@@ -1,3 +1,7 @@

+Mon Feb 11 21:04:30 CET 2008 (acab)

+-----------------------------------

+  * libclamav: more limit updates, more to come

+

 Mon Feb 11 19:15:16 CET 2008 (tk)

 ---------------------------------

   * libclamav: mail: scan text attachments and decoded base64 bodies also with

@@ -65,11 +65,12 @@ static	char	const	rcsid[] = "$Id: blob.c,v 1.64 2007/02/12 22:25:14 njh Exp $";

 #include <windows.h>

 #endif

-#define	MAX_SCAN_SIZE	20*1024	/*

-				 * The performance benefit of scanning

-				 * early disappears on medium and

-				 * large sized files

-				 */

+/* Scehduled for rewite in 0.94 (bb#804). Disabling for now */

+/* #define	MAX_SCAN_SIZE	20*1024	/\* */

+/* 				 * The performance benefit of scanning */

+/* 				 * early disappears on medium and */

+/* 				 * large sized files */

+/* 				 *\/ */

 static	const	char	*blobGetFilename(const blob *b);

@@ -618,9 +619,8 @@ fileblobAddData(fileblob *fb, const unsigned char *data, size_t len)

 		if(ctx) {

 			int do_scan = 1;

-			if(ctx->limits && ctx->limits->maxfilesize) /* FIXMELIMITS */

-				if(fb->bytes_scanned >= ctx->limits->maxfilesize)

-					do_scan = 0;

+			if(cli_checklimits("fileblobAddData", ctx, fb->bytes_scanned, 0, 0)!=CL_CLEAN)

+			        do_scan = 0;

 			if(fb->bytes_scanned > MAX_SCAN_SIZE)

 				do_scan = 0;

@@ -49,7 +49,7 @@

 #endif

 /* hard limits */

-#define CAB_FOLDER_LIMIT    5000 /* FIXMELIMITS */

+#define CAB_FOLDER_LIMIT    5000

 #define CAB_FILE_LIMIT	    5000

 /* Cabinet format data structures */

@@ -116,8 +116,4 @@ int cli_chm_open(int fd, const char *dirname, chm_metadata_t *metadata);

 int cli_chm_prepare_file(int fd, char *dirname, chm_metadata_t *metadata);

 int cli_chm_extract_file(int fd, char *dirname, chm_metadata_t *metadata);

 void cli_chm_close(chm_metadata_t *metadata);

-int cli_chm_open(int fd, const char *dirname, chm_metadata_t *metadata);

-void cli_chm_close(chm_metadata_t *metadata);

-int cli_chm_extract_file(int fd, char *dirname, chm_metadata_t *metadata);

-int cli_chm_prepare_file(int fd, char *dirname, chm_metadata_t *metadata);

 #endif

@@ -53,12 +53,14 @@ int cli_scanbuff(const unsigned char *buffer, uint32_t length, const char **virn

 	struct cli_ac_data mdata;

 	struct cli_matcher *groot, *troot = NULL;

-

     if(!engine) {

 	cli_errmsg("cli_scanbuff: engine == NULL\n");

 	return CL_ENULLARG;

     }

+    if(cli_updatelimits(ctx, length)!=CL_CLEAN)

+        return CL_CLEAN;

+

     groot = engine->root[0]; /* generic signatures */

     if(ftype) {

@@ -2010,9 +2010,9 @@ parseEmailBody(message *messageIn, text *textIn, mbox_ctx *mctx, unsigned int re

 	cli_dbgmsg("in parseEmailBody, %u files saved so far\n",

 		mctx->files);

-	if(limits) { /* FIXMELIMITS */

+	if(limits) { /* FIXMELIMITS: this should be better integrated */

 		if(limits->maxreclevel) {

-			const cli_ctx *ctx = mctx->ctx;	/* needed for BLOCKMAX :-( */

+			const cli_ctx *ctx = mctx->ctx;

 			/*

 			 * This is approximate

@@ -189,7 +189,6 @@ cli_pdf(const char *dir, int desc, const cli_ctx *ctx)

 	bytesleft -= xreflength;

 	 */

-	rc = CL_CLEAN;

 	files = 0;

 	/*

@@ -430,13 +429,20 @@ cli_pdf(const char *dir, int desc, const cli_ctx *ctx)

 #endif

 		if(is_ascii85decode) {

-			unsigned char *tmpbuf = cli_malloc(calculated_streamlen * 5);

-			int ret;

+			unsigned char *tmpbuf; = cli_malloc(calculated_streamlen * 5);

+			int ret = cli_checklimits("cli_pdf", ctx, calculated_streamlen * 5, calculated_streamlen, 0);

+

+			if(ret != CL_CLEAN) {

+				close(fout);

