... | ... |
@@ -586,7 +586,6 @@ int onas_ht_add_child(struct onas_ht *ht, const char *prntpath, size_t prntlen, |
586 | 586 |
/* Adds the hierarchy under pathname to the tree and allocates all necessary memory. */ |
587 | 587 |
int onas_ht_add_hierarchy(struct onas_ht *ht, const char *pathname) |
588 | 588 |
{ |
589 |
- |
|
590 | 589 |
if (!ht || !pathname) return CL_ENULLARG; |
591 | 590 |
|
592 | 591 |
FTS *ftsp = NULL; |
... | ... |
@@ -631,8 +630,10 @@ int onas_ht_add_hierarchy(struct onas_ht *ht, const char *pathname) |
631 | 631 |
if ((childlist = _priv_fts_children(ftsp, 0))) { |
632 | 632 |
do { |
633 | 633 |
if (childlist->fts_info == FTS_D) { |
634 |
- if (CL_EMEM == onas_add_hashnode_child(hnode, childlist->fts_name)) |
|
634 |
+ if (CL_EMEM == onas_add_hashnode_child(hnode, childlist->fts_name)) { |
|
635 |
+ onas_free_hashnode(hnode); |
|
635 | 636 |
return CL_EMEM; |
637 |
+ } |
|
636 | 638 |
} |
637 | 639 |
|
638 | 640 |
} while ((childlist = childlist->fts_link)); |
... | ... |
@@ -641,7 +642,10 @@ int onas_ht_add_hierarchy(struct onas_ht *ht, const char *pathname) |
641 | 641 |
struct onas_element *elem = onas_element_init(hnode, hnode->pathname, hnode->pathlen); |
642 | 642 |
if (!elem) return CL_EMEM; |
643 | 643 |
|
644 |
- if (onas_ht_insert(ht, elem)) return -1; |
|
644 |
+ if (onas_ht_insert(ht, elem)) { |
|
645 |
+ onas_free_element(elem); |
|
646 |
+ return CL_EMEM; |
|
647 |
+ } |
|
645 | 648 |
} |
646 | 649 |
|
647 | 650 |
_priv_fts_close(ftsp); |
... | ... |
@@ -87,7 +87,8 @@ int cli_7unz(cli_ctx *ctx, size_t offset) |
87 | 87 |
CSzArEx db; |
88 | 88 |
SRes res; |
89 | 89 |
UInt16 utf16buf[UTFBUFSZ], *utf16name = utf16buf; |
90 |
- int namelen = UTFBUFSZ, found = CL_CLEAN; |
|
90 |
+ int namelen = UTFBUFSZ; |
|
91 |
+ cl_error_t found = CL_CLEAN; |
|
91 | 92 |
Int64 begin_of_archive = offset; |
92 | 93 |
UInt32 viruses_found = 0; |
93 | 94 |
|
... | ... |
@@ -180,7 +181,9 @@ int cli_7unz(cli_ctx *ctx, size_t offset) |
180 | 180 |
} |
181 | 181 |
if (res != SZ_OK) |
182 | 182 |
cli_dbgmsg("cli_unz: extraction failed with %d\n", res); |
183 |
- else { |
|
183 |
+ else if ((outBuffer == NULL) || (outSizeProcessed == 0)) { |
|
184 |
+ cli_dbgmsg("cli_unz: extracted empty file\n"); |
|
185 |
+ } else { |
|
184 | 186 |
if ((found = cli_gentempfd(ctx->engine->tmpdir, &name, &fd))) |
185 | 187 |
break; |
186 | 188 |
|
... | ... |
@@ -1344,6 +1344,7 @@ uint32_t cli_bcapi_engine_scan_options(struct cli_bc_ctx *ctx) |
1344 | 1344 |
uint32_t cli_bcapi_engine_scan_options_ex(struct cli_bc_ctx *ctx, const uint8_t *option_name, uint32_t name_len) |
1345 | 1345 |
{ |
1346 | 1346 |
uint32_t i = 0; |
1347 |
+ uint32_t result = 0; |
|
1347 | 1348 |
char *option_name_l = NULL; |
1348 | 1349 |
|
1349 | 1350 |
if (ctx == NULL || option_name == NULL || name_len == 0) { |
... | ... |
@@ -1365,107 +1366,83 @@ uint32_t cli_bcapi_engine_scan_options_ex(struct cli_bc_ctx *ctx, const uint8_t |
1365 | 1365 |
|
1366 | 1366 |
if (strncmp(option_name_l, "general", MIN(name_len, sizeof("general")))) { |
1367 | 1367 |
if (cli_memstr(option_name_l, name_len, "allmatch", sizeof("allmatch"))) { |
1368 |
- return (cctx->options->general & CL_SCAN_GENERAL_ALLMATCHES) ? 1 : 0; |
|
1369 |
- } |
|
1370 |
- if (cli_memstr(option_name_l, name_len, "collect metadata", sizeof("collect metadata"))) { |
|
