git-svn: trunk@3117
Török Edvin authored on 2007/06/26 16:40:02... | ... |
@@ -1,3 +1,8 @@ |
1 |
+Tue Jun 26 10:19:00 CEST 2007 (edwin) |
|
2 |
+---------------------------------- |
|
3 |
+ * libclamav/regex_list.c: fix false substring matches, related to bug |
|
4 |
+ #534, #551. |
|
5 |
+ |
|
1 | 6 |
Tue Jun 26 07:51:36 BST 2007 (njh) |
2 | 7 |
---------------------------------- |
3 | 8 |
* clamav-milter: Improve yesterday's fix to ensure that servers are marked |
... | ... |
@@ -48,7 +48,7 @@ int domainlist_match(const struct cl_engine* engine,const char* real_url,const c |
48 | 48 |
{ |
49 | 49 |
const char* info; |
50 | 50 |
int rc = engine->domainlist_matcher ? regex_list_match(engine->domainlist_matcher,real_url,display_url,hostOnly,&info,0) : 0; |
51 |
- if(rc && info && info[0]) {/*match successful, and has custom flags*/ |
|
51 |
+ if(rc && info && info[0] && info[0] != ':') {/*match successful, and has custom flags*/ |
|
52 | 52 |
if(strlen(info)==3 && isxdigit(info[0]) && isxdigit(info[1]) && isxdigit(info[2])) { |
53 | 53 |
unsigned short notwantedflags=0; |
54 | 54 |
sscanf(info,"%hx",¬wantedflags); |
... | ... |
@@ -277,8 +277,20 @@ int regex_list_match(struct regex_matcher* matcher,const char* real_url,const ch |
277 | 277 |
/* needs to match terminating \0 too */ |
278 | 278 |
rc = cli_ac_scanbuff((unsigned char*)buffer,buffer_len+1,info, &matcher->root_hosts[i] ,&mdata,0,0,0,-1,NULL); |
279 | 279 |
cli_ac_freedata(&mdata); |
280 |
- if(rc) |
|
281 |
- break; |
|
280 |
+ if(rc) { |
|
281 |
+ const char* matched = strchr(*info,':'); |
|
282 |
+ const size_t match_len = matched ? strlen(matched+1) : 0; |
|
283 |
+ if(match_len == buffer_len || /* full match */ |
|
284 |
+ (match_len < buffer_len && |
|
285 |
+ buffer[buffer_len-match_len-1]=='.') |
|
286 |
+ /* subdomain matched*/) { |
|
287 |
+ |
|
288 |
+ cli_dbgmsg("Got a match:%s with %s\n",buffer,*info); |
|
289 |
+ break; |
|
290 |
+ } |
|
291 |
+ cli_dbgmsg("Ignoring false match:%s with %s\n",buffer,*info); |
|
292 |
+ rc=0; |
|
293 |
+ } |
|
282 | 294 |
} |
283 | 295 |
} else |
284 | 296 |
rc = 0; |
... | ... |
@@ -424,6 +436,7 @@ static int add_regex_list_element(struct cli_matcher* root,const char* pattern,c |
424 | 424 |
for(i=0;i<len;i++) |
425 | 425 |
new->pattern[i]=pattern[i];/*new->pattern is short int* */ |
426 | 426 |
|
427 |
+ |
|
427 | 428 |
new->virname = cli_strdup(info); |
428 | 429 |
if((ret = cli_ac_addpatt(root,new))) { |
429 | 430 |
free(new->virname); |
... | ... |
@@ -545,7 +558,7 @@ int load_regex_matcher(struct regex_matcher* matcher,FILE* fd,unsigned int optio |
545 | 545 |
fatal_error(matcher); |
546 | 546 |
return CL_EMALFDB; |
547 | 547 |
} |
548 |
- pattern[0]='\0'; |
|
548 |
+ /*pattern[0]='\0';*/ |
|
549 | 549 |
flags = buffer+1; |
550 | 550 |
pattern++; |
551 | 551 |
|