git-svn: trunk@314
Trog authored on 2004/02/20 23:51:46... | ... |
@@ -1,3 +1,7 @@ |
1 |
+Fri Feb 20 14:55:32 GMT 2004 (trog) |
|
2 |
+----------------------------------- |
|
3 |
+ * libclamav/vba_extract.c: vba_decompress returns explicit data length |
|
4 |
+ |
|
1 | 5 |
Fri Feb 20 09:55:58 GMT 2004 (njh) |
2 | 6 |
---------------------------------- |
3 | 7 |
* clamav-milter: The recent changes to the configure script changed |
... | ... |
@@ -592,7 +592,7 @@ int cli_scanole2(int desc, char **virname, long int *scanned, const struct cl_no |
592 | 592 |
const char *tmpdir; |
593 | 593 |
char *dir, *fullname; |
594 | 594 |
unsigned char *data; |
595 |
- int ret = CL_CLEAN, fd, i; |
|
595 |
+ int ret = CL_CLEAN, fd, i, data_len; |
|
596 | 596 |
vba_project_t *vba_project; |
597 | 597 |
|
598 | 598 |
cli_dbgmsg("in cli_scanole2()\n"); |
... | ... |
@@ -634,13 +634,13 @@ int cli_scanole2(int desc, char **virname, long int *scanned, const struct cl_no |
634 | 634 |
} |
635 | 635 |
free(fullname); |
636 | 636 |
cli_dbgmsg("decompress VBA project '%s'\n", vba_project->name[i]); |
637 |
- data = (unsigned char *) vba_decompress(fd, vba_project->offset[i]); |
|
637 |
+ data = (unsigned char *) vba_decompress(fd, vba_project->offset[i], &data_len); |
|
638 | 638 |
close(fd); |
639 | 639 |
|
640 | 640 |
if(!data) { |
641 | 641 |
cli_dbgmsg("WARNING: VBA project '%s' decompressed to NULL\n", vba_project->name[i]); |
642 | 642 |
} else { |
643 |
- if(cl_scanbuff(data, strlen(data), virname, root) == CL_VIRUS) { |
|
643 |
+ if(cl_scanbuff(data, data_len, virname, root) == CL_VIRUS) { |
|
644 | 644 |
free(data); |
645 | 645 |
ret = CL_VIRUS; |
646 | 646 |
break; |
... | ... |
@@ -293,7 +293,7 @@ vba_project_t *vba56_dir_read(const char *dir) |
293 | 293 |
return NULL; |
294 | 294 |
} |
295 | 295 |
|
296 |
- if (vba_readn(fd, &LidA, 4) != 4) { |
|
296 |
+ if (vba_readn(fd, &LidB, 4) != 4) { |
|
297 | 297 |
close(fd); |
298 | 298 |
return NULL; |
299 | 299 |
} |
... | ... |
@@ -611,7 +611,7 @@ void byte_array_append(byte_array_t *array, unsigned char *src, unsigned int len |
611 | 611 |
} |
612 | 612 |
} |
613 | 613 |
|
614 |
-unsigned char *vba_decompress(int fd, uint32_t offset) |
|
614 |
+unsigned char *vba_decompress(int fd, uint32_t offset, int *size) |
|
615 | 615 |
{ |
616 | 616 |
unsigned int i, pos=0, shift, win_pos, clean=TRUE, mask, distance; |
617 | 617 |
uint8_t flag; |
... | ... |
@@ -631,6 +631,9 @@ unsigned char *vba_decompress(int fd, uint32_t offset) |
631 | 631 |
if (result.data) { |
632 | 632 |
free(result.data); |
633 | 633 |
} |
634 |
+ if (size) { |
|
635 |
+ *size = 0; |
|
636 |
+ } |
|
634 | 637 |
return NULL; |
635 | 638 |
} |
636 | 639 |
token = vba_endian_convert_16(token); |
... | ... |
@@ -670,6 +673,9 @@ unsigned char *vba_decompress(int fd, uint32_t offset) |
670 | 670 |
if (result.data) { |
671 | 671 |
free(result.data); |
672 | 672 |
} |
673 |
+ if (size) { |
|
674 |
+ *size = 0; |
|
675 |
+ } |
|
673 | 676 |
return NULL; |
674 | 677 |
} |
675 | 678 |
clean = FALSE; |
... | ... |
@@ -687,7 +693,9 @@ unsigned char *vba_decompress(int fd, uint32_t offset) |
687 | 687 |
if (pos % VBA_COMPRESSION_WINDOW) { |
688 | 688 |
byte_array_append(&result, buffer, pos % VBA_COMPRESSION_WINDOW); |
689 | 689 |
} |
690 |
- byte_array_append(&result, "\0", 1); |
|
690 |
+ if (size) { |
|
691 |
+ *size = result.length; |
|
692 |
+ } |
|
691 | 693 |
return result.data; |
692 | 694 |
|
693 | 695 |
} |
... | ... |
@@ -713,7 +721,7 @@ int vba_dump(vba_project_t *vba_project) |
713 | 713 |
return FALSE; |
714 | 714 |
} |
715 | 715 |
|
716 |
- data = vba_decompress(fd, vba_project->offset[i]); |
|
716 |
+ data = vba_decompress(fd, vba_project->offset[i], NULL); |
|
717 | 717 |
cli_dbgmsg("%s\n", data); |
718 | 718 |
close(fd); |
719 | 719 |
|