Browse code
ole2_extract: backport fixes from 0.93.1rc1
| ... | ... |
@@ -1,3 +1,7 @@ |
| 1 |
+Tue May 27 21:43:04 CEST 2008 (acab) |
|
| 2 |
+------------------------------------ |
|
| 3 |
+ * libclamav/ole2_extract.c: allow (partial) scan of broken ole files |
|
| 4 |
+ |
|
| 1 | 5 |
Tue May 27 17:39:06 CEST 2008 |
| 2 | 6 |
----------------------------- |
| 3 | 7 |
* improve handling of PDF, CAB, RTF, OLE2 and HTML files (sync with |
| ... | ... |
@@ -191,7 +191,7 @@ static char *get_property_name(char *name, int size) {
|
| 191 | 191 |
char *newname, *cname; |
| 192 | 192 |
char *oname = name; |
| 193 | 193 |
|
| 194 |
- if (csize<=0) return NULL; |
|
| 194 |
+ if (csize<=0) return NULL; |
|
| 195 | 195 |
|
| 196 | 196 |
newname = cname = (char *)cli_malloc(size); |
| 197 | 197 |
if (!newname) return NULL; |
| ... | ... |
@@ -803,54 +803,22 @@ static int handler_otf(int fd, ole2_header_t *hdr, property_t *prop, const char |
| 803 | 803 |
while((current_block >= 0) && (len > 0)) {
|
| 804 | 804 |
if (current_block > (int32_t) hdr->max_block_no) {
|
| 805 | 805 |
cli_dbgmsg("OLE2: Max block number for file size exceeded: %d\n", current_block);
|
| 806 |
- close(ofd); |
|
| 807 |
- free(buff); |
|
| 808 |
- cli_bitset_free(blk_bitset); |
|
| 809 |
- if (cli_unlink(tempfile)) {
|
|
| 810 |
- free(tempfile); |
|
| 811 |
- return CL_EIO; |
|
| 812 |
- } |
|
| 813 |
- free(tempfile); |
|
| 814 |
- return CL_SUCCESS; |
|
| 806 |
+ break; |
|
| 815 | 807 |
} |
| 816 | 808 |
/* Check we aren't in a loop */ |
| 817 | 809 |
if (cli_bitset_test(blk_bitset, (unsigned long) current_block)) {
|
| 818 | 810 |
/* Loop in block list */ |
| 819 | 811 |
cli_dbgmsg("OLE2: Block list loop detected\n");
|
| 820 |
- close(ofd); |
|
| 821 |
- free(buff); |
|
| 822 |
- cli_bitset_free(blk_bitset); |
|
| 823 |
- if (cli_unlink(tempfile)) {
|
|
| 824 |
- free(tempfile); |
|
| 825 |
- return CL_EIO; |
|
| 826 |
- } |
|
| 827 |
- free(tempfile); |
|
| 828 |
- return CL_BREAK; |
|
| 812 |
+ break; |
|
| 829 | 813 |
} |
| 830 | 814 |
if (!cli_bitset_set(blk_bitset, (unsigned long) current_block)) {
|
| 831 |
- close(ofd); |
|
| 832 |
- free(buff); |
|
| 833 |
- cli_bitset_free(blk_bitset); |
|
| 834 |
- if (cli_unlink(tempfile)) {
|
|
| 835 |
- free(tempfile); |
|
| 836 |
- return CL_EIO; |
|
| 837 |
- } |
|
| 838 |
- free(tempfile); |
|
| 839 |
- return CL_BREAK; |
|
| 815 |
+ break; |
|
| 840 | 816 |
} |
| 841 | 817 |
if (prop->size < (int64_t)hdr->sbat_cutoff) {
|
| 842 | 818 |
/* Small block file */ |
| 843 | 819 |
if (!ole2_get_sbat_data_block(fd, hdr, buff, current_block)) {
|
| 844 | 820 |
cli_dbgmsg("ole2_get_sbat_data_block failed\n");
|
| 845 |
- close(ofd); |
|
| 846 |
- free(buff); |
|
| 847 |
- cli_bitset_free(blk_bitset); |
|
| 848 |
- if (cli_unlink(tempfile)) {
|
|
| 849 |
- free(tempfile); |
|
| 850 |
- return CL_EIO; |
|
| 851 |
- } |
|
| 852 |
- free(tempfile); |
|
| 853 |
- return CL_SUCCESS; |
|
| 821 |
