@@ -496,6 +496,19 @@ int asn1_get_x509(fmap_t *map, void **asn1data, unsigned int *size, cli_crt *x50

     if(asn1_expect_objtype(map, tbs.next, &crt.size, &obj, 0x03)) /* signature */

 	return 1;

+    if(obj.size > 513) {

+	cli_dbgmsg("asn1_get_x509: signature too long\n");

+	return 1;

+    }

+    if(!fmap_need_ptr_once(map, obj.content, obj.size)) {

+	cli_dbgmsg("asn1_get_x509: cannot read signature\n");

+	return 1;

+    }

+    if(mp_read_signed_bin(&x509->sig, obj.content, obj.size)) {

+	cli_dbgmsg("asn1_get_x509: cannot convert signature to big number\n");

+	return 1;

+    }

+

     if(crt.size) {

 	cli_dbgmsg("asn1_get_x509: found unexpected extra data in signature\n");

 	return 1;

@@ -512,7 +525,7 @@ int asn1_get_x509(fmap_t *map, void **asn1data, unsigned int *size, cli_crt *x50

-int asn1_parse_mscat(FILE *f) {

+int asn1_parse_mscat(FILE *f, crtmgr *cmgr) {

     struct cli_asn1 asn1, deep, deeper;

     unsigned int size, dsize;

     fmap_t *map;

@@ -682,6 +695,7 @@ int asn1_parse_mscat(FILE *f) {

 		dsize = 1;

 		break;

 	    }

+	    crtmgr_add(cmgr, &x509);

 	    cli_crt_clear(&x509);

 	}

 	if(dsize)

@@ -23,6 +23,6 @@ int ms_asn1_get_sha1(fmap_t *map, void *asn1data, unsigned int avail, unsigned i

 int asn1_get_time(fmap_t *map, void **asn1data, unsigned int *size, time_t *time);

 int asn1_get_rsa_pubkey(fmap_t *map, void **asn1data, unsigned int *size, cli_crt *x509);

 int asn1_get_x509(fmap_t *map, void **asn1data, unsigned int *size, cli_crt *x509);

-int asn1_parse_mscat(FILE *f);

+int asn1_parse_mscat(FILE *f, crtmgr *c);

 #endif

@@ -1,9 +1,15 @@

+#if HAVE_CONFIG_H

+#include "clamav-config.h"

+#endif

+

 #include "crtmgr.h"

+#include "others.h"

 int cli_crt_init(cli_crt *x509) {

     if(mp_init_multi(&x509->n, &x509->e, &x509->sig, NULL))

 	return 1;

     x509->not_before = x509->not_after = 0;

+    x509->prev = x509->next = NULL;

     return 0;

 }

@@ -11,6 +17,43 @@ void cli_crt_clear(cli_crt *x509) {

     mp_clear_multi(&x509->n, &x509->e, &x509->sig, NULL);

 }

+int crtmgr_add(crtmgr *m, cli_crt *x509) {

+    cli_crt *i = m->crts;

+    while(i) {

+	if(x509->not_before == i->not_before && x509->not_after == i->not_after && !memcmp(x509->subject, i->subject, sizeof(i->subject))) {

+	    if(mp_cmp(&x509->n, &i->n) || mp_cmp(&x509->e, &i->e))

+		cli_dbgmsg("crtmgr_add: conflicting pk for the same cert\n");

+	    return 0;

+	}

+	i = i->next;

+    }

+    i = cli_malloc(sizeof(*i));

+    if(!i)

+	return 1;

+

+    if(mp_init_multi(&i->n, &i->e, &i->sig, NULL)) {

+	free(i);

+	return 1;

+    }

+    if(mp_copy(&x509->n, &i->n) || mp_copy(&x509->e, &i->e) || mp_copy(&x509->sig, &i->sig)) {

+	cli_crt_clear(i);

+	free(i);

+	return 1;

+    }

+    memcpy(i->subject, x509->subject, sizeof(i->subject));

+    memcpy(i->issuer, x509->issuer, sizeof(i->issuer));

+    i->not_before = x509->not_before;

+    i->not_after = x509->not_after;

+    i->hashtype = x509->hashtype;

+    i->next = m->crts;

+    i->prev = NULL;

+    if(m->crts)

+	m->crts->prev = i;

+    m->crts = i;

+    cli_dbgmsg("crtmgr_add: added cert\n");

+    return 0;

+}

+

 /* typedef struct { */

 /*     cli_crt *certs; */

 /*     unsigned int ncerts; */

@@ -9,7 +9,7 @@

 typedef enum { CLI_SHA1RSA, CLI_MD5RSA } cli_crt_hashtype;

-typedef struct {

+typedef struct cli_crt_t {

     uint8_t subject[SHA1_HASH_SIZE];

     uint8_t issuer[SHA1_HASH_SIZE];

     mp_int n;

@@ -18,9 +18,18 @@ typedef struct {

     time_t not_before;

     time_t not_after;

     cli_crt_hashtype hashtype;

+    struct cli_crt_t *prev;

+    struct cli_crt_t *next;

 } cli_crt;

+typedef struct {

+    cli_crt *crts;

+} crtmgr;

+

+

 int cli_crt_init(cli_crt *x509);

 void cli_crt_clear(cli_crt *x509);

+int crtmgr_add(crtmgr *m, cli_crt *x509);

+

 #endif

@@ -351,6 +351,8 @@ struct cl_engine *cl_engine_new(void)

 	return NULL;

     }

+    new->cmgr.crts = NULL;

+

     cli_dbgmsg("Initialized %s engine\n", cl_retver());

     return new;

 }

@@ -44,6 +44,7 @@

 #include "bytecode.h"

 #include "bytecode_api.h"

 #include "events.h"

+#include "crtmgr.h"

 /*

  * CL_FLEVEL is the signature f-level specific to the current code and

@@ -251,6 +252,9 @@ struct cl_engine {

     /* Used for memory pools */

     mpool_t *mempool;

+    /* crtmgr stuff */

+    crtmgr cmgr;

+

     /* Callback(s) */

     clcb_pre_cache cb_pre_cache;

     clcb_pre_scan cb_pre_scan;

@@ -2353,7 +2353,7 @@ static int cli_loadcdb(FILE *fs, struct cl_engine *engine, unsigned int *signo,

 }

 static int cli_loadmscat(FILE *fs, struct cl_engine *engine, unsigned int options, struct cli_dbio *dbio) {

-    asn1_parse_mscat(fs);

+    asn1_parse_mscat(fs, &engine->cmgr);

     return 0;

 }