git-svn: trunk@2471
Tomasz Kojm authored on 2006/11/02 03:02:04... | ... |
@@ -1,3 +1,8 @@ |
1 |
+Wed Nov 1 18:59:48 CET 2006 (tk) |
|
2 |
+--------------------------------- |
|
3 |
+ * libclamav: add support for self-extracting MS Cabinet archives |
|
4 |
+ Thanks to Christoph for a nice bunch of test files. |
|
5 |
+ |
|
1 | 6 |
Wed Nov 1 17:03:54 CET 2006 (tk) |
2 | 7 |
--------------------------------- |
3 | 8 |
* libclamav: minor clamav.h (and related) cleanup |
... | ... |
@@ -792,7 +792,7 @@ static int cli_scanszdd(int desc, cli_ctx *ctx) |
792 | 792 |
return ret; |
793 | 793 |
} |
794 | 794 |
|
795 |
-static int cli_scanmscab(int desc, cli_ctx *ctx) |
|
795 |
+static int cli_scanmscab(int desc, cli_ctx *ctx, off_t sfx_offset) |
|
796 | 796 |
{ |
797 | 797 |
struct mscab_decompressor *cabd = NULL; |
798 | 798 |
struct mscabd_cabinet *base, *cab; |
... | ... |
@@ -808,6 +808,9 @@ static int cli_scanmscab(int desc, cli_ctx *ctx) |
808 | 808 |
return CL_EMSCAB; |
809 | 809 |
} |
810 | 810 |
|
811 |
+ if(sfx_offset) |
|
812 |
+ lseek(desc, sfx_offset, SEEK_SET); |
|
813 |
+ |
|
811 | 814 |
if((base = cabd->dsearch(cabd, dup(desc))) == NULL) { |
812 | 815 |
cli_dbgmsg("MSCAB: I/O error or no valid cabinets found\n"); |
813 | 816 |
mspack_destroy_cab_decompressor(cabd); |
... | ... |
@@ -1626,6 +1629,7 @@ static int cli_scanraw(int desc, cli_ctx *ctx, cli_file_t type) |
1626 | 1626 |
|
1627 | 1627 |
case CL_TYPE_RARSFX: |
1628 | 1628 |
case CL_TYPE_ZIPSFX: |
1629 |
+ case CL_TYPE_CABSFX: |
|
1629 | 1630 |
if(type == CL_TYPE_MSEXE) { |
1630 | 1631 |
if(SCAN_ARCHIVE) { |
1631 | 1632 |
lastzip = lastrar = 0xdeadbeef; |
... | ... |
@@ -1639,7 +1643,12 @@ static int cli_scanraw(int desc, cli_ctx *ctx, cli_file_t type) |
1639 | 1639 |
cli_dbgmsg("ZIP-SFX signature found at %d\n", fpt->offset); |
1640 | 1640 |
if((nret = cli_scanzip(desc, ctx, fpt->offset, &lastzip)) == CL_VIRUS) |
1641 | 1641 |
break; |
1642 |
+ } else if(fpt->type == CL_TYPE_CABSFX) { |
|
1643 |
+ cli_dbgmsg("CAB-SFX signature found at %d\n", fpt->offset); |
|
1644 |
+ if((nret = cli_scanmscab(desc, ctx, fpt->offset)) == CL_VIRUS) |
|
1645 |
+ break; |
|
1642 | 1646 |
} |
1647 |
+ |
|
1643 | 1648 |
fpt = fpt->next; |
1644 | 1649 |
} |
1645 | 1650 |
} |
... | ... |
@@ -1753,7 +1762,7 @@ int cli_magic_scandesc(int desc, cli_ctx *ctx) |
1753 | 1753 |
|
1754 | 1754 |
case CL_TYPE_MSCAB: |
1755 | 1755 |
if(SCAN_ARCHIVE) |
1756 |
- ret = cli_scanmscab(desc, ctx); |
|
1756 |
+ ret = cli_scanmscab(desc, ctx, 0); |
|
1757 | 1757 |
break; |
1758 | 1758 |
|
1759 | 1759 |
case CL_TYPE_HTML: |