git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@619 77e5149b-7576-45b1-b177-96237e5ba77b
Tomasz Kojm authored on 2004/06/22 04:29:21... | ... |
@@ -80,6 +80,7 @@ Dean Gaudet <dean-clamav*arctic.org> |
80 | 80 |
Michel Gaudet <Michel.Gaudet*ehess.fr> |
81 | 81 |
Philippe Gay <ph.gay*free.fr> |
82 | 82 |
Luca 'NERvOus' Gibelli <nervous*clamav.net> |
83 |
+Scott Gifford <sgifford*suspectclass.com> |
|
83 | 84 |
Nigel Horne <njh*smsltd.demon.co.uk> |
84 | 85 |
Hrvoje Habjanic <hrvoje.habjanic*zg.hinet.hr> |
85 | 86 |
Robert Hogan <robert*roberthogan.net> |
... | ... |
@@ -124,5 +125,6 @@ Michael L Torrie <torriem*chem.byu.edu> |
124 | 124 |
Laurent Wacrenier <lwa*teaser.fr> |
125 | 125 |
David Woakes <david*mitredata.co.uk> |
126 | 126 |
Dale Woolridge <dwoolridge*drh.net> |
127 |
+Zeffie <zeffie*zeffie.com> |
|
127 | 128 |
Leonid Zeitlin <lz*europe.com> |
128 | 129 |
Andoni Zubimendi <andoni*lpsat.net> |
... | ... |
@@ -1,3 +1,13 @@ |
1 |
+Mon Jun 21 21:20:47 EDT 2004 (tk) |
|
2 |
+--------------------------------- |
|
3 |
+ * libclamav: scanners: prevent division by zero in compression ratio |
|
4 |
+ calculation of broken zips (patch by Trog) |
|
5 |
+ * clamd: fix logic error that prevented all files from being scanned if |
|
6 |
+ there was no /proc filesystem on Linux system (patch by |
|
7 |
+ Scott Gifford <sgifford*suspectclass.com>) |
|
8 |
+ * libclamav: fix compilation error with old glibc (patch by Zeffie |
|
9 |
+ <zeffie*zeffie.com>) |
|
10 |
+ |
|
1 | 11 |
Mon Jun 21 16:23:07 BST 2004 (trog) |
2 | 12 |
----------------------------------- |
3 | 13 |
* libclamac/ole2_extract.c: Don't try and process (probably corrupt) files |
... | ... |
@@ -108,15 +108,12 @@ int dirscan(const char *dirname, const char **virname, unsigned long int *scanne |
108 | 108 |
if(S_ISREG(statbuf.st_mode) || (S_ISLNK(statbuf.st_mode) && (checksymlink(fname) == 2) && cfgopt(copt, "FollowFileSymlinks"))) { |
109 | 109 |
|
110 | 110 |
#ifdef C_LINUX |
111 |
- if(procdev) { |
|
112 |
- if(statbuf.st_dev == procdev) |
|
113 |
- scanret = CL_CLEAN; |
|
114 |
- else |
|
115 |
- scanret = cl_scanfile(fname, virname, scanned, root, limits, options); |
|
116 |
- } |
|
117 |
-#else |
|
118 |
- scanret = cl_scanfile(fname, virname, scanned, root, limits, options); |
|
111 |
+ if(procdev && (statbuf.st_dev == procdev)) |
|
112 |
+ scanret = CL_CLEAN; |
|
113 |
+ else |
|
119 | 114 |
#endif |
115 |
+ scanret = cl_scanfile(fname, virname, scanned, root, limits, options); |
|
116 |
+ |
|
120 | 117 |
if(scanret == CL_VIRUS) { |
121 | 118 |
|
122 | 119 |
mdprintf(odesc, "%s: %s FOUND\n", fname, *virname); |
... | ... |
