git-svn: trunk@3481
aCaB authored on 2008/01/05 11:43:07... | ... |
@@ -122,7 +122,7 @@ static int lookup_tree(uint32_t *tree, unsigned int size, uint16_t code, uint8_t |
122 | 122 |
return -1; |
123 | 123 |
} |
124 | 124 |
|
125 |
-int explode_init(struct xplstate *X, uint8_t flags) { |
|
125 |
+int explode_init(struct xplstate *X, uint16_t flags) { |
|
126 | 126 |
X->bits = X->cur = 0; |
127 | 127 |
if(flags&2) { |
128 | 128 |
X->largewin = 1; |
... | ... |
@@ -311,4 +311,4 @@ int explode(struct xplstate *X) { |
311 | 311 |
return EXPLODE_EBUFF; |
312 | 312 |
} |
313 | 313 |
|
314 |
-void explode_shutdown() {}; |
|
314 |
+void explode_shutdown() {} |
... | ... |
@@ -45,7 +45,6 @@ |
45 | 45 |
#include "fsg.h" |
46 | 46 |
|
47 | 47 |
int unfsg_200(char *source, char *dest, int ssize, int dsize, uint32_t rva, uint32_t base, uint32_t ep, int file) { |
48 |
- char *tsrc; |
|
49 | 48 |
struct cli_exe_section section; /* Yup, just one ;) */ |
50 | 49 |
|
51 | 50 |
if ( cli_unfsg(source, dest, ssize, dsize, NULL, NULL) ) return -1; |
... | ... |
@@ -386,7 +386,7 @@ int mew_lzma(char *orgsource, char *buf, uint32_t size_sum, uint32_t vma, uint32 |
386 | 386 |
var28 = cli_readint32 (source); |
387 | 387 |
source += 4; |
388 | 388 |
temp = cli_readint32 (source) - vma; |
389 |
- var18 = orgsource + temp; |
|
389 |
+ var18 = (uint8_t *)(orgsource + temp); |
|
390 | 390 |
if (special) pushed_esi = orgsource + temp; |
391 | 391 |
source += 4; |
392 | 392 |
temp = cli_readint32 (source); |
... | ... |
@@ -562,7 +562,7 @@ int mew_lzma(char *orgsource, char *buf, uint32_t size_sum, uint32_t vma, uint32 |
562 | 562 |
break; |
563 | 563 |
} else { |
564 | 564 |
var0C += 2; |
565 |
- new_ecx = var18; |
|
565 |
+ new_ecx = (char *)var18; |
|
566 | 566 |
new_edx = new_eax = var08; |
567 | 567 |
new_eax -= loc_edi; |
568 | 568 |
if ( ((var0C < var28 - new_edx) && |
... | ... |
@@ -693,9 +693,9 @@ uint32_t lzma_upack_esi_00(struct lzmastate *p, char *old_ecx, char *bb, uint32_ |
693 | 693 |
if (!CLI_ISCONTAINED(bb, bl, old_ecx, 4) || !CLI_ISCONTAINED(bb, bl, p->p0, 4)) |
694 | 694 |
{ |
695 | 695 |
if (!CLI_ISCONTAINED(bb, bl, old_ecx, 4)) |
696 |
- cli_dbgmsg("contain error! %08x %08x ecx: %08x [%08x]\n", bb, bl, old_ecx,bb+bl); |
|
696 |
+ cli_dbgmsg("contain error! %p %08x ecx: %p [%p]\n", bb, bl, old_ecx,bb+bl); |
|
697 | 697 |
else |
698 |
- cli_dbgmsg("contain error! %08x %08x p0: %08x [%08x]\n", bb, bl, p->p0,bb+bl); |
|
698 |
+ cli_dbgmsg("contain error! %p %08x p0: %p [%p]\n", bb, bl, p->p0,bb+bl); |
|
699 | 699 |
return 0xffffffff; |
