... | ... |
@@ -62,7 +62,7 @@ static void help(void) |
62 | 62 |
printf(" --printbcir -c Print IR of bytecode signature\n"); |
63 | 63 |
printf(" --trace <level> -T Set bytecode trace level 0..7 (default 7)\n"); |
64 | 64 |
printf(" --no-trace-showsource -s Don't show source line during tracing\n"); |
65 |
- printf(" --bytecode-statistics Collect and print bytecode execution statistics\n"); |
|
65 |
+ printf(" --statistics=bytecode Collect and print bytecode execution statistics\n"); |
|
66 | 66 |
printf(" file file to test\n"); |
67 | 67 |
printf("\n"); |
68 | 68 |
return; |
... | ... |
@@ -246,7 +246,7 @@ int main(int argc, char *argv[]) |
246 | 246 |
FILE *f; |
247 | 247 |
struct cli_bc *bc; |
248 | 248 |
struct cli_bc_ctx *ctx; |
249 |
- int rc, dbgargc; |
|
249 |
+ int rc, dbgargc, bc_stats=0; |
|
250 | 250 |
struct optstruct *opts; |
251 | 251 |
const struct optstruct *opt; |
252 | 252 |
unsigned funcid=0, i; |
... | ... |
@@ -319,8 +319,15 @@ int main(int argc, char *argv[]) |
319 | 319 |
bcs.all_bcs = bc; |
320 | 320 |
bcs.count = 1; |
321 | 321 |
|
322 |
- rc = cli_bytecode_load(bc, f, NULL, optget(opts, "trust-bytecode")->enabled, |
|
323 |
- optget(opts, "bytecode-statistics")->enabled); |
|
322 |
+ if((opt = optget(opts, "statistics"))->enabled) { |
|
323 |
+ while(opt) { |
|
324 |
+ if (!strcasecmp(opt->strarg, "bytecode")) |
|
325 |
+ bc_stats=1; |
|
326 |
+ opt = opt->nextarg; |
|
327 |
+ } |
|
328 |
+ } |
|
329 |
+ |
|
330 |
+ rc = cli_bytecode_load(bc, f, NULL, optget(opts, "trust-bytecode")->enabled, bc_stats); |
|
324 | 331 |
if (rc != CL_SUCCESS) { |
325 | 332 |
fprintf(stderr,"Unable to load bytecode: %s\n", cl_strerror(rc)); |
326 | 333 |
optfree(opts); |
... | ... |
@@ -239,7 +239,7 @@ void help(void) |
239 | 239 |
mprintf(" --bytecode[=yes(*)/no] Load bytecode from the database\n"); |
240 | 240 |
mprintf(" --bytecode-unsigned[=yes/no(*)] Load unsigned bytecode\n"); |
241 | 241 |
mprintf(" --bytecode-timeout=N Set bytecode timeout (in milliseconds)\n"); |
242 |
- mprintf(" --bytecode-statistics[=yes/no(*)] Collect and print bytecode statistics\n"); |
|
242 |
+ mprintf(" --statistics[=none(*)/bytecode/pcre] Collect and print execution statistics\n"); |
|
243 | 243 |
mprintf(" --detect-pua[=yes/no(*)] Detect Possibly Unwanted Applications\n"); |
244 | 244 |
mprintf(" --exclude-pua=CAT Skip PUA sigs of category CAT\n"); |
245 | 245 |
mprintf(" --include-pua=CAT Load PUA sigs of category CAT\n"); |
... | ... |
@@ -902,6 +902,7 @@ with_libncurses_prefix |
902 | 902 |
with_libpdcurses_prefix |
903 | 903 |
enable_distcheck_werror |
904 | 904 |
with_system_llvm |
905 |
+with_llvm_linking |
|
905 | 906 |
enable_llvm |
906 | 907 |
enable_sha_collector_for_internal_use |
907 | 908 |
with_libcurl |
... | ... |
@@ -1628,6 +1629,8 @@ Optional Packages: |
1628 | 1628 |
--with-system-llvm use system llvm instead of built-in, uses full path |
1629 | 1629 |
to llvm-config [default=/usr/local or /usr if not |
1630 | 1630 |
found in /usr/local] |
1631 |
