
if(!cli_leavetemps_flag) |
... | ... |
@@ -1052,11 +1048,11 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
1052 | 1052 |
break; |
1053 | 1053 |
} |
1054 | 1054 |
|
1055 |
- if(limits && limits->maxfilesize && (ssize > limits->maxfilesize || dsize > limits->maxfilesize)) { |
|
1056 |
- cli_dbgmsg("FSG: Sizes exceeded (ssize: %d, dsize: %d, max: %lu)\n", ssize, dsize, limits->maxfilesize); |
|
1055 |
+ if(ctx->limits && ctx->limits->maxfilesize && (ssize > ctx->limits->maxfilesize || dsize > ctx->limits->maxfilesize)) { |
|
1056 |
+ cli_dbgmsg("FSG: Sizes exceeded (ssize: %d, dsize: %d, max: %lu)\n", ssize, dsize, ctx->limits->maxfilesize); |
|
1057 | 1057 |
free(section_hdr); |
1058 | 1058 |
if(BLOCKMAX) { |
1059 |
- *virname = "PE.FSG.ExceededFileSize"; |
|
1059 |
+ *ctx->virname = "PE.FSG.ExceededFileSize"; |
|
1060 | 1060 |
return CL_VIRUS; |
1061 | 1061 |
} else { |
1062 | 1062 |
return CL_CLEAN; |
... | ... |
@@ -1077,11 +1073,11 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
1077 | 1077 |
lseek(desc, gp, SEEK_SET); |
1078 | 1078 |
gp = EC32(section_hdr[i + 1].PointerToRawData) - gp; |
1079 | 1079 |
|
1080 |
- if(limits && limits->maxfilesize && (unsigned int) gp > limits->maxfilesize) { |
|
1081 |
- cli_dbgmsg("FSG: Buffer size exceeded (size: %d, max: %lu)\n", gp, limits->maxfilesize); |
|
1080 |
+ if(ctx->limits && ctx->limits->maxfilesize && (unsigned int) gp > ctx->limits->maxfilesize) { |
|
1081 |
+ cli_dbgmsg("FSG: Buffer size exceeded (size: %d, max: %lu)\n", gp, ctx->limits->maxfilesize); |
|
1082 | 1082 |
free(section_hdr); |
1083 | 1083 |
if(BLOCKMAX) { |
1084 |
- *virname = "PE.FSG.ExceededFileSize"; |
|
1084 |
+ *ctx->virname = "PE.FSG.ExceededFileSize"; |
|
1085 | 1085 |
return CL_VIRUS; |
1086 | 1086 |
} else { |
1087 | 1087 |
return CL_CLEAN; |
... | ... |
@@ -1184,7 +1180,7 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
1184 | 1184 |
lseek(ndesc, 0, SEEK_SET); |
1185 | 1185 |
|
1186 | 1186 |
cli_dbgmsg("***** Scanning rebuilt PE file *****\n"); |
1187 |
- if(cli_magic_scandesc(ndesc, virname, scanned, engine, limits, options, arec, mrec) == CL_VIRUS) { |
|
1187 |
+ if(cli_magic_scandesc(ndesc, ctx) == CL_VIRUS) { |
|
1188 | 1188 |
free(section_hdr); |
1189 | 1189 |
close(ndesc); |
1190 | 1190 |
if(!cli_leavetemps_flag) |
... | ... |
@@ -1244,11 +1240,11 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
1244 | 1244 |
ssize = EC32(section_hdr[i + 1].SizeOfRawData); |
1245 | 1245 |
dsize = EC32(section_hdr[i].VirtualSize) + EC32(section_hdr[i + 1].VirtualSize); |
1246 | 1246 |
|
1247 |
- if(limits && limits->maxfilesize && (ssize > limits->maxfilesize || dsize > limits->maxfilesize)) { |
|
1248 |
- cli_dbgmsg("UPX: Sizes exceeded (ssize: %d, dsize: %d, max: %lu)\n", ssize, dsize , limits->maxfilesize); |
|
1247 |
+ if(ctx->limits && ctx->limits->maxfilesize && (ssize > ctx->limits->maxfilesize || dsize > ctx->limits->maxfilesize)) { |
|
1248 |
+ cli_dbgmsg("UPX: Sizes exceeded (ssize: %d, dsize: %d, max: %lu)\n", ssize, dsize , ctx->limits->maxfilesize); |
|
1249 | 1249 |
free(section_hdr); |
1250 | 1250 |
if(BLOCKMAX) { |
1251 |
- *virname = "PE.UPX.ExceededFileSize"; |
|
1251 |
+ *ctx->virname = "PE.UPX.ExceededFileSize"; |
|
1252 | 1252 |
return CL_VIRUS; |
1253 | 1253 |
} else { |
1254 | 1254 |
return CL_CLEAN; |
... | ... |
@@ -1398,7 +1394,7 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
1398 | 1398 |
cli_dbgmsg("UPX/FSG: Decompressed data saved in %s\n", tempfile); |
1399 | 1399 |
|
1400 | 1400 |
cli_dbgmsg("***** Scanning decompressed file *****\n"); |
1401 |
- if((ret = cli_magic_scandesc(ndesc, virname, scanned, engine, limits, options, arec, mrec)) == CL_VIRUS) { |
|
1401 |
+ if((ret = cli_magic_scandesc(ndesc, ctx)) == CL_VIRUS) { |
|
1402 | 1402 |
close(ndesc); |
1403 | 1403 |
if(!cli_leavetemps_flag) |
1404 | 1404 |
unlink(tempfile); |
... | ... |
@@ -1440,11 +1436,11 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
1440 | 1440 |
} else { |
1441 | 1441 |
dsize = max - min; |
1442 | 1442 |
|
1443 |
- if(limits && limits->maxfilesize && dsize > limits->maxfilesize) { |
|
1444 |
- cli_dbgmsg("Petite: Size exceeded (dsize: %d, max: %lu)\n", dsize, limits->maxfilesize); |
|
1443 |
+ if(ctx->limits && ctx->limits->maxfilesize && dsize > ctx->limits->maxfilesize) { |
|
1444 |
+ cli_dbgmsg("Petite: Size exceeded (dsize: %d, max: %lu)\n", dsize, ctx->limits->maxfilesize); |
|
1445 | 1445 |
free(section_hdr); |
1446 | 1446 |
if(BLOCKMAX) { |
1447 |
- *virname = "PE.Petite.ExceededFileSize"; |
|
1447 |
+ *ctx->virname = "PE.Petite.ExceededFileSize"; |
|
1448 | 1448 |
return CL_VIRUS; |
1449 | 1449 |
} else { |
1450 | 1450 |
return CL_CLEAN; |
... | ... |
@@ -1503,7 +1499,7 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
1503 | 1503 |
fsync(ndesc); |
1504 | 1504 |
lseek(ndesc, 0, SEEK_SET); |
1505 | 1505 |
|
1506 |
- if(cli_magic_scandesc(ndesc, virname, scanned, engine, limits, options, arec, mrec) == CL_VIRUS) { |
|
1506 |
+ if(cli_magic_scandesc(ndesc, ctx) == CL_VIRUS) { |
|
1507 | 1507 |
free(section_hdr); |
1508 | 1508 |
close(ndesc); |
1509 | 1509 |
if(!cli_leavetemps_flag) { |
... | ... |
@@ -1565,7 +1561,7 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
1565 | 1565 |
fsync(ndesc); |
1566 | 1566 |
lseek(ndesc, 0, SEEK_SET); |
1567 | 1567 |
|
1568 |
- if(cli_magic_scandesc(ndesc, virname, scanned, engine, limits, options, arec, mrec) == CL_VIRUS) { |
|
1568 |
+ if(cli_magic_scandesc(ndesc, ctx) == CL_VIRUS) { |
|
1569 | 1569 |
free(section_hdr); |
1570 | 1570 |
close(ndesc); |
1571 | 1571 |
if(!cli_leavetemps_flag) { |
... | ... |
@@ -1631,7 +1627,7 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
1631 | 1631 |
fsync(ndesc); |
1632 | 1632 |
lseek(ndesc, 0, SEEK_SET); |
1633 | 1633 |
|
1634 |
- if(cli_magic_scandesc(ndesc, virname, scanned, engine, limits, options, arec, mrec) == CL_VIRUS) { |
|
1634 |
+ if(cli_magic_scandesc(ndesc, ctx) == CL_VIRUS) { |
|
1635 | 1635 |
free(section_hdr); |
1636 | 1636 |
close(ndesc); |
1637 | 1637 |
if(!cli_leavetemps_flag) { |
... | ... |
@@ -24,6 +24,7 @@ |
24 | 24 |
|
25 | 25 |
#include "clamav.h" |
26 | 26 |
#include "execs.h" |
27 |
+#include "others.h" |
|
27 | 28 |
|
28 | 29 |
struct pe_image_file_hdr { |
29 | 30 |
uint32_t Magic; |
... | ... |
@@ -127,7 +128,7 @@ struct pe_image_section_hdr { |
127 | 127 |
uint32_t Characteristics; |
128 | 128 |
}; |
129 | 129 |
|
130 |
-int cli_scanpe(int desc, const char **virname, long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec); |
|
130 |
+int cli_scanpe(int desc, cli_ctx *ctx); |
|
131 | 131 |
|
132 | 132 |
int cli_peheader(int desc, struct cli_exe_info *peinfo); |
133 | 133 |
|
... | ... |
@@ -92,19 +92,9 @@ extern int cli_mbox(const char *dir, int desc, unsigned int options); /* FIXME * |
92 | 92 |
# endif |
93 | 93 |
#endif |
94 | 94 |
|
95 |
-#define SCAN_ARCHIVE (options & CL_SCAN_ARCHIVE) |
|
96 |
-#define SCAN_MAIL (options & CL_SCAN_MAIL) |
|
97 |
-#define SCAN_OLE2 (options & CL_SCAN_OLE2) |
|
98 |
-#define SCAN_HTML (options & CL_SCAN_HTML) |
|
99 |
-#define SCAN_PE (options & CL_SCAN_PE) |
|
100 |
-#define SCAN_ALGO (options & CL_SCAN_ALGO) |
|
101 |
-#define DETECT_ENCRYPTED (options & CL_SCAN_BLOCKENCRYPTED) |
|
102 |
-#define BLOCKMAX (options & CL_SCAN_BLOCKMAX) |
|
103 |
- |
|
104 | 95 |
#define MAX_MAIL_RECURSION 15 |
105 | 96 |
|
106 |
-static int cli_scanfile(const char *filename, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec); |
|
107 |
- |
|
97 |
+static int cli_scanfile(const char *filename, cli_ctx *ctx); |
|
108 | 98 |
|
109 | 99 |
/* |
110 | 100 |
#ifdef CL_THREAD_SAFE |
... | ... |
@@ -116,7 +106,7 @@ static void cli_unlock_mutex(void *mtx) |
116 | 116 |
#endif |
117 | 117 |
*/ |
118 | 118 |
|
119 |
-static int cli_scanrar(int desc, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec, unsigned long int offset) |
|
119 |
+static int cli_scanrar(int desc, cli_ctx *ctx, unsigned long int offset) |
|
120 | 120 |
{ |
121 | 121 |
int fd, ret = CL_CLEAN; |
122 | 122 |
unsigned int files = 0; |
... | ... |
@@ -136,9 +126,9 @@ static int cli_scanrar(int desc, const char **virname, unsigned long int *scanne |
136 | 136 |
} |
137 | 137 |
|
138 | 138 |