+				unlink(fullname);

+				continue;

+			}

+

+			tmpbuf = cli_malloc(calculated_streamlen * 5);

 			if(tmpbuf == NULL) {

 				close(fout);

 				unlink(fullname);

-				rc = CL_EMEM;

 				continue;

 			}

@@ -446,7 +452,6 @@ cli_pdf(const char *dir, int desc, const cli_ctx *ctx)

 				free(tmpbuf);

 				close(fout);

 				unlink(fullname);

-				rc = CL_CLEAN;

 				continue;

 			}

 			if(ret) {

@@ -459,7 +464,6 @@ cli_pdf(const char *dir, int desc, const cli_ctx *ctx)

 					free(tmpbuf);

 					close(fout);

 					unlink(fullname);

-					rc = CL_EMEM;

 					continue;

 				}

 				tmpbuf = t;

@@ -467,16 +471,17 @@ cli_pdf(const char *dir, int desc, const cli_ctx *ctx)

 				 * Note that it will probably be both

 				 * ascii85encoded and flateencoded

 				 */

+

 				if(is_flatedecode)

 					rc = try_flatedecode((unsigned char *)tmpbuf, real_streamlen, real_streamlen, fout, ctx);

 				else

 					cli_writen(fout, (const char *)streamstart, real_streamlen);

 			}

 			free(tmpbuf);

-		} else if(is_flatedecode)

+		} else if(is_flatedecode) {

 			rc = try_flatedecode((unsigned char *)streamstart, real_streamlen, calculated_streamlen, fout, ctx);

-		else {

+		} else {

 			cli_dbgmsg("cli_pdf: writing %lu bytes from the stream\n",

 				(unsigned long)real_streamlen);

 			cli_writen(fout, (const char *)streamstart, real_streamlen);

@@ -508,9 +513,9 @@ cli_pdf(const char *dir, int desc, const cli_ctx *ctx)

 static int

 try_flatedecode(unsigned char *buf, off_t real_len, off_t calculated_len, int fout, const cli_ctx *ctx)

 {

-	int ret = flatedecode(buf, real_len, fout, ctx);

+	int ret = cli_checklimits("cli_pdf", ctx, real_len, 0, 0);

-	if(ret == CL_SUCCESS)

+	if (ret==CL_CLEAN && flatedecode(buf, real_len, fout, ctx) == CL_SUCCESS)

 		return CL_SUCCESS;

 	if(real_len == calculated_len) {

@@ -521,6 +526,9 @@ try_flatedecode(unsigned char *buf, off_t real_len, off_t calculated_len, int fo

 		return CL_CLEAN;

 	}

+	if(cli_checklimits("cli_pdf", ctx, calculated_len, 0, 0)!=CL_CLEAN)

+		return CL_CLEAN;

+

 	ret = flatedecode(buf, calculated_len, fout, ctx);

 	if(ret == CL_SUCCESS)

 		return CL_SUCCESS;

@@ -605,7 +613,6 @@ flatedecode(unsigned char *buf, off_t len, int fout, const cli_ctx *ctx)

 					nbytes += written;

 					if((ret=cli_checklimits("cli_pdf", ctx, nbytes, 0, 0))!=CL_CLEAN) {

-						/* FIXMELIMITS */

 						inflateEnd(&stream);

 						return ret;

 					}

@@ -230,7 +230,7 @@ static int cli_unrar_scanmetadata(int desc, unrar_metadata_t *metadata, cli_ctx

 	if(mdata->fileno && mdata->fileno != files)

 	    continue;

-	if(mdata->maxdepth && ctx->recursion > mdata->maxdepth) /* FIXMELIMITS */

+	if(mdata->maxdepth && ctx->recursion > mdata->maxdepth)

 	    continue;

 	/* TODO add support for regex */

@@ -401,7 +401,6 @@ static int cli_scanarj(int desc, cli_ctx *ctx, off_t sfx_offset, uint32_t *sfx_c

 	   break;

 	}

 	if ((ret = cli_checklimits("ARJ", ctx, metadata.orig_size, metadata.comp_size, 0))!=CL_CLEAN) {

-	  /* FIXMELIMITS: is this correct, shall I free something? */

 	    ret = CL_SUCCESS;

 	    continue;

 	}

@@ -372,7 +372,7 @@ int unspin(char *src, int ssize, struct cli_exe_section *sections, int sectcnt,

   bitmap = cli_readint32(ep+0x3061);

   bitman = bitmap;

-  /* FIXMELIMITS */

+  /* FIXMELIMITS: possibly rewrite to use the limits api */

   if(ctx->limits && ctx->limits->maxfilesize) {

     unsigned long int filesize = 0;