1. clamav-devel
  2. Commit 6537bb7581374680a75a905d3067cb6aa2ac85ff
Browse code

Tue Jan 27 14:04:51 GMT 2004 (trog) ----------------------------------- * libclamav: OLE2 unpacker - add big-endian support

git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@214 77e5149b-7576-45b1-b177-96237e5ba77b

Trog authored on 2004/01/27 23:09:14
Showing 2 changed files
ChangeLog
History View file @ 6537bb7
... ... 
@@ -1,3 +1,7 @@
1 
+Tue Jan 27 14:04:51 GMT 2004 (trog)
2 
+-----------------------------------
3 
+  * libclamav:  OLE2 unpacker - add big-endian support
4 
+
1 5 
 Mon Jan 26 22:09:19 CET 2004 (tk)
2 6 
 ---------------------------------
3 7 
   * libclamav: Makefile: do not remove clamav.h with make distclean (problem
libclamav/ole2_extract.c
History View file @ 6537bb7
... ... 
@@ -37,6 +37,27 @@
37 37
38 38 
 #define MIN(a, b)  (((a) < (b)) ? (a) : (b))
39 39
40 
+#ifdef WORDS_LITTLEENDIAN
41 
+#define ole2_endian_convert_16(v)	(v)
42 
+#warning Little Endian
43 
+#else
44 
+static uint16_t ole2_endian_convert_16(uint16_t v)
45 
+{
46 
+	return ((v >> 8) + (v << 8));
47 
+}
48 
+#warning Big Endian
49 
+#endif
50 
+
51 
+#ifdef WORDS_LITTLEENDIAN
52 
+#define ole2_endian_convert_32(v)    (v)
53 
+#else
54 
+static uint32_t ole2_endian_convert_32(uint32_t v)
55 
+{
56 
+        return ((v >> 24) | ((v & 0x00FF0000) >> 8) |
57 
+                ((v & 0x0000FF00) << 8) | (v << 24));
58 
+}
59 
+#endif
60 
+
40 61 
 typedef struct ole2_header_tag
41 62 
 {
42 63 
 	unsigned char magic[8];			/* should be: 0xd0cf11e0a1b11ae1 */
... ... 
@@ -290,8 +311,8 @@ int ole2_get_next_bat_block(int fd, ole2_header_t *hdr, int current_block)
290 290 
 		cli_dbgmsg("bat_array index error\n");
291 291 
 		return -10;
292 292 
 	}
293 
-	ole2_read_block(fd, hdr, &bat, hdr->bat_array[bat_array_index]);
294 
-	return bat[current_block-(bat_array_index * 128)];
293 
+	ole2_read_block(fd, hdr, &bat, ole2_endian_convert_32(hdr->bat_array[bat_array_index]));
294 
+	return ole2_endian_convert_32(bat[current_block-(bat_array_index * 128)]);
295 295 
 }
296 296
297 297 
 int ole2_get_next_sbat_block(int fd, ole2_header_t *hdr, int current_block)
... ... 
@@ -306,7 +327,7 @@ int ole2_get_next_sbat_block(int fd, ole2_header_t *hdr, int current_block)
306 306 
 		iter--;
307 307 
 	}
308 308 
 	ole2_read_block(fd, hdr, &sbat, current_bat_block);
309 
-	return sbat[current_block % 128];
309 
+	return ole2_endian_convert_32(sbat[current_block % 128]);
310 310 
 }
311 311
312 312 
 int ole2_get_next_xbat_block(int fd, ole2_header_t *hdr, int current_block)
... ... 
@@ -328,13 +349,13 @@ int ole2_get_next_xbat_block(int fd, ole2_header_t *hdr, int current_block)
328 328
329 329 
 	/* Follow the chain of XBAT blocks */
330 330 
 	while (xbat_block_index > 0) {
331 
-		ole2_read_block(fd, hdr, &xbat, xbat[127]);
331 
+		ole2_read_block(fd, hdr, &xbat, ole2_endian_convert_32(xbat[127]));
332 332 
 		xbat_block_index--;
333 333 
 	}
334 334
335 335 
 	ole2_read_block(fd, hdr, &bat, xbat[bat_blockno]);
336 336
337 
-	return bat[bat_index];
337 
+	return ole2_endian_convert_32(bat[bat_index]);
338 338 
 }
339 339
340 340 
 int ole2_get_next_block_number(int fd, ole2_header_t *hdr, int current_block)
... ... 
@@ -384,6 +405,17 @@ void ole2_read_property_tree(int fd, ole2_header_t *hdr, const char *dir,
384 384 
 		ole2_read_block(fd, hdr, prop_block, current_block);
385 385 
 		for (index=0 ; index < 4 ; index++) {
386 386 
 			if (prop_block[index].type > 0) {
387 
+				prop_block[index].name_size = ole2_endian_convert_16(prop_block[index].name_size);
388 
+				prop_block[index].prev = ole2_endian_convert_32(prop_block[index].prev);
389 
+				prop_block[index].next = ole2_endian_convert_32(prop_block[index].next);
390 
+				prop_block[index].child = ole2_endian_convert_32(prop_block[index].child);
391 
+				prop_block[index].user_flags = ole2_endian_convert_16(prop_block[index].user_flags);
392 
+				prop_block[index].create_lowdate = ole2_endian_convert_32(prop_block[index].create_lowdate);
393 
+				prop_block[index].create_highdate = ole2_endian_convert_32(prop_block[index].create_highdate);
394 
+				prop_block[index].mod_lowdate = ole2_endian_convert_32(prop_block[index].mod_lowdate);
395 
+				prop_block[index].mod_highdate = ole2_endian_convert_32(prop_block[index].mod_highdate);
396 
+				prop_block[index].start_block = ole2_endian_convert_32(prop_block[index].start_block);
397 
+				prop_block[index].size = ole2_endian_convert_32(prop_block[index].size);
387 398 
 				if (prop_block[index].type == 5) {
388 399 
 					hdr->sbat_root_start = prop_block[index].start_block;
389 400 
 				}
... ... 
@@ -487,6 +519,19 @@ int cli_ole2_extract(int fd, const char *dirname)
487 487 
 	/* size of header - size of other values in struct */
488 488 
 	readn(fd, &hdr, sizeof(struct ole2_header_tag) - sizeof(int));
489 489
490 
+	hdr.minor_version = ole2_endian_convert_16(hdr.minor_version);
491 
+	hdr.dll_version = ole2_endian_convert_16(hdr.dll_version);
492 
+	hdr.byte_order = ole2_endian_convert_16(hdr.byte_order);
493 
+	hdr.log2_big_block_size = ole2_endian_convert_16(hdr.log2_big_block_size);
494 
+	hdr.log2_small_block_size = ole2_endian_convert_32(hdr.log2_small_block_size);
495 
+	hdr.bat_count = ole2_endian_convert_32(hdr.bat_count);
496 
+	hdr.prop_start = ole2_endian_convert_32(hdr.prop_start);
497 
+	hdr.sbat_cutoff = ole2_endian_convert_32(hdr.sbat_cutoff);
498 
+	hdr.sbat_start = ole2_endian_convert_32(hdr.sbat_start);
499 
+	hdr.sbat_block_count = ole2_endian_convert_32(hdr.sbat_block_count);
500 
+	hdr.xbat_start = ole2_endian_convert_32(hdr.xbat_start);
501 
+	hdr.xbat_count = ole2_endian_convert_32(hdr.xbat_count);
502 
+
490 503 
 	hdr.sbat_root_start = -1;
491 504
492 505 
 	if (strncmp(hdr.magic, magic_id, 8) != 0) {