... | ... |
@@ -716,6 +716,7 @@ void cache_add(unsigned char *md5, size_t size, cli_ctx *ctx) { |
716 | 716 |
#endif |
717 | 717 |
|
718 | 718 |
pthread_mutex_unlock(&c->mutex); |
719 |
+ cli_dbgmsg("cache_add: %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x\n", md5[0], md5[1], md5[2], md5[3], md5[4], md5[5], md5[6], md5[7], md5[8], md5[9], md5[10], md5[11], md5[12], md5[13], md5[14], md5[15]); |
|
719 | 720 |
return; |
720 | 721 |
} |
721 | 722 |
|
... | ... |
@@ -725,6 +726,7 @@ int cache_check(unsigned char *hash, cli_ctx *ctx) { |
725 | 725 |
fmap_t *map; |
726 | 726 |
size_t todo, at = 0; |
727 | 727 |
cli_md5_ctx md5; |
728 |
+ int ret; |
|
728 | 729 |
|
729 | 730 |
if(!ctx || !ctx->engine || !ctx->engine->cache) |
730 | 731 |
return CL_VIRUS; |
... | ... |
@@ -743,5 +745,7 @@ int cache_check(unsigned char *hash, cli_ctx *ctx) { |
743 | 743 |
cli_md5_update(&md5, buf, readme); |
744 | 744 |
} |
745 | 745 |
cli_md5_final(hash, &md5); |
746 |
- return cache_lookup_hash(hash, map->len, ctx->engine->cache); |
|
746 |
+ ret = cache_lookup_hash(hash, map->len, ctx->engine->cache); |
|
747 |
+ cli_dbgmsg("cache_check: %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x is %s\n", hash[0], hash[1], hash[2], hash[3], hash[4], hash[5], hash[6], hash[7], hash[8], hash[9], hash[10], hash[11], hash[12], hash[13], hash[14], hash[15], (ret == CL_VIRUS) ? "negative" : "positive"); |
|
748 |
+ return ret; |
|
747 | 749 |
} |
... | ... |
@@ -1868,6 +1868,14 @@ static int cli_scanraw(cli_ctx *ctx, cli_file_t type, uint8_t typercg, cli_file_ |
1868 | 1868 |
return ret; |
1869 | 1869 |
} |
1870 | 1870 |
|
1871 |
+ |
|
1872 |
+#define LINESTR(x) #x |
|
1873 |
+#define LINESTR2(x) LINESTR(x) |
|
1874 |
+#define __AT__ " at line "LINESTR2(__LINE__) |
|
1875 |
+#define ret_from_magicscan(retcode) { \ |
|
1876 |
+ cli_dbgmsg("cli_magic_scandesc: returning %d %s\n", retcode, __AT__); \ |
|
1877 |
+ return retcode; \ |
|
1878 |
+ } while(0) |
|
1871 | 1879 |
int cli_magic_scandesc(int desc, cli_ctx *ctx) |
1872 | 1880 |
{ |
1873 | 1881 |
int ret = CL_CLEAN; |
... | ... |
@@ -1879,45 +1887,46 @@ int cli_magic_scandesc(int desc, cli_ctx *ctx) |
1879 | 1879 |
unsigned char hash[16]; |
1880 | 1880 |
bitset_t *old_hook_lsig_matches; |
1881 | 1881 |
|
1882 |
+ cli_dbgmsg("in cli_magic_scandesc (reclevel: %u/%u)\n", ctx->recursion, ctx->engine->maxreclevel); |
|
1882 | 1883 |
if(ctx->engine->maxreclevel && ctx->recursion > ctx->engine->maxreclevel) { |
1883 | 1884 |
cli_dbgmsg("cli_magic_scandesc: Archive recursion limit exceeded (%u, max: %u)\n", ctx->recursion, ctx->engine->maxreclevel); |