1371 |
- return (cctx->options->general & CL_SCAN_GENERAL_COLLECT_METADATA) ? 1 : 0; |
|
1372 |
- } |
|
1373 |
- if (cli_memstr(option_name_l, name_len, "heuristics", sizeof("heuristics"))) { |
|
1374 |
- return (cctx->options->general & CL_SCAN_GENERAL_HEURISTICS) ? 1 : 0; |
|
1375 |
- } |
|
1376 |
- if (cli_memstr(option_name_l, name_len, "precedence", sizeof("precedence"))) { |
|
1377 |
- return (cctx->options->general & CL_SCAN_GENERAL_HEURISTIC_PRECEDENCE) ? 1 : 0; |
|
1368 |
+ result = (cctx->options->general & CL_SCAN_GENERAL_ALLMATCHES) ? 1 : 0; |
|
1369 |
+ } else if (cli_memstr(option_name_l, name_len, "collect metadata", sizeof("collect metadata"))) { |
|
1370 |
+ result = (cctx->options->general & CL_SCAN_GENERAL_COLLECT_METADATA) ? 1 : 0; |
|
1371 |
+ } else if (cli_memstr(option_name_l, name_len, "heuristics", sizeof("heuristics"))) { |
|
1372 |
+ result = (cctx->options->general & CL_SCAN_GENERAL_HEURISTICS) ? 1 : 0; |
|
1373 |
+ } else if (cli_memstr(option_name_l, name_len, "precedence", sizeof("precedence"))) { |
|
1374 |
+ result = (cctx->options->general & CL_SCAN_GENERAL_HEURISTIC_PRECEDENCE) ? 1 : 0; |
|
1378 | 1375 |
} |
1379 | 1376 |
/* else unknown option */ |
1380 |
- return 0; |
|
1381 | 1377 |
} else if (strncmp(option_name_l, "parse", MIN(name_len, sizeof("parse")))) { |
1382 | 1378 |
if (cli_memstr(option_name_l, name_len, "archive", sizeof("archive"))) { |
1383 |
- return (cctx->options->parse & CL_SCAN_PARSE_ARCHIVE) ? 1 : 0; |
|
1384 |
- } |
|
1385 |
- if (cli_memstr(option_name_l, name_len, "elf", sizeof("elf"))) { |
|
1386 |
- return (cctx->options->parse & CL_SCAN_PARSE_ELF) ? 1 : 0; |
|
1387 |
- } |
|
1388 |
- if (cli_memstr(option_name_l, name_len, "pdf", sizeof("pdf"))) { |
|
1389 |
- return (cctx->options->parse & CL_SCAN_PARSE_PDF) ? 1 : 0; |
|
1390 |
- } |
|
1391 |
- if (cli_memstr(option_name_l, name_len, "swf", sizeof("swf"))) { |
|
1392 |
- return (cctx->options->parse & CL_SCAN_PARSE_SWF) ? 1 : 0; |
|
1393 |
- } |
|
1394 |
- if (cli_memstr(option_name_l, name_len, "hwp3", sizeof("hwp3"))) { |
|
1395 |
- return (cctx->options->parse & CL_SCAN_PARSE_HWP3) ? 1 : 0; |
|
1396 |
- } |
|
1397 |
- if (cli_memstr(option_name_l, name_len, "xmldocs", sizeof("xmldocs"))) { |
|
1398 |
- return (cctx->options->parse & CL_SCAN_PARSE_XMLDOCS) ? 1 : 0; |
|
1399 |
- } |
|
1400 |
- if (cli_memstr(option_name_l, name_len, "mail", sizeof("mail"))) { |
|
1401 |
- return (cctx->options->parse & CL_SCAN_PARSE_MAIL) ? 1 : 0; |
|
1402 |
- } |
|
1403 |
- if (cli_memstr(option_name_l, name_len, "ole2", sizeof("ole2"))) { |
|
1404 |
- return (cctx->options->parse & CL_SCAN_PARSE_OLE2) ? 1 : 0; |
|
1405 |
- } |
|
1406 |
- if (cli_memstr(option_name_l, name_len, "html", sizeof("html"))) { |
|
1407 |
- return (cctx->options->parse & CL_SCAN_PARSE_HTML) ? 1 : 0; |
|
1408 |
- } |
|
1409 |
- if (cli_memstr(option_name_l, name_len, "pe", sizeof("pe"))) { |
|
1410 |
- return (cctx->options->parse & CL_SCAN_PARSE_PE) ? 1 : 0; |
|
1379 |
+ result = (cctx->options->parse & CL_SCAN_PARSE_ARCHIVE) ? 1 : 0; |
|
1380 |
+ } else if (cli_memstr(option_name_l, name_len, "elf", sizeof("elf"))) { |
|
1381 |
+ result = (cctx->options->parse & CL_SCAN_PARSE_ELF) ? 1 : 0; |
|
1382 |
+ } else if (cli_memstr(option_name_l, name_len, "pdf", sizeof("pdf"))) { |
|
1383 |