lseek(desc, offset, SEEK_SET); |
139 |
- metadata = metadata_tmp = cli_unrar(desc, dir, limits); |
|
139 |
+ metadata = metadata_tmp = cli_unrar(desc, dir, ctx->limits); |
|
140 | 140 |
|
141 |
- if(cli_scandir(dir, virname, scanned, engine, limits, options, arec, mrec) == CL_VIRUS) { |
|
141 |
+ if(cli_scandir(dir, ctx) == CL_VIRUS) { |
|
142 | 142 |
ret = CL_VIRUS; |
143 | 143 |
} else while(metadata) { |
144 | 144 |
|
... | ... |
@@ -147,10 +137,10 @@ static int cli_scanrar(int desc, const char **virname, unsigned long int *scanne |
147 | 147 |
cli_dbgmsg("RAR: %s, crc32: 0x%x, encrypted: %d, compressed: %u, normal: %u, method: %d, ratio: %d (max: %d)\n", |
148 | 148 |
metadata->filename, metadata->crc, metadata->encrypted, metadata->pack_size, |
149 | 149 |
metadata->unpack_size, metadata->method, |
150 |
- metadata->pack_size ? ((unsigned int) metadata->unpack_size / (unsigned int) metadata->pack_size) : 0, limits ? limits->maxratio : 0); |
|
150 |
+ metadata->pack_size ? ((unsigned int) metadata->unpack_size / (unsigned int) metadata->pack_size) : 0, ctx->limits ? ctx->limits->maxratio : 0); |
|
151 | 151 |
|
152 | 152 |
/* Scan metadata */ |
153 |
- mdata = engine->rar_mlist; |
|
153 |
+ mdata = ctx->engine->rar_mlist; |
|
154 | 154 |
if(mdata) do { |
155 | 155 |
if(mdata->encrypted != metadata->encrypted) |
156 | 156 |
continue; |
... | ... |
@@ -170,7 +160,7 @@ static int cli_scanrar(int desc, const char **virname, unsigned long int *scanne |
170 | 170 |
if(mdata->fileno && mdata->fileno != files) |
171 | 171 |
continue; |
172 | 172 |
|
173 |
- if(mdata->maxdepth && arec > mdata->maxdepth) |
|
173 |
+ if(mdata->maxdepth && ctx->arec > mdata->maxdepth) |
|
174 | 174 |
continue; |
175 | 175 |
|
176 | 176 |
/* TODO add support for regex */ |
... | ... |
@@ -183,7 +173,7 @@ static int cli_scanrar(int desc, const char **virname, unsigned long int *scanne |
183 | 183 |
} while((mdata = mdata->next)); |
184 | 184 |
|
185 | 185 |
if(mdata) { |
186 |
- *virname = mdata->virname; |
|
186 |
+ *ctx->virname = mdata->virname; |
|
187 | 187 |
ret = CL_VIRUS; |
188 | 188 |
break; |
189 | 189 |
} |
... | ... |
@@ -191,11 +181,11 @@ static int cli_scanrar(int desc, const char **virname, unsigned long int *scanne |
191 | 191 |
if(DETECT_ENCRYPTED && metadata->encrypted) { |
192 | 192 |
cli_dbgmsg("RAR: Encrypted files found in archive.\n"); |
193 | 193 |
lseek(desc, 0, SEEK_SET); |
194 |
- ret = cli_scandesc(desc, virname, scanned, engine, 0, 0, NULL); |
|
194 |
+ ret = cli_scandesc(desc, ctx, 0, 0, NULL); |
|
195 | 195 |
if(ret < 0) { |
196 | 196 |
break; |
197 | 197 |
} else if(ret != CL_VIRUS) { |
198 |
- *virname = "Encrypted.RAR"; |
|
198 |
+ *ctx->virname = "Encrypted.RAR"; |
|
199 | 199 |
ret = CL_VIRUS; |
200 | 200 |
} |
201 | 201 |
break; |
... | ... |
@@ -209,22 +199,22 @@ static int cli_scanrar(int desc, const char **virname, unsigned long int *scanne |
209 | 209 |
continue; |
210 | 210 |
} |
211 | 211 |
*/ |
212 |
- if(limits) { |
|
213 |
- if(limits->maxratio && metadata->unpack_size && metadata->pack_size) { |
|
214 |
- if((unsigned int) metadata->unpack_size / (unsigned int) metadata->pack_size >= limits->maxratio) { |
|
212 |
+ if(ctx->limits) { |
|
213 |
+ if(ctx->limits->maxratio && metadata->unpack_size && metadata->pack_size) { |
|
214 |
+ if((unsigned int) metadata->unpack_size / (unsigned int) metadata->pack_size >= ctx->limits->maxratio) { |
|
215 | 215 |
cli_dbgmsg("RAR: Max ratio reached (normal: %u, compressed: %u, max: %ld)\n", metadata->unpack_size, |
216 |
- metadata->pack_size, limits->maxratio); |
|
217 |
- *virname = "Oversized.RAR"; |
|
216 |
+ metadata->pack_size, ctx->limits->maxratio); |
|
217 |
+ *ctx->virname = "Oversized.RAR"; |
|
218 | 218 |
ret = CL_VIRUS; |
219 | 219 |
break; |
220 | 220 |
} |
221 | 221 |
} |
222 | 222 |
|
223 |
- if(limits->maxfilesize && (metadata->unpack_size > (unsigned int) limits->maxfilesize)) { |
|
223 |
+ if(ctx->limits->maxfilesize && (metadata->unpack_size > (unsigned int) ctx->limits->maxfilesize)) { |
|
224 | 224 |
cli_dbgmsg("RAR: %s: Size exceeded (%u, max: %lu)\n", metadata->filename, |
225 |
- metadata->unpack_size, limits->maxfilesize); |
|
225 |
+ metadata->unpack_size, ctx->limits->maxfilesize); |
|
226 | 226 |
if(BLOCKMAX) { |
227 |
- *virname = "RAR.ExceededFileSize"; |
|
227 |
+ *ctx->virname = "RAR.ExceededFileSize"; |
|
228 | 228 |
ret = CL_VIRUS; |
229 | 229 |
break; |
230 | 230 |
} |
... | ... |
@@ -232,10 +222,10 @@ static int cli_scanrar(int desc, const char **virname, unsigned long int *scanne |
232 | 232 |
continue; |
233 | 233 |
} |
234 | 234 |
|
235 |
- if(limits->maxfiles && (files > limits->maxfiles)) { |
|
236 |
- cli_dbgmsg("RAR: Files limit reached (max: %d)\n", limits->maxfiles); |
|
235 |
+ if(ctx->limits->maxfiles && (files > ctx->limits->maxfiles)) { |
|
236 |
+ cli_dbgmsg("RAR: Files limit reached (max: %d)\n", ctx->limits->maxfiles); |
|
237 | 237 |
if(BLOCKMAX) { |
238 |
- *virname = "RAR.ExceededFilesLimit"; |
|
238 |
+ *ctx->virname = "RAR.ExceededFilesLimit"; |
|
239 | 239 |
ret = CL_VIRUS; |
240 | 240 |
break; |
241 | 241 |
} |
... | ... |
@@ -263,7 +253,7 @@ static int cli_scanrar(int desc, const char **virname, unsigned long int *scanne |
263 | 263 |
} |
264 | 264 |
|
265 | 265 |
#ifdef HAVE_ZLIB_H |
266 |
-static int cli_scanzip(int desc, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec, unsigned long int offset) |
|
266 |
+static int cli_scanzip(int desc, cli_ctx *ctx, unsigned long int offset) |
|
267 | 267 |
{ |
268 | 268 |
ZZIP_DIR *zdir; |
269 | 269 |
ZZIP_DIRENT zdirent; |
... | ... |
@@ -303,7 +293,7 @@ static int cli_scanzip(int desc, const char **virname, unsigned long int *scanne |
303 | 303 |
|
304 | 304 |
if(!zdirent.d_name || !strlen(zdirent.d_name)) { /* Mimail fix */ |
305 | 305 |
cli_dbgmsg("Zip: strlen(zdirent.d_name) == %d\n", strlen(zdirent.d_name)); |
306 |
- *virname = "Suspect.Zip"; |
|
306 |
+ *ctx->virname = "Suspect.Zip"; |
|
307 | 307 |
ret = CL_VIRUS; |
308 | 308 |
break; |
309 | 309 |
} |
... | ... |
@@ -314,12 +304,12 @@ static int cli_scanzip(int desc, const char **virname, unsigned long int *scanne |
314 | 314 |
*/ |
315 | 315 |
encrypted = (zdirent.d_flags & 0x2041 != 0); |
316 | 316 |
|
317 |
- cli_dbgmsg("Zip: %s, crc32: 0x%x, offset: %d, encrypted: %d, compressed: %u, normal: %u, method: %d, ratio: %d (max: %d)\n", zdirent.d_name, zdirent.d_crc32, zdirent.d_off, encrypted, zdirent.d_csize, zdirent.st_size, zdirent.d_compr, zdirent.d_csize ? (zdirent.st_size / zdirent.d_csize) : 0, limits ? limits->maxratio : 0); |
|
317 |
+ cli_dbgmsg("Zip: %s, crc32: 0x%x, offset: %d, encrypted: %d, compressed: %u, normal: %u, method: %d, ratio: %d (max: %d)\n", zdirent.d_name, zdirent.d_crc32, zdirent.d_off, encrypted, zdirent.d_csize, zdirent.st_size, zdirent.d_compr, zdirent.d_csize ? (zdirent.st_size / zdirent.d_csize) : 0, ctx->limits ? ctx->limits->maxratio : 0); |
|
318 | 318 |
|
319 | 319 |
if(!zdirent.st_size) { |
320 | 320 |
if(zdirent.d_crc32) { |
321 | 321 |
cli_dbgmsg("Zip: Broken file or modified information in local header part of archive\n"); |
322 |
- *virname = "Exploit.Zip.ModifiedHeaders"; |
|
322 |
+ *ctx->virname = "Exploit.Zip.ModifiedHeaders"; |
|
323 | 323 |
ret = CL_VIRUS; |
324 | 324 |
break; |
325 | 325 |
} |
... | ... |
@@ -327,7 +317,7 @@ static int cli_scanzip(int desc, const char **virname, unsigned long int *scanne |
327 | 327 |
} |
328 | 328 |
|
329 | 329 |
/* Scan metadata */ |
330 |
- mdata = engine->zip_mlist; |
|
330 |
+ mdata = ctx->engine->zip_mlist; |
|
331 | 331 |
if(mdata) do { |
332 | 332 |
if(mdata->encrypted != encrypted) |
333 | 333 |
continue; |
... | ... |
@@ -347,7 +337,7 @@ static int cli_scanzip(int desc, const char **virname, unsigned long int *scanne |
347 | 347 |
if(mdata->fileno && mdata->fileno != files) |
348 | 348 |
continue; |
349 | 349 |
|
350 |
- if(mdata->maxdepth && arec > mdata->maxdepth) |
|
350 |
+ if(mdata->maxdepth && ctx->arec > mdata->maxdepth) |
|
351 | 351 |
continue; |
352 | 352 |
|
353 | 353 |
/* TODO add support for regex */ |
... | ... |
@@ -360,7 +350,7 @@ static int cli_scanzip(int desc, const char **virname, unsigned long int *scanne |
360 | 360 |
