git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@1268 77e5149b-7576-45b1-b177-96237e5ba77b
Nigel Horne authored on 2005/01/24 22:57:07... | ... |
@@ -1,3 +1,8 @@ |
1 |
+Mon Jan 24 13:56:19 GMT 2005 (njh) |
|
2 |
+---------------------------------- |
|
3 |
+ * libclamav/message.c: Some Exploit.IE.CrashSOS were not being caught, |
|
4 |
+ found by Carsten.Borchardt@drs-systemberatung.de |
|
5 |
+ |
|
1 | 6 |
Sat Jan 22 13:45:42 GMT 2005 (njh) |
2 | 7 |
---------------------------------- |
3 | 8 |
* clamav-milter: If forwarding to a quarantine user fails log as LOG_ERR |
... | ... |
@@ -17,6 +17,9 @@ |
17 | 17 |
* |
18 | 18 |
* Change History: |
19 | 19 |
* $Log: message.c,v $ |
20 |
+ * Revision 1.138 2005/01/24 13:54:22 nigelhorne |
|
21 |
+ * Some Exploit.IE.CrashSOS were getting through |
|
22 |
+ * |
|
20 | 23 |
* Revision 1.137 2005/01/05 21:54:05 nigelhorne |
21 | 24 |
* Fuzzy logic lookup of content-type |
22 | 25 |
* |
... | ... |
@@ -408,7 +411,7 @@ |
408 | 408 |
* uuencodebegin() no longer static |
409 | 409 |
* |
410 | 410 |
*/ |
411 |
-static char const rcsid[] = "$Id: message.c,v 1.137 2005/01/05 21:54:05 nigelhorne Exp $"; |
|
411 |
+static char const rcsid[] = "$Id: message.c,v 1.138 2005/01/24 13:54:22 nigelhorne Exp $"; |
|
412 | 412 |
|
413 | 413 |
#if HAVE_CONFIG_H |
414 | 414 |
#include "clamav-config.h" |
... | ... |
@@ -686,7 +689,7 @@ messageSetMimeType(message *mess, const char *type) |
686 | 686 |
type, closest, highestSimil); |
687 | 687 |
mess->mimeType = t; |
688 | 688 |
} else { |
689 |
- cli_warnmsg("Unknown MIME type: `%s', set to Application - report to bugs@clamav.net\n", type); |
|
689 |
+ cli_dbgmsg("Unknown MIME type: `%s', set to Application - if you believe this file contains a virus, report it to bugs@clamav.net\n", type); |
|
690 | 690 |
mess->mimeType = APPLICATION; |
691 | 691 |
} |
692 | 692 |
} |
... | ... |
@@ -937,7 +940,7 @@ messageAddArguments(message *m, const char *s) |
937 | 937 |
* TODO: the file should still be saved and |
938 | 938 |
* virus checked |
939 | 939 |
*/ |
940 |
- cli_dbgmsg("Can't parse header\"%s\" - report to bugs@clamav.net\n", s); |
|
940 |
+ cli_dbgmsg("Can't parse header\"%s\" - if you believe this file contains a virus, report it to bugs@clamav.net\n", s); |
|
941 | 941 |
if(data) |
942 | 942 |
free(data); |
943 | 943 |
free((char *)key); |
... | ... |
@@ -1147,7 +1150,7 @@ messageSetEncoding(message *m, const char *enctype) |
1147 | 1147 |
type, closest, highestSimil); |
1148 | 1148 |
messageSetEncoding(m, closest); |
1149 | 1149 |
} else { |
1150 |
- cli_warnmsg("Unknown encoding type \"%s\" - report to bugs@clamav.net\n", type); |
|
1150 |
+ cli_dbgmsg("Unknown encoding type \"%s\" - if you believe this file contains a virus, report it to bugs@clamav.net\n", type); |
|
1151 | 1151 |
/* |
1152 | 1152 |
* Err on the side of safety, enable all |
1153 | 1153 |
* decoding modules |
... | ... |
@@ -1535,7 +1538,7 @@ messageExport(message *m, const char *dir, void *(*create)(void), void (*destroy |
1535 | 1535 |
*/ |
1536 | 1536 |
free(uptr); |
1537 | 1537 |
} else { |
1538 |
- cli_warnmsg("HQX8 messages not yet supported - send to bugs@clamav.net\n", len); |
|
1538 |
+ cli_warnmsg("HQX8 messages not yet supported - if you believe this file contains a virus, report it to bugs@clamav.net\n", len); |
|
1539 | 1539 |
newlen = len; |
1540 | 1540 |
} |
1541 | 1541 |
|
... | ... |
@@ -1891,6 +1894,8 @@ messageExport(message *m, const char *dir, void *(*create)(void), void (*destroy |
1891 | 1891 |
unsigned char data[4]; |
1892 | 1892 |
unsigned char *ptr; |
1893 | 1893 |
|
1894 |
+ cli_dbgmsg("%u trailing bytes to export\n", m->base64chars); |
|
1895 |
+ |
|
1894 | 1896 |
ptr = decode(m, NULL, data, base64, FALSE); |
1895 | 1897 |
if(ptr) |
1896 | 1898 |
(*addData)(ret, data, (size_t)(ptr - data)); |
... | ... |
@@ -2498,13 +2503,13 @@ decode(message *m, const char *in, unsigned char *out, unsigned char (*decoder)( |
2498 | 2498 |
b2 = cb2; |
2499 | 2499 |
|
2500 | 2500 |
if(m->base64chars) { |
2501 |
- nbytes++; |
|
2501 |
+ nbytes = 2; |
|
2502 | 2502 |
m->base64chars--; |
2503 | 2503 |
b3 = cb3; |
2504 | 2504 |
if(b3) |
2505 |
- nbytes++; |
|
2505 |
+ nbytes = 3; |
|
2506 | 2506 |
} else if(b2) |
2507 |
- nbytes++; |
|
2507 |
+ nbytes = 2; |
|
2508 | 2508 |
} |
2509 | 2509 |
|
2510 | 2510 |
switch(nbytes) { |
... | ... |
@@ -2518,7 +2523,8 @@ decode(message *m, const char *in, unsigned char *out, unsigned char (*decoder)( |
2518 | 2518 |
break; |
2519 | 2519 |
case 2: |
2520 | 2520 |
*out++ = (b1 << 2) | ((b2 >> 4) & 0x3); |
2521 |
- *out++ = b2 << 4; |
|
2521 |
+ if((b2 << 4) & 0xFF) |
|
2522 |
+ *out++ = b2 << 4; |
|
2522 | 2523 |
break; |
2523 | 2524 |
case 1: |
2524 | 2525 |
*out++ = b1 << 2; |