Browse code
allow for hash prefixes.
| ... | ... |
@@ -1,3 +1,8 @@ |
| 1 |
+Mon Mar 9 13:22:35 EET 2009 (edwin) |
|
| 2 |
+------------------------------------ |
|
| 3 |
+ * libclamav/phishcheck.c, libclamav/regex_list.c, |
|
| 4 |
+ unit_tests/input/daily.gdb: allow for hash prefixes. |
|
| 5 |
+ |
|
| 1 | 6 |
Fri Mar 6 19:22:27 EET 2009 (edwin) |
| 2 | 7 |
------------------------------------ |
| 3 | 8 |
* libclamav/phishcheck.c: update name |
| ... | ... |
@@ -1186,13 +1186,22 @@ static int hash_match(const struct regex_matcher *rlist, const char *host, size_ |
| 1186 | 1186 |
cli_dbgmsg("hash lookup for: %s\n",s);
|
| 1187 | 1187 |
#endif |
| 1188 | 1188 |
if(rlist->sha256_hashes.bm_patterns) {
|
| 1189 |
+ const char hexchars[] = "0123456789ABCDEF"; |
|
| 1190 |
+ unsigned char h[65]; |
|
| 1189 | 1191 |
unsigned char sha256_dig[32]; |
| 1192 |
+ unsigned i; |
|
| 1190 | 1193 |
SHA256_CTX sha256; |
| 1191 | 1194 |
|
| 1192 | 1195 |
sha256_init(&sha256); |
| 1193 | 1196 |
sha256_update(&sha256, host, hlen); |
| 1194 | 1197 |
sha256_update(&sha256, path, plen); |
| 1195 | 1198 |
sha256_final(&sha256, sha256_dig); |
| 1199 |
+ for(i=0;i<32;i++) {
|
|
| 1200 |
+ h[2*i] = hexchars[sha256_dig[i]>>4]; |
|
| 1201 |
+ h[2*i+1] = hexchars[sha256_dig[i]&0xf]; |
|
| 1202 |
+ } |
|
| 1203 |
+ h[64]='\0'; |
|
| 1204 |
+ cli_dbgmsg("Looking up hash %s for %s%s\n", h, host, path);
|
|
| 1196 | 1205 |
if(SO_search(&rlist->sha256_filter, sha256_dig, 32) != -1 && |
| 1197 | 1206 |
cli_bm_scanbuff(sha256_dig, 32, &virname, &rlist->sha256_hashes,0,0,-1) == CL_VIRUS) {
|
| 1198 | 1207 |
switch(*virname) {
|
| ... | ... |
@@ -542,9 +542,18 @@ int load_regex_matcher(struct regex_matcher* matcher,FILE* fd,unsigned int *sign |
| 542 | 542 |
return rc==CL_EMEM ? CL_EMEM : CL_EMALFDB; |
| 543 | 543 |
} else if (buffer[0] == 'S' && !is_whitelist) {
|
| 544 | 544 |
pattern[pattern_len] = '\0'; |
| 545 |
- if (( rc = add_hash(matcher, pattern, flags[0]) )) {
|
|
| 545 |
+ if(*pattern=='F' && pattern[1]==':') {
|
|
| 546 |
+ pattern += 2; |
|
| 547 |
+ if (( rc = add_hash(matcher, pattern, flags[0]) )) {
|
|
| 546 | 548 |
cli_errmsg("Error loading at line: %d\n", line);
|
| 547 | 549 |
return rc==CL_EMEM ? CL_EMEM : CL_EMALFDB; |
| 550 |
+ } |
|
| 551 |
+ } else if (*pattern=='P' && pattern[1]==':') {
|
|
| 552 |
+ pattern += 2; |
|
| 553 |
+ /* TODO: hostkey prefix */ |
|
| 554 |
+ } else {
|
|
| 555 |
+ cli_errmsg("Error loading line: %d, %c\n", line, *pattern);
|
|
| 556 |
+ return CL_EMALFDB; |
|
| 548 | 557 |
} |
| 549 | 558 |
} else {
|
| 550 | 559 |
return CL_EMALFDB; |
| ... | ... |
@@ -1,2 +1,2 @@ |
| 1 |
-S:d1b8a0251d7555d016b6468ae623e4b1e830c7efccc54966d09447a3d0a85c60 |
|
| 2 |
-S2:7f6fd541e625e7bc5d5a64f166e47ecfe13735464a74d160b48265c162a71089 |
|
| 1 |
+S:F:d1b8a0251d7555d016b6468ae623e4b1e830c7efccc54966d09447a3d0a85c60 |
|
| 2 |
+S2:F:7f6fd541e625e7bc5d5a64f166e47ecfe13735464a74d160b48265c162a71089 |