} while((mdata = mdata->next)); |
361 | 361 |
|
362 | 362 |
if(mdata) { |
363 |
- *virname = mdata->virname; |
|
363 |
+ *ctx->virname = mdata->virname; |
|
364 | 364 |
ret = CL_VIRUS; |
365 | 365 |
break; |
366 | 366 |
} |
... | ... |
@@ -378,13 +368,13 @@ static int cli_scanzip(int desc, const char **virname, unsigned long int *scanne |
378 | 378 |
/* work-around for problematic zips (zziplib crashes with them) */ |
379 | 379 |
if(zdirent.d_csize <= 0 || zdirent.st_size < 0) { |
380 | 380 |
cli_dbgmsg("Zip: Malformed archive detected.\n"); |
381 |
- *virname = "Suspect.Zip"; |
|
381 |
+ *ctx->virname = "Suspect.Zip"; |
|
382 | 382 |
ret = CL_VIRUS; |
383 | 383 |
break; |
384 | 384 |
} |
385 | 385 |
|
386 |
- if(limits && limits->maxratio > 0 && ((unsigned) zdirent.st_size / (unsigned) zdirent.d_csize) >= limits->maxratio) { |
|
387 |
- *virname = "Oversized.Zip"; |
|
386 |
+ if(ctx->limits && ctx->limits->maxratio > 0 && ((unsigned) zdirent.st_size / (unsigned) zdirent.d_csize) >= ctx->limits->maxratio) { |
|
387 |
+ *ctx->virname = "Oversized.Zip"; |
|
388 | 388 |
ret = CL_VIRUS; |
389 | 389 |
break; |
390 | 390 |
} |
... | ... |
@@ -392,32 +382,32 @@ static int cli_scanzip(int desc, const char **virname, unsigned long int *scanne |
392 | 392 |
if(DETECT_ENCRYPTED && encrypted) { |
393 | 393 |
cli_dbgmsg("Zip: Encrypted files found in archive.\n"); |
394 | 394 |
lseek(desc, 0, SEEK_SET); |
395 |
- ret = cli_scandesc(desc, virname, scanned, engine, 0, 0, NULL); |
|
395 |
+ ret = cli_scandesc(desc, ctx, 0, 0, NULL); |
|
396 | 396 |
if(ret < 0) { |
397 | 397 |
break; |
398 | 398 |
} else if(ret != CL_VIRUS) { |
399 |
- *virname = "Encrypted.Zip"; |
|
399 |
+ *ctx->virname = "Encrypted.Zip"; |
|
400 | 400 |
ret = CL_VIRUS; |
401 | 401 |
} |
402 | 402 |
break; |
403 | 403 |
} |
404 | 404 |
|
405 |
- if(limits) { |
|
406 |
- if(limits->maxfilesize && ((unsigned int) zdirent.st_size > limits->maxfilesize)) { |
|
407 |
- cli_dbgmsg("Zip: %s: Size exceeded (%d, max: %ld)\n", zdirent.d_name, zdirent.st_size, limits->maxfilesize); |
|
405 |
+ if(ctx->limits) { |
|
406 |
+ if(ctx->limits->maxfilesize && ((unsigned int) zdirent.st_size > ctx->limits->maxfilesize)) { |
|
407 |
+ cli_dbgmsg("Zip: %s: Size exceeded (%d, max: %ld)\n", zdirent.d_name, zdirent.st_size, ctx->limits->maxfilesize); |
|
408 | 408 |
/* ret = CL_EMAXSIZE; */ |
409 | 409 |
if(BLOCKMAX) { |
410 |
- *virname = "Zip.ExceededFileSize"; |
|
410 |
+ *ctx->virname = "Zip.ExceededFileSize"; |
|
411 | 411 |
ret = CL_VIRUS; |
412 | 412 |
break; |
413 | 413 |
} |
414 | 414 |
continue; /* continue scanning */ |
415 | 415 |
} |
416 | 416 |
|
417 |
- if(limits->maxfiles && (files > limits->maxfiles)) { |
|
418 |
- cli_dbgmsg("Zip: Files limit reached (max: %d)\n", limits->maxfiles); |
|
417 |
+ if(ctx->limits->maxfiles && (files > ctx->limits->maxfiles)) { |
|
418 |
+ cli_dbgmsg("Zip: Files limit reached (max: %d)\n", ctx->limits->maxfiles); |
|
419 | 419 |
if(BLOCKMAX) { |
420 |
- *virname = "Zip.ExceededFilesLimit"; |
|
420 |
+ *ctx->virname = "Zip.ExceededFilesLimit"; |
|
421 | 421 |
ret = CL_VIRUS; |
422 | 422 |
break; |
423 | 423 |
} |
... | ... |
@@ -472,13 +462,13 @@ static int cli_scanzip(int desc, const char **virname, unsigned long int *scanne |
472 | 472 |
fd = fileno(tmp); |
473 | 473 |
|
474 | 474 |
lseek(fd, 0, SEEK_SET); |
475 |
- if((ret = cli_magic_scandesc(fd, virname, scanned, engine, limits, options, arec, mrec)) == CL_VIRUS ) { |
|
476 |
- cli_dbgmsg("Zip: Infected with %s\n", *virname); |
|
475 |
+ if((ret = cli_magic_scandesc(fd, ctx)) == CL_VIRUS ) { |
|
476 |
+ cli_dbgmsg("Zip: Infected with %s\n", *ctx->virname); |
|
477 | 477 |
ret = CL_VIRUS; |
478 | 478 |
break; |
479 | 479 |
} else if(ret == CL_EMALFZIP) { |
480 | 480 |
cli_dbgmsg("Zip: Malformed Zip file, scanning stopped.\n"); |
481 |
- *virname = "Suspect.Zip"; |
|
481 |
+ *ctx->virname = "Suspect.Zip"; |
|
482 | 482 |
ret = CL_VIRUS; |
483 | 483 |
break; |
484 | 484 |
} |
... | ... |
@@ -505,7 +495,7 @@ static int cli_scanzip(int desc, const char **virname, unsigned long int *scanne |
505 | 505 |
return ret; |
506 | 506 |
} |
507 | 507 |
|
508 |
-static int cli_scangzip(int desc, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec) |
|
508 |
+static int cli_scangzip(int desc, cli_ctx *ctx) |
|
509 | 509 |
{ |
510 | 510 |
int fd, bytes, ret = CL_CLEAN; |
511 | 511 |
unsigned long int size = 0; |
... | ... |
@@ -542,11 +532,11 @@ static int cli_scangzip(int desc, const char **virname, unsigned long int *scann |
542 | 542 |
while((bytes = gzread(gd, buff, FILEBUFF)) > 0) { |
543 | 543 |
size += bytes; |
544 | 544 |
|
545 |
- if(limits) |
|
546 |
- if(limits->maxfilesize && (size + FILEBUFF > limits->maxfilesize)) { |
|
547 |
- cli_dbgmsg("GZip: Size exceeded (stopped at %ld, max: %ld)\n", size, limits->maxfilesize); |
|
545 |
+ if(ctx->limits) |
|
546 |
+ if(ctx->limits->maxfilesize && (size + FILEBUFF > ctx->limits->maxfilesize)) { |
|
547 |
+ cli_dbgmsg("GZip: Size exceeded (stopped at %ld, max: %ld)\n", size, ctx->limits->maxfilesize); |
|
548 | 548 |
if(BLOCKMAX) { |
549 |
- *virname = "GZip.ExceededFileSize"; |
|
549 |
+ *ctx->virname = "GZip.ExceededFileSize"; |
|
550 | 550 |
ret = CL_VIRUS; |
551 | 551 |
} |
552 | 552 |
break; |
... | ... |
@@ -585,8 +575,8 @@ static int cli_scangzip(int desc, const char **virname, unsigned long int *scann |
585 | 585 |
} |
586 | 586 |
|
587 | 587 |
lseek(fd, 0, SEEK_SET); |
588 |
- if((ret = cli_magic_scandesc(fd, virname, scanned, engine, limits, options, arec, mrec)) == CL_VIRUS ) { |
|
589 |
- cli_dbgmsg("GZip: Infected with %s\n", *virname); |
|
588 |
+ if((ret = cli_magic_scandesc(fd, ctx)) == CL_VIRUS ) { |
|
589 |
+ cli_dbgmsg("GZip: Infected with %s\n", *ctx->virname); |
|
590 | 590 |
fclose(tmp); |
591 | 591 |
if(!cli_leavetemps_flag) |
592 | 592 |
unlink(tmpname); |
... | ... |
@@ -610,7 +600,7 @@ static int cli_scangzip(int desc, const char **virname, unsigned long int *scann |
610 | 610 |
#define BZ2_bzRead bzRead |
611 | 611 |
#endif |
612 | 612 |
|
613 |
-static int cli_scanbzip(int desc, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec) |
|
613 |
+static int cli_scanbzip(int desc, cli_ctx *ctx) |
|
614 | 614 |
{ |
615 | 615 |
int fd, bytes, ret = CL_CLEAN, bzerror = 0; |
616 | 616 |
short memlim = 0; |
... | ... |
@@ -626,8 +616,8 @@ static int cli_scanbzip(int desc, const char **virname, unsigned long int *scann |
626 | 626 |
return CL_EBZIP; |
627 | 627 |
} |
628 | 628 |
|
629 |
- if(limits) |
|
630 |
- if(limits->archivememlim) |
|
629 |
+ if(ctx->limits) |
|
630 |
+ if(ctx->limits->archivememlim) |
|
631 | 631 |
memlim = 1; |
632 | 632 |
|
633 | 633 |
if((bfd = BZ2_bzReadOpen(&bzerror, fs, 0, memlim, NULL, 0)) == NULL) { |
... | ... |
@@ -658,11 +648,11 @@ static int cli_scanbzip(int desc, const char **virname, unsigned long int *scann |
658 | 658 |
while((bytes = BZ2_bzRead(&bzerror, bfd, buff, FILEBUFF)) > 0) { |
659 | 659 |
size += bytes; |
660 | 660 |
|
661 |
- if(limits) |
|
662 |
- if(limits->maxfilesize && (size + FILEBUFF > limits->maxfilesize)) { |
|
663 |
- cli_dbgmsg("Bzip: Size exceeded (stopped at %ld, max: %ld)\n", size, limits->maxfilesize); |
|
661 |
+ if(ctx->limits) |
|
662 |
+ if(ctx->limits->maxfilesize && (size + FILEBUFF > ctx->limits->maxfilesize)) { |
|
663 |
+ cli_dbgmsg("Bzip: Size exceeded (stopped at %ld, max: %ld)\n", size, ctx->limits->maxfilesize); |
|
664 | 664 |
if(BLOCKMAX) { |
665 |
- *virname = "BZip.ExceededFileSize"; |
|
665 |
+ *ctx->virname = "BZip.ExceededFileSize"; |
|
666 | 666 |
ret = CL_VIRUS; |
667 | 667 |
} |
668 | 668 |
break; |
... | ... |
@@ -704,8 +694,8 @@ static int cli_scanbzip(int desc, const char **virname, unsigned long int *scann |
704 | 704 |
} |
705 | 705 |
|
706 | 706 |
lseek(fd, 0, SEEK_SET); |
707 |
- if((ret = cli_magic_scandesc(fd, virname, scanned, engine, limits, options, arec, mrec)) == CL_VIRUS ) { |
|
708 |
- cli_dbgmsg("Bzip: Infected with %s\n", *virname); |
|
707 |
+ if((ret = cli_magic_scandesc(fd, ctx)) == CL_VIRUS ) { |
|
708 |
+ cli_dbgmsg("Bzip: Infected with %s\n", *ctx->virname); |
|
709 | 709 |
} |
710 | 710 |
fclose(tmp); |
711 | 711 |
if(!cli_leavetemps_flag) |
... | ... |
