Browse code
s/need/unneed/ in unzip, remove debug spam and comments in matcher.c
aCaB authored on 2009/10/10 04:25:33Showing 2 changed files
| ... | ... |
@@ -386,18 +386,7 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli |
| 386 | 386 |
cli_md5_init(&md5ctx); |
| 387 | 387 |
|
| 388 | 388 |
while(offset < map->len) {
|
| 389 |
- /* TO TOMASZ: |
|
| 390 |
- by swapping comments on the following 2 lines and in the other 2 lines below you |
|
| 391 |
- can mimic the bahaviour of master in terms of which offsets we break the blocks at |
|
| 392 |
- Offsets in master are: 0, 130680, 261752, 392824, 523896, 654968, 786040, 917112 |
|
| 393 |
- Offsets in the fmap are: 0, 130680, 261360, 392040, 522720, 653400, 784080, 914760 |
|
| 394 |
- |
|
| 395 |
- I think maxpatlen is a bit too short. In practice, due to the SCANBUFF/maxpatlen ratio |
|
| 396 |
- this is not a huge problem: during the regression it only affected 3 samples out of 3.5M |
|
| 397 |
- */ |
|
| 398 |
- /* UNCOMMENT ME */ //bytes = MIN(map->len - offset, SCANBUFF + maxpatlen * (offset != 0)); |
|
| 399 |
- /* COMMENT ME */ bytes = MIN(map->len - offset, SCANBUFF); |
|
| 400 |
- cli_errmsg("off: %u\n", offset);
|
|
| 389 |
+ bytes = MIN(map->len - offset, SCANBUFF); |
|
| 401 | 390 |
if(!(buff = fmap_need_off_once(map, offset, bytes))) |
| 402 | 391 |
break; |
| 403 | 392 |
if(ctx->scanned) |
| ... | ... |
@@ -444,18 +433,8 @@ int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli |
| 444 | 444 |
cli_md5_update(&md5ctx, buff + maxpatlen * (offset!=0), bytes - maxpatlen * (offset!=0)); |
| 445 | 445 |
} |
| 446 | 446 |
|
| 447 |
- /* TO TOMASZ: |
|
| 448 |
- That's the second block you need to swap in order to to match the swap above |
|
| 449 |
- */ |
|
| 450 |
- /* UNCOMMENT ME */ //if(bytes < SCANBUFF + maxpatlen * (offset != 0)) break; |
|
| 451 |
- /* COMMENT ME */ if(bytes < SCANBUFF) break; |
|
| 447 |
+ if(bytes < SCANBUFF) break; |
|
| 452 | 448 |
offset += bytes - maxpatlen; |
| 453 |
- /* TO TOMASZ: |
|
| 454 |
- as an additional check you can leave the above code untouched and replace the previous line with: |
|
| 455 |
- offset += bytes - (maxpatlen + 63); |
|
| 456 |
- |
|
| 457 |
- Note that I'm not sure maxpatlen is only 63 bytes short, but with *this* specific sample case it's enough. |
|
| 458 |
- */ |
|
| 459 | 449 |
} |
| 460 | 450 |
|
| 461 | 451 |
if(troot) {
|
| ... | ... |
@@ -325,7 +325,7 @@ static unsigned int lhdr(fmap_t *map, uint32_t loff,uint32_t zsize, unsigned int |
| 325 | 325 |
|
| 326 | 326 |
if(zsize<=LH_flen) {
|
| 327 | 327 |
cli_dbgmsg("cli_unzip: lh - fname out of file\n");
|
| 328 |
- fmap_need_off(map, loff, SIZEOF_LH); |
|
| 328 |
+ fmap_unneed_off(map, loff, SIZEOF_LH); |
|
| 329 | 329 |
return 0; |
| 330 | 330 |
} |
| 331 | 331 |
if(meta || cli_debug_flag) {
|
| ... | ... |