@@ -183,15 +180,11 @@ int scan(const char *filename, unsigned long int *scanned, const struct cl_node |
183 | 183 |
return 0; |
184 | 184 |
} |
185 | 185 |
#ifdef C_LINUX |
186 |
- if(procdev) { |
|
187 |
- if(sb.st_dev == procdev) |
|
188 |
- ret = CL_CLEAN; |
|
189 |
- else |
|
190 |
- ret = cl_scanfile(filename, &virname, scanned, root, limits, options); |
|
191 |
- } |
|
192 |
-#else |
|
193 |
- ret = cl_scanfile(filename, &virname, scanned, root, limits, options); |
|
186 |
+ if(procdev && (sb.st_dev == procdev)) |
|
187 |
+ ret = CL_CLEAN; |
|
188 |
+ else |
|
194 | 189 |
#endif |
190 |
+ ret = cl_scanfile(filename, &virname, scanned, root, limits, options); |
|
195 | 191 |
|
196 | 192 |
if(ret == CL_VIRUS) { |
197 | 193 |
mdprintf(odesc, "%s: %s FOUND\n", filename, virname); |
... | ... |
@@ -402,19 +402,13 @@ static int cli_scanzip(int desc, const char **virname, long int *scanned, const |
402 | 402 |
|
403 | 403 |
cli_dbgmsg("Zip -> %s, compressed: %u, normal: %u, ratio: %d (max: %d)\n", zdirent.d_name, zdirent.d_csize, zdirent.st_size, zdirent.st_size / (zdirent.d_csize+1), limits ? limits->maxratio : -1 ); |
404 | 404 |
|
405 |
- if(!zdirent.st_size) { /* omit directories and null files */ |
|
405 |
+ if(!zdirent.st_size) { /* omit directories and empty files */ |
|
406 | 406 |
files++; |
407 | 407 |
continue; |
408 | 408 |
} |
409 | 409 |
|
410 |
- if(limits && limits->maxratio > 0 && ((unsigned) zdirent.st_size / (unsigned) zdirent.d_csize) >= limits->maxratio) { |
|
411 |
- *virname = "Oversized.Zip"; |
|
412 |
- ret = CL_VIRUS; |
|
413 |
- break; |
|
414 |
- } |
|
415 |
- |
|
416 | 410 |
/* work-around for problematic zips (zziplib crashes with them) */ |
417 |
- if(zdirent.d_csize < 0 || zdirent.st_size < 0) { |
|
411 |
+ if(zdirent.d_csize <= 0 || zdirent.st_size < 0) { |
|
418 | 412 |
files++; |
419 | 413 |
cli_dbgmsg("Zip -> Malformed archive detected.\n"); |
420 | 414 |
/* ret = CL_EMALFZIP; */ |
... | ... |
@@ -424,6 +418,12 @@ static int cli_scanzip(int desc, const char **virname, long int *scanned, const |
424 | 424 |
break; |
425 | 425 |
} |
426 | 426 |
|
427 |
+ if(limits && limits->maxratio > 0 && ((unsigned) zdirent.st_size / (unsigned) zdirent.d_csize) >= limits->maxratio) { |
|
428 |
+ *virname = "Oversized.Zip"; |
|
429 |
+ ret = CL_VIRUS; |
|
430 |
+ break; |
|
431 |
+ } |
|
432 |
+ |
|
427 | 433 |
if(DETECT_ENCRYPTED && (zdirent.d_flags & 1 )) { |
428 | 434 |
files++; |
429 | 435 |
cli_dbgmsg("Zip -> Encrypted files found in archive.\n"); |
... | ... |
@@ -18,24 +18,24 @@ |
18 | 18 |
#elif defined ZZIP_HAVE_INTTYPES_H /*freebsd*/ |
19 | 19 |
#include <inttypes.h> |
20 | 20 |
#else |
21 |
- typedef unsigned char uint8_t; typedef signed char int8_t; |