700 | 700 |
} |
701 | 701 |
ret = cli_readint32(old_ecx); |
... | ... |
@@ -730,7 +730,7 @@ uint32_t lzma_upack_esi_00(struct lzmastate *p, char *old_ecx, char *bb, uint32_ |
730 | 730 |
*/ |
731 | 731 |
uint32_t lzma_upack_esi_50(struct lzmastate *p, uint32_t old_eax, uint32_t old_ecx, char **old_edx, char *old_ebp, uint32_t *retval, char *bs, uint32_t bl) |
732 | 732 |
{ |
733 |
- uint32_t loc_eax = old_eax, original = old_eax, ret; |
|
733 |
+ uint32_t loc_eax = old_eax, ret; |
|
734 | 734 |
|
735 | 735 |
do { |
736 | 736 |
*old_edx = old_ebp + (loc_eax<<2); |
... | ... |
@@ -740,7 +740,6 @@ uint32_t lzma_upack_esi_50(struct lzmastate *p, uint32_t old_eax, uint32_t old_e |
740 | 740 |
loc_eax += ret; |
741 | 741 |
} while (loc_eax < old_ecx); |
742 | 742 |
|
743 |
-/* cli_dbgmsg("loc_eax: %08x - ecx: %08x = %08x || original: %08x\n", loc_eax, old_ecx, loc_eax - old_ecx, original); */ |
|
744 | 743 |
*retval = loc_eax - old_ecx; |
745 | 744 |
return 0; |
746 | 745 |
} |
... | ... |
@@ -772,10 +771,10 @@ uint32_t lzma_upack_esi_54(struct lzmastate *p, uint32_t old_eax, uint32_t *old_ |
772 | 772 |
} |
773 | 773 |
|
774 | 774 |
|
775 |
-int unmew11(int sectnum, char *src, int off, int ssize, int dsize, uint32_t base, uint32_t vadd, int uselzma, char **endsrc, char **enddst, int filedesc) |
|
775 |
+int unmew11(char *src, int off, int ssize, int dsize, uint32_t base, uint32_t vadd, int uselzma, int filedesc) |
|
776 | 776 |
{ |
777 | 777 |
uint32_t entry_point, newedi, loc_ds=dsize, loc_ss=ssize; |
778 |
- char *source = src + dsize + off; /*EC32(section_hdr[sectnum].VirtualSize) + off;*/ |
|
778 |
+ char *source = src + dsize + off; |
|
779 | 779 |
char *lesi = source + 12, *ledi; |
780 | 780 |
char *f1, *f2; |
781 | 781 |
int i; |
... | ... |
@@ -790,7 +789,7 @@ int unmew11(int sectnum, char *src, int off, int ssize, int dsize, uint32_t base |
790 | 790 |
ssize -= 12; |
791 | 791 |
while (1) |
792 | 792 |
{ |
793 |
- cli_dbgmsg("MEW unpacking section %d (%08x->%08x)\n", i, lesi, ledi); |
|
793 |
+ cli_dbgmsg("MEW unpacking section %d (%p->%p)\n", i, lesi, ledi); |
|
794 | 794 |
if (!CLI_ISCONTAINED(src, size_sum, lesi, 4) || !CLI_ISCONTAINED(src, size_sum, ledi, 4)) |
795 | 795 |
{ |
796 | 796 |
cli_dbgmsg("Possibly programmer error or hand-crafted PE file, report to clamav team\n"); |
... | ... |
@@ -36,6 +36,6 @@ int mew_lzma(char *, char *, uint32_t, uint32_t, uint32_t); |
36 | 36 |
uint32_t lzma_upack_esi_00(struct lzmastate *, char *, char *, uint32_t); |
37 | 37 |
