@@ -1,3 +1,10 @@

+Sat Oct 11 11:16:02 EEST 2008 (edwin)

+-------------------------------------

+ * Makefile.am, Makefile.in, libclamav/jsparse/js-norm.c,

+ unit_tests/Makefile.am, unit_tests/Makefile.in,

+ unit_tests/check_jsnorm.c: handle unfinishes string tokens in JS

+ parser

+

 Sat Oct 11 13:01:36 EEST 2008 (edwin)

 -------------------------------------

  * libclamav/scanners.c: scan javascript with type 7 (and implicitly

@@ -31,3 +31,5 @@ DISTCLEANFILES = target.h

 DISTCHECK_CONFIGURE_FLAGS=--enable-milter CFLAGS="-Wno-pointer-sign -Wno-error=attributes -Werror-implicit-function-declaration -Werror -Wextra -Wall -Wbad-function-cast -Wcast-align -Wendif-labels -Wfloat-equal -Wformat=2 -Wmissing-declarations -Wmissing-prototypes -Wno-error=missing-prototypes -Wnested-externs -Wno-error=nested-externs -Wpointer-arith -Wstrict-prototypes -Wno-error=strict-prototypes -Wno-switch -Wno-switch-enum -Wundef -Wwrite-strings -Wstrict-overflow=1 -Winit-self -Wmissing-include-dirs -Wstrict-aliasing -Wdeclaration-after-statement -Waggregate-return -Wmissing-format-attribute -Wno-error=missing-format-attribute -Wpadded -Wno-error=type-limits -Wno-error=unused-value -Wno-error=unused-variable -Wcast-qual -Wno-error=cast-qual -Wno-error=sign-compare -Wshadow -Wno-error=shadow -Wno-error=uninitialized -fdiagnostics-show-option -Wno-unused-parameter -Wpacked -Wno-error=packed -Wno-error=unreachable-code -Winvalid-pch -Wno-error=invalid-pch -O2 -D_FORTIFY_SOURCE=2 -fstack-protector-all -Wstack-protector -Wno-error=padded"

 lcov:

 	($(MAKE); cd unit_tests; $(MAKE) lcov)

+quick-check:

+	($(MAKE); cd unit_tests; $(MAKE) quick-check)

@@ -823,6 +823,8 @@ uninstall-am: uninstall-binSCRIPTS uninstall-pkgconfigDATA

 lcov:

 	($(MAKE); cd unit_tests; $(MAKE) lcov)

+quick-check:

+	($(MAKE); cd unit_tests; $(MAKE) quick-check)

 # Tell versions [3.59,3.63) of GNU make to not export all variables.

 # Otherwise a system limit (for SysV at least) may be exceeded.

 .NOEXPORT:

@@ -857,7 +857,41 @@ static void run_decoders(struct parser_state *state)

 void cli_js_parse_done(struct parser_state* state)

 {

+	struct tokens * tokens = &state->tokens;

+	size_t par_balance = 0, i;

+	char end = '\0';

+	YYSTYPE val;

+

 	cli_dbgmsg(MODULE "in cli_js_parse_done()\n");

+	/* close unfinished token */

+	switch (state->scanner->state) {

+		case DoubleQString:

+			end = '"';

+			break;

+		case SingleQString:

+			end = '\'';

+			break;

+	}

+	if (end != '\0')

+		cli_js_process_buffer(state, &end, 1);

+	/* close remaining paranthesis */

+	for (i=0;i<tokens->cnt;i++) {

+		if (tokens->data[i].type == TOK_PAR_OPEN)

+			par_balance++;

+		else if (tokens->data[i].type == TOK_PAR_CLOSE && par_balance > 0)

+			par_balance--;

+	}

+	if (par_balance > 0) {

+		memset(&val, 0, sizeof(val));

+		val.type = TOK_PAR_CLOSE;

+		TOKEN_SET(&val, cstring, ")");

+		while (par_balance-- > 0) {

+			add_token(state, &val);

+		}

+	}

+

+	/* we had to close unfinished strings, paranthesis,

+	 * so that the folders/decoders can run properly */

 	run_folders(&state->tokens);

 	run_decoders(state);

@@ -35,6 +35,9 @@ check_clamscan.sh: $(top_builddir)/test/clam.exe

 $(top_builddir)/test/clam.exe:

 	(cd $(top_builddir)/test && $(MAKE))

+quick-check:

+	VALGRIND=no LIBEFENCE=no LIBDUMA=no $(MAKE) check

+

 CLEANFILES=lcov.out *.gcno *.gcda *.log $(FILES) test-stderr.log clamscan.log valgrind-*.log duma.log duma2.log clamscan2.log

 EXTRA_DIST=.split $(srcdir)/*.ref input test-clamd.conf test-freshclam.conf valgrind.supp virusaction-test.sh $(scripts) preload_run.sh

 if ENABLE_COVERAGE

@@ -730,6 +730,9 @@ check_clamscan.sh: $(top_builddir)/test/clam.exe

 $(top_builddir)/test/clam.exe:

 	(cd $(top_builddir)/test && $(MAKE))

+

+quick-check:

+	VALGRIND=no LIBEFENCE=no LIBDUMA=no $(MAKE) check

 @ENABLE_COVERAGE_TRUE@lcov: $(LCOV_HTML)

 @ENABLE_COVERAGE_TRUE@.libs/check_clamav.gcda: $(TESTS)

 @ENABLE_COVERAGE_TRUE@	$(LCOV_LCOV) $(DIRECTORIES) --zerocounters

@@ -357,6 +357,11 @@ static const char jstest_buf13[] =

 static const char jstest_expected13[] =

 "<script>var n000</script>";

+static const char jstest_buf14[] =

+"document.write(unescape('test%20test";

+

+static const char jstest_expected14[] =

+"<script>document.write(\"test test\")</script>";

 static struct {

 	const char *in;

@@ -375,7 +380,8 @@ static struct {

 	{jstest_buf10, jstest_expected10},

 	{jstest_buf11, jstest_expected11},

 	{jstest_buf12, jstest_expected12},

-	{jstest_buf13, jstest_expected13}

+	{jstest_buf13, jstest_expected13},

+	{jstest_buf14, jstest_expected14}

 };

 #ifdef CHECK_HAVE_LOOPS