Browse code
fix Petite v2.1 support
git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@751 77e5149b-7576-45b1-b177-96237e5ba77b
Tomasz Kojm authored on 2004/08/14 21:29:08Showing 2 changed files
| ... | ... |
@@ -172,7 +172,7 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
| 172 | 172 |
struct pe_image_section_hdr *section_hdr; |
| 173 | 173 |
struct stat sb; |
| 174 | 174 |
char sname[9], buff[256], *tempfile; |
| 175 |
- int i, found, upx_success = 0, min = 0, max = 0; |
|
| 175 |
+ int i, found, upx_success = 0, min = 0, max = 0, ret; |
|
| 176 | 176 |
int (*upxfn)(char *, int , char *, int) = NULL; |
| 177 | 177 |
char *src, *dest; |
| 178 | 178 |
int ssize, dsize, ndesc; |
| ... | ... |
@@ -885,15 +885,11 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
| 885 | 885 |
free(tempfile); |
| 886 | 886 |
} |
| 887 | 887 |
|
| 888 |
- if(cl_scanbuff(dest, dsize, virname, root) == CL_VIRUS) {
|
|
| 889 |
- free(section_hdr); |
|
| 890 |
- free(src); |
|
| 891 |
- free(dest); |
|
| 892 |
- return CL_VIRUS; |
|
| 893 |
- } |
|
| 894 |
- |
|
| 888 |
+ ret = cl_scanbuff(dest, dsize, virname, root); |
|
| 889 |
+ free(section_hdr); |
|
| 895 | 890 |
free(src); |
| 896 | 891 |
free(dest); |
| 892 |
+ return ret; |
|
| 897 | 893 |
} |
| 898 | 894 |
} |
| 899 | 895 |
|
| ... | ... |
@@ -936,8 +932,15 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
| 936 | 936 |
} |
| 937 | 937 |
|
| 938 | 938 |
for(i = 0 ; i < nsections; i++) {
|
| 939 |
- lseek(desc, cli_rawaddr(EC32(section_hdr[i].VirtualAddress), section_hdr, nsections), SEEK_SET); |
|
| 940 |
- read(desc, dest + EC32(section_hdr[i].VirtualAddress) - min, EC32(section_hdr[i].SizeOfRawData)); |
|
| 939 |
+ if(section_hdr[i].SizeOfRawData) {
|
|
| 940 |
+ uint32_t offset = cli_rawaddr(EC32(section_hdr[i].VirtualAddress), section_hdr, nsections); |
|
| 941 |
+ |
|
| 942 |
+ if(offset == -1 || lseek(desc, offset, SEEK_SET) == -1 || read(desc, dest + EC32(section_hdr[i].VirtualAddress) - min, EC32(section_hdr[i].SizeOfRawData)) != EC32(section_hdr[i].SizeOfRawData)) {
|
|
| 943 |
+ free(section_hdr); |
|
| 944 |
+ free(dest); |
|
| 945 |
+ return CL_EIO; |
|
| 946 |
+ } |
|
| 947 |
+ } |
|
| 941 | 948 |
} |
| 942 | 949 |
|
| 943 | 950 |
tempfile = cli_gentemp(NULL); |
| ... | ... |
@@ -949,8 +952,9 @@ int cli_scanpe(int desc, const char **virname, long int *scanned, const struct c |
| 949 | 949 |
return CL_EIO; |
| 950 | 950 |
} |
| 951 | 951 |
|
| 952 |
+ /* aCaB: Fixed to allow petite v2.1 unpacking (last section is a ghost) */ |
|
| 952 | 953 |
switch(petite_inflate2x_1to9(dest, min, max - min, section_hdr, |
| 953 |
- nsections, EC32(optional_hdr.ImageBase), |
|
| 954 |
+ nsections - (found == 1 ? 1 : 0), EC32(optional_hdr.ImageBase), |
|
| 954 | 955 |
EC32(optional_hdr.AddressOfEntryPoint), ndesc, |
| 955 | 956 |
found, EC32(optional_hdr.DataDirectory[2].VirtualAddress), |
| 956 | 957 |
EC32(optional_hdr.DataDirectory[2].Size))) {
|