git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@1278 77e5149b-7576-45b1-b177-96237e5ba77b
Tomasz Kojm authored on 2005/01/26 23:15:04... | ... |
@@ -1,3 +1,8 @@ |
1 |
+Wed Jan 26 15:10:02 CET 2005 (tk) |
|
2 |
+--------------------------------- |
|
3 |
+ * shared/misc.c: freshdbdir(): fix possible dbdir string corruption |
|
4 |
+ (reported by ST Wong <st-wong*cuhk.edu.hk>) |
|
5 |
+ |
|
1 | 6 |
Wed Jan 26 10:38:08 CET 2005 (tk) |
2 | 7 |
--------------------------------- |
3 | 8 |
* configure: improve curl check (thanks to Martin Forssen <maf*appgate.com>) |
... | ... |
@@ -110,11 +110,14 @@ int scanmanager(const struct optstruct *opt) |
110 | 110 |
} |
111 | 111 |
|
112 | 112 |
} else { |
113 |
+ char *dbdir = freshdbdir(); |
|
113 | 114 |
|
114 |
- if((ret = cl_loaddbdir(freshdbdir(), &trie, &claminfo.signs))) { |
|
115 |
+ if((ret = cl_loaddbdir(dbdir, &trie, &claminfo.signs))) { |
|
115 | 116 |
mprintf("@%s\n", cl_strerror(ret)); |
117 |
+ free(dbdir); |
|
116 | 118 |
return 50; |
117 | 119 |
} |
120 |
+ free(dbdir); |
|
118 | 121 |
|
119 | 122 |
} |
120 | 123 |
|
... | ... |
@@ -1,5 +1,5 @@ |
1 | 1 |
/* |
2 |
- * Copyright (C) 2004 Tomasz Kojm <tkojm@clamav.net> |
|
2 |
+ * Copyright (C) 2004 - 2005 Tomasz Kojm <tkojm@clamav.net> |
|
3 | 3 |
* |
4 | 4 |
* This program is free software; you can redistribute it and/or modify |
5 | 5 |
* it under the terms of the GNU General Public License as published by |
... | ... |
@@ -35,11 +35,12 @@ |
35 | 35 |
#include "output.h" |
36 | 36 |
|
37 | 37 |
|
38 |
-const char *freshdbdir(void) |
|
38 |
+char *freshdbdir(void) |
|
39 | 39 |
{ |
40 | 40 |
struct cl_cvd *d1, *d2; |
41 |
- struct cfgstruct *copt, *cpt; |
|
41 |
+ struct cfgstruct *copt = NULL, *cpt; |
|
42 | 42 |
const char *dbdir; |
43 |
+ char *retdir; |
|
43 | 44 |
|
44 | 45 |
/* try to find fresh directory */ |
45 | 46 |
dbdir = cl_retdbdir(); |
... | ... |
@@ -65,24 +66,31 @@ const char *freshdbdir(void) |
65 | 65 |
} |
66 | 66 |
} |
67 | 67 |
} |
68 |
- freecfg(copt); |
|
69 | 68 |
} |
70 | 69 |
|
71 |
- return dbdir; |
|
70 |
+ retdir = strdup(dbdir); |
|
71 |
+ |
|
72 |
+ if(copt) |
|
73 |
+ freecfg(copt); |
|
74 |
+ |
|
75 |
+ return retdir; |
|
72 | 76 |
} |
73 | 77 |
|
74 | 78 |
void print_version(void) |
75 | 79 |
{ |
76 |
- const char *dbdir; |
|
80 |
+ char *dbdir; |
|
77 | 81 |
char *path; |
78 | 82 |
struct cl_cvd *daily; |
79 | 83 |
|
80 | 84 |
|
81 | 85 |
dbdir = freshdbdir(); |
82 |
- if(!(path = mmalloc(strlen(dbdir) + 11))) |
|
86 |
+ if(!(path = mmalloc(strlen(dbdir) + 11))) { |
|
87 |
+ free(dbdir); |
|
83 | 88 |
return; |
89 |
+ } |
|
84 | 90 |
|
85 | 91 |
sprintf(path, "%s/daily.cvd", dbdir); |
92 |
+ free(dbdir); |
|
86 | 93 |
|
87 | 94 |
if((daily = cl_cvdhead(path))) { |
88 | 95 |
time_t t = (time_t) daily->stime; |
... | ... |
@@ -1,5 +1,5 @@ |
1 | 1 |
/* |
2 |
- * Copyright (C) 2004 Tomasz Kojm <tkojm@clamav.net> |
|
2 |
+ * Copyright (C) 2004 - 2005 Tomasz Kojm <tkojm@clamav.net> |
|
3 | 3 |
* |
4 | 4 |
* This program is free software; you can redistribute it and/or modify |