+ break; |
|
| 854 | 822 |
} |
| 855 | 823 |
/* buff now contains the block with 8 small blocks in it */ |
| 856 | 824 |
offset = 64 * (current_block % 8); |
| ... | ... |
@@ -871,15 +839,7 @@ static int handler_otf(int fd, ole2_header_t *hdr, property_t *prop, const char |
| 871 | 871 |
} else {
|
| 872 | 872 |
/* Big block file */ |
| 873 | 873 |
if (!ole2_read_block(fd, hdr, buff, current_block)) {
|
| 874 |
- close(ofd); |
|
| 875 |
- free(buff); |
|
| 876 |
- cli_bitset_free(blk_bitset); |
|
| 877 |
- if (cli_unlink(tempfile)) {
|
|
| 878 |
- free(tempfile); |
|
| 879 |
- return CL_EIO; |
|
| 880 |
- } |
|
| 881 |
- free(tempfile); |
|
| 882 |
- return CL_SUCCESS; |
|
| 874 |
+ break; |
|
| 883 | 875 |
} |
| 884 | 876 |
if (cli_writen(ofd, buff, MIN(len,(1 << hdr->log2_big_block_size))) != |
| 885 | 877 |
MIN(len,(1 << hdr->log2_big_block_size))) {
|
| ... | ... |
@@ -891,7 +851,7 @@ static int handler_otf(int fd, ole2_header_t *hdr, property_t *prop, const char |
| 891 | 891 |
return CL_EIO; |
| 892 | 892 |
} |
| 893 | 893 |
free(tempfile); |
| 894 |
- return CL_BREAK; |
|
| 894 |
+ return CL_EIO; |
|
| 895 | 895 |
} |
| 896 | 896 |
|
| 897 | 897 |
current_block = ole2_get_next_block_number(fd, hdr, current_block); |
| ... | ... |
@@ -1048,8 +1008,9 @@ int cli_ole2_extract(int fd, const char *dirname, cli_ctx *ctx, struct uniq **vb |
| 1048 | 1048 |
hdr.sbat_root_start = -1; |
| 1049 | 1049 |
|
| 1050 | 1050 |
hdr.bitset = cli_bitset_init(); |
| 1051 |
- if (!hdr.bitset) { /* FIXME: mmap leaks here */
|
|
| 1052 |
- return CL_EOLE2; |
|
| 1051 |
+ if (!hdr.bitset) {
|
|
| 1052 |
+ ret=CL_EOLE2; |
|
| 1053 |
+ goto abort; |
|
| 1053 | 1054 |
} |
| 1054 | 1055 |
|
| 1055 | 1056 |
if (memcmp(hdr.magic, magic_id, 8) != 0) {
|
| ... | ... |
@@ -1077,13 +1038,6 @@ int cli_ole2_extract(int fd, const char *dirname, cli_ctx *ctx, struct uniq **vb |
| 1077 | 1077 |
print_ole2_header(&hdr); |
| 1078 | 1078 |
cli_dbgmsg("Max block number: %lu\n", (unsigned long int) hdr.max_block_no);
|
| 1079 | 1079 |
|
| 1080 |
- /* NOTE: Select only ONE of the following two methods */ |
|
| 1081 |
- |
|
| 1082 |
- /* ole2_read_property_tree(fd, &hdr, dirname, handler_writefile); */ |
|
| 1083 |
- |
|
| 1084 |
- /* OR */ |
|
| 1085 |
- |
|
| 1086 |
- |
|
| 1087 | 1080 |
/* PASS 1 : Count files and check for VBA */ |
| 1088 | 1081 |
// __asm__ __volatile__("int3");
|
| 1089 | 1082 |
hdr.has_vba = 0; |
| ... | ... |
@@ -1107,7 +1061,7 @@ int cli_ole2_extract(int fd, const char *dirname, cli_ctx *ctx, struct uniq **vb |
| 1107 | 1107 |
ret = CL_CLEAN; |
| 1108 | 1108 |
*vba = hdr.U; |
| 1109 | 1109 |
} else {
|
| 1110 |
- cli_dbgmsg("OLE2: no VBA projects found %d\n", ret);
|
|
| 1110 |
+ cli_dbgmsg("OLE2: no VBA projects found\n");
|
|
| 1111 | 1111 |
/* PASS 2/B : OTF scan */ |
| 1112 | 1112 |
file_count = 0; |
| 1113 | 1113 |
ret = ole2_walk_property_tree(fd, &hdr, NULL, 0, handler_otf, 0, &file_count, ctx, &scansize2); |