+ --with-llvm-linking specifies method to linking llvm [static|dynamic], |
|
1632 |
+ only valid with --with-system-llvm |
|
1631 | 1633 |
--with-libcurl[=DIR] path to directory containing libcurl |
1632 | 1634 |
[default=/usr/local or /usr if not found in |
1633 | 1635 |
/usr/local] |
... | ... |
@@ -22450,6 +22453,36 @@ else |
22450 | 22450 |
fi |
22451 | 22451 |
|
22452 | 22452 |
|
22453 |
+ |
|
22454 |
+# Check whether --with-llvm-linking was given. |
|
22455 |
+if test "${with_llvm_linking+set}" = set; then : |
|
22456 |
+ withval=$with_llvm_linking; |
|
22457 |
+if test "x$system_llvm" = "xbuilt-in"; then |
|
22458 |
+ as_fn_error $? "Failed to configure LLVM, and LLVM linking was specified without specifying system-llvm" "$LINENO" 5 |
|
22459 |
+else |
|
22460 |
+case "$withval" in |
|
22461 |
+ static) |
|
22462 |
+ llvm_linking="static" |
|
22463 |
+ ;; |
|
22464 |
+ dynamic) |
|
22465 |
+ llvm_linking="dynamic" |
|
22466 |
+ ;; |
|
22467 |
+ *) |
|
22468 |
+ as_fn_error $? "Invalid argument to --with-llvm-linking" "$LINENO" 5 |
|
22469 |
+esac |
|
22470 |
+fi |
|
22471 |
+ |
|
22472 |
+else |
|
22473 |
+ |
|
22474 |
+if test "x$system_llvm" = "xbuilt-in"; then |
|
22475 |
+ llvm_linking="" |
|
22476 |
+else |
|
22477 |
+ llvm_linking="auto" |
|
22478 |
+fi |
|
22479 |
+ |
|
22480 |
+fi |
|
22481 |
+ |
|
22482 |
+ |
|
22453 | 22483 |
# Check whether --enable-llvm was given. |
22454 | 22484 |
if test "${enable_llvm+set}" = set; then : |
22455 | 22485 |
enableval=$enable_llvm; enable_llvm=$enableval |
... | ... |
@@ -22478,6 +22511,7 @@ subdirs="$subdirs libclamav/c++" |
22478 | 22478 |
|
22479 | 22479 |
else |
22480 | 22480 |
system_llvm="none" |
22481 |
+ llvm_linking="" |
|
22481 | 22482 |
fi |
22482 | 22483 |
|
22483 | 22484 |
# Check whether --enable-sha-collector-for-internal-use was given. |
... | ... |
@@ -25314,6 +25348,11 @@ fi |
25314 | 25314 |
if test "$enable_llvm" = "yes" && test "$subdirfailed" != "no"; then |
25315 | 25315 |
as_fn_error $? "Failed to configure LLVM, and LLVM was explicitly requested" "$LINENO" 5 |
25316 | 25316 |
fi |
25317 |
+if test "$enable_llvm" = "auto" && test "$subdirfailed" != "no"; then |
|
25318 |
+ system_llvm="MIA" |
|
25319 |
+ llvm_linking="" |
|
25320 |
+fi |
|
25321 |
+ |
|
25317 | 25322 |
if test "$subdirfailed" != "yes" && test "$enable_llvm" != "no"; then |
25318 | 25323 |
ENABLE_LLVM_TRUE= |
25319 | 25324 |
ENABLE_LLVM_FALSE='#' |
... | ... |
@@ -28121,6 +28160,7 @@ have_jit="no" |
28121 | 28121 |
if test "$subdirfailed" = "no"; then |
28122 | 28122 |
have_jit="yes" |
28123 | 28123 |
fi |
28124 |
+if test "x$llvm_linking" = "x"; then |
|
28124 | 28125 |
|
28125 | 28126 |
|
28126 | 28127 |
$as_echo_n " llvm : " |
... | ... |
@@ -28134,6 +28174,21 @@ else |
28134 | 28134 |
$as_echo "$have_jit, from $system_llvm ($enable_llvm)" |
28135 | 28135 |
fi |
28136 | 28136 |
|
28137 |
+else |
|
28138 |
+ |
|
28139 |
+ |
|
28140 |
+ $as_echo_n " llvm : " |
|
28141 |
+ if test "x$enable_llvm" = "xno"; then : |