@@ -717,7 +707,7 @@ static int cli_scanbzip(int desc, const char **virname, unsigned long int *scann |
717 | 717 |
} |
718 | 718 |
#endif |
719 | 719 |
|
720 |
-static int cli_scanszdd(int desc, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec) |
|
720 |
+static int cli_scanszdd(int desc, cli_ctx *ctx) |
|
721 | 721 |
{ |
722 | 722 |
int fd, ret = CL_CLEAN, dcpy; |
723 | 723 |
FILE *tmp = NULL, *in; |
... | ... |
@@ -765,8 +755,8 @@ static int cli_scanszdd(int desc, const char **virname, unsigned long int *scann |
765 | 765 |
|
766 | 766 |
fd = fileno(tmp); |
767 | 767 |
lseek(fd, 0, SEEK_SET); |
768 |
- if((ret = cli_magic_scandesc(fd, virname, scanned, engine, limits, options, arec, mrec)) == CL_VIRUS) { |
|
769 |
- cli_dbgmsg("SZDD: Infected with %s\n", *virname); |
|
768 |
+ if((ret = cli_magic_scandesc(fd, ctx)) == CL_VIRUS) { |
|
769 |
+ cli_dbgmsg("SZDD: Infected with %s\n", *ctx->virname); |
|
770 | 770 |
fclose(tmp); |
771 | 771 |
if(!cli_leavetemps_flag) |
772 | 772 |
unlink(tmpname); |
... | ... |
@@ -781,7 +771,7 @@ static int cli_scanszdd(int desc, const char **virname, unsigned long int *scann |
781 | 781 |
return ret; |
782 | 782 |
} |
783 | 783 |
|
784 |
-static int cli_scanmscab(int desc, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec) |
|
784 |
+static int cli_scanmscab(int desc, cli_ctx *ctx) |
|
785 | 785 |
{ |
786 | 786 |
struct mscab_decompressor *cabd = NULL; |
787 | 787 |
struct mscabd_cabinet *base, *cab; |
... | ... |
@@ -806,10 +796,10 @@ static int cli_scanmscab(int desc, const char **virname, unsigned long int *scan |
806 | 806 |
for(cab = base; cab; cab = cab->next) { |
807 | 807 |
for(file = cab->files; file; file = file->next) { |
808 | 808 |
|
809 |
- if(limits && limits->maxfilesize && (file->length > (unsigned int) limits->maxfilesize)) { |
|
810 |
- cli_dbgmsg("MSCAB: %s: Size exceeded (%u, max: %lu)\n", file->filename, file->length, limits->maxfilesize); |
|
809 |
+ if(ctx->limits && ctx->limits->maxfilesize && (file->length > (unsigned int) ctx->limits->maxfilesize)) { |
|
810 |
+ cli_dbgmsg("MSCAB: %s: Size exceeded (%u, max: %lu)\n", file->filename, file->length, ctx->limits->maxfilesize); |
|
811 | 811 |
if(BLOCKMAX) { |
812 |
- *virname = "MSCAB.ExceededFileSize"; |
|
812 |
+ *ctx->virname = "MSCAB.ExceededFileSize"; |
|
813 | 813 |
cabd->close(cabd, base); |
814 | 814 |
mspack_destroy_cab_decompressor(cabd); |
815 | 815 |
return CL_VIRUS; |
... | ... |
@@ -822,7 +812,7 @@ static int cli_scanmscab(int desc, const char **virname, unsigned long int *scan |
822 | 822 |
if(cabd->extract(cabd, file, tempname)) { |
823 | 823 |
cli_dbgmsg("MSCAB: libmscab error code: %d\n", cabd->last_error(cabd)); |
824 | 824 |
} else { |
825 |
- ret = cli_scanfile(tempname, virname, scanned, engine, limits, options, arec, mrec); |
|
825 |
+ ret = cli_scanfile(tempname, ctx); |
|
826 | 826 |
} |
827 | 827 |
if(!cli_leavetemps_flag) |
828 | 828 |
unlink(tempname); |
... | ... |
@@ -840,7 +830,7 @@ static int cli_scanmscab(int desc, const char **virname, unsigned long int *scan |
840 | 840 |
return ret; |
841 | 841 |
} |
842 | 842 |
|
843 |
-int cli_scandir(const char *dirname, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec) |
|
843 |
+int cli_scandir(const char *dirname, cli_ctx *ctx) |
|
844 | 844 |
{ |
845 | 845 |
DIR *dd; |
846 | 846 |
struct dirent *dent; |
... | ... |
@@ -874,14 +864,14 @@ int cli_scandir(const char *dirname, const char **virname, unsigned long int *sc |
874 | 874 |
/* stat the file */ |
875 | 875 |
if(lstat(fname, &statbuf) != -1) { |
876 | 876 |
if(S_ISDIR(statbuf.st_mode) && !S_ISLNK(statbuf.st_mode)) { |
877 |
- if (cli_scandir(fname, virname, scanned, engine, limits, options, arec, mrec) == CL_VIRUS) { |
|
877 |
+ if (cli_scandir(fname, ctx) == CL_VIRUS) { |
|
878 | 878 |
free(fname); |
879 | 879 |
closedir(dd); |
880 | 880 |
return CL_VIRUS; |
881 | 881 |
} |
882 | 882 |
} else |
883 | 883 |
if(S_ISREG(statbuf.st_mode)) |
884 |
- if(cli_scanfile(fname, virname, scanned, engine, limits, options, arec, mrec) == CL_VIRUS) { |
|
884 |
+ if(cli_scanfile(fname, ctx) == CL_VIRUS) { |
|
885 | 885 |
free(fname); |
886 | 886 |
closedir(dd); |
887 | 887 |
return CL_VIRUS; |
... | ... |
@@ -901,7 +891,7 @@ int cli_scandir(const char *dirname, const char **virname, unsigned long int *sc |
901 | 901 |
return 0; |
902 | 902 |
} |
903 | 903 |
|
904 |
-static int cli_vba_scandir(const char *dirname, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec) |
|
904 |
+static int cli_vba_scandir(const char *dirname, cli_ctx *ctx) |
|
905 | 905 |
{ |
906 | 906 |
int ret = CL_CLEAN, i, fd, ofd, data_len; |
907 | 907 |
vba_project_t *vba_project; |
... | ... |
@@ -939,10 +929,10 @@ static int cli_vba_scandir(const char *dirname, const char **virname, unsigned l |
939 | 939 |
if(!data) { |
940 | 940 |
cli_dbgmsg("VBADir: WARNING: VBA project '%s' decompressed to NULL\n", vba_project->name[i]); |
941 | 941 |
} else { |
942 |
- if(scanned) |
|
943 |
- *scanned += data_len / CL_COUNT_PRECISION; |
|
942 |
+ if(ctx->scanned) |
|
943 |
+ *ctx->scanned += data_len / CL_COUNT_PRECISION; |
|
944 | 944 |
|
945 |
- if(cli_scanbuff((char *) data, data_len, virname, engine, CL_TYPE_MSOLE2) == CL_VIRUS) { |
|
945 |
+ if(cli_scanbuff((char *) data, data_len, ctx->virname, ctx->engine, CL_TYPE_MSOLE2) == CL_VIRUS) { |
|
946 | 946 |
free(data); |
947 | 947 |
ret = CL_VIRUS; |
948 | 948 |
break; |
... | ... |
@@ -959,7 +949,7 @@ static int cli_vba_scandir(const char *dirname, const char **virname, unsigned l |
959 | 959 |
free(vba_project->offset); |
960 | 960 |
free(vba_project); |
961 | 961 |
} else if ((fullname = ppt_vba_read(dirname))) { |
962 |
- if(cli_scandir(fullname, virname, scanned, engine, limits, options, arec, mrec) == CL_VIRUS) { |
|
962 |
+ if(cli_scandir(fullname, ctx) == CL_VIRUS) { |
|
963 | 963 |
ret = CL_VIRUS; |
964 | 964 |
} |
965 | 965 |
if(!cli_leavetemps_flag) |
... | ... |
@@ -984,9 +974,9 @@ static int cli_vba_scandir(const char *dirname, const char **virname, unsigned l |
984 | 984 |
if(!data) { |
985 | 985 |
cli_dbgmsg("VBADir: WARNING: WM project '%s' macro %d decrypted to NULL\n", vba_project->name[i], i); |
986 | 986 |
} else { |
987 |
- if(scanned) |
|
988 |
- *scanned += vba_project->length[i] / CL_COUNT_PRECISION; |
|
989 |
- if(cli_scanbuff((char *) data, vba_project->length[i], virname, engine, CL_TYPE_MSOLE2) == CL_VIRUS) { |
|
987 |
+ if(ctx->scanned) |
|
988 |
+ *ctx->scanned += vba_project->length[i] / CL_COUNT_PRECISION; |
|
989 |
+ if(cli_scanbuff((char *) data, vba_project->length[i], ctx->virname, ctx->engine, CL_TYPE_MSOLE2) == CL_VIRUS) { |
|
990 | 990 |
free(data); |
991 | 991 |
ret = CL_VIRUS; |
992 | 992 |
break; |
... | ... |
@@ -1015,7 +1005,7 @@ static int cli_vba_scandir(const char *dirname, const char **virname, unsigned l |
1015 | 1015 |
if (fd >= 0) { |
1016 | 1016 |
ofd = cli_decode_ole_object(fd, dirname); |
1017 | 1017 |
if (ofd >= 0) { |
1018 |
- ret = cli_scandesc(ofd, virname, scanned, engine, 0, 0, NULL); |
|
1018 |
+ ret = cli_scandesc(ofd, ctx, 0, 0, NULL); |
|
1019 | 1019 |
close(ofd); |
1020 | 1020 |
} |
1021 | 1021 |
close(fd); |
... | ... |
@@ -1043,7 +1033,7 @@ static int cli_vba_scandir(const char *dirname, const char **virname, unsigned l |
1043 | 1043 |
/* stat the file */ |
1044 | 1044 |
if(lstat(fname, &statbuf) != -1) { |
1045 | 1045 |
if(S_ISDIR(statbuf.st_mode) && !S_ISLNK(statbuf.st_mode)) |
1046 |
- if (cli_vba_scandir(fname, virname, scanned, engine, limits, options, arec, mrec) == CL_VIRUS) { |
|
1046 |
+ if (cli_vba_scandir(fname, ctx) == CL_VIRUS) { |
|
1047 | 1047 |
ret = CL_VIRUS; |
1048 | 1048 |
free(fname); |
1049 | 1049 |
break; |
... | ... |
@@ -1062,7 +1052,7 @@ static int cli_vba_scandir(const char *dirname, const char **virname, unsigned l |
1062 | 1062 |
return ret; |
1063 | 1063 |
} |
1064 | 1064 |
|
1065 |
-static int cli_scanhtml(int desc, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec) |
|
1065 |
+static int cli_scanhtml(int desc, cli_ctx *ctx) |
|
1066 | 1066 |
{ |
1067 | 1067 |
char *tempname, fullname[1024]; |
1068 | 1068 |
int ret=CL_CLEAN, fd; |
... | ... |
@@ -1081,7 +1071,7 @@ static int cli_scanhtml(int desc, const char **virname, unsigned long int *scann |
