Browse code
enable decoding of Word6 macro code
git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@544 77e5149b-7576-45b1-b177-96237e5ba77b
Tomasz Kojm authored on 2004/05/07 05:16:54Showing 2 changed files
| ... | ... |
@@ -1,3 +1,7 @@ |
| 1 |
+Thu May 6 22:14:39 CEST 2004 (tk) |
|
| 2 |
+---------------------------------- |
|
| 3 |
+ * libclamav: scanners: enable decoding of Word6 macro code (Trog) |
|
| 4 |
+ |
|
| 1 | 5 |
Thu May 6 16:22:32 BST 2004 (trog) |
| 2 | 6 |
----------------------------------- |
| 3 | 7 |
* libclamav/vba_extract.c: Fix fd leak in Word6 macro code. |
| ... | ... |
@@ -796,8 +796,43 @@ static int cli_vba_scandir(const char *dirname, const char **virname, long int * |
| 796 | 796 |
free(vba_project->dir); |
| 797 | 797 |
free(vba_project->offset); |
| 798 | 798 |
free(vba_project); |
| 799 |
+ } else if ((vba_project = (vba_project_t *) wm_dir_read(dirname))) {
|
|
| 800 |
+ for (i = 0; i < vba_project->count; i++) {
|
|
| 801 |
+ fullname = (char *) cli_malloc(strlen(vba_project->dir) + strlen(vba_project->name[i]) + 2); |
|
| 802 |
+ sprintf(fullname, "%s/%s", vba_project->dir, vba_project->name[i]); |
|
| 803 |
+ fd = open(fullname, O_RDONLY); |
|
| 804 |
+ if(fd == -1) {
|
|
| 805 |
+ cli_errmsg("Scan->OLE2 -> Can't open file %s\n", fullname);
|
|
| 806 |
+ free(fullname); |
|
| 807 |
+ ret = CL_EOPEN; |
|
| 808 |
+ break; |
|
| 809 |
+ } |
|
| 810 |
+ free(fullname); |
|
| 811 |
+ cli_dbgmsg("decompress WM project '%s' macro:%d key:%d\n", vba_project->name[i], i, vba_project->key[i]);
|
|
| 812 |
+ data = (unsigned char *) wm_decrypt_macro(fd, vba_project->offset[i], vba_project->length[i], vba_project->key[i]); |
|
| 813 |
+ close(fd); |
|
| 814 |
+ |
|
| 815 |
+ if(!data) {
|
|
| 816 |
+ cli_dbgmsg("WARNING: WM project '%s' macro %d decrypted to NULL\n", vba_project->name[i], i);
|
|
| 817 |
+ } else {
|
|
| 818 |
+ if(cl_scanbuff(data, vba_project->length[i], virname, root) == CL_VIRUS) {
|
|
| 819 |
+ free(data); |
|
| 820 |
+ ret = CL_VIRUS; |
|
| 821 |
+ break; |
|
| 822 |
+ } |
|
| 823 |
+ free(data); |
|
| 824 |
+ } |
|
| 825 |
+ } |
|
| 826 |
+ for(i = 0; i < vba_project->count; i++) |
|
| 827 |
+ free(vba_project->name[i]); |
|
| 828 |
+ free(vba_project->key); |
|
| 829 |
+ free(vba_project->length); |
|
| 830 |
+ free(vba_project->offset); |
|
| 831 |
+ free(vba_project->name); |
|
| 832 |
+ free(vba_project->dir); |
|
| 833 |
+ free(vba_project); |
|
| 799 | 834 |
} |
| 800 |
- |
|
| 835 |
+ |
|
| 801 | 836 |
if(ret != CL_CLEAN) |
| 802 | 837 |
return ret; |
| 803 | 838 |
|