|
28142 |
+ $as_echo "$have_jit, from $system_llvm ($llvm_linking) (disabled)" |
|
28143 |
+elif test "x$enable_llvm" = "xyes"; then : |
|
28144 |
+ $as_echo "$have_jit, from $system_llvm ($llvm_linking)" |
|
28145 |
+elif test "x$enable_llvm" = "x"; then : |
|
28146 |
+ $as_echo "$have_jit, from $system_llvm ($llvm_linking)" |
|
28147 |
+else |
|
28148 |
+ $as_echo "$have_jit, from $system_llvm ($llvm_linking) ($enable_llvm)" |
|
28149 |
+fi |
|
28150 |
+ |
|
28151 |
+fi |
|
28137 | 28152 |
|
28138 | 28153 |
|
28139 | 28154 |
$as_echo_n " mempool : " |
... | ... |
@@ -173,6 +173,11 @@ AC_OUTPUT |
173 | 173 |
if test "$enable_llvm" = "yes" && test "$subdirfailed" != "no"; then |
174 | 174 |
AC_MSG_ERROR([Failed to configure LLVM, and LLVM was explicitly requested]) |
175 | 175 |
fi |
176 |
+if test "$enable_llvm" = "auto" && test "$subdirfailed" != "no"; then |
|
177 |
+ system_llvm="MIA" |
|
178 |
+ llvm_linking="" |
|
179 |
+fi |
|
180 |
+ |
|
176 | 181 |
AM_CONDITIONAL([ENABLE_LLVM], |
177 | 182 |
[test "$subdirfailed" != "yes" && test "$enable_llvm" != "no"]) |
178 | 183 |
no_recursion="yes"; |
... | ... |
@@ -216,7 +221,11 @@ have_jit="no" |
216 | 216 |
if test "$subdirfailed" = "no"; then |
217 | 217 |
have_jit="yes" |
218 | 218 |
fi |
219 |
-CL_MSG_STATUS([llvm ],[$have_jit, from $system_llvm],[$enable_llvm]) |
|
219 |
+if test "x$llvm_linking" = "x"; then |
|
220 |
+ CL_MSG_STATUS([llvm ],[$have_jit, from $system_llvm],[$enable_llvm]) |
|
221 |
+else |
|
222 |
+ CL_MSG_STATUS([llvm ],[$have_jit, from $system_llvm ($llvm_linking)],[$enable_llvm]) |
|
223 |
+fi |
|
220 | 224 |
CL_MSG_STATUS([mempool ],[$have_mempool],[$enable_mempool]) |
221 | 225 |
|
222 | 226 |
AC_MSG_NOTICE([Summary of engine detection features]) |
... | ... |
@@ -39,7 +39,7 @@ Set bytecode trace level 0..7 (default 7) |
39 | 39 |
\fB\-\-no\-trace\-showsource\fR |
40 | 40 |
Don't show source line during tracing |
41 | 41 |
.TP |
42 |
-\fB\-\-bytecode\-statistics\fR |
|
42 |
+\fB\-\-statistics=bytecode\fR |
|
43 | 43 |
Collect and print bytecode execution statistics |
44 | 44 |
.TP |
45 | 45 |
file |
... | ... |
@@ -102,8 +102,8 @@ Allow loading bytecode from outside digitally signed .c[lv]d files. |
102 | 102 |
\fB\-\-bytecode\-timeout=N\fR |
103 | 103 |
Set bytecode timeout in milliseconds (default: 60000 = 60s) |
104 | 104 |
.TP |
105 |
-\fB\-\-bytecode\-statistics[=yes/no(*)]\fR |
|
106 |
-Collect and print bytecode statistics. |
|
105 |
+\fB\-\-statistics[=none(*)/bytecode/pcre]\fR |
|
106 |
+Collect and print execution statistics. |
|
107 | 107 |
.TP |
108 | 108 |
\fB\-\-detect\-pua[=yes/no(*)]\fR |
109 | 109 |
Detect Possibly Unwanted Applications. |
... | ... |
@@ -487,12 +487,11 @@ Sig2;Target:0;((0|1|2)>5,2)&(3|1);6b6f74656b;616c61;7a6f6c77;737 |
487 | 487 |
Sig3;Target:0;((0|1|2|3)=2)&(4|1);6b6f74656b;616c61;7a6f6c77;737 |
488 | 488 |
46566616e;deadbeef |
489 | 489 |
|
490 |
-Sig4;Target:1,Engine:18-20;((0|1)&(2|3))&4;EP+123:33c06834f04100 |
|
490 |