1081 | 1081 |
snprintf(fullname, 1024, "%s/comment.html", tempname); |
1082 | 1082 |
fd = open(fullname, O_RDONLY); |
1083 | 1083 |
if (fd >= 0) { |
1084 |
- ret = cli_scandesc(fd, virname, scanned, engine, 0, CL_TYPE_HTML, NULL); |
|
1084 |
+ ret = cli_scandesc(fd, ctx, 0, CL_TYPE_HTML, NULL); |
|
1085 | 1085 |
close(fd); |
1086 | 1086 |
} |
1087 | 1087 |
|
... | ... |
@@ -1096,7 +1086,7 @@ static int cli_scanhtml(int desc, const char **virname, unsigned long int *scann |
1096 | 1096 |
snprintf(fullname, 1024, "%s/nocomment.html", tempname); |
1097 | 1097 |
fd = open(fullname, O_RDONLY); |
1098 | 1098 |
if (fd >= 0) { |
1099 |
- ret = cli_scandesc(fd, virname, scanned, engine, 0, CL_TYPE_HTML, NULL); |
|
1099 |
+ ret = cli_scandesc(fd, ctx, 0, CL_TYPE_HTML, NULL); |
|
1100 | 1100 |
close(fd); |
1101 | 1101 |
} |
1102 | 1102 |
} |
... | ... |
@@ -1112,7 +1102,7 @@ static int cli_scanhtml(int desc, const char **virname, unsigned long int *scann |
1112 | 1112 |
snprintf(fullname, 1024, "%s/script.html", tempname); |
1113 | 1113 |
fd = open(fullname, O_RDONLY); |
1114 | 1114 |
if (fd >= 0) { |
1115 |
- ret = cli_scandesc(fd, virname, scanned, engine, 0, CL_TYPE_HTML, NULL); |
|
1115 |
+ ret = cli_scandesc(fd, ctx, 0, CL_TYPE_HTML, NULL); |
|
1116 | 1116 |
close(fd); |
1117 | 1117 |
} |
1118 | 1118 |
} |
... | ... |
@@ -1126,7 +1116,7 @@ static int cli_scanhtml(int desc, const char **virname, unsigned long int *scann |
1126 | 1126 |
|
1127 | 1127 |
if (ret == CL_CLEAN) { |
1128 | 1128 |
snprintf(fullname, 1024, "%s/rfc2397", tempname); |
1129 |
- ret = cli_scandir(fullname, virname, scanned, engine, limits, options, arec, mrec); |
|
1129 |
+ ret = cli_scandir(fullname, ctx); |
|
1130 | 1130 |
} |
1131 | 1131 |
|
1132 | 1132 |
if(!cli_leavetemps_flag) |
... | ... |
@@ -1136,7 +1126,7 @@ static int cli_scanhtml(int desc, const char **virname, unsigned long int *scann |
1136 | 1136 |
return ret; |
1137 | 1137 |
} |
1138 | 1138 |
|
1139 |
-static int cli_scanole2(int desc, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec) |
|
1139 |
+static int cli_scanole2(int desc, cli_ctx *ctx) |
|
1140 | 1140 |
{ |
1141 | 1141 |
char *dir; |
1142 | 1142 |
int ret = CL_CLEAN; |
... | ... |
@@ -1152,7 +1142,7 @@ static int cli_scanole2(int desc, const char **virname, unsigned long int *scann |
1152 | 1152 |
return CL_ETMPDIR; |
1153 | 1153 |
} |
1154 | 1154 |
|
1155 |
- if((ret = cli_ole2_extract(desc, dir, limits))) { |
|
1155 |
+ if((ret = cli_ole2_extract(desc, dir, ctx->limits))) { |
|
1156 | 1156 |
cli_dbgmsg("OLE2: %s\n", cl_strerror(ret)); |
1157 | 1157 |
if(!cli_leavetemps_flag) |
1158 | 1158 |
cli_rmdirs(dir); |
... | ... |
@@ -1160,8 +1150,8 @@ static int cli_scanole2(int desc, const char **virname, unsigned long int *scann |
1160 | 1160 |
return ret; |
1161 | 1161 |
} |
1162 | 1162 |
|
1163 |
- if((ret = cli_vba_scandir(dir, virname, scanned, engine, limits, options, arec, mrec)) != CL_VIRUS) { |
|
1164 |
- if(cli_scandir(dir, virname, scanned, engine, limits, options, arec, mrec) == CL_VIRUS) { |
|
1163 |
+ if((ret = cli_vba_scandir(dir, ctx)) != CL_VIRUS) { |
|
1164 |
+ if(cli_scandir(dir, ctx) == CL_VIRUS) { |
|
1165 | 1165 |
ret = CL_VIRUS; |
1166 | 1166 |
} |
1167 | 1167 |
} |
... | ... |
@@ -1172,7 +1162,7 @@ static int cli_scanole2(int desc, const char **virname, unsigned long int *scann |
1172 | 1172 |
return ret; |
1173 | 1173 |
} |
1174 | 1174 |
|
1175 |
-static int cli_scantar(int desc, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec, unsigned int posix) |
|
1175 |
+static int cli_scantar(int desc, cli_ctx *ctx, unsigned int posix) |
|
1176 | 1176 |
{ |
1177 | 1177 |
char *dir; |
1178 | 1178 |
int ret = CL_CLEAN; |
... | ... |
@@ -1191,7 +1181,7 @@ static int cli_scantar(int desc, const char **virname, unsigned long int *scanne |
1191 | 1191 |
if((ret = cli_untar(dir, desc, posix))) |
1192 | 1192 |
cli_dbgmsg("Tar: %s\n", cl_strerror(ret)); |
1193 | 1193 |
else |
1194 |
- ret = cli_scandir(dir, virname, scanned, engine, limits, options, arec, mrec); |
|
1194 |
+ ret = cli_scandir(dir, ctx); |
|
1195 | 1195 |
|
1196 | 1196 |
if(!cli_leavetemps_flag) |
1197 | 1197 |
cli_rmdirs(dir); |
... | ... |
@@ -1200,7 +1190,7 @@ static int cli_scantar(int desc, const char **virname, unsigned long int *scanne |
1200 | 1200 |
return ret; |
1201 | 1201 |
} |
1202 | 1202 |
|
1203 |
-static int cli_scanbinhex(int desc, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec) |
|
1203 |
+static int cli_scanbinhex(int desc, cli_ctx *ctx) |
|
1204 | 1204 |
{ |
1205 | 1205 |
char *dir; |
1206 | 1206 |
int ret = CL_CLEAN; |
... | ... |
@@ -1220,7 +1210,7 @@ static int cli_scanbinhex(int desc, const char **virname, unsigned long int *sca |
1220 | 1220 |
if((ret = cli_binhex(dir, desc))) |
1221 | 1221 |
cli_dbgmsg("Binhex: %s\n", cl_strerror(ret)); |
1222 | 1222 |
else |
1223 |
- ret = cli_scandir(dir, virname, scanned, engine, limits, options, arec, mrec); |
|
1223 |
+ ret = cli_scandir(dir, ctx); |
|
1224 | 1224 |
|
1225 | 1225 |
if(!cli_leavetemps_flag) |
1226 | 1226 |
cli_rmdirs(dir); |
... | ... |
@@ -1229,7 +1219,7 @@ static int cli_scanbinhex(int desc, const char **virname, unsigned long int *sca |
1229 | 1229 |
return ret; |
1230 | 1230 |
} |
1231 | 1231 |
|
1232 |
-static int cli_scanmschm(int desc, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec) |
|
1232 |
+static int cli_scanmschm(int desc, cli_ctx *ctx) |
|
1233 | 1233 |
{ |
1234 | 1234 |
char *tempname; |
1235 | 1235 |
int ret = CL_CLEAN; |
... | ... |
@@ -1245,7 +1235,7 @@ static int cli_scanmschm(int desc, const char **virname, unsigned long int *scan |
1245 | 1245 |
} |
1246 | 1246 |
|
1247 | 1247 |
if(chm_unpack(desc, tempname)) |
1248 |
- ret = cli_scandir(tempname, virname, scanned, engine, limits, options, arec, mrec); |
|
1248 |
+ ret = cli_scandir(tempname, ctx); |
|
1249 | 1249 |
|
1250 | 1250 |
if(!cli_leavetemps_flag) |
1251 | 1251 |
cli_rmdirs(tempname); |
... | ... |
@@ -1254,7 +1244,7 @@ static int cli_scanmschm(int desc, const char **virname, unsigned long int *scan |
1254 | 1254 |
return ret; |
1255 | 1255 |
} |
1256 | 1256 |
|
1257 |
-static int cli_scanscrenc(int desc, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec) |
|
1257 |
+static int cli_scanscrenc(int desc, cli_ctx *ctx) |
|
1258 | 1258 |
{ |
1259 | 1259 |
char *tempname; |
1260 | 1260 |
int ret = CL_CLEAN; |
... | ... |
@@ -1269,7 +1259,7 @@ static int cli_scanscrenc(int desc, const char **virname, unsigned long int *sca |
1269 | 1269 |
} |
1270 | 1270 |
|
1271 | 1271 |
if (html_screnc_decode(desc, tempname)) |
1272 |
- ret = cli_scandir(tempname, virname, scanned, engine, limits, options, arec, mrec); |
|
1272 |
+ ret = cli_scandir(tempname, ctx); |
|
1273 | 1273 |
|
1274 | 1274 |
if(!cli_leavetemps_flag) |
1275 | 1275 |
cli_rmdirs(tempname); |
... | ... |
@@ -1302,7 +1292,7 @@ static int cli_scanjpeg(int desc, const char **virname) |
1302 | 1302 |
return ret; |
1303 | 1303 |
} |
1304 | 1304 |
|
1305 |
-static int cli_scancryptff(int desc, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec) |
|
1305 |
+static int cli_scancryptff(int desc, cli_ctx *ctx) |
|
1306 | 1306 |
{ |
1307 | 1307 |
int ret = CL_CLEAN, i, ndesc; |
1308 | 1308 |
unsigned int length; |
... | ... |
@@ -1376,8 +1366,8 @@ static int cli_scancryptff(int desc, const char **virname, unsigned long int *sc |
1376 | 1376 |
|
1377 | 1377 |
cli_dbgmsg("CryptFF: Scanning decrypted data\n"); |
1378 | 1378 |
|
1379 |
- if((ret = cli_magic_scandesc(ndesc, virname, scanned, engine, limits, options, arec, mrec)) == CL_VIRUS) |
|
1380 |
- cli_dbgmsg("CryptFF: Infected with %s\n", *virname); |
|
1379 |
+ if((ret = cli_magic_scandesc(ndesc, ctx)) == CL_VIRUS) |
|
1380 |
+ cli_dbgmsg("CryptFF: Infected with %s\n", *ctx->virname); |
|
1381 | 1381 |
|
1382 | 1382 |
close(ndesc); |
1383 | 1383 |
|
... | ... |
@@ -1390,7 +1380,7 @@ static int cli_scancryptff(int desc, const char **virname, unsigned long int *sc |
1390 | 1390 |
return ret; |
1391 | 1391 |
} |
1392 | 1392 |
|
1393 |
-static int cli_scanpdf(int desc, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec) |
|
1393 |
+static int cli_scanpdf(int desc, cli_ctx *ctx) |
|
1394 | 1394 |
{ |