|
21 |
+ typedef unsigned char uint8_tz; typedef signed char int8_tz; |
|
22 | 22 |
|
23 | 23 |
# if ZZIP_SIZEOF_INT && ZZIP_SIZEOF_INT == 2 |
24 |
- typedef unsigned int uint16_t; typedef signed int int16_t; |
|
24 |
+ typedef unsigned int uint16_tz; typedef signed int int16_tz; |
|
25 | 25 |
# elif ZZIP_SIZEOF_SHORT && ZZIP_SIZEOF_SHORT == 2 |
26 |
- typedef unsigned short uint16_t; typedef signed short int16_t; |
|
26 |
+ typedef unsigned short uint16_tz; typedef signed short int16_tz; |
|
27 | 27 |
# else |
28 |
-# error unable to typedef int16_t from either int or short |
|
29 |
- typedef unsigned short uint16_t; typedef signed short int16_t; |
|
28 |
+# error unable to typedef int16_tz from either int or short |
|
29 |
+ typedef unsigned short uint16_tz; typedef signed short int16_tz; |
|
30 | 30 |
# endif |
31 | 31 |
|
32 | 32 |
# if defined ZZIP_SIZEOF_INT && ZZIP_SIZEOF_INT == 4 |
33 |
- typedef unsigned int uint32_t; typedef signed int int32_t; |
|
33 |
+ typedef unsigned int uint32_tz; typedef signed int int32_tz; |
|
34 | 34 |
# elif defined ZZIP_SIZEOF_LONG && ZZIP_SIZEOF_LONG == 4 |
35 |
- typedef unsigned long uint32_t; typedef signed long int32_t; |
|
35 |
+ typedef unsigned long uint32_tz; typedef signed long int32_tz; |
|
36 | 36 |
# else |
37 |
-# error unable to typedef int32_t from either int or long |
|
38 |
- typedef unsigned long uint32_t; typedef signed long int32_t; |
|
37 |
+# error unable to typedef int32_tz from either int or long |
|
38 |
+ typedef unsigned long uint32_tz; typedef signed long int32_tz; |
|
39 | 39 |
# endif |
40 | 40 |
#endif |
41 | 41 |
|
... | ... |
@@ -44,18 +44,18 @@ |
44 | 44 |
* Make 32 bit value in host byteorder from little-endian mapped octet-data |
45 | 45 |
* (works also on machines which SIGBUS on misaligned data access (eg. 68000)) |
46 | 46 |
*/ |
47 |
-uint32_t __zzip_get32(unsigned char * s) |
|
47 |
+uint32_tz __zzip_get32(unsigned char * s) |
|
48 | 48 |
{ |
49 |
- return ((uint32_t)s[3] << 24) | ((uint32_t)s[2] << 16) |
|
50 |
- | ((uint32_t)s[1] << 8) | (uint32_t)s[0]; |
|
49 |
+ return ((uint32_tz)s[3] << 24) | ((uint32_tz)s[2] << 16) |
|
50 |
+ | ((uint32_tz)s[1] << 8) | (uint32_tz)s[0]; |
|
51 | 51 |
} |
52 | 52 |
|
53 | 53 |
/** => __zzip_get32 |
54 | 54 |
* This function does the same for a 16 bit value. |
55 | 55 |
*/ |
56 |
-uint16_t __zzip_get16(unsigned char * s) |
|
56 |
+uint16_tz __zzip_get16(unsigned char * s) |
|
57 | 57 |
{ |
58 |
- return ((uint16_t)s[1] << 8) | (uint16_t)s[0]; |
|
58 |
+ return ((uint16_tz)s[1] << 8) | (uint16_tz)s[0]; |
|
59 | 59 |
} |
60 | 60 |
|
61 | 61 |
/* --------------------------- internals -------------------------------- */ |