+Sig4;Target:1;Engine:18-20;((0|1)&(2|3))&4;EP+123:33c06834f04100 |
|
491 | 491 |
f2aef7d14951684cf04100e8110a00;S2+78:22??232c2d252229{-15}6e6573 |
492 |
-(63|64)61706528;S+50:68efa311c3b9963cb1ee8e586d32aeb9043e;f9c58d |
|
493 |
-cf43987e4f519d629b103375;SL+550:6300680065005c0046006900 |
|
492 |
+(63|64)61706528;S3+50:68efa311c3b9963cb1ee8e586d32aeb9043e;f9c58 |
|
493 |
+dcf43987e4f519d629b103375;SL+550:6300680065005c0046006900 |
|
494 | 494 |
\end{verbatim} |
495 |
- |
|
496 | 495 |
\subsection{Special Subsignature Types} |
497 | 496 |
Macro subsignatures(clamav-0.96): \verb+${min-max}MACROID$+: |
498 | 497 |
\begin{itemize} |
... | ... |
@@ -585,6 +584,15 @@ Firefox.boundElements;Target:0;0&1&2;6576656e742e626f756e64456c6 |
585 | 585 |
22?window\.close\s*\x28/si |
586 | 586 |
\end{verbatim} |
587 | 587 |
|
588 |
+ \subsection{Subsignature Options} |
|
589 |
+ ClamAV (clamav-0.99) supports a number of additional subsignature options |
|
590 |
+ for logical signatures. This is done by specifying a single '/' followed |
|
591 |
+ by a number of characters representing the option. |
|
592 |
+ \begin{itemize} |
|
593 |
+ \item \verb+i+\\ |
|
594 |
+ Match subsignature as case-insensitive. (ex. ..;42434445/i;..) |
|
595 |
+ \end{itemize} |
|
596 |
+ |
|
588 | 597 |
\subsection{Icon signatures for PE files} |
589 | 598 |
ClamAV 0.96 includes an approximate/fuzzy icon matcher to help |
590 | 599 |
detecting malicious executables disguising themselves as innocent |
... | ... |
@@ -575,7 +575,6 @@ PACKAGE_STRING='libclamavc++ devel' |
575 | 575 |
PACKAGE_BUGREPORT='http://bugs.clamav.net' |
576 | 576 |
PACKAGE_URL='' |
577 | 577 |
|
578 |
-ac_unique_file="llvm/configure" |
|
579 | 578 |
# Factoring default headers for most tests. |
580 | 579 |
ac_includes_default="\ |
581 | 580 |
#include <stdio.h> |
... | ... |
@@ -776,6 +775,7 @@ with_gnu_ld |
776 | 776 |
with_sysroot |
777 | 777 |
enable_libtool_lock |
778 | 778 |
with_system_llvm |
779 |
+with_llvm_linking |
|
779 | 780 |
enable_llvm |
780 | 781 |
enable_optimized |
781 | 782 |
enable_all_jit_targets |
... | ... |
@@ -1441,6 +1441,8 @@ Optional Packages: |
1441 | 1441 |
--with-system-llvm Use system llvm instead of built-in, uses full path |
1442 | 1442 |
to llvm-config (default= search /usr/local or /usr |
1443 | 1443 |
if not found in /usr/local) |
1444 |
+ --with-llvm-linking specifies method to linking llvm [static|dynamic], |
|
1445 |
+ only valid with --with-system-llvm |
|
1444 | 1446 |
|
1445 | 1447 |
Some influential environment variables: |
1446 | 1448 |
CXX C++ compiler command |
... | ... |
@@ -2340,7 +2342,6 @@ ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. |
2340 | 2340 |
|
2341 | 2341 |
|
2342 | 2342 |
|
2343 |
- |
|
2344 | 2343 |
ac_config_headers="$ac_config_headers clamavcxx-config.h" |
2345 | 2344 |
|
2346 | 2345 |
# Make sure we can run config.sub. |
... | ... |
@@ -15445,6 +15446,29 @@ $as_echo "$as_me: Using external LLVM" >&6;} |
15445 | 15445 |
fi |
15446 | 15446 |
|
15447 | 15447 |
|