1395 | 1395 |
int ret; |
1396 | 1396 |
char *dir = cli_gentemp(NULL); |
... | ... |
@@ -1405,7 +1395,7 @@ static int cli_scanpdf(int desc, const char **virname, unsigned long int *scanne |
1405 | 1405 |
ret = cli_pdf(dir, desc); |
1406 | 1406 |
|
1407 | 1407 |
if(ret == CL_CLEAN) |
1408 |
- ret = cli_scandir(dir, virname, scanned, engine, limits, options, arec, mrec); |
|
1408 |
+ ret = cli_scandir(dir, ctx); |
|
1409 | 1409 |
|
1410 | 1410 |
if(!cli_leavetemps_flag) |
1411 | 1411 |
cli_rmdirs(dir); |
... | ... |
@@ -1414,7 +1404,7 @@ static int cli_scanpdf(int desc, const char **virname, unsigned long int *scanne |
1414 | 1414 |
return ret; |
1415 | 1415 |
} |
1416 | 1416 |
|
1417 |
-static int cli_scantnef(int desc, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec) |
|
1417 |
+static int cli_scantnef(int desc, cli_ctx *ctx) |
|
1418 | 1418 |
{ |
1419 | 1419 |
int ret; |
1420 | 1420 |
char *dir = cli_gentemp(NULL); |
... | ... |
@@ -1429,7 +1419,7 @@ static int cli_scantnef(int desc, const char **virname, unsigned long int *scann |
1429 | 1429 |
ret = cli_tnef(dir, desc); |
1430 | 1430 |
|
1431 | 1431 |
if(ret == CL_CLEAN) |
1432 |
- ret = cli_scandir(dir, virname, scanned, engine, limits, options, arec, mrec); |
|
1432 |
+ ret = cli_scandir(dir, ctx); |
|
1433 | 1433 |
|
1434 | 1434 |
if(!cli_leavetemps_flag) |
1435 | 1435 |
cli_rmdirs(dir); |
... | ... |
@@ -1438,7 +1428,7 @@ static int cli_scantnef(int desc, const char **virname, unsigned long int *scann |
1438 | 1438 |
return ret; |
1439 | 1439 |
} |
1440 | 1440 |
|
1441 |
-static int cli_scanuuencoded(int desc, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec) |
|
1441 |
+static int cli_scanuuencoded(int desc, cli_ctx *ctx) |
|
1442 | 1442 |
{ |
1443 | 1443 |
int ret; |
1444 | 1444 |
char *dir = cli_gentemp(NULL); |
... | ... |
@@ -1452,7 +1442,7 @@ static int cli_scanuuencoded(int desc, const char **virname, unsigned long int * |
1452 | 1452 |
ret = cli_uuencode(dir, desc); |
1453 | 1453 |
|
1454 | 1454 |
if(ret == CL_CLEAN) |
1455 |
- ret = cli_scandir(dir, virname, scanned, engine, limits, options, arec, mrec); |
|
1455 |
+ ret = cli_scandir(dir, ctx); |
|
1456 | 1456 |
|
1457 | 1457 |
if(!cli_leavetemps_flag) |
1458 | 1458 |
cli_rmdirs(dir); |
... | ... |
@@ -1461,13 +1451,13 @@ static int cli_scanuuencoded(int desc, const char **virname, unsigned long int * |
1461 | 1461 |
return ret; |
1462 | 1462 |
} |
1463 | 1463 |
|
1464 |
-static int cli_scanmail(int desc, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec) |
|
1464 |
+static int cli_scanmail(int desc, cli_ctx *ctx) |
|
1465 | 1465 |
{ |
1466 | 1466 |
char *dir; |
1467 | 1467 |
int ret; |
1468 | 1468 |
|
1469 | 1469 |
|
1470 |
- cli_dbgmsg("Starting cli_scanmail(), mrec == %d, arec == %d\n", mrec, arec); |
|
1470 |
+ cli_dbgmsg("Starting cli_scanmail(), mrec == %d, arec == %d\n", ctx->mrec, ctx->arec); |
|
1471 | 1471 |
|
1472 | 1472 |
/* generate the temporary directory */ |
1473 | 1473 |
dir = cli_gentemp(NULL); |
... | ... |
@@ -1480,14 +1470,14 @@ static int cli_scanmail(int desc, const char **virname, unsigned long int *scann |
1480 | 1480 |
/* |
1481 | 1481 |
* Extract the attachments into the temporary directory |
1482 | 1482 |
*/ |
1483 |
- if((ret = cli_mbox(dir, desc, options))) { |
|
1483 |
+ if((ret = cli_mbox(dir, desc, ctx->options))) { |
|
1484 | 1484 |
if(!cli_leavetemps_flag) |
1485 | 1485 |
cli_rmdirs(dir); |
1486 | 1486 |
free(dir); |
1487 | 1487 |
return ret; |
1488 | 1488 |
} |
1489 | 1489 |
|
1490 |
- ret = cli_scandir(dir, virname, scanned, engine, limits, options, arec, mrec); |
|
1490 |
+ ret = cli_scandir(dir, ctx); |
|
1491 | 1491 |
|
1492 | 1492 |
if(!cli_leavetemps_flag) |
1493 | 1493 |
cli_rmdirs(dir); |
... | ... |
@@ -1496,7 +1486,7 @@ static int cli_scanmail(int desc, const char **virname, unsigned long int *scann |
1496 | 1496 |
return ret; |
1497 | 1497 |
} |
1498 | 1498 |
|
1499 |
-static int cli_scanraw(int desc, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec, cli_file_t type) |
|
1499 |
+static int cli_scanraw(int desc, cli_ctx *ctx, cli_file_t type) |
|
1500 | 1500 |
{ |
1501 | 1501 |
int ret = CL_CLEAN; |
1502 | 1502 |
unsigned short ftrec; |
... | ... |
@@ -1517,8 +1507,8 @@ static int cli_scanraw(int desc, const char **virname, unsigned long int *scanne |
1517 | 1517 |
return CL_EIO; |
1518 | 1518 |
} |
1519 | 1519 |
|
1520 |
- if((ret = cli_scandesc(desc, virname, scanned, engine, ftrec, type, &ftoffset)) == CL_VIRUS) { |
|
1521 |
- cli_dbgmsg("%s found in descriptor %d.\n", *virname, desc); |
|
1520 |
+ if((ret = cli_scandesc(desc, ctx, ftrec, type, &ftoffset)) == CL_VIRUS) { |
|
1521 |
+ cli_dbgmsg("%s found in descriptor %d.\n", *ctx->virname, desc); |
|
1522 | 1522 |
return CL_VIRUS; |
1523 | 1523 |
|
1524 | 1524 |
} else if(ret < 0) { |
... | ... |
@@ -1527,17 +1517,17 @@ static int cli_scanraw(int desc, const char **virname, unsigned long int *scanne |
1527 | 1527 |
} else if(ret >= CL_TYPENO) { |
1528 | 1528 |
lseek(desc, 0, SEEK_SET); |
1529 | 1529 |
|
1530 |
- ret == CL_TYPE_MAIL ? mrec++ : arec++; |
|
1530 |
+ ret == CL_TYPE_MAIL ? ctx->mrec++ : ctx->arec++; |
|
1531 | 1531 |
switch(ret) { |
1532 | 1532 |
case CL_TYPE_HTML: |
1533 | 1533 |
if(SCAN_HTML && type == CL_TYPE_UNKNOWN_TEXT) |
1534 |
- if(cli_scanhtml(desc, virname, scanned, engine, limits, options, arec, mrec) == CL_VIRUS) |
|
1534 |
+ if(cli_scanhtml(desc, ctx) == CL_VIRUS) |
|
1535 | 1535 |
return CL_VIRUS; |
1536 | 1536 |
break; |
1537 | 1537 |
|
1538 | 1538 |
case CL_TYPE_MAIL: |
1539 | 1539 |
if(SCAN_MAIL && type == CL_TYPE_UNKNOWN_TEXT) |
1540 |
- if(cli_scanmail(desc, virname, scanned, engine, limits, options, arec, mrec) == CL_VIRUS) |
|
1540 |
+ if(cli_scanmail(desc, ctx) == CL_VIRUS) |
|
1541 | 1541 |
return CL_VIRUS; |
1542 | 1542 |
break; |
1543 | 1543 |
|
... | ... |
@@ -1549,11 +1539,11 @@ static int cli_scanraw(int desc, const char **virname, unsigned long int *scanne |
1549 | 1549 |
while(fpt) { |
1550 | 1550 |
if(fpt->type == CL_TYPE_RARSFX) { |
1551 | 1551 |
cli_dbgmsg("RAR-SFX signature found at %d\n", fpt->offset); |
1552 |
- if((ret = cli_scanrar(desc, virname, scanned, engine, limits, options, arec, mrec, fpt->offset) == CL_VIRUS)) |
|
1552 |
+ if((ret = cli_scanrar(desc, ctx, fpt->offset) == CL_VIRUS)) |
|
1553 | 1553 |
break; |
1554 | 1554 |
} else if(fpt->type == CL_TYPE_ZIPSFX) { |
1555 | 1555 |
cli_dbgmsg("ZIP-SFX signature found at %d\n", fpt->offset); |
1556 |
- if((ret = cli_scanzip(desc, virname, scanned, engine, limits, options, arec, mrec, fpt->offset) == CL_VIRUS)) |
|
1556 |
+ if((ret = cli_scanzip(desc, ctx, fpt->offset) == CL_VIRUS)) |
|
1557 | 1557 |
break; |
1558 | 1558 |
} |
1559 | 1559 |
fpt = fpt->next; |
... | ... |
@@ -1574,13 +1564,13 @@ static int cli_scanraw(int desc, const char **virname, unsigned long int *scanne |
1574 | 1574 |
default: |
1575 | 1575 |
break; |
1576 | 1576 |
} |
1577 |
- ret == CL_TYPE_MAIL ? mrec-- : arec--; |
|
1577 |
+ ret == CL_TYPE_MAIL ? ctx->mrec-- : ctx->arec--; |
|
1578 | 1578 |
} |
1579 | 1579 |
|
1580 | 1580 |
return ret; |
1581 | 1581 |
} |
1582 | 1582 |
|
1583 |
-int cli_magic_scandesc(int desc, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec) |
|
1583 |
+int cli_magic_scandesc(int desc, cli_ctx *ctx) |
|
1584 | 1584 |
{ |
1585 | 1585 |
int ret = CL_CLEAN, nret; |
1586 | 1586 |
int bread = 0; |
... | ... |
@@ -1598,31 +1588,31 @@ int cli_magic_scandesc(int desc, const char **virname, unsigned long int *scanne |
1598 | 1598 |
return CL_CLEAN; |
1599 | 1599 |
} |
1600 | 1600 |
|
1601 |
- if(!engine) { |
|
1601 |
+ if(!ctx->engine) { |
|
1602 | 1602 |
cli_errmsg("CRITICAL: engine == NULL\n"); |
1603 | 1603 |
return CL_EMALFDB; |
1604 | 1604 |
} |
1605 | 1605 |
|
1606 |
- if(!options) { /* raw mode (stdin, etc.) */ |
|
1606 |
+ if(!ctx->options) { /* raw mode (stdin, etc.) */ |
|
1607 | 1607 |
cli_dbgmsg("Raw mode: No support for special files\n"); |
1608 |
- if((ret = cli_scandesc(desc, virname, scanned, engine, 0, 0, NULL) == CL_VIRUS)) |
|
1609 |
- cli_dbgmsg("%s found in descriptor %d\n", *virname, desc); |
|
1608 |
+ if((ret = cli_scandesc(desc, ctx, 0, 0, NULL) == CL_VIRUS)) |
|
1609 |