+ result = (cctx->options->parse & CL_SCAN_PARSE_PDF) ? 1 : 0; |
|
1384 |
+ } else if (cli_memstr(option_name_l, name_len, "swf", sizeof("swf"))) { |
|
1385 |
+ result = (cctx->options->parse & CL_SCAN_PARSE_SWF) ? 1 : 0; |
|
1386 |
+ } else if (cli_memstr(option_name_l, name_len, "hwp3", sizeof("hwp3"))) { |
|
1387 |
+ result = (cctx->options->parse & CL_SCAN_PARSE_HWP3) ? 1 : 0; |
|
1388 |
+ } else if (cli_memstr(option_name_l, name_len, "xmldocs", sizeof("xmldocs"))) { |
|
1389 |
+ result = (cctx->options->parse & CL_SCAN_PARSE_XMLDOCS) ? 1 : 0; |
|
1390 |
+ } else if (cli_memstr(option_name_l, name_len, "mail", sizeof("mail"))) { |
|
1391 |
+ result = (cctx->options->parse & CL_SCAN_PARSE_MAIL) ? 1 : 0; |
|
1392 |
+ } else if (cli_memstr(option_name_l, name_len, "ole2", sizeof("ole2"))) { |
|
1393 |
+ result = (cctx->options->parse & CL_SCAN_PARSE_OLE2) ? 1 : 0; |
|
1394 |
+ } else if (cli_memstr(option_name_l, name_len, "html", sizeof("html"))) { |
|
1395 |
+ result = (cctx->options->parse & CL_SCAN_PARSE_HTML) ? 1 : 0; |
|
1396 |
+ } else if (cli_memstr(option_name_l, name_len, "pe", sizeof("pe"))) { |
|
1397 |
+ result = (cctx->options->parse & CL_SCAN_PARSE_PE) ? 1 : 0; |
|
1411 | 1398 |
} |
1412 | 1399 |
/* else unknown option */ |
1413 |
- return 0; |
|
1414 | 1400 |
} else if (strncmp(option_name_l, "heuristic", MIN(name_len, sizeof("heuristic")))) { |
1415 | 1401 |
if (cli_memstr(option_name_l, name_len, "broken", sizeof("broken"))) { |
1416 |
- return (cctx->options->heuristic & CL_SCAN_HEURISTIC_BROKEN) ? 1 : 0; |
|
1417 |
- } |
|
1418 |
- if (cli_memstr(option_name_l, name_len, "exceeds max", sizeof("exceeds max"))) { |
|
1419 |
- return (cctx->options->heuristic & CL_SCAN_HEURISTIC_EXCEEDS_MAX) ? 1 : 0; |
|
1420 |
- } |
|
1421 |
- if (cli_memstr(option_name_l, name_len, "phishing ssl mismatch", sizeof("phishing ssl mismatch"))) { |
|
1422 |
- return (cctx->options->heuristic & CL_SCAN_HEURISTIC_PHISHING_SSL_MISMATCH) ? 1 : 0; |
|
1423 |
- } |
|
1424 |
- if (cli_memstr(option_name_l, name_len, "phishing cloak", sizeof("phishing cloak"))) { |
|
1425 |
- return (cctx->options->heuristic & CL_SCAN_HEURISTIC_PHISHING_CLOAK) ? 1 : 0; |
|
1426 |
- } |
|
1427 |
- if (cli_memstr(option_name_l, name_len, "macros", sizeof("macros"))) { |
|
1428 |
- return (cctx->options->heuristic & CL_SCAN_HEURISTIC_MACROS) ? 1 : 0; |
|
1429 |
- } |
|
1430 |
- if (cli_memstr(option_name_l, name_len, "encrypted archive", sizeof("encrypted archive"))) { |
|
1431 |
- return (cctx->options->heuristic & CL_SCAN_HEURISTIC_ENCRYPTED_ARCHIVE) ? 1 : 0; |
|
1432 |
- } |
|
1433 |
- if (cli_memstr(option_name_l, name_len, "encrypted doc", sizeof("encrypted doc"))) { |
|
1434 |
- return (cctx->options->heuristic & CL_SCAN_HEURISTIC_ENCRYPTED_DOC) ? 1 : 0; |
|
1435 |
- } |
|
1436 |
- if (cli_memstr(option_name_l, name_len, "partition intxn", sizeof("partition intxn"))) { |
|
1437 |
- return (cctx->options->heuristic & CL_SCAN_HEURISTIC_PARTITION_INTXN) ? 1 : 0; |
|
1438 |
- } |
|
1439 |
- if (cli_memstr(option_name_l, name_len, "structured", sizeof("structured"))) { |
|
1440 |
- return (cctx->options->heuristic & CL_SCAN_HEURISTIC_STRUCTURED) ? 1 : 0; |
|
1441 |
- } |
|
1442 |
- if (cli_memstr(option_name_l, name_len, "structured ssn normal", sizeof("structured ssn normal"))) { |
|
1443 |
- return (cctx->options->heuristic & CL_SCAN_HEURISTIC_STRUCTURED_SSN_NORMAL) ? 1 : 0; |
