git-svn: trunk@1916
Tomasz Kojm authored on 2006/04/21 20:46:54... | ... |
@@ -1,3 +1,8 @@ |
1 |
+Fri Apr 21 13:44:44 CEST 2006 (tk) |
|
2 |
+---------------------------------- |
|
3 |
+ * libclamav/matcher.c: add support for *.hdb and *.fp databases in hwaccel |
|
4 |
+ mode |
|
5 |
+ |
|
1 | 6 |
Wed Apr 19 12:31:44 BST 2006 (njh) |
2 | 7 |
---------------------------------- |
3 | 8 |
* libclamav/mbox.c: Mark the use of --mail-follow-urls without CURL as |
... | ... |
@@ -39,8 +39,6 @@ |
39 | 39 |
#include "execs.h" |
40 | 40 |
#include "special.h" |
41 | 41 |
|
42 |
-#define MD5_BLOCKSIZE 4096 |
|
43 |
- |
|
44 | 42 |
static int targettab[CL_TARGET_TABLE_SIZE] = { 0, CL_TYPE_MSEXE, CL_TYPE_MSOLE2, CL_TYPE_HTML, CL_TYPE_MAIL, CL_TYPE_GRAPHICS, CL_TYPE_ELF }; |
45 | 43 |
|
46 | 44 |
extern short cli_debug_flag; |
... | ... |
@@ -270,7 +268,7 @@ static long int cli_caloff(const char *offstr, int fd, unsigned short ftype) |
270 | 270 |
return -1; |
271 | 271 |
} |
272 | 272 |
|
273 |
-int cli_checkfp(int fd, const struct cl_engine *engine) |
|
273 |
+static int cli_checkfp(int fd, const struct cl_engine *engine) |
|
274 | 274 |
{ |
275 | 275 |
struct cli_md5_node *md5_node; |
276 | 276 |
unsigned char *digest; |
... | ... |
@@ -361,6 +359,9 @@ int cli_scandesc(int desc, cli_ctx *ctx, unsigned short otfrec, unsigned short f |
361 | 361 |
return CL_EMEM; |
362 | 362 |
} |
363 | 363 |
|
364 |
+ if(ctx->engine->md5_hlist) |
|
365 |
+ MD5_Init(&md5ctx); |
|
366 |
+ |
|
364 | 367 |
while((bytes = cli_readn(desc, buffer, HWBUFFSIZE)) > 0) { |
365 | 368 |
if((hret = sn_sigscan_writestream(streamhandle, buffer, bytes)) < 0) { |
366 | 369 |
cli_errmsg("cli_scandesc: can't write to hardware stream: %d\n", hret); |
... | ... |
@@ -369,6 +370,9 @@ int cli_scandesc(int desc, cli_ctx *ctx, unsigned short otfrec, unsigned short f |
369 | 369 |
} else { |
370 | 370 |
if(ctx->scanned) |
371 | 371 |
*ctx->scanned += bytes / CL_COUNT_PRECISION; |
372 |
+ |
|
373 |
+ if(ctx->engine->md5_hlist) |
|
374 |
+ MD5_Update(&md5ctx, buffer, bytes); |
|
372 | 375 |
} |
373 | 376 |
} |
374 | 377 |
|
... | ... |
@@ -398,6 +402,30 @@ int cli_scandesc(int desc, cli_ctx *ctx, unsigned short otfrec, unsigned short f |
398 | 398 |
return CL_EHWIO; |
399 | 399 |
} |
400 | 400 |
|
401 |
+ if(ctx->engine->md5_hlist) { |
|
402 |
+ MD5_Final(digest, &md5ctx); |
|
403 |
+ |
|
404 |
+ if((md5_node = cli_vermd5(digest, ctx->engine))) { |
|
405 |
+ struct stat sb; |
|
406 |
+ |
|
407 |
+ if(fstat(desc, &sb)) |
|
408 |
+ return CL_EIO; |
|
409 |
+ |
|
410 |
+ if((unsigned int) sb.st_size != md5_node->size) { |
|
411 |
+ cli_warnmsg("Detected false positive MD5 match. Please report.\n"); |
|
412 |
+ } else { |
|
413 |
+ if(md5_node->fp) { |
|
414 |
+ cli_dbgmsg("Eliminated false positive match (fp sig: %s)\n", md5_node->virname); |
|
415 |
+ ret = CL_CLEAN; |
|
416 |
+ } else { |
|
417 |
+ if(ctx->virname) |
|
418 |
+ *ctx->virname = md5_node->virname; |
|
419 |
+ ret = CL_VIRUS; |
|
420 |
+ } |
|
421 |
+ } |
|
422 |
+ } |
|
423 |
+ } |
|
424 |
+ |
|
401 | 425 |
return ret; |
402 | 426 |
} |
403 | 427 |
#endif /* HAVE_HWACCEL */ |
... | ... |
@@ -553,18 +581,6 @@ int cli_scandesc(int desc, cli_ctx *ctx, unsigned short otfrec, unsigned short f |
553 | 553 |
if(ctx->engine->md5_hlist) { |
554 | 554 |
MD5_Final(digest, &md5ctx); |
555 | 555 |
|
556 |
- if(cli_debug_flag) { |
|
557 |
- char md5str[33]; |
|
558 |
- int i; |
|
559 |
- |
|
560 |
- pt = md5str; |
|
561 |
- for(i = 0; i < 16; i++) { |
|
562 |
- sprintf(pt, "%02x", digest[i]); |
|
563 |
- pt += 2; |
|
564 |
- } |
|
565 |
- md5str[32] = 0; |
|
566 |
- } |
|
567 |
- |
|
568 | 556 |
if((md5_node = cli_vermd5(digest, ctx->engine)) && !md5_node->fp) { |
569 | 557 |
struct stat sb; |
570 | 558 |
|
... | ... |
@@ -32,6 +32,4 @@ int cli_scanbuff(const char *buffer, unsigned int length, const char **virname, |
32 | 32 |
|
33 | 33 |
int cli_validatesig(unsigned short target, unsigned short ftype, const char *offstr, unsigned long int fileoff, int desc, const char *virname); |
34 | 34 |
|
35 |
-int cli_checkfp(int fd, const struct cl_engine *engine); |
|
36 |
- |
|
37 | 35 |
#endif |