git-svn: trunk@4916
Török Edvin authored on 2009/03/09 20:23:21... | ... |
@@ -1,3 +1,8 @@ |
1 |
+Mon Mar 9 13:22:35 EET 2009 (edwin) |
|
2 |
+------------------------------------ |
|
3 |
+ * libclamav/phishcheck.c, libclamav/regex_list.c, |
|
4 |
+ unit_tests/input/daily.gdb: allow for hash prefixes. |
|
5 |
+ |
|
1 | 6 |
Fri Mar 6 19:22:27 EET 2009 (edwin) |
2 | 7 |
------------------------------------ |
3 | 8 |
* libclamav/phishcheck.c: update name |
... | ... |
@@ -1186,13 +1186,22 @@ static int hash_match(const struct regex_matcher *rlist, const char *host, size_ |
1186 | 1186 |
cli_dbgmsg("hash lookup for: %s\n",s); |
1187 | 1187 |
#endif |
1188 | 1188 |
if(rlist->sha256_hashes.bm_patterns) { |
1189 |
+ const char hexchars[] = "0123456789ABCDEF"; |
|
1190 |
+ unsigned char h[65]; |
|
1189 | 1191 |
unsigned char sha256_dig[32]; |
1192 |
+ unsigned i; |
|
1190 | 1193 |
SHA256_CTX sha256; |
1191 | 1194 |
|
1192 | 1195 |
sha256_init(&sha256); |
1193 | 1196 |
sha256_update(&sha256, host, hlen); |
1194 | 1197 |
sha256_update(&sha256, path, plen); |
1195 | 1198 |
sha256_final(&sha256, sha256_dig); |
1199 |
+ for(i=0;i<32;i++) { |
|
1200 |
+ h[2*i] = hexchars[sha256_dig[i]>>4]; |
|
1201 |
+ h[2*i+1] = hexchars[sha256_dig[i]&0xf]; |
|
1202 |
+ } |
|
1203 |
+ h[64]='\0'; |
|
1204 |
+ cli_dbgmsg("Looking up hash %s for %s%s\n", h, host, path); |
|
1196 | 1205 |
if(SO_search(&rlist->sha256_filter, sha256_dig, 32) != -1 && |
1197 | 1206 |
cli_bm_scanbuff(sha256_dig, 32, &virname, &rlist->sha256_hashes,0,0,-1) == CL_VIRUS) { |
1198 | 1207 |
switch(*virname) { |
... | ... |
@@ -542,9 +542,18 @@ int load_regex_matcher(struct regex_matcher* matcher,FILE* fd,unsigned int *sign |
542 | 542 |
return rc==CL_EMEM ? CL_EMEM : CL_EMALFDB; |
543 | 543 |
} else if (buffer[0] == 'S' && !is_whitelist) { |
544 | 544 |
pattern[pattern_len] = '\0'; |
545 |
- if (( rc = add_hash(matcher, pattern, flags[0]) )) { |
|
545 |
+ if(*pattern=='F' && pattern[1]==':') { |
|
546 |
+ pattern += 2; |
|
547 |
+ if (( rc = add_hash(matcher, pattern, flags[0]) )) { |
|
546 | 548 |
cli_errmsg("Error loading at line: %d\n", line); |
547 | 549 |
return rc==CL_EMEM ? CL_EMEM : CL_EMALFDB; |
550 |
+ } |
|
551 |
+ } else if (*pattern=='P' && pattern[1]==':') { |
|
552 |
+ pattern += 2; |
|
553 |
+ /* TODO: hostkey prefix */ |
|
554 |
+ } else { |
|
555 |
+ cli_errmsg("Error loading line: %d, %c\n", line, *pattern); |
|
556 |
+ return CL_EMALFDB; |
|
548 | 557 |
} |
549 | 558 |
} else { |
550 | 559 |
return CL_EMALFDB; |
... | ... |
@@ -1,2 +1,2 @@ |
1 |
-S:d1b8a0251d7555d016b6468ae623e4b1e830c7efccc54966d09447a3d0a85c60 |
|
2 |
-S2:7f6fd541e625e7bc5d5a64f166e47ecfe13735464a74d160b48265c162a71089 |
|
1 |
+S:F:d1b8a0251d7555d016b6468ae623e4b1e830c7efccc54966d09447a3d0a85c60 |
|
2 |
+S2:F:7f6fd541e625e7bc5d5a64f166e47ecfe13735464a74d160b48265c162a71089 |