|
1444 |
- } |
|
1445 |
- if (cli_memstr(option_name_l, name_len, "structured ssn stripped", sizeof("structured ssn stripped"))) { |
|
1446 |
- return (cctx->options->heuristic & CL_SCAN_HEURISTIC_STRUCTURED_SSN_STRIPPED) ? 1 : 0; |
|
1402 |
+ result = (cctx->options->heuristic & CL_SCAN_HEURISTIC_BROKEN) ? 1 : 0; |
|
1403 |
+ } else if (cli_memstr(option_name_l, name_len, "exceeds max", sizeof("exceeds max"))) { |
|
1404 |
+ result = (cctx->options->heuristic & CL_SCAN_HEURISTIC_EXCEEDS_MAX) ? 1 : 0; |
|
1405 |
+ } else if (cli_memstr(option_name_l, name_len, "phishing ssl mismatch", sizeof("phishing ssl mismatch"))) { |
|
1406 |
+ result = (cctx->options->heuristic & CL_SCAN_HEURISTIC_PHISHING_SSL_MISMATCH) ? 1 : 0; |
|
1407 |
+ } else if (cli_memstr(option_name_l, name_len, "phishing cloak", sizeof("phishing cloak"))) { |
|
1408 |
+ result = (cctx->options->heuristic & CL_SCAN_HEURISTIC_PHISHING_CLOAK) ? 1 : 0; |
|
1409 |
+ } else if (cli_memstr(option_name_l, name_len, "macros", sizeof("macros"))) { |
|
1410 |
+ result = (cctx->options->heuristic & CL_SCAN_HEURISTIC_MACROS) ? 1 : 0; |
|
1411 |
+ } else if (cli_memstr(option_name_l, name_len, "encrypted archive", sizeof("encrypted archive"))) { |
|
1412 |
+ result = (cctx->options->heuristic & CL_SCAN_HEURISTIC_ENCRYPTED_ARCHIVE) ? 1 : 0; |
|
1413 |
+ } else if (cli_memstr(option_name_l, name_len, "encrypted doc", sizeof("encrypted doc"))) { |
|
1414 |
+ result = (cctx->options->heuristic & CL_SCAN_HEURISTIC_ENCRYPTED_DOC) ? 1 : 0; |
|
1415 |
+ } else if (cli_memstr(option_name_l, name_len, "partition intxn", sizeof("partition intxn"))) { |
|
1416 |
+ result = (cctx->options->heuristic & CL_SCAN_HEURISTIC_PARTITION_INTXN) ? 1 : 0; |
|
1417 |
+ } else if (cli_memstr(option_name_l, name_len, "structured", sizeof("structured"))) { |
|
1418 |
+ result = (cctx->options->heuristic & CL_SCAN_HEURISTIC_STRUCTURED) ? 1 : 0; |
|
1419 |
+ } else if (cli_memstr(option_name_l, name_len, "structured ssn normal", sizeof("structured ssn normal"))) { |
|
1420 |
+ result = (cctx->options->heuristic & CL_SCAN_HEURISTIC_STRUCTURED_SSN_NORMAL) ? 1 : 0; |
|
1421 |
+ } else if (cli_memstr(option_name_l, name_len, "structured ssn stripped", sizeof("structured ssn stripped"))) { |
|
1422 |
+ result = (cctx->options->heuristic & CL_SCAN_HEURISTIC_STRUCTURED_SSN_STRIPPED) ? 1 : 0; |
|
1447 | 1423 |
} |
1448 | 1424 |
/* else unknown option */ |
1449 |
- return 0; |
|
1450 | 1425 |
} else if (strncmp(option_name_l, "mail", MIN(name_len, sizeof("mail")))) { |
1451 | 1426 |
if (cli_memstr(option_name_l, name_len, "partial message", sizeof("partial message"))) { |
1452 |
- return (cctx->options->mail & CL_SCAN_MAIL_PARTIAL_MESSAGE) ? 1 : 0; |
|
1427 |
+ result = (cctx->options->mail & CL_SCAN_MAIL_PARTIAL_MESSAGE) ? 1 : 0; |
|
1453 | 1428 |
} |
1454 | 1429 |
/* else unknown option */ |
1455 |
- return 0; |
|
1456 | 1430 |
} else if (strncmp(option_name_l, "dev", MIN(name_len, sizeof("dev")))) { |
1457 | 1431 |
if (cli_memstr(option_name_l, name_len, "collect sha", sizeof("collect sha"))) { |
1458 |
- return (cctx->options->dev & CL_SCAN_DEV_COLLECT_SHA) ? 1 : 0; |
|
1432 |
+ result = (cctx->options->dev & CL_SCAN_DEV_COLLECT_SHA) ? 1 : 0; |
|
1433 |
+ } else if (cli_memstr(option_name_l, name_len, "collect performance info", sizeof("collect performance info"))) { |