15448 |
+llvm_linking= |
|
15449 |
+ |
|
15450 |
+# Check whether --with-llvm-linking was given. |
|
15451 |
+if test "${with_llvm_linking+set}" = set; then : |
|
15452 |
+ withval=$with_llvm_linking; |
|
15453 |
+if test "x$llvmconfig" = "x"; then |
|
15454 |
+ as_fn_error $? "Failed to configure LLVM, and LLVM linking was specified without valid llvm-config" "$LINENO" 5 |
|
15455 |
+else |
|
15456 |
+case "$withval" in |
|
15457 |
+ static) |
|
15458 |
+ llvm_linking="static" |
|
15459 |
+ ;; |
|
15460 |
+ dynamic) |
|
15461 |
+ llvm_linking="dynamic" |
|
15462 |
+ ;; |
|
15463 |
+ *) |
|
15464 |
+ as_fn_error $? "Invalid argument to --with-llvm-linking" "$LINENO" 5 |
|
15465 |
+esac |
|
15466 |
+fi |
|
15467 |
+ |
|
15468 |
+fi |
|
15469 |
+ |
|
15470 |
+ |
|
15448 | 15471 |
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for supported LLVM version" >&5 |
15449 | 15472 |
$as_echo_n "checking for supported LLVM version... " >&6; } |
15450 | 15473 |
if test "x$llvmconfig" = "x"; then |
... | ... |
@@ -15485,18 +15509,28 @@ fi |
15485 | 15485 |
if test "x$llvmconfig" != "x"; then |
15486 | 15486 |
LLVMCONFIG_CXXFLAGS=`$llvmconfig --cxxflags` |
15487 | 15487 |
|
15488 |
- if test $llvmver_test -ge 350; then |
|
15489 |
- ldflags=`$llvmconfig --ldflags` |
|
15490 |
- syslibs=`$llvmconfig --system-libs` |
|
15491 |
- LLVMCONFIG_LDFLAGS="$ldflags $syslibs" |
|
15492 | 15488 |
|
15493 |
- else |
|
15489 |
+ if test "x$llvm_linking" = "xdynamic"; then |
|
15494 | 15490 |
LLVMCONFIG_LDFLAGS=`$llvmconfig --ldflags` |
15495 | 15491 |
|
15496 |
- fi |
|
15497 |
- LLVMCONFIG_LIBS=`$llvmconfig --libs jit nativecodegen scalaropts ipo` |
|
15492 |
+ LLVMCONFIG_LIBS=-lLLVM-$llvmver |
|
15493 |
+ |
|
15494 |
+ |
|
15495 |
+ else |
|
15496 |
+ if test $llvmver_test -ge 350; then |
|
15497 |
+ ldflags=`$llvmconfig --ldflags` |
|
15498 |
+ syslibs=`$llvmconfig --system-libs` |
|
15499 |
+ LLVMCONFIG_LDFLAGS="$ldflags $syslibs" |
|
15498 | 15500 |
|
15499 |
- LLVMCONFIG_LIBFILES=`$llvmconfig --libfiles jit nativecodegen scalaropts ipo` |
|
15501 |
+ else |
|
15502 |
+ LLVMCONFIG_LDFLAGS=`$llvmconfig --ldflags` |
|
15503 |
+ |
|
15504 |
+ fi |
|
15505 |
+ LLVMCONFIG_LIBS=`$llvmconfig --libs jit nativecodegen scalaropts ipo` |
|
15506 |
+ |
|
15507 |
+ LLVMCONFIG_LIBFILES=`$llvmconfig --libfiles jit nativecodegen scalaropts ipo` |
|
15508 |
+ |
|
15509 |
+ fi |
|
15500 | 15510 |
|
15501 | 15511 |
{ $as_echo "$as_me:${as_lineno-$LINENO}: CXXFLAGS from llvm-config: $LLVMCONFIG_CXXFLAGS" >&5 |
15502 | 15512 |
$as_echo "$as_me: CXXFLAGS from llvm-config: $LLVMCONFIG_CXXFLAGS" >&6;} |
... | ... |
@@ -16,7 +16,6 @@ dnl MA 02110-1301, USA. |
16 | 16 |
AC_PREREQ([2.59]) |
17 | 17 |
AC_INIT([libclamavc++],[devel],[http://bugs.clamav.net]) |
18 | 18 |
AC_CONFIG_AUX_DIR([config]) |
19 |
-AC_CONFIG_SRCDIR([llvm/configure]) |
|
20 | 19 |
AC_CONFIG_MACRO_DIR([m4]) |
21 | 20 |
AC_CONFIG_HEADER([clamavcxx-config.h]) |
22 | 21 |
AC_CANONICAL_TARGET |
... | ... |