1884 |
- return CL_CLEAN; |
|
1885 |
+ ret_from_magicscan(CL_CLEAN); /* FIXMEDONTCACHE */ |
|
1885 | 1886 |
} |
1886 | 1887 |
|
1887 | 1888 |
if(fstat(desc, &sb) == -1) { |
1888 | 1889 |
cli_errmsg("magic_scandesc: Can't fstat descriptor %d\n", desc); |
1889 |
- return CL_ESTAT; |
|
1890 |
+ ret_from_magicscan(CL_ESTAT); |
|
1890 | 1891 |
} |
1891 | 1892 |
|
1892 | 1893 |
if(sb.st_size <= 5) { |
1893 | 1894 |
cli_dbgmsg("Small data (%u bytes)\n", (unsigned int) sb.st_size); |
1894 |
- return CL_CLEAN; |
|
1895 |
+ ret_from_magicscan(CL_CLEAN); |
|
1895 | 1896 |
} |
1896 | 1897 |
|
1897 | 1898 |
if(!ctx->engine) { |
1898 | 1899 |
cli_errmsg("CRITICAL: engine == NULL\n"); |
1899 |
- return CL_ENULLARG; |
|
1900 |
+ ret_from_magicscan(CL_ENULLARG); |
|
1900 | 1901 |
} |
1901 | 1902 |
|
1902 | 1903 |
if(!(ctx->engine->dboptions & CL_DB_COMPILED)) { |
1903 | 1904 |
cli_errmsg("CRITICAL: engine not compiled\n"); |
1904 |
- return CL_EMALFDB; |
|
1905 |
+ ret_from_magicscan(CL_EMALFDB); |
|
1905 | 1906 |
} |
1906 | 1907 |
|
1907 | 1908 |
if(cli_updatelimits(ctx, sb.st_size)!=CL_CLEAN) |
1908 |
- return CL_CLEAN; |
|
1909 |
+ ret_from_magicscan(CL_CLEAN); /* FIXMEDONTCACHE */ |
|
1909 | 1910 |
|
1910 | 1911 |
ctx->fmap++; |
1911 | 1912 |
if(!(*ctx->fmap = fmap(desc, 0, sb.st_size))) { |
1912 | 1913 |
cli_errmsg("CRITICAL: fmap() failed\n"); |
1913 | 1914 |
ctx->fmap--; |
1914 |
- return CL_EMEM; |
|
1915 |
+ ret_from_magicscan(CL_EMEM); |
|
1915 | 1916 |
} |
1916 | 1917 |
|
1917 | 1918 |
if(cache_check(hash, ctx) == CL_CLEAN) { |
1918 | 1919 |
funmap(*ctx->fmap); |
1919 | 1920 |
ctx->fmap--; |
1920 |
- return CL_CLEAN; |
|
1921 |
+ ret_from_magicscan(CL_CLEAN); |
|
1921 | 1922 |
} |
1922 | 1923 |
hashed_size = (*ctx->fmap)->len; |
1923 | 1924 |
old_hook_lsig_matches = ctx->hook_lsig_matches; |
... | ... |
@@ -1931,11 +1940,16 @@ int cli_magic_scandesc(int desc, cli_ctx *ctx) |
1931 | 1931 |
|
1932 | 1932 |
if((ret = cli_fmap_scandesc(ctx, 0, 0, NULL, AC_SCAN_VIR, hash)) == CL_VIRUS) |
1933 | 1933 |
cli_dbgmsg("%s found in descriptor %d\n", *ctx->virname, desc); |
1934 |
- else if(ctx->recursion != ctx->engine->maxreclevel) |
|
1935 |
- cache_add(hash, hashed_size, ctx); /* Only cache if limits are not reached */ |
|
1934 |
+ else if(ret == CL_CLEAN) { |
|
1935 |
+ if(ctx->recursion != ctx->engine->maxreclevel) |
|
1936 |
+ cache_add(hash, hashed_size, ctx); /* Only cache if limits are not reached */ |
|
1937 |
+ else |
|
1938 |
+ {} /* FIXMEDONTCACHE */ |
|
1939 |
+ } |
|
1940 |
+ |
|
1936 | 1941 |
funmap(*ctx->fmap); |