|
1434 |
+ result = (cctx->options->dev & CL_SCAN_DEV_COLLECT_PERFORMANCE_INFO) ? 1 : 0; |
|
1459 | 1435 |
} |
1460 |
- if (cli_memstr(option_name_l, name_len, "collect performance info", sizeof("collect performance info"))) { |
|
1461 |
- return (cctx->options->dev & CL_SCAN_DEV_COLLECT_PERFORMANCE_INFO) ? 1 : 0; |
|
1462 |
- } |
|
1463 |
- /* else unknown option */ |
|
1464 |
- return 0; |
|
1465 |
- } else { |
|
1466 | 1436 |
/* else unknown option */ |
1467 |
- return 0; |
|
1468 | 1437 |
} |
1438 |
+ /* else unknown option */ |
|
1439 |
+ |
|
1440 |
+done: |
|
1441 |
+ if (NULL != option_name_l) |
|
1442 |
+ free(option_name_l); |
|
1443 |
+ |
|
1444 |
+ return result; |
|
1469 | 1445 |
} |
1470 | 1446 |
|
1471 | 1447 |
uint32_t cli_bcapi_engine_db_options(struct cli_bc_ctx *ctx) |
... | ... |
@@ -624,6 +624,7 @@ static inline int parsehwp3_docsummary(cli_ctx *ctx, off_t offset) |
624 | 624 |
b64 = cli_calloc(1, b64len); |
625 | 625 |
if (!b64) { |
626 | 626 |
cli_errmsg("HWP3.x: Failed to allocate memory for b64 boolean\n"); |
627 |
+ free(str); |
|
627 | 628 |
return CL_EMEM; |
628 | 629 |
} |
629 | 630 |
snprintf(b64, b64len, "%s_base64", hwp3_docsummary_fields[i].name); |
... | ... |
@@ -3104,8 +3104,10 @@ rfc2047(const char *in) |
3104 | 3104 |
/*cli_dbgmsg("Need to decode '%s' with method '%c'\n", enctext, encoding);*/ |
3105 | 3105 |
|
3106 | 3106 |
m = messageCreate(); |
3107 |
- if (m == NULL) |
|
3107 |
+ if (m == NULL) { |
|
3108 |
+ free(enctext); |
|
3108 | 3109 |
break; |
3110 |
+ } |
|
3109 | 3111 |
messageAddStr(m, enctext); |
3110 | 3112 |
free(enctext); |
3111 | 3113 |
switch (encoding) { |
... | ... |
@@ -575,7 +575,7 @@ void messageAddArguments(message *m, const char *s) |
575 | 575 |
|
576 | 576 |
if (!data) { |
577 | 577 |
cli_dbgmsg("Can't parse header \"%s\" - if you believe this file contains a missed virus, report it to bugs@clamav.net\n", s); |
578 |
- free((char *)key); |
|
578 |
+ free(kcopy); |
|
579 | 579 |
return; |
580 | 580 |
} |
581 | 581 |
|
... | ... |
@@ -489,6 +489,7 @@ void mpool_destroy(struct MP *mp) |
489 | 489 |
struct MPMAP *mpm_next = mp->u.mpm.next, *mpm; |
490 | 490 |
size_t mpmsize; |
491 | 491 |
|
492 |
+ spam("Destroying map @%p\n", mp); |
|
492 | 493 |
while ((mpm = mpm_next)) { |
493 | 494 |
mpmsize = mpm->size; |
494 | 495 |
mpm_next = mpm->next; |
... | ... |
@@ -510,7 +511,6 @@ void mpool_destroy(struct MP *mp) |
510 | 510 |
#else |
511 | 511 |
VirtualFree(mp, 0, MEM_RELEASE); |
512 | 512 |
#endif |
513 |
- spam("Map destroyed @%p\n", mp); |
|
514 | 513 |
} |
515 | 514 |
|
516 | 515 |
void mpool_flush(struct MP *mp) |
... | ... |
@@ -137,6 +137,7 @@ ole2_convert_utf(summary_ctx_t *sctx, char *begin, size_t sz, const char *encodi |
137 | 137 |
outbuf = (char *)cli_realloc(outbuf, sz2 + 1); |
138 | 138 |
if (!outbuf) { |
139 | 139 |
free(buf); |
140 |
+ iconv_close(cd); |
|
140 | 141 |
return NULL; |
141 | 142 |
} |
142 | 143 |
|
... | ... |
@@ -487,8 +488,11 @@ ole2_process_property(summary_ctx_t *sctx, unsigned char *databuf, uint32_t offs |
487 | 487 |
|
488 | 488 |
snprintf(b64jstr, PROPSTRLIMIT, "%s_base64", sctx->propname); |
489 | 489 |
ret = cli_jsonbool(sctx->summary, b64jstr, 1); |
490 |
- if (ret != CL_SUCCESS) |
|
490 |
+ if (ret != CL_SUCCESS) { |
|
491 |
+ free(outstr); |
|
492 |