@@ -78,6 +77,26 @@ AC_ARG_WITH([system-llvm], AC_HELP_STRING([--with-system-llvm], |
78 | 78 |
fi |
79 | 79 |
]) |
80 | 80 |
|
81 |
+llvm_linking= |
|
82 |
+AC_ARG_WITH([llvm-linking], [AC_HELP_STRING([--with-llvm-linking], |
|
83 |
+[specifies method to linking llvm @<:@static|dynamic@:>@, only valid with --with-system-llvm])], |
|
84 |
+[ |
|
85 |
+if test "x$llvmconfig" = "x"; then |
|
86 |
+ AC_MSG_ERROR([Failed to configure LLVM, and LLVM linking was specified without valid llvm-config]) |
|
87 |
+else |
|
88 |
+case "$withval" in |
|
89 |
+ static) |
|
90 |
+ llvm_linking="static" |
|
91 |
+ ;; |
|
92 |
+ dynamic) |
|
93 |
+ llvm_linking="dynamic" |
|
94 |
+ ;; |
|
95 |
+ *) |
|
96 |
+ AC_MSG_ERROR([Invalid argument to --with-llvm-linking]) |
|
97 |
+esac |
|
98 |
+fi |
|
99 |
+], []) |
|
100 |
+ |
|
81 | 101 |
AC_MSG_CHECKING([for supported LLVM version]) |
82 | 102 |
if test "x$llvmconfig" = "x"; then |
83 | 103 |
dnl macro not available in older autotools |
... | ... |
@@ -113,16 +132,24 @@ fi |
113 | 113 |
dnl aquire the required flags to properly link in external LLVM |
114 | 114 |
if test "x$llvmconfig" != "x"; then |
115 | 115 |
AC_SUBST(LLVMCONFIG_CXXFLAGS, [`$llvmconfig --cxxflags`]) |
116 |
- if test $llvmver_test -ge 350; then |
|
117 |
- dnl LLVM 3.5.0 and after splits linker flags into two sets |
|
118 |
- ldflags=`$llvmconfig --ldflags` |
|
119 |
- syslibs=`$llvmconfig --system-libs` |
|
120 |
- AC_SUBST(LLVMCONFIG_LDFLAGS, ["$ldflags $syslibs"]) |
|
121 |
- else |
|
116 |
+ |
|
117 |
+ if test "x$llvm_linking" = "xdynamic"; then |
|
122 | 118 |
AC_SUBST(LLVMCONFIG_LDFLAGS, [`$llvmconfig --ldflags`]) |
119 |
+ AC_SUBST(LLVMCONFIG_LIBS, [-lLLVM-$llvmver]) |
|
120 |
+ AC_SUBST(LLVMCONFIG_LIBFILES, []) |
|
121 |
+ else |
|
122 |
+ if test $llvmver_test -ge 350; then |
|
123 |
+ dnl LLVM 3.5.0 and after splits linker flags into two sets |
|
124 |
+ ldflags=`$llvmconfig --ldflags` |
|
125 |
+ syslibs=`$llvmconfig --system-libs` |
|
126 |
+ AC_SUBST(LLVMCONFIG_LDFLAGS, ["$ldflags $syslibs"]) |
|
127 |
+ else |
|
128 |
+ AC_SUBST(LLVMCONFIG_LDFLAGS, [`$llvmconfig --ldflags`]) |
|
129 |
+ fi |
|
130 |
+ AC_SUBST(LLVMCONFIG_LIBS, [`$llvmconfig --libs jit nativecodegen scalaropts ipo`]) |
|
131 |
+ AC_SUBST(LLVMCONFIG_LIBFILES, [`$llvmconfig --libfiles jit nativecodegen scalaropts ipo`]) |
|
123 | 132 |
fi |
124 |
- AC_SUBST(LLVMCONFIG_LIBS, [`$llvmconfig --libs jit nativecodegen scalaropts ipo`]) |
|
125 |
- AC_SUBST(LLVMCONFIG_LIBFILES, [`$llvmconfig --libfiles jit nativecodegen scalaropts ipo`]) |
|
133 |
+ |
|
126 | 134 |
AC_MSG_NOTICE([CXXFLAGS from llvm-config: $LLVMCONFIG_CXXFLAGS]) |
127 | 135 |
AC_MSG_NOTICE([LDFLAGS from llvm-config: $LLVMCONFIG_LDFLAGS]) |
128 | 136 |
AC_MSG_NOTICE([LIBS from llvm-config: $LLVMCONFIG_LIBS]) |
... | ... |
@@ -827,9 +827,7 @@ int unmew11(char *src, int off, int ssize, int dsize, uint32_t base, uint32_t va |
827 | 827 |
|
828 | 828 |
if (!uselzma) |
829 | 829 |
{ |
830 |
- /* bb#11212 - DO NOT PEALIGN sections to cli_rebuildpe() * |