+ cli_dbgmsg("%s found in descriptor %d\n", *ctx->virname, desc); |
|
1610 | 1610 |
return ret; |
1611 | 1611 |
} |
1612 | 1612 |
|
1613 |
- if(SCAN_ARCHIVE && limits && limits->maxreclevel) |
|
1614 |
- if(arec > limits->maxreclevel) { |
|
1615 |
- cli_dbgmsg("Archive recursion limit exceeded (arec == %d).\n", arec); |
|
1613 |
+ if(SCAN_ARCHIVE && ctx->limits && ctx->limits->maxreclevel) |
|
1614 |
+ if(ctx->arec > ctx->limits->maxreclevel) { |
|
1615 |
+ cli_dbgmsg("Archive recursion limit exceeded (arec == %d).\n", ctx->arec); |
|
1616 | 1616 |
if(BLOCKMAX) { |
1617 |
- *virname = "Archive.ExceededRecursionLimit"; |
|
1617 |
+ *ctx->virname = "Archive.ExceededRecursionLimit"; |
|
1618 | 1618 |
return CL_VIRUS; |
1619 | 1619 |
} |
1620 | 1620 |
return CL_CLEAN; |
1621 | 1621 |
} |
1622 | 1622 |
|
1623 | 1623 |
if(SCAN_MAIL) |
1624 |
- if(mrec > MAX_MAIL_RECURSION) { |
|
1625 |
- cli_dbgmsg("Mail recursion level exceeded (mrec == %d).\n", mrec); |
|
1624 |
+ if(ctx->mrec > MAX_MAIL_RECURSION) { |
|
1625 |
+ cli_dbgmsg("Mail recursion level exceeded (mrec == %d).\n", ctx->mrec); |
|
1626 | 1626 |
/* return CL_EMAXREC; */ |
1627 | 1627 |
return CL_CLEAN; |
1628 | 1628 |
} |
... | ... |
@@ -1631,115 +1621,115 @@ int cli_magic_scandesc(int desc, const char **virname, unsigned long int *scanne |
1631 | 1631 |
type = cli_filetype2(desc); |
1632 | 1632 |
lseek(desc, 0, SEEK_SET); |
1633 | 1633 |
|
1634 |
- if(type != CL_TYPE_DATA && engine->sdb) { |
|
1635 |
- if((ret = cli_scanraw(desc, virname, scanned, engine, limits, options, arec, mrec, type) == CL_VIRUS)) |
|
1634 |
+ if(type != CL_TYPE_DATA && ctx->engine->sdb) { |
|
1635 |
+ if((ret = cli_scanraw(desc, ctx, type) == CL_VIRUS)) |
|
1636 | 1636 |
return CL_VIRUS; |
1637 | 1637 |
lseek(desc, 0, SEEK_SET); |
1638 | 1638 |
} |
1639 | 1639 |
|
1640 |
- type == CL_TYPE_MAIL ? mrec++ : arec++; |
|
1640 |
+ type == CL_TYPE_MAIL ? ctx->mrec++ : ctx->arec++; |
|
1641 | 1641 |
|
1642 | 1642 |
switch(type) { |
1643 | 1643 |
case CL_TYPE_RAR: |
1644 | 1644 |
if(SCAN_ARCHIVE) |
1645 |
- ret = cli_scanrar(desc, virname, scanned, engine, limits, options, arec, mrec, 0); |
|
1645 |
+ ret = cli_scanrar(desc, ctx, 0); |
|
1646 | 1646 |
break; |
1647 | 1647 |
|
1648 | 1648 |
case CL_TYPE_ZIP: |
1649 | 1649 |
if(SCAN_ARCHIVE) |
1650 |
- ret = cli_scanzip(desc, virname, scanned, engine, limits, options, arec, mrec, 0); |
|
1650 |
+ ret = cli_scanzip(desc, ctx, 0); |
|
1651 | 1651 |
break; |
1652 | 1652 |
|
1653 | 1653 |
case CL_TYPE_GZ: |
1654 | 1654 |
if(SCAN_ARCHIVE) |
1655 |
- ret = cli_scangzip(desc, virname, scanned, engine, limits, options, arec, mrec); |
|
1655 |
+ ret = cli_scangzip(desc, ctx); |
|
1656 | 1656 |
break; |
1657 | 1657 |
|
1658 | 1658 |
case CL_TYPE_BZ: |
1659 | 1659 |
#ifdef HAVE_BZLIB_H |
1660 | 1660 |
if(SCAN_ARCHIVE) |
1661 |
- ret = cli_scanbzip(desc, virname, scanned, engine, limits, options, arec, mrec); |
|
1661 |
+ ret = cli_scanbzip(desc, ctx); |
|
1662 | 1662 |
#endif |
1663 | 1663 |
break; |
1664 | 1664 |
|
1665 | 1665 |
case CL_TYPE_MSSZDD: |
1666 | 1666 |
if(SCAN_ARCHIVE) |
1667 |
- ret = cli_scanszdd(desc, virname, scanned, engine, limits, options, arec, mrec); |
|
1667 |
+ ret = cli_scanszdd(desc, ctx); |
|
1668 | 1668 |
break; |
1669 | 1669 |
|
1670 | 1670 |
case CL_TYPE_MSCAB: |
1671 | 1671 |
if(SCAN_ARCHIVE) |
1672 |
- ret = cli_scanmscab(desc, virname, scanned, engine, limits, options, arec, mrec); |
|
1672 |
+ ret = cli_scanmscab(desc, ctx); |
|
1673 | 1673 |
break; |
1674 | 1674 |
|
1675 | 1675 |
case CL_TYPE_MAIL: |
1676 | 1676 |
if(SCAN_MAIL) |
1677 |
- ret = cli_scanmail(desc, virname, scanned, engine, limits, options, arec, mrec); |
|
1677 |
+ ret = cli_scanmail(desc, ctx); |
|
1678 | 1678 |
break; |
1679 | 1679 |
|
1680 | 1680 |
case CL_TYPE_TNEF: |
1681 | 1681 |
if(SCAN_MAIL) |
1682 |
- ret = cli_scantnef(desc, virname, scanned, engine, limits, options, arec, mrec); |
|
1682 |
+ ret = cli_scantnef(desc, ctx); |
|
1683 | 1683 |
break; |
1684 | 1684 |
|
1685 | 1685 |
case CL_TYPE_UUENCODED: |
1686 |
- ret = cli_scanuuencoded(desc, virname, scanned, engine, limits, options, arec, mrec); |
|
1686 |
+ ret = cli_scanuuencoded(desc, ctx); |
|
1687 | 1687 |
break; |
1688 | 1688 |
|
1689 | 1689 |
case CL_TYPE_MSCHM: |
1690 | 1690 |
if(SCAN_ARCHIVE) |
1691 |
- ret = cli_scanmschm(desc, virname, scanned, engine, limits, options, arec, mrec); |
|
1691 |
+ ret = cli_scanmschm(desc, ctx); |
|
1692 | 1692 |
break; |
1693 | 1693 |
|
1694 | 1694 |
case CL_TYPE_MSOLE2: |
1695 | 1695 |
if(SCAN_OLE2) |
1696 |
- ret = cli_scanole2(desc, virname, scanned, engine, limits, options, arec, mrec); |
|
1696 |
+ ret = cli_scanole2(desc, ctx); |
|
1697 | 1697 |
break; |
1698 | 1698 |
|
1699 | 1699 |
case CL_TYPE_POSIX_TAR: |
1700 | 1700 |
if(SCAN_ARCHIVE) |
1701 |
- ret = cli_scantar(desc, virname, scanned, engine, limits, options, arec, mrec, 1); |
|
1701 |
+ ret = cli_scantar(desc, ctx, 1); |
|
1702 | 1702 |
break; |
1703 | 1703 |
|
1704 | 1704 |
case CL_TYPE_OLD_TAR: |
1705 | 1705 |
if(SCAN_ARCHIVE) |
1706 |
- ret = cli_scantar(desc, virname, scanned, engine, limits, options, arec, mrec, 0); |
|
1706 |
+ ret = cli_scantar(desc, ctx, 0); |
|
1707 | 1707 |
break; |
1708 | 1708 |
|
1709 | 1709 |
case CL_TYPE_BINHEX: |
1710 | 1710 |
if(SCAN_ARCHIVE) |
1711 |
- ret = cli_scanbinhex(desc, virname, scanned, engine, limits, options, arec, mrec); |
|
1711 |
+ ret = cli_scanbinhex(desc, ctx); |
|
1712 | 1712 |
break; |
1713 | 1713 |
|
1714 | 1714 |
case CL_TYPE_SCRENC: |
1715 |
- ret = cli_scanscrenc(desc, virname, scanned, engine, limits, options, arec, mrec); |
|
1715 |
+ ret = cli_scanscrenc(desc, ctx); |
|
1716 | 1716 |
break; |
1717 | 1717 |
|
1718 | 1718 |
case CL_TYPE_RIFF: |
1719 | 1719 |
if(SCAN_ALGO) |
1720 |
- ret = cli_scanriff(desc, virname); |
|
1720 |
+ ret = cli_scanriff(desc, ctx->virname); |
|
1721 | 1721 |
break; |
1722 | 1722 |
|
1723 | 1723 |
case CL_TYPE_GRAPHICS: |
1724 | 1724 |
if(SCAN_ALGO) |
1725 |
- ret = cli_scanjpeg(desc, virname); |
|
1725 |
+ ret = cli_scanjpeg(desc, ctx->virname); |
|
1726 | 1726 |
break; |
1727 | 1727 |
|
1728 | 1728 |
case CL_TYPE_PDF: |
1729 | 1729 |
if(SCAN_ARCHIVE) /* you may wish to change this line */ |
1730 |
- ret = cli_scanpdf(desc, virname, scanned, engine, limits, options, arec, mrec); |
|
1730 |
+ ret = cli_scanpdf(desc, ctx); |
|
1731 | 1731 |
break; |
1732 | 1732 |
|
1733 | 1733 |
case CL_TYPE_CRYPTFF: |
1734 |
- ret = cli_scancryptff(desc, virname, scanned, engine, limits, options, arec, mrec); |
|
1734 |
+ ret = cli_scancryptff(desc, ctx); |
|
1735 | 1735 |
break; |
1736 | 1736 |
|
1737 | 1737 |
case CL_TYPE_ELF: /* TODO: Add ScanELF option */ |
1738 |
- ret = cli_scanelf(desc, virname, scanned, engine, limits, options, arec, mrec); |
|
1738 |
+ ret = cli_scanelf(desc, ctx); |
|
1739 | 1739 |
break; |
1740 | 1740 |
|
1741 | 1741 |
case CL_TYPE_SIS: |
1742 |
- ret = cli_scansis(desc, virname, scanned, engine, limits, options, arec, mrec); |
|
1742 |
+ ret = cli_scansis(desc, ctx); |
|
1743 | 1743 |
break; |
1744 | 1744 |
|
1745 | 1745 |
case CL_TYPE_DATA: |
... | ... |
@@ -1751,21 +1741,21 @@ int cli_magic_scandesc(int desc, const char **virname, unsigned long int *scanne |
1751 | 1751 |
} |
1752 | 1752 |
|
1753 | 1753 |
case CL_TYPE_UNKNOWN_DATA: |
1754 |
- ret = cli_check_mydoom_log(desc, virname); |
|
1754 |
+ ret = cli_check_mydoom_log(desc, ctx->virname); |
|
1755 | 1755 |
break; |
1756 | 1756 |
|
1757 | 1757 |
default: |
1758 | 1758 |
break; |
1759 | 1759 |
} |
1760 | 1760 |
|
1761 |
- type == CL_TYPE_MAIL ? mrec-- : arec--; |
|
1761 |
+ type == CL_TYPE_MAIL ? ctx->mrec-- : ctx->arec--; |
|
1762 | 1762 |
|
1763 |
- if(type != CL_TYPE_DATA && ret != CL_VIRUS && !engine->sdb) { |
|
1764 |
- if((ret = cli_scanraw(desc, virname, scanned, engine, limits, options, arec, mrec, type) == CL_VIRUS)) |
|
1763 |
+ if(type != CL_TYPE_DATA && ret != CL_VIRUS && !ctx->engine->sdb) { |
|
1764 |
+ if((ret = cli_scanraw(desc, ctx, type) == CL_VIRUS)) |
|
1765 | 1765 |
return CL_VIRUS; |
1766 | 1766 |
} |
1767 | 1767 |
|
1768 |
- arec++; |
|
1768 |
+ ctx->arec++; |
|
1769 | 1769 |
lseek(desc, 0, SEEK_SET); |
1770 | 1770 |
switch(type) { |
1771 | 1771 |
/* Due to performance reasons all executables were first scanned |