+ free(outstr2); |
|
491 | 493 |
return ret; |
494 |
+ } |
|
492 | 495 |
} |
493 | 496 |
|
494 | 497 |
ret = cli_jsonstr(sctx->summary, sctx->propname, outstr2); |
... | ... |
@@ -369,6 +369,11 @@ int cli_writen(int fd, const void *buff, unsigned int count) |
369 | 369 |
unsigned int todo; |
370 | 370 |
const unsigned char *current; |
371 | 371 |
|
372 |
+ if (!buff) { |
|
373 |
+ cli_errmsg("cli_writen: invalid NULL buff argument\n"); |
|
374 |
+ return -1; |
|
375 |
+ } |
|
376 |
+ |
|
372 | 377 |
todo = count; |
373 | 378 |
current = (const unsigned char *)buff; |
374 | 379 |
|
... | ... |
@@ -3072,6 +3072,12 @@ cl_error_t pdf_find_and_extract_objs(struct pdf_struct *pdf, uint32_t *alerts) |
3072 | 3072 |
uint32_t badobjects = 0; |
3073 | 3073 |
cli_ctx *ctx = pdf->ctx; |
3074 | 3074 |
|
3075 |
+ if (NULL == pdf || NULL == alerts) { |
|
3076 |
+ cli_errmsg("pdf_find_and_extract_objs: Invalid arguments.\n"); |
|
3077 |
+ status = CL_EARG; |
|
3078 |
+ goto done; |
|
3079 |
+ } |
|
3080 |
+ |
|
3075 | 3081 |
/* parse PDF and find obj offsets */ |
3076 | 3082 |
while (CL_BREAK != (rv = pdf_findobj(pdf))) { |
3077 | 3083 |
if (rv == CL_EMEM) { |
... | ... |
@@ -3109,7 +3115,7 @@ cl_error_t pdf_find_and_extract_objs(struct pdf_struct *pdf, uint32_t *alerts) |
3109 | 3109 |
* a password to decrypt */ |
3110 | 3110 |
status = cli_append_virus(pdf->ctx, "Heuristics.Encrypted.PDF"); |
3111 | 3111 |
if (status == CL_VIRUS) { |
3112 |
- alerts++; |
|
3112 |
+ *alerts++; |
|
3113 | 3113 |
if (SCAN_ALLMATCHES) |
3114 | 3114 |
status = CL_CLEAN; |
3115 | 3115 |
} |
... | ... |
@@ -3119,7 +3125,7 @@ cl_error_t pdf_find_and_extract_objs(struct pdf_struct *pdf, uint32_t *alerts) |
3119 | 3119 |
status = run_pdf_hooks(pdf, PDF_PHASE_PARSED, -1, -1); |
3120 | 3120 |
cli_dbgmsg("pdf_find_and_extract_objs: (parsed hooks) returned %d\n", status); |
3121 | 3121 |
if (status == CL_VIRUS) { |
3122 |
- alerts++; |
|
3122 |
+ *alerts++; |
|
3123 | 3123 |
if (SCAN_ALLMATCHES) { |
3124 | 3124 |
status = CL_CLEAN; |
3125 | 3125 |
} |
... | ... |
@@ -3147,7 +3153,7 @@ cl_error_t pdf_find_and_extract_objs(struct pdf_struct *pdf, uint32_t *alerts) |
3147 | 3147 |
status = CL_CLEAN; |
3148 | 3148 |
break; |
3149 | 3149 |
case CL_VIRUS: |
3150 |
- alerts++; |
|
3150 |
+ *alerts++; |
|
3151 | 3151 |
if (SCAN_ALLMATCHES) { |
3152 | 3152 |
status = CL_CLEAN; |
3153 | 3153 |
} |
... | ... |
@@ -109,7 +109,7 @@ size_t pdf_decodestream( |
109 | 109 |
{ |
110 | 110 |
struct pdf_token *token = NULL; |
111 | 111 |
size_t bytes_scanned = 0; |
112 |
- cli_ctx *ctx = pdf->ctx; |
|
112 |
+ cli_ctx *ctx = NULL; |
|
113 | 113 |
|
114 | 114 |
if (!status) { |
115 | 115 |
/* invalid args, and no way to pass back the status code */ |
... | ... |
@@ -122,6 +122,8 @@ size_t pdf_decodestream( |
122 | 122 |
goto done; |
123 | 123 |
} |
124 | 124 |
|
125 |
+ ctx = pdf->ctx; |
|
126 |
+ |
|
125 | 127 |
if (!stream || !streamlen || fout < 0) { |
126 | 128 |
cli_dbgmsg("pdf_decodestream: no filters or stream on obj %u %u\n", obj->id >> 8, obj->id & 0xff); |
127 | 129 |
*status = CL_ENULLARG; |
... | ... |
@@ -149,7 +151,6 @@ size_t pdf_decodestream( |
149 | 149 |
|
150 | 150 |
token->content = cli_malloc(streamlen); |
151 | 151 |
if (!token->content) { |
152 |
- free(token); |
|
153 | 152 |
*status = CL_EMEM; |
154 | 153 |
goto done; |
155 | 154 |