uint32_t lzma_upack_esi_50(struct lzmastate *, uint32_t, uint32_t, char **, char *, uint32_t *, char *, uint32_t); |
38 | 38 |
uint32_t lzma_upack_esi_54(struct lzmastate *, uint32_t, uint32_t *, char **, uint32_t *, char *, uint32_t); |
39 |
-int unmew11(int, char *, int, int, int, uint32_t, uint32_t, int, char **, char **, int); |
|
39 |
+int unmew11(char *, int, int, int, uint32_t, uint32_t, int, int); |
|
40 | 40 |
|
41 | 41 |
#endif |
... | ... |
@@ -278,7 +278,7 @@ int unmew(char *source, char *dest, int ssize, int dsize, char **endsrc, char ** |
278 | 278 |
} |
279 | 279 |
if (!CLI_ISCONTAINED(dest, dsize, cdst, myecx_backsize) || !CLI_ISCONTAINED(dest, dsize, cdst-myeax_backbytes, myecx_backsize)) |
280 | 280 |
{ |
281 |
- cli_dbgmsg("MEW: rete: %d %d %d %d %d || %d %d %d %d %d\n", dest, dsize, cdst, myecx_backsize, |
|
281 |
+ cli_dbgmsg("MEW: rete: %p %d %p %d %d || %p %d %p %d %d\n", dest, dsize, cdst, myecx_backsize, |
|
282 | 282 |
CLI_ISCONTAINED(dest, dsize, cdst, myecx_backsize), |
283 | 283 |
dest, dsize, cdst-myeax_backbytes, myecx_backsize, |
284 | 284 |
CLI_ISCONTAINED(dest, dsize, cdst-myeax_backbytes, myecx_backsize) ); |
... | ... |
@@ -293,7 +293,7 @@ int unmew(char *source, char *dest, int ssize, int dsize, char **endsrc, char ** |
293 | 293 |
/* 15d */ |
294 | 294 |
if (cdst < dest || cdst >= dest+dsize || csrc < source || csrc >= source+ssize) |
295 | 295 |
{ |
296 |
- cli_dbgmsg("MEW: retf %08x %08x+%08x=%08x, %08x %08x+%08x=%08x\n", |
|
296 |
+ cli_dbgmsg("MEW: retf %p %p+%08x=%p, %p %p+%08x=%p\n", |
|
297 | 297 |
cdst, dest, dsize, dest+dsize, csrc, source, ssize, source+ssize); |
298 | 298 |
return -1; |
299 | 299 |
} |
... | ... |
@@ -83,7 +83,7 @@ |
83 | 83 |
|
84 | 84 |
#define CLI_UNPSIZELIMITS(NAME,CHK) \ |
85 | 85 |
if(ctx->limits && ctx->limits->maxfilesize && (CHK) > ctx->limits->maxfilesize) { \ |
86 |
- cli_dbgmsg(NAME": Sizes exceeded (%lu > %lu)\n", (CHK), ctx->limits->maxfilesize); \ |
|
86 |
+ cli_dbgmsg(NAME": Sizes exceeded (%lu > %lu)\n", (unsigned long)(CHK), (unsigned long)ctx->limits->maxfilesize); \ |
|
87 | 87 |
free(exe_sections); \ |
88 | 88 |
if(BLOCKMAX) { \ |
89 | 89 |
*ctx->virname = "PE."NAME".ExceededFileSize"; \ |
... | ... |
@@ -783,7 +783,7 @@ int cli_scanpe(int desc, cli_ctx *ctx) |
783 | 783 |
|
784 | 784 |
if (exe_sections[i].rsz) { /* Don't bother with virtual only sections */ |
785 | 785 |
if (exe_sections[i].raw >= fsize) { /* really broken */ |
786 |
- cli_dbgmsg("Broken PE file - Section %d starts beyond the end of file (Offset@ %d, Total filesize %d)\n", i, exe_sections[i].raw, fsize); |