... | ... |
@@ -342,14 +342,14 @@ __zzip_parse_root_directory(int fd, |
342 | 342 |
auto struct zzip_root_dirent dirent; |
343 | 343 |
struct zzip_dir_hdr * hdr; |
344 | 344 |
struct zzip_dir_hdr * hdr0; |
345 |
- uint16_t * p_reclen = 0; |
|
345 |
+ uint16_tz * p_reclen = 0; |
|
346 | 346 |
short entries; |
347 | 347 |
long offset; /* offset from start of root directory */ |
348 | 348 |
char* fd_map = 0; |
349 |
- int32_t fd_gap = 0; |
|
350 |
- uint16_t u_entries = ZZIP_GET16(trailer->z_entries); |
|
351 |
- uint32_t u_rootsize = ZZIP_GET32(trailer->z_rootsize); |
|
352 |
- uint32_t u_rootseek = ZZIP_GET32(trailer->z_rootseek); |
|
349 |
+ int32_tz fd_gap = 0; |
|
350 |
+ uint16_tz u_entries = ZZIP_GET16(trailer->z_entries); |
|
351 |
+ uint32_tz u_rootsize = ZZIP_GET32(trailer->z_rootsize); |
|
352 |
+ uint32_tz u_rootseek = ZZIP_GET32(trailer->z_rootseek); |
|
353 | 353 |
__correct_rootseek (u_rootseek, u_rootsize, trailer); |
354 | 354 |
|
355 | 355 |
hdr0 = (struct zzip_dir_hdr*) malloc(u_rootsize); |
... | ... |
@@ -375,8 +375,8 @@ __zzip_parse_root_directory(int fd, |
375 | 375 |
for (entries=u_entries, offset=0; entries > 0; entries--) |
376 | 376 |
{ |
377 | 377 |
register struct zzip_root_dirent * d; |
378 |
- uint16_t u_extras, u_comment, u_namlen; |
|
379 |
- uint16_t u_flags; |
|
378 |
+ uint16_tz u_extras, u_comment, u_namlen; |
|
379 |
+ uint16_tz u_flags; |
|
380 | 380 |
|
381 | 381 |
if (fd_map) |
382 | 382 |
{ d = (void*)(fd_map+fd_gap+offset); } /* fd_map+fd_gap==u_rootseek */ |
... | ... |
@@ -414,10 +414,10 @@ __zzip_parse_root_directory(int fd, |
414 | 414 |
hdr->d_csize = ZZIP_GET32(d->z_csize); |
415 | 415 |
hdr->d_usize = ZZIP_GET32(d->z_usize); |
416 | 416 |
hdr->d_off = ZZIP_GET32(d->z_off); |
417 |
- hdr->d_compr = (uint8_t)ZZIP_GET16(d->z_compr); |
|
417 |
+ hdr->d_compr = (uint8_tz)ZZIP_GET16(d->z_compr); |
|
418 | 418 |
hdr->d_flags = u_flags; |
419 | 419 |
|
420 |
- /* bull: hdr->d_compr is uint8_t |
|
420 |
+ /* bull: hdr->d_compr is uint8_tz |
|
421 | 421 |
* if (hdr->d_compr > 255) hdr->d_compr = 255; */ |
422 | 422 |
|
423 | 423 |
if (offset+sizeof(*d) + u_namlen > u_rootsize) |
... | ... |
@@ -448,7 +448,7 @@ __zzip_parse_root_directory(int fd, |
448 | 448 |
|
449 | 449 |
{ register char* p = (char*) hdr; |
450 | 450 |
register char* q = aligned4 (p + sizeof(*hdr) + u_namlen + 1); |
451 |
- *p_reclen = (uint16_t)(q - p); |
|
451 |
+ *p_reclen = (uint16_tz)(q - p); |
|
452 | 452 |
hdr = (struct zzip_dir_hdr*) q; |
453 | 453 |
} |
454 | 454 |
}/*for*/ |
... | ... |
@@ -27,14 +27,14 @@ |
27 | 27 |
*/ |
28 | 28 |
struct zzip_dir_hdr |
29 | 29 |
{ |
30 |