} |
... | ... |
@@ -224,7 +225,7 @@ static size_t pdf_decodestream_internal( |
224 | 224 |
cl_error_t vir = CL_CLEAN; |
225 | 225 |
cl_error_t retval = CL_SUCCESS; |
226 | 226 |
size_t bytes_scanned = 0; |
227 |
- cli_ctx *ctx = pdf->ctx; |
|
227 |
+ cli_ctx *ctx = NULL; |
|
228 | 228 |
const char *filter = NULL; |
229 | 229 |
int i; |
230 | 230 |
|
... | ... |
@@ -239,6 +240,7 @@ static size_t pdf_decodestream_internal( |
239 | 239 |
goto done; |
240 | 240 |
} |
241 | 241 |
|
242 |
+ ctx = pdf->ctx; |
|
242 | 243 |
*status = CL_SUCCESS; |
243 | 244 |
|
244 | 245 |
/* |
... | ... |
@@ -350,7 +352,7 @@ static size_t pdf_decodestream_internal( |
350 | 350 |
} |
351 | 351 |
} |
352 | 352 |
|
353 |
- if (token->success > 0) { |
|
353 |
+ if ((token->success > 0) && (NULL != token->content)) { |
|
354 | 354 |
/* |
355 | 355 |
* Looks like we successfully decoded some or all of the stream filters, |
356 | 356 |
* so lets write it out to a file descriptor we scan. |
... | ... |
@@ -3552,6 +3552,7 @@ static int load_oneyara(YR_RULE *rule, int chkpua, struct cl_engine *engine, uns |
3552 | 3552 |
engine->test_root = (struct cli_matcher *)mpool_calloc(engine->mempool, 1, sizeof(struct cli_matcher)); |
3553 | 3553 |
if (!engine->test_root) { |
3554 | 3554 |
cli_errmsg("load_oneyara[verify]: cannot allocate memory for test cli_matcher\n"); |
3555 |
+ free(substr); |
|
3555 | 3556 |
return CL_EMEM; |
3556 | 3557 |
} |
3557 | 3558 |
#ifdef USE_MPOOL |
... | ... |
@@ -3559,6 +3560,7 @@ static int load_oneyara(YR_RULE *rule, int chkpua, struct cl_engine *engine, uns |
3559 | 3559 |
#endif |
3560 | 3560 |
if ((ret = cli_ac_init(engine->test_root, engine->ac_mindepth, engine->ac_maxdepth, engine->dconf->other & OTHER_CONF_PREFILTERING))) { |
3561 | 3561 |
cli_errmsg("load_oneyara: cannot initialize test ac root\n"); |
3562 |
+ free(substr); |
|
3562 | 3563 |
return ret; |
3563 | 3564 |
} |
3564 | 3565 |
} |
... | ... |
@@ -3569,6 +3571,7 @@ static int load_oneyara(YR_RULE *rule, int chkpua, struct cl_engine *engine, uns |
3569 | 3569 |
tsig = (struct cli_ac_lsig *)mpool_calloc(engine->mempool, 1, sizeof(struct cli_ac_lsig)); |
3570 | 3570 |
if (!tsig) { |
3571 | 3571 |
cli_errmsg("load_oneyara: cannot allocate memory for test lsig\n"); |
3572 |
+ free(substr); |
|
3572 | 3573 |
return CL_EMEM; |
3573 | 3574 |
} |
3574 | 3575 |
|
... | ... |
@@ -3583,6 +3586,7 @@ static int load_oneyara(YR_RULE *rule, int chkpua, struct cl_engine *engine, uns |
3583 | 3583 |
root->ac_lsigs--; |
3584 | 3584 |
cli_errmsg("load_oneyara: cannot allocate test root->ac_lsigtable\n"); |
3585 | 3585 |
mpool_free(engine->mempool, tsig); |
3586 |
+ free(substr); |
|
3586 | 3587 |
return CL_EMEM; |
3587 | 3588 |
} |
3588 | 3589 |
|
... | ... |
@@ -267,8 +267,10 @@ static struct node *parse_regex(const char *p, size_t *last) |
267 | 267 |
return NULL; |
268 | 268 |
/* (x) */ |
269 | 269 |
right = dup_node(v); |
270 |
- if (!right) |
|
270 |
+ if (!right) { |
|
271 |
+ free(tmp); |
|
271 | 272 |
return NULL; |
273 |
+ } |
|
272 | 274 |
/* (x)*(x) => (x)+ */ |
273 | 275 |
v = make_node(concat, tmp, right); |
274 | 276 |
if (!v) |
... | ... |
@@ -317,9 +317,6 @@ static cl_error_t cli_scanrar(const char *filepath, int desc, cli_ctx *ctx) |
317 | 317 |
if (0 == write(comment_fd, comment, comment_size)) { |
318 | 318 |