|
786 |
+ cli_dbgmsg("Broken PE file - Section %d starts beyond the end of file (Offset@ %lu, Total filesize %lu)\n", i, (unsigned long)exe_sections[i].raw, (unsigned long)fsize); |
|
787 | 787 |
free(section_hdr); |
788 | 788 |
free(exe_sections); |
789 | 789 |
if(DETECT_BROKEN) { |
... | ... |
@@ -1103,7 +1103,7 @@ int cli_scanpe(int desc, cli_ctx *ctx) |
1103 | 1103 |
} |
1104 | 1104 |
|
1105 | 1105 |
if((bytes = read(desc, buff, 0xb0)) != 0xb0) { |
1106 |
- cli_dbgmsg("MEW: Can't read 0xb0 bytes at 0x%x (%d) %d\n", fileoffset, fileoffset, bytes); |
|
1106 |
+ cli_dbgmsg("MEW: Can't read 0xb0 bytes at 0x%x (%d) %lu\n", fileoffset, fileoffset, (unsigned long)bytes); |
|
1107 | 1107 |
break; |
1108 | 1108 |
} |
1109 | 1109 |
|
... | ... |
@@ -1141,12 +1141,12 @@ int cli_scanpe(int desc, cli_ctx *ctx) |
1141 | 1141 |
} |
1142 | 1142 |
|
1143 | 1143 |
if((bytes = read(desc, src + dsize, exe_sections[i + 1].rsz)) != exe_sections[i + 1].rsz) { |
1144 |
- cli_dbgmsg("MEW: Can't read %d bytes [read: %d]\n", exe_sections[i + 1].rsz, bytes); |
|
1144 |
+ cli_dbgmsg("MEW: Can't read %d bytes [read: %lu]\n", exe_sections[i + 1].rsz, (unsigned long)bytes); |
|
1145 | 1145 |
free(exe_sections); |
1146 | 1146 |
free(src); |
1147 | 1147 |
return CL_EIO; |
1148 | 1148 |
} |
1149 |
- cli_dbgmsg("MEW: %d (%08x) bytes read\n", bytes, bytes); |
|
1149 |
+ cli_dbgmsg("MEW: %u (%08x) bytes read\n", (unsigned int)bytes, (unsigned int)bytes); |
|
1150 | 1150 |
|
1151 | 1151 |
/* count offset to lzma proc, if lzma used, 0xe8 -> call */ |
1152 | 1152 |
if (buff[0x7b] == '\xe8') { |
... | ... |
@@ -1161,7 +1161,7 @@ int cli_scanpe(int desc, cli_ctx *ctx) |
1161 | 1161 |
} |
1162 | 1162 |
|
1163 | 1163 |
CLI_UNPTEMP("MEW",(src,exe_sections,0)); |
1164 |
- CLI_UNPRESULTS("MEW",(unmew11(i, src, offdiff, ssize, dsize, EC32(optional_hdr32.ImageBase), exe_sections[0].rva, uselzma, NULL, NULL, ndesc)),1,(src,0)); |
|
1164 |
+ CLI_UNPRESULTS("MEW",(unmew11(src, offdiff, ssize, dsize, EC32(optional_hdr32.ImageBase), exe_sections[0].rva, uselzma, ndesc)),1,(src,0)); |
|
1165 | 1165 |
break; |
1166 | 1166 |
} |
1167 | 1167 |
} |
... | ... |
@@ -1821,7 +1821,7 @@ int cli_scanpe(int desc, cli_ctx *ctx) |
1821 | 1821 |
|
1822 | 1822 |
lseek(desc, 0, SEEK_SET); |
1823 | 1823 |
if((size_t) cli_readn(desc, spinned, fsize) != fsize) { |
1824 |
- cli_dbgmsg("PESpin: Can't read %d bytes\n", fsize); |
|
1824 |
+ cli_dbgmsg("PESpin: Can't read %lu bytes\n", (unsigned long)fsize); |
|
1825 | 1825 |
free(spinned); |
1826 | 1826 |
free(exe_sections); |