1937 | 1942 |
ctx->fmap--; |
1938 |
- return ret; |
|
1943 |
+ ret_from_magicscan(ret); |
|
1939 | 1944 |
} |
1940 | 1945 |
|
1941 | 1946 |
type = cli_filetype2(*ctx->fmap, ctx->engine); /* FIXMEFMAP: port to fmap */ |
... | ... |
@@ -1943,13 +1957,13 @@ int cli_magic_scandesc(int desc, cli_ctx *ctx) |
1943 | 1943 |
cli_dbgmsg("cli_magic_scandesc: cli_filetype2 returned CL_TYPE_ERROR\n"); |
1944 | 1944 |
funmap(*ctx->fmap); |
1945 | 1945 |
ctx->fmap--; |
1946 |
- return CL_EREAD; |
|
1946 |
+ ret_from_magicscan(CL_EREAD); |
|
1947 | 1947 |
} |
1948 | 1948 |
lseek(desc, 0, SEEK_SET); /* FIXMEFMAP: remove ? */ |
1949 | 1949 |
|
1950 | 1950 |
ctx->hook_lsig_matches = cli_bitset_init(); |
1951 | 1951 |
if (!ctx->hook_lsig_matches) |
1952 |
- return CL_EMEM; |
|
1952 |
+ ret_from_magicscan(CL_EMEM); |
|
1953 | 1953 |
|
1954 | 1954 |
if(type != CL_TYPE_IGNORED && ctx->engine->sdb) { |
1955 | 1955 |
if((ret = cli_scanraw(ctx, type, 0, &dettype, hash)) == CL_VIRUS) { |
... | ... |
@@ -1958,7 +1972,7 @@ int cli_magic_scandesc(int desc, cli_ctx *ctx) |
1958 | 1958 |
ctx->fmap--; |
1959 | 1959 |
cli_bitset_free(ctx->hook_lsig_matches); |
1960 | 1960 |
ctx->hook_lsig_matches = old_hook_lsig_matches; |
1961 |
- return ret; |
|
1961 |
+ ret_from_magicscan(ret); |
|
1962 | 1962 |
} |
1963 | 1963 |
lseek(desc, 0, SEEK_SET); /* FIXMEFMAP: remove ? */ |
1964 | 1964 |
} |
... | ... |
@@ -2207,7 +2221,7 @@ int cli_magic_scandesc(int desc, cli_ctx *ctx) |
2207 | 2207 |
ctx->fmap--; |
2208 | 2208 |
cli_bitset_free(ctx->hook_lsig_matches); |
2209 | 2209 |
ctx->hook_lsig_matches = old_hook_lsig_matches; |
2210 |
- return ret; |
|
2210 |
+ ret_from_magicscan(ret); |
|
2211 | 2211 |
} |
2212 | 2212 |
|
2213 | 2213 |
if(type == CL_TYPE_ZIP && SCAN_ARCHIVE && (DCONF_ARCH & ARCH_CONF_ZIP)) { |
... | ... |
@@ -2225,7 +2239,7 @@ int cli_magic_scandesc(int desc, cli_ctx *ctx) |
2225 | 2225 |
ctx->fmap--; |
2226 | 2226 |
cli_bitset_free(ctx->hook_lsig_matches); |
2227 | 2227 |
ctx->hook_lsig_matches = old_hook_lsig_matches; |
2228 |
- return ret; |
|
2228 |
+ ret_from_magicscan(ret); |
|
2229 | 2229 |
} |
2230 | 2230 |
} |
2231 | 2231 |
|
... | ... |
@@ -2272,9 +2286,9 @@ int cli_magic_scandesc(int desc, cli_ctx *ctx) |
2272 | 2272 |
cli_dbgmsg("Descriptor[%d]: %s\n", desc, cl_strerror(ret)); |
2273 | 2273 |
case CL_CLEAN: |
2274 | 2274 |
cache_add(hash, hashed_size, ctx); |
2275 |
- return CL_CLEAN; |
|
2275 |
+ ret_from_magicscan(CL_CLEAN); |
|
2276 | 2276 |
default: |
2277 |
- return ret; |
|
2277 |
+ ret_from_magicscan(ret); |
|
2278 | 2278 |
} |
2279 | 2279 |
} |
2280 | 2280 |
|