cli_dbgmsg("RAR: ERROR: Failed to write to output file\n"); |
319 | 319 |
} else { |
320 |
- close(comment_fd); |
|
321 |
- comment_fd = -1; |
|
322 |
- |
|
323 | 320 |
/* Scan the comment file */ |
324 | 321 |
status = cli_scanfile(comment_fullpath, ctx); |
325 | 322 |
|
... | ... |
@@ -336,6 +333,7 @@ static cl_error_t cli_scanrar(const char *filepath, int desc, cli_ctx *ctx) |
336 | 336 |
goto done; |
337 | 337 |
} |
338 | 338 |
} |
339 |
+ close(comment_fd); |
|
339 | 340 |
} |
340 | 341 |
} |
341 | 342 |
|
... | ... |
@@ -3803,11 +3801,8 @@ static cl_error_t scan_common(int desc, cl_fmap_t *map, const char *filepath, co |
3803 | 3803 |
if (pc_map) { |
3804 | 3804 |
cli_bytecode_context_setctx(bc_ctx, &ctx); |
3805 | 3805 |
rc = cli_bytecode_runhook(&ctx, ctx.engine, bc_ctx, BC_PRECLASS, pc_map); |
3806 |
- cli_bytecode_context_destroy(bc_ctx); |
|
3807 |
- |
|
3808 |
- if (!map) |
|
3809 |
- funmap(pc_map); |
|
3810 | 3806 |
} |
3807 |
+ cli_bytecode_context_destroy(bc_ctx); |
|
3811 | 3808 |
} |
3812 | 3809 |
|
3813 | 3810 |
/* backwards compatibility: scan the json string unless a virus was detected */ |
... | ... |
@@ -319,7 +319,8 @@ static int xar_scan_subdocuments(xmlTextReaderPtr reader, cli_ctx *ctx) |
319 | 319 |
cli_dbgmsg("cli_scanxar: cli_writen error writing subdoc temporary file.\n"); |
320 | 320 |
rc = CL_EWRITE; |
321 | 321 |
} |
322 |
- rc = xar_cleanup_temp_file(ctx, fd, tmpname); |
|
322 |
+ rc = xar_cleanup_temp_file(ctx, fd, tmpname); |
|
323 |
+ tmpname = NULL; |
|
323 | 324 |
} |
324 | 325 |
} |
325 | 326 |
|
... | ... |
@@ -428,7 +429,7 @@ int cli_scanxar(cli_ctx *ctx) |
428 | 428 |
size_t length, offset, size, at; |
429 | 429 |
int encoding; |
430 | 430 |
z_stream strm; |
431 |
- char *toc, *tmpname; |
|
431 |
+ char *toc, *tmpname = NULL; |
|
432 | 432 |
xmlTextReaderPtr reader = NULL; |
433 | 433 |
int a_hash, e_hash; |
434 | 434 |
unsigned char *a_cksum = NULL, *e_cksum = NULL; |
... | ... |
@@ -529,7 +530,8 @@ int cli_scanxar(cli_ctx *ctx) |
529 | 529 |
xar_cleanup_temp_file(ctx, fd, tmpname); |
530 | 530 |
goto exit_toc; |
531 | 531 |
} |
532 |
- rc = xar_cleanup_temp_file(ctx, fd, tmpname); |
|
532 |
+ rc = xar_cleanup_temp_file(ctx, fd, tmpname); |
|
533 |
+ tmpname = NULL; |
|
533 | 534 |
if (rc != CL_SUCCESS) |
534 | 535 |
goto exit_toc; |
535 | 536 |
} |
... | ... |
@@ -559,7 +561,8 @@ int cli_scanxar(cli_ctx *ctx) |
559 | 559 |
|
560 | 560 |
/* clean up temp file from previous loop iteration */ |
561 | 561 |
if (fd > -1 && tmpname) { |
562 |
- rc = xar_cleanup_temp_file(ctx, fd, tmpname); |
|
562 |
+ rc = xar_cleanup_temp_file(ctx, fd, tmpname); |
|
563 |
+ tmpname = NULL; |
|
563 | 564 |
if (rc != CL_SUCCESS) |
564 | 565 |
goto exit_reader; |
565 | 566 |
} |
... | ... |
@@ -305,12 +305,13 @@ cl_unrar_error_t unrar_peek_file_header(void* hArchive, unrar_metadata_t* file_m |
305 | 305 |
|
306 | 306 |
wchar_t RedirName[1024]; |
307 | 307 |
|
308 |
+ memset(&headerData, 0, sizeof(struct RARHeaderDataEx)); |
|
309 |
+ |
|
308 | 310 |
if (NULL == hArchive || NULL == file_metadata) { |
309 | 311 |
unrar_dbgmsg("unrar_peek_file_header: Invalid arguments.\n"); |
310 | 312 |
goto done; |
311 | 313 |
} |
312 | 314 |
|
313 |
- memset(&headerData, 0, sizeof(struct RARHeaderDataEx)); |
|
314 | 315 |
memset(file_metadata, 0, sizeof(unrar_metadata_t)); |
315 | 316 |
|
316 | 317 |
/* |