5 | 5 |
* it under the terms of the GNU General Public License as published by |
... | ... |
@@ -21,7 +21,7 @@ |
21 | 21 |
|
22 | 22 |
#include "cfgparser.h" |
23 | 23 |
|
24 |
-const char *freshdbdir(void); |
|
24 |
+char *freshdbdir(void); |
|
25 | 25 |
void print_version(void); |
26 | 26 |
int filecopy(const char *src, const char *dest); |
27 | 27 |
|
... | ... |
@@ -1,5 +1,5 @@ |
1 | 1 |
/* |
2 |
- * Copyright (C) 2002 - 2004 Tomasz Kojm <tkojm@clamav.net> |
|
2 |
+ * Copyright (C) 2002 - 2005 Tomasz Kojm <tkojm@clamav.net> |
|
3 | 3 |
* |
4 | 4 |
* This program is free software; you can redistribute it and/or modify |
5 | 5 |
* it under the terms of the GNU General Public License as published by |
... | ... |
@@ -232,7 +232,7 @@ int build(struct optstruct *opt) |
232 | 232 |
int ret, no = 0, realno = 0, bytes, itmp; |
233 | 233 |
struct stat foo; |
234 | 234 |
char buffer[FILEBUFF], *tarfile = NULL, *gzfile = NULL, header[512], |
235 |
- smbuff[30], *pt; |
|
235 |
+ smbuff[30], *pt, *dbdir; |
|
236 | 236 |
struct cl_node *root = NULL; |
237 | 237 |
FILE *tar, *cvd, *fd; |
238 | 238 |
gzFile *gz; |
... | ... |
@@ -321,7 +321,9 @@ int build(struct optstruct *opt) |
321 | 321 |
|
322 | 322 |
|
323 | 323 |
/* try to read cvd header of old database */ |
324 |
- sprintf(buffer, "%s/%s", freshdbdir(), getargc(opt, 'b')); |
|
324 |
+ dbdir = freshdbdir(); |
|
325 |
+ sprintf(buffer, "%s/%s", dbdir, getargc(opt, 'b')); |
|
326 |
+ free(dbdir); |
|
325 | 327 |
if((oldcvd = cl_cvdhead(buffer)) == NULL) |
326 | 328 |
mprintf("WARNING: CAN'T READ CVD HEADER OF CURRENT DATABASE %s\n", buffer); |
327 | 329 |
|
... | ... |
@@ -531,11 +533,13 @@ char *getdsig(const char *host, const char *user, const char *data) |
531 | 531 |
int unpack(struct optstruct *opt) |
532 | 532 |
{ |
533 | 533 |
int fd; |
534 |
- char *name; |
|
534 |
+ char *name, *dbdir; |
|
535 | 535 |
|
536 | 536 |
if(optl(opt, "unpack-current")) { |
537 |
- name = mcalloc(strlen(freshdbdir()) + strlen(getargl(opt, "unpack-current")) + 2, sizeof(char)); |
|
538 |
- sprintf(name, "%s/%s", freshdbdir(), getargl(opt, "unpack-current")); |
|
537 |
+ dbdir = freshdbdir(); |
|
538 |
+ name = mcalloc(strlen(dbdir) + strlen(getargl(opt, "unpack-current")) + 2, sizeof(char)); |
|
539 |
+ sprintf(name, "%s/%s", dbdir, getargl(opt, "unpack-current")); |
|
540 |
+ free(dbdir); |
|
539 | 541 |
} else |
540 | 542 |
name = strdup(getargc(opt, 'u')); |
541 | 543 |
|
... | ... |
@@ -775,13 +779,17 @@ void listsigs(struct optstruct *opt) |
775 | 775 |
{ |
776 | 776 |
int ret; |
777 | 777 |
const char *name; |
778 |
+ char *dbdir; |
|
778 | 779 |
|
779 | 780 |
mprintf_stdout = 1; |
780 | 781 |
|
781 |
- if((name = getargc(opt, 'l'))) |
|
782 |
+ if((name = getargc(opt, 'l'))) { |
|
782 | 783 |
ret = listdb(name); |
783 |
- else |
|
784 |
- ret = listdir(freshdbdir()); |
|
784 |
+ } else { |
|
785 |
+ dbdir = freshdbdir(); |
|
786 |
+ ret = listdir(dbdir); |
|
787 |
+ free(dbdir); |
|
788 |
+ } |
|
785 | 789 |
|
786 | 790 |
ret ? exit(1) : exit(0); |
787 | 791 |
} |