@@ -362,14 +362,14 @@ static unsigned int lhdr(fmap_t *map, uint32_t loff,uint32_t zsize, unsigned int |
| 362 | 362 |
} else |
| 363 | 363 |
*ret = CL_CLEAN; |
| 364 | 364 |
|
| 365 |
- fmap_need_off(map, loff, SIZEOF_LH); |
|
| 365 |
+ fmap_unneed_off(map, loff, SIZEOF_LH); |
|
| 366 | 366 |
return 0; |
| 367 | 367 |
} |
| 368 | 368 |
|
| 369 | 369 |
if(LH_flags & F_MSKED) {
|
| 370 | 370 |
cli_dbgmsg("cli_unzip: lh - header has got unusable masked data\n");
|
| 371 | 371 |
/* FIXME: need to find/craft a sample */ |
| 372 |
- fmap_need_off(map, loff, SIZEOF_LH); |
|
| 372 |
+ fmap_unneed_off(map, loff, SIZEOF_LH); |
|
| 373 | 373 |
return 0; |
| 374 | 374 |
} |
| 375 | 375 |
|
| ... | ... |
@@ -377,14 +377,14 @@ static unsigned int lhdr(fmap_t *map, uint32_t loff,uint32_t zsize, unsigned int |
| 377 | 377 |
cli_dbgmsg("cli_unzip: Encrypted files found in archive.\n");
|
| 378 | 378 |
*ctx->virname = "Encrypted.Zip"; |
| 379 | 379 |
*ret = CL_VIRUS; |
| 380 |
- fmap_need_off(map, loff, SIZEOF_LH); |
|
| 380 |
+ fmap_unneed_off(map, loff, SIZEOF_LH); |
|
| 381 | 381 |
return 0; |
| 382 | 382 |
} |
| 383 | 383 |
|
| 384 | 384 |
if(LH_flags & F_USEDD) {
|
| 385 | 385 |
cli_dbgmsg("cli_unzip: lh - has data desc\n");
|
| 386 | 386 |
if(!ch) {
|
| 387 |
- fmap_need_off(map, loff, SIZEOF_LH); |
|
| 387 |
+ fmap_unneed_off(map, loff, SIZEOF_LH); |
|
| 388 | 388 |
return 0; |
| 389 | 389 |
} |
| 390 | 390 |
else { usize = CH_usize; csize = CH_csize; }
|
| ... | ... |
@@ -392,7 +392,7 @@ static unsigned int lhdr(fmap_t *map, uint32_t loff,uint32_t zsize, unsigned int |
| 392 | 392 |
|
| 393 | 393 |
if(zsize<=LH_elen) {
|
| 394 | 394 |
cli_dbgmsg("cli_unzip: lh - extra out of file\n");
|
| 395 |
- fmap_need_off(map, loff, SIZEOF_LH); |
|
| 395 |
+ fmap_unneed_off(map, loff, SIZEOF_LH); |
|
| 396 | 396 |
return 0; |
| 397 | 397 |
} |
| 398 | 398 |
zip+=LH_elen; |
| ... | ... |
@@ -403,7 +403,7 @@ static unsigned int lhdr(fmap_t *map, uint32_t loff,uint32_t zsize, unsigned int |
| 403 | 403 |
} else {
|
| 404 | 404 |
if(zsize<csize) {
|
| 405 | 405 |
cli_dbgmsg("cli_unzip: lh - stream out of file\n");
|
| 406 |
- fmap_need_off(map, loff, SIZEOF_LH); |
|
| 406 |
+ fmap_unneed_off(map, loff, SIZEOF_LH); |
|
| 407 | 407 |
return 0; |
| 408 | 408 |
} |
| 409 | 409 |
if(LH_flags & F_ENCR) {
|
| ... | ... |
@@ -416,7 +416,7 @@ static unsigned int lhdr(fmap_t *map, uint32_t loff,uint32_t zsize, unsigned int |
| 416 | 416 |
zsize-=csize; |
| 417 | 417 |
} |
| 418 | 418 |
|
| 419 |
- fmap_need_off(map, loff, SIZEOF_LH); /* unneed now. block is guaranteed to exists till the next need */ |
|
| 419 |
+ fmap_unneed_off(map, loff, SIZEOF_LH); /* unneed now. block is guaranteed to exists till the next need */ |
|
| 420 | 420 |
if(LH_flags & F_USEDD) {
|
| 421 | 421 |
if(zsize<12) {
|
| 422 | 422 |
cli_dbgmsg("cli_unzip: lh - data desc out of file\n");
|