|
831 |
- * data processed in src buffer is stored NOT pe-aligned */ |
|
832 |
- uint32_t val = f2 - src; |
|
830 |
+ uint32_t val = PESALIGN(f2 - src, 0x1000); |
|
833 | 831 |
void *newsect; |
834 | 832 |
|
835 | 833 |
if (i && val < section[i].raw) { |
... | ... |
@@ -850,6 +848,18 @@ int unmew11(char *src, int off, int ssize, int dsize, uint32_t base, uint32_t va |
850 | 850 |
section[i+1].raw = val; |
851 | 851 |
section[i+1].rva = val + vadd; |
852 | 852 |
section[i].rsz = section[i].vsz = ((i)?(val - section[i].raw):val); |
853 |
+ |
|
854 |
+ /* |
|
855 |
+ * bb#11212 - alternate fix, buffer is aligned |
|
856 |
+ * must validate that sections do not intersect with source |
|
857 |
+ * or, in other words, exceed the specified size of destination |
|
858 |
+ */ |
|
859 |
+ if (section[i].raw + section[i].rsz > dsize) { |
|
860 |
+ cli_dbgmsg("MEW: Section %i [%d, %d] exceeds destination size %d\n", |
|
861 |
+ i, section[i].raw, section[i].raw+section[i].rsz, dsize); |
|
862 |
+ free(section); |
|
863 |
+ return -1; |
|
864 |
+ } |
|
853 | 865 |
} |
854 | 866 |
i++; |
855 | 867 |
|
... | ... |
@@ -379,7 +379,7 @@ int cli_parse_add(struct cli_matcher *root, const char *virname, const char *hex |
379 | 379 |
|
380 | 380 |
free(pt); |
381 | 381 |
} |
382 |
- } else if(root->ac_only || type || lsigid || strpbrk(hexsig, "?([") || (root->bm_offmode && (!strcmp(offset, "*") || strchr(offset, ','))) || strstr(offset, "VI") || strchr(offset, '$')) { |
|
382 |
+ } else if(root->ac_only || type || lsigid || sigopts || strpbrk(hexsig, "?([") || (root->bm_offmode && (!strcmp(offset, "*") || strchr(offset, ','))) || strstr(offset, "VI") || strchr(offset, '$')) { |
|
383 | 383 |
if((ret = cli_ac_addsig(root, virname, hexsig, sigopts, 0, 0, 0, rtype, type, 0, 0, offset, lsigid, options))) { |
384 | 384 |
cli_errmsg("cli_parse_add(): Problem adding signature (3).\n"); |
385 | 385 |
return ret; |
... | ... |
@@ -1435,7 +1435,7 @@ static int load_oneldb(char *buffer, int chkpua, struct cl_engine *engine, unsig |
1435 | 1435 |
/* Regex Usage and Support Check */ |
1436 | 1436 |
for (i = 0; i < subsigs; ++i) { |
1437 | 1437 |
if (strchr(tokens[i+3], '/')) { |
1438 |
- cli_dbgmsg("cli_loadldb: logical signature for %s uses PCREs but support is disabled, skipping\n", virname); |
|
1438 |
+ cli_warnmsg("cli_loadldb: logical signature for %s uses PCREs but support is disabled, skipping\n", virname); |
|
1439 | 1439 |
(*sigs)--; |
1440 | 1440 |
return CL_SUCCESS; |
1441 | 1441 |
} |
... | ... |
@@ -157,6 +157,7 @@ cli_regcomp_real(regex_t *preg, const char *pattern, int cflags) |
157 | 157 |
struct parse *p = &pa; |
158 | 158 |
int i; |
159 | 159 |
size_t len; |
160 |
+ size_t maxlen; |
|
160 | 161 |
#ifdef REDEBUG |
161 | 162 |
# define GOODFLAGS(f) (f) |
162 | 163 |
#else |
... | ... |
@@ -179,7 +180,24 @@ cli_regcomp_real(regex_t *preg, const char *pattern, int cflags) |
179 | 179 |
(NC-1)*sizeof(cat_t)); |
180 | 180 |
if (g == NULL) |
181 | 181 |
return(REG_ESPACE); |