- uint32_t d_usize; /* uncompressed size */ |
|
31 |
- uint32_t d_csize; /* compressed size */ |
|
32 |
- uint32_t d_crc32; /* the adler32-checksum */ |
|
33 |
- uint32_t d_off; /* offset of file in zipfile */ |
|
34 |
- uint16_t d_reclen; /* next dir_hdr structure offset */ |
|
35 |
- uint16_t d_namlen; /* explicit namelen of d_name */ |
|
36 |
- uint8_t d_compr; /* the compression type, 0 = store, 8 = inflate */ |
|
37 |
- uint16_t d_flags; /* general purpose flags */ |
|
30 |
+ uint32_tz d_usize; /* uncompressed size */ |
|
31 |
+ uint32_tz d_csize; /* compressed size */ |
|
32 |
+ uint32_tz d_crc32; /* the adler32-checksum */ |
|
33 |
+ uint32_tz d_off; /* offset of file in zipfile */ |
|
34 |
+ uint16_tz d_reclen; /* next dir_hdr structure offset */ |
|
35 |
+ uint16_tz d_namlen; /* explicit namelen of d_name */ |
|
36 |
+ uint8_tz d_compr; /* the compression type, 0 = store, 8 = inflate */ |
|
37 |
+ uint16_tz d_flags; /* general purpose flags */ |
|
38 | 38 |
char d_name[1]; /* the actual name of the entry, may contain DIRSEPs */ |
39 | 39 |
}; |
40 | 40 |
#define _ZZIP_DIRENT_HAVE_D_NAMLEN |
... | ... |
@@ -80,12 +80,12 @@ ZZIP_DIR* /*depracated*/ |
80 | 80 |
zzip_dir_alloc_ext_io (zzip_strings_t* ext, const zzip_plugin_io_t io); |
81 | 81 |
|
82 | 82 |
/* get 16/32 bits from little-endian zip-file to host byteorder */ |
83 |
-uint32_t __zzip_get32(unsigned char * s); |
|
84 |
-uint16_t __zzip_get16(unsigned char * s); |
|
83 |
+uint32_tz __zzip_get32(unsigned char * s); |
|
84 |
+uint16_tz __zzip_get16(unsigned char * s); |
|
85 | 85 |
|
86 | 86 |
#ifdef __i386__ |
87 |
-#define ZZIP_GET32(x) (*(uint32_t*)(x)) |
|
88 |
-#define ZZIP_GET16(x) (*(uint16_t*)(x)) |
|
87 |
+#define ZZIP_GET32(x) (*(uint32_tz*)(x)) |
|
88 |
+#define ZZIP_GET16(x) (*(uint16_tz*)(x)) |
|
89 | 89 |
#else |
90 | 90 |
#define ZZIP_GET32(x) (__zzip_get32(x)) |
91 | 91 |
#define ZZIP_GET16(x) (__zzip_get16(x)) |
... | ... |
@@ -72,10 +72,10 @@ struct zzip_file_trailer |
72 | 72 |
{ |
73 | 73 |
# define ZZIP_FILE_TRAILER_MAGIC 0x08074B50 |
74 | 74 |
# define ZZIP_FILE_TRAILER_CHECKMAGIC(__p) ZZIP_CHECKMAGIC(__p,'P','K','\7','\8') |
75 |
- uint32_t z_magic; /* data descriptor signature (0x08074b50) */ |
|
76 |
- uint32_t z_crc32; /* crc-32 */ |
|
77 |
- uint32_t z_csize; /* compressed size */ |
|
78 |
- uint32_t z_usize; /* uncompressed size */ |
|
75 |
+ uint32_tz z_magic; /* data descriptor signature (0x08074b50) */ |
|
76 |
+ uint32_tz z_crc32; /* crc-32 */ |
|
77 |
+ uint32_tz z_csize; /* compressed size */ |
|
78 |
+ uint32_tz z_usize; /* uncompressed size */ |
|
79 | 79 |
} __attribute__((packed)); |
80 | 80 |
|
81 | 81 |
/* C. central directory structure: |