1827 | 1827 |
return CL_EIO; |
... | ... |
@@ -1847,7 +1847,7 @@ int cli_scanpe(int desc, cli_ctx *ctx) |
1847 | 1847 |
|
1848 | 1848 |
lseek(desc, 0, SEEK_SET); |
1849 | 1849 |
if((size_t) cli_readn(desc, spinned, fsize) != fsize) { |
1850 |
- cli_dbgmsg("yC: Can't read %d bytes\n", fsize); |
|
1850 |
+ cli_dbgmsg("yC: Can't read %lu bytes\n", (unsigned long)fsize); |
|
1851 | 1851 |
free(spinned); |
1852 | 1852 |
free(exe_sections); |
1853 | 1853 |
return CL_EIO; |
... | ... |
@@ -1900,7 +1900,7 @@ int cli_scanpe(int desc, cli_ctx *ctx) |
1900 | 1900 |
free(src); |
1901 | 1901 |
break; |
1902 | 1902 |
} |
1903 |
- if((packer = (char *) cli_calloc(exe_sections[nsections - 1].rsz, sizeof(char))) == NULL) { |
|
1903 |
+ if((packer = (uint8_t *) cli_calloc(exe_sections[nsections - 1].rsz, sizeof(char))) == NULL) { |
|
1904 | 1904 |
free(src); |
1905 | 1905 |
free(exe_sections); |
1906 | 1906 |
return CL_EMEM; |
... | ... |
@@ -1914,7 +1914,7 @@ int cli_scanpe(int desc, cli_ctx *ctx) |
1914 | 1914 |
} |
1915 | 1915 |
|
1916 | 1916 |
CLI_UNPTEMP("WWPack",(src,packer,exe_sections,0)); |
1917 |
- CLI_UNPRESULTS("WWPack",(wwunpack(src, ssize, packer, exe_sections, nsections-1, e_lfanew, ndesc)),0,(src,packer,0)); |
|
1917 |
+ CLI_UNPRESULTS("WWPack",(wwunpack((uint8_t *)src, ssize, packer, exe_sections, nsections-1, e_lfanew, ndesc)),0,(src,packer,0)); |
|
1918 | 1918 |
break; |
1919 | 1919 |
} |
1920 | 1920 |
|
... | ... |
@@ -353,7 +353,7 @@ uint32_t very_real_unpack(uint16_t *table, uint32_t tablesz, uint32_t tre, uint3 |
353 | 353 |
if (!CLI_ISCONTAINED(dst, dsize, &dst[unpacked_so_far], backsize) || |
354 | 354 |
!CLI_ISCONTAINED(dst, dsize, &dst[unpacked_so_far - backbytes], backsize) |
355 | 355 |
) { |
356 |
- cli_dbgmsg("%x %x %x %x\n", dst, dsize, &dst[unpacked_so_far], backsize); |
|
356 |
+ cli_dbgmsg("%p %x %p %x\n", dst, dsize, &dst[unpacked_so_far], backsize); |
|
357 | 357 |
return 1; |
358 | 358 |
} |
359 | 359 |
|
... | ... |
@@ -232,8 +232,8 @@ static int unz(uint8_t *src, uint32_t csize, uint32_t usize, uint16_t method, ui |
232 | 232 |
|
233 | 233 |
case ALG_IMPLODE: { |
234 | 234 |
struct xplstate strm; |
235 |
- strm.next_in = (char *)src; |
|
236 |
- strm.next_out = obuf; |
|
235 |
+ strm.next_in = src; |
|
236 |
+ strm.next_out = (uint8_t *)obuf; |
|
237 | 237 |
strm.avail_in = csize; |
238 | 238 |
strm.avail_out = sizeof(obuf); |
239 | 239 |
if (explode_init(&strm, flags)!=EXPLODE_OK) { |
... | ... |
@@ -258,7 +258,7 @@ static int unz(uint8_t *src, uint32_t csize, uint32_t usize, uint16_t method, ui |