... | ... |
@@ -1773,13 +1763,13 @@ int cli_magic_scandesc(int desc, const char **virname, unsigned long int *scanne |
1773 | 1773 |
*/ |
1774 | 1774 |
case CL_TYPE_MSEXE: |
1775 | 1775 |
if(SCAN_PE) |
1776 |
- ret = cli_scanpe(desc, virname, scanned, engine, limits, options, arec, mrec); |
|
1776 |
+ ret = cli_scanpe(desc, ctx); |
|
1777 | 1777 |
break; |
1778 | 1778 |
|
1779 | 1779 |
default: |
1780 | 1780 |
break; |
1781 | 1781 |
} |
1782 |
- arec--; |
|
1782 |
+ ctx->arec--; |
|
1783 | 1783 |
|
1784 | 1784 |
if(ret == CL_EFORMAT) { |
1785 | 1785 |
cli_dbgmsg("Descriptor[%d]: %s\n", desc, cl_strerror(CL_EFORMAT)); |
... | ... |
@@ -1791,19 +1781,27 @@ int cli_magic_scandesc(int desc, const char **virname, unsigned long int *scanne |
1791 | 1791 |
|
1792 | 1792 |
int cl_scandesc(int desc, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options) |
1793 | 1793 |
{ |
1794 |
- return cli_magic_scandesc(desc, virname, scanned, engine, limits, options, 0, 0); |
|
1794 |
+ cli_ctx ctx; |
|
1795 |
+ |
|
1796 |
+ memset(&ctx, '\0', sizeof(cli_ctx)); |
|
1797 |
+ ctx.engine = engine; |
|
1798 |
+ ctx.virname = virname; |
|
1799 |
+ ctx.limits = limits; |
|
1800 |
+ ctx.scanned = scanned; |
|
1801 |
+ ctx.options = options; |
|
1802 |
+ |
|
1803 |
+ return cli_magic_scandesc(desc, &ctx); |
|
1795 | 1804 |
} |
1796 | 1805 |
|
1797 |
-static int cli_scanfile(const char *filename, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec) |
|
1806 |
+static int cli_scanfile(const char *filename, cli_ctx *ctx) |
|
1798 | 1807 |
{ |
1799 | 1808 |
int fd, ret; |
1800 | 1809 |
|
1801 |
- |
|
1802 | 1810 |
/* internal version of cl_scanfile with arec/mrec preserved */ |
1803 | 1811 |
if((fd = open(filename, O_RDONLY)) == -1) |
1804 | 1812 |
return CL_EOPEN; |
1805 | 1813 |
|
1806 |
- ret = cli_magic_scandesc(fd, virname, scanned, engine, limits, options, arec, mrec); |
|
1814 |
+ ret = cli_magic_scandesc(fd, ctx); |
|
1807 | 1815 |
|
1808 | 1816 |
close(fd); |
1809 | 1817 |
return ret; |
... | ... |
@@ -20,9 +20,10 @@ |
20 | 20 |
#define __SCANNERS_H |
21 | 21 |
|
22 | 22 |
#include "clamav.h" |
23 |
+#include "others.h" |
|
23 | 24 |
|
24 |
-int cli_magic_scandesc(int desc, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec); |
|
25 |
+int cli_magic_scandesc(int desc, cli_ctx *ctx); |
|
25 | 26 |
|
26 |
-int cli_scandir(const char *dirname, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec); |
|
27 |
+int cli_scandir(const char *dirname, cli_ctx *ctx); |
|
27 | 28 |
|
28 | 29 |
#endif |
... | ... |
@@ -43,8 +43,6 @@ |
43 | 43 |
#include "others.h" |
44 | 44 |
#include "sis.h" |
45 | 45 |
|
46 |
-#define BLOCKMAX (options & CL_SCAN_BLOCKMAX) |
|
47 |
- |
|
48 | 46 |
#if WORDS_BIGENDIAN == 0 |
49 | 47 |
#define EC16(v) (v) |
50 | 48 |
#define EC32(v) (v) |
... | ... |
@@ -105,7 +103,7 @@ static char *sis_utf16_decode(const char *str, uint32_t length) |
105 | 105 |
return decoded; |
106 | 106 |
} |
107 | 107 |
|
108 |
-static int sis_extract_simple(int fd, char *mfile, uint32_t length, uint32_t offset, uint16_t nlangs, uint8_t compressed, const char *dir, const char **virname, const struct cl_limits *limits, unsigned int options) |
|
108 |
+static int sis_extract_simple(int fd, char *mfile, uint32_t length, uint32_t offset, uint16_t nlangs, uint8_t compressed, const char *dir, cli_ctx *ctx) |
|
109 | 109 |
{ |
110 | 110 |
const char *typedir = NULL; |
111 | 111 |
char *sname = NULL, *dname = NULL, *subdir, *fname, *buff; |
... | ... |
@@ -262,10 +260,10 @@ static int sis_extract_simple(int fd, char *mfile, uint32_t length, uint32_t off |
262 | 262 |
cli_dbgmsg("SIS: Compressed size: %d\n", csize); |
263 | 263 |
cli_dbgmsg("SIS: Original size: %d\n", osize); |
264 | 264 |
|
265 |
- if(limits && limits->maxfilesize && osize > limits->maxfilesize) { |
|
266 |
- cli_dbgmsg("SIS: Size exceeded (%d, max: %ld)\n", osize, limits->maxfilesize); |
|
265 |
+ if(ctx->limits && ctx->limits->maxfilesize && osize > ctx->limits->maxfilesize) { |
|
266 |
+ cli_dbgmsg("SIS: Size exceeded (%d, max: %ld)\n", osize, ctx->limits->maxfilesize); |
|
267 | 267 |
if(BLOCKMAX) { |
268 |
- *virname = "SIS.ExceededFileSize"; |
|
268 |
+ *ctx->virname = "SIS.ExceededFileSize"; |
|
269 | 269 |
free(subdir); |
270 | 270 |
free(fname); |
271 | 271 |
return CL_VIRUS; |
... | ... |
@@ -336,7 +334,7 @@ static int sis_extract_simple(int fd, char *mfile, uint32_t length, uint32_t off |
336 | 336 |
return 0; |
337 | 337 |
} |
338 | 338 |
|
339 |
-int cli_scansis(int desc, const char **virname, long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec) |
|
339 |
+int cli_scansis(int desc, cli_ctx *ctx) |
|
340 | 340 |
{ |
341 | 341 |
struct sis_file_hdr file_hdr; |
342 | 342 |
struct sis_file_hdr6 file_hdr6; |
... | ... |
@@ -506,10 +504,10 @@ int cli_scansis(int desc, const char **virname, long int *scanned, const struct |
506 | 506 |
/* Files */ |
507 | 507 |
nfiles = EC16(file_hdr.nfiles); |
508 | 508 |
|
509 |
- if(limits && limits->maxfiles && nfiles > limits->maxfiles) { |
|
510 |
- cli_dbgmsg("SIS: Files limit reached (max: %d)\n", limits->maxfiles); |
|
509 |
+ if(ctx->limits && ctx->limits->maxfiles && nfiles > ctx->limits->maxfiles) { |
|
510 |
+ cli_dbgmsg("SIS: Files limit reached (max: %d)\n", ctx->limits->maxfiles); |
|
511 | 511 |
if(BLOCKMAX) { |
512 |
- *virname = "SIS.ExceededFilesLimit"; |
|
512 |
+ *ctx->virname = "SIS.ExceededFilesLimit"; |
|
513 | 513 |
munmap(mfile, length); |
514 | 514 |
return CL_VIRUS; |
515 | 515 |
} |
... | ... |
@@ -548,7 +546,7 @@ int cli_scansis(int desc, const char **virname, long int *scanned, const struct |
548 | 548 |
switch(cli_readint32(mfile + frecord)) { |
549 | 549 |
case 0x00000000: |
550 | 550 |
cli_dbgmsg("SIS: Simple file record\n"); |
551 |
- if((ret = sis_extract_simple(desc, mfile, sb.st_size, frecord + 4, nlangs, compressed, dir, virname, limits, options))) { |
|
551 |
+ if((ret = sis_extract_simple(desc, mfile, sb.st_size, frecord + 4, nlangs, compressed, dir, ctx))) { |
|
552 | 552 |
munmap(mfile, length); |
553 | 553 |
if(!cli_leavetemps_flag) |
554 | 554 |
cli_rmdirs(dir); |
... | ... |
@@ -565,7 +563,7 @@ int cli_scansis(int desc, const char **virname, long int *scanned, const struct |
565 | 565 |
case 0x00000001: |
566 | 566 |
cli_dbgmsg("SIS: Multiple languages file record\n"); |
567 | 567 |
/* TODO: Pass language strings into sis_extract */ |
568 |
- if((ret = sis_extract_simple(desc, mfile, sb.st_size, frecord + 4, nlangs, compressed, dir, virname, limits, options))) { |
|
568 |
+ if((ret = sis_extract_simple(desc, mfile, sb.st_size, frecord + 4, nlangs, compressed, dir, ctx))) { |
|
569 | 569 |
munmap(mfile, length); |
570 | 570 |
if(!cli_leavetemps_flag) |
571 | 571 |
cli_rmdirs(dir); |
... | ... |
@@ -644,7 +642,7 @@ int cli_scansis(int desc, const char **virname, long int *scanned, const struct |
644 | 644 |
|
645 | 645 |
/* scan extracted files */ |
646 | 646 |
cli_dbgmsg("SIS: ****** Scanning extracted files ******\n"); |
647 |
- ret = cli_scandir(dir, virname, scanned, engine, limits, options, arec, mrec); |
|
647 |
+ ret = cli_scandir(dir, ctx); |
|
648 | 648 |
|
649 | 649 |
if(!cli_leavetemps_flag) |
650 | 650 |
cli_rmdirs(dir); |
... | ... |
@@ -659,7 +657,7 @@ int cli_scansis(int desc, const char **virname, long int *scanned, const struct |
659 | 659 |
|
660 | 660 |
#include "clamav.h" |
661 | 661 |
|
662 |
-int cli_scansis(int desc, const char **virname, long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec) |
|
662 |
+int cli_scansis(int desc, cli_ctx *ctx) |
|
663 | 663 |
{ |
664 | 664 |
cli_warnmsg("Support for SIS files not compiled in!\n"); |
665 | 665 |
return CL_CLEAN; |
... | ... |
@@ -20,6 +20,7 @@ |
20 | 20 |
#define __SIS_H |
21 | 21 |
|
22 | 22 |
#include "clamav.h" |
23 |
+#include "others.h" |
|
23 | 24 |
|
24 | 25 |
struct sis_file_hdr { |
25 | 26 |
uint32_t uid1; |
... | ... |
@@ -55,6 +56,6 @@ struct sis_file_hdr6 { |
55 | 55 |
uint32_t reserved[4]; |
56 | 56 |
}; |
57 | 57 |
|
58 |
-int cli_scansis(int desc, const char **virname, long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec); |
|
58 |
+int cli_scansis(int desc, cli_ctx *ctx); |
|
59 | 59 |
|
60 | 60 |
#endif |