182 |
+ /* Patch for bb11264 submitted by the Debian team: */ |
|
183 |
+ /* |
|
184 |
+ * Limit the pattern space to avoid a 32-bit overflow on buffer |
|
185 |
+ * extension. Also avoid any signed overflow in case of conversion |
|
186 |
+ * so make the real limit based on a 31-bit overflow. |
|
187 |
+ * |
|
188 |
+ * Likely not applicable on 64-bit systems but handle the case |
|
189 |
+ * generically (who are we to stop people from using ~715MB+ |
|
190 |
+ * patterns?). |
|
191 |
+ */ |
|
192 |
+ maxlen = ((size_t)-1 >> 1) / sizeof(sop) * 2 / 3; |
|
193 |
+ if (len >= maxlen) { |
|
194 |
+ free((char *)g); |
|
195 |
+ return(REG_ESPACE); |
|
196 |
+ } |
|
182 | 197 |
p->ssize = len/(size_t)2*(size_t)3 + (size_t)1; /* ugh */ |
198 |
+ assert(p->ssize >= len); |
|
199 |
+ |
|
183 | 200 |
p->strip = (sop *)cli_calloc(p->ssize, sizeof(sop)); |
184 | 201 |
p->slen = 0; |
185 | 202 |
if (p->strip == NULL) { |
... | ... |
@@ -282,6 +282,7 @@ end: |
282 | 282 |
cli_warnmsg("clamav_stats_add_sample: unlcoking mutex failed (err: %d): %s\n", err, strerror(err)); |
283 | 283 |
} |
284 | 284 |
#endif |
285 |
+ return; |
|
285 | 286 |
} |
286 | 287 |
|
287 | 288 |
void clamav_stats_flush(struct cl_engine *engine, void *cbdata) |
... | ... |
@@ -492,6 +493,7 @@ void clamav_stats_decrement_count(const char *virname, const unsigned char *md5, |
492 | 492 |
cli_warnmsg("clamav_stats_decrement_count: unlocking mutex failed (err: %d): %s\n", err, strerror(err)); |
493 | 493 |
} |
494 | 494 |
#endif |
495 |
+ return; |
|
495 | 496 |
} |
496 | 497 |
|
497 | 498 |
size_t clamav_stats_get_num(void *cbdata) |
... | ... |
@@ -13,6 +13,31 @@ AC_ARG_WITH([system-llvm], [AC_HELP_STRING([--with-system-llvm], |
13 | 13 |
esac |
14 | 14 |
], [system_llvm="built-in"]) |
15 | 15 |
|
16 |
+AC_ARG_WITH([llvm-linking], [AC_HELP_STRING([--with-llvm-linking], |
|
17 |
+[specifies method to linking llvm @<:@static|dynamic@:>@, only valid with --with-system-llvm])], |
|
18 |
+[ |
|
19 |
+if test "x$system_llvm" = "xbuilt-in"; then |
|
20 |
+ AC_MSG_ERROR([Failed to configure LLVM, and LLVM linking was specified without specifying system-llvm]) |
|
21 |
+else |
|
22 |
+case "$withval" in |
|
23 |
+ static) |
|
24 |
+ llvm_linking="static" |
|
25 |
+ ;; |
|
26 |
+ dynamic) |
|
27 |
+ llvm_linking="dynamic" |
|
28 |
+ ;; |
|
29 |
+ *) |
|
30 |
+ AC_MSG_ERROR([Invalid argument to --with-llvm-linking]) |
|
31 |
+esac |
|
32 |
+fi |
|
33 |
+], [ |
|
34 |
+if test "x$system_llvm" = "xbuilt-in"; then |
|
35 |
+ llvm_linking="" |
|
36 |
+else |
|
37 |
+ llvm_linking="auto" |
|
38 |
+fi |
|
39 |
+]) |
|
40 |
+ |
|
16 | 41 |
AC_ARG_ENABLE([llvm],AC_HELP_STRING([--enable-llvm], |
17 | 42 |
[enable 'llvm' JIT/verifier support @<:@default=auto@:>@]), |
18 | 43 |
[enable_llvm=$enableval], |
... | ... |
@@ -29,4 +54,5 @@ if test "$enable_llvm" != "no"; then |
29 | 29 |
AC_CONFIG_SUBDIRS_OPTIONAL([libclamav/c++]) |
30 | 30 |
else |
31 | 31 |
system_llvm="none" |
32 |
+ llvm_linking="" |
|
32 | 33 |
fi |