258 | 258 |
ret = CL_EIO; |
259 | 259 |
res=1; |
260 | 260 |
} |
261 |
- strm.next_out = obuf; |
|
261 |
+ strm.next_out = (uint8_t *)obuf; |
|
262 | 262 |
strm.avail_out = sizeof(obuf); |
263 | 263 |
continue; |
264 | 264 |
} |
... | ... |
@@ -282,7 +282,7 @@ int unupack(int upack, char *dest, uint32_t dsize, char *buff, uint32_t vma, uin |
282 | 282 |
if (!CLI_ISCONTAINED(dest, dsize, loc_esi, 12)) |
283 | 283 |
return -1; |
284 | 284 |
|
285 |
- cli_dbgmsg("Upack: %08x %08x %08x %08x\n", loc_esi, dest, cli_readint32(loc_esi), base); |
|
285 |
+ cli_dbgmsg("Upack: %p %p %08x %08x\n", loc_esi, dest, cli_readint32(loc_esi), base); |
|
286 | 286 |
loc_ebx_u = loc_esi - (dest + cli_readint32(loc_esi) - base); |
287 | 287 |
cli_dbgmsg("Upack: EBX: %08x\n", loc_ebx_u); |
288 | 288 |
loc_esi += 4; |
... | ... |
@@ -401,7 +401,7 @@ int unupack(int upack, char *dest, uint32_t dsize, char *buff, uint32_t vma, uin |
401 | 401 |
while(save3) { |
402 | 402 |
if (!CLI_ISCONTAINED(dest, dsize, pushed_esi + loc_ecx, 1)) |
403 | 403 |
{ |
404 |
- cli_dbgmsg("Upack: callfixerr %08x %08x = %08x, %08x\n", dest, dsize, dest+dsize, pushed_esi+loc_ecx); |
|
404 |
+ cli_dbgmsg("Upack: callfixerr %p %08x = %p, %p\n", dest, dsize, dest+dsize, pushed_esi+loc_ecx); |
|
405 | 405 |
return -1; |
406 | 406 |
} |
407 | 407 |
if (pushed_esi[loc_ecx] == '\xe8' || pushed_esi[loc_ecx] == '\xe9') |
... | ... |
@@ -445,7 +445,7 @@ int unupack399(char *bs, uint32_t bl, uint32_t init_eax, char *init_ebx, uint32_ |
445 | 445 |
p.p1 = cli_readint32(init_ebx); |
446 | 446 |
p.p2 = cli_readint32(init_ebx + 4); |
447 | 447 |
|
448 |
- cli_dbgmsg("\n\tp0: %08x\n\tp1: %08x\n\tp2: %08x\n", p.p0, p.p1, p.p2); |
|
448 |
+ cli_dbgmsg("\n\tp0: %p\n\tp1: %08x\n\tp2: %08x\n", p.p0, p.p1, p.p2); |
|
449 | 449 |
for (i = 0; i<6; i++) |
450 | 450 |
state[i] = cli_readint32(loc_ebx + (i<<2)), |
451 | 451 |
cli_dbgmsg("state[%d] = %08x\n", i, state[i]); |
... | ... |
@@ -219,7 +219,7 @@ int wwunpack(uint8_t *exe, uint32_t exesz, uint8_t *wwsect, struct cli_exe_secti |
219 | 219 |
cli_writeint32(&exe[pe+0x28], cli_readint32(wwsect+0x295)+sects[scount].rva+0x299); |
220 | 220 |
cli_writeint32(&exe[pe+0x50], cli_readint32(&exe[pe+0x50])-sects[scount].vsz); |
221 | 221 |
|
222 |
- structs = &exe[0xffff&cli_readint32(&exe[pe+0x14])+pe+0x18]; |
|
222 |
+ structs = &exe[(0xffff&cli_readint32(&exe[pe+0x14]))+pe+0x18]; |
|
223 | 223 |
for(i=0 ; i<scount ; i++) { |
224 | 224 |
cli_writeint32(structs+8, sects[i].vsz); |
225 | 225 |
cli_writeint32(structs+12, sects[i].rva); |