git-svn: trunk@3256
Török Edvin authored on 2007/09/29 03:45:58... | ... |
@@ -1,3 +1,7 @@ |
1 |
+Fri Sep 28 21:02:43 EEST 2007 (edwin) |
|
2 |
+------------------------------------- |
|
3 |
+ * libclamav/regex_list.c: fix off by one substring logic. |
|
4 |
+ |
|
1 | 5 |
Fri Sep 28 20:17:41 EEST 2007 (edwin) |
2 | 6 |
------------------------------------- |
3 | 7 |
* libclamav/phishcheck.c: fix NULL deref. bug, use of uninitialized |
... | ... |
@@ -1027,6 +1027,7 @@ static int url_get_host(const struct phishcheck* pchk, struct url_check* url,str |
1027 | 1027 |
if(( rc = string_assign_dup(host,start,end) )) |
1028 | 1028 |
return rc; |
1029 | 1029 |
} |
1030 |
+ cli_dbgmsg("Phishcheck:host:%s\n", host->data); |
|
1030 | 1031 |
if(!isReal) { |
1031 | 1032 |
url->pre_fixup.host_start = start - URL; |
1032 | 1033 |
url->pre_fixup.host_end = end - URL; |
... | ... |
@@ -222,16 +222,20 @@ static void fatal_error(struct regex_matcher* matcher) |
222 | 222 |
|
223 | 223 |
static inline size_t get_char_at_pos_with_skip(const struct pre_fixup_info* info, const char* buffer, size_t pos) |
224 | 224 |
{ |
225 |
- size_t realpos=info->host_start; |
|
225 |
+ size_t realpos = 0; |
|
226 | 226 |
if(!info) { |
227 | 227 |
return buffer[pos]; |
228 | 228 |
} |
229 |
- for(++pos; pos>0; pos--) { |
|
230 |
- while(!isalnum(info->pre_displayLink.data[realpos])) realpos++; |
|
229 |
+ cli_dbgmsg("calc_pos_with_skip: skip:%u, %u - %u \"%s\",\"%s\"\n",pos,info->host_start,info->host_end,info->pre_displayLink.data,buffer); |
|
230 |
+ pos += info->host_start; |
|
231 |
+ while(!isalnum(info->pre_displayLink.data[realpos])) realpos++; |
|
232 |
+ for(; pos>0; pos--) { |
|
233 |
+ while(info->pre_displayLink.data[realpos]==' ') realpos++; |
|
231 | 234 |
realpos++; |
232 | 235 |
} |
236 |
+ while(info->pre_displayLink.data[realpos]==' ') realpos++; |
|
233 | 237 |
cli_dbgmsg("calc_pos_with_skip:%s\n",info->pre_displayLink.data+realpos); |
234 |
- return info->pre_displayLink.data[realpos]; |
|
238 |
+ return info->pre_displayLink.data[realpos>0?realpos-1:0]; |
|
235 | 239 |
} |
236 | 240 |
|
237 | 241 |
/* |
... | ... |
@@ -293,7 +297,7 @@ int regex_list_match(struct regex_matcher* matcher,const char* real_url,const ch |
293 | 293 |
const size_t match_len = matched ? strlen(matched+1) : 0; |
294 | 294 |
if(match_len == buffer_len || /* full match */ |
295 | 295 |
(match_len < buffer_len && |
296 |
- ((c=get_char_at_pos_with_skip(pre_fixup,buffer,buffer_len-match_len-1))=='.' || (c==' ')) ) |
|
296 |
+ ((c=get_char_at_pos_with_skip(pre_fixup,buffer,buffer_len-match_len))=='.' || (c==' ')) ) |
|
297 | 297 |
/* subdomain matched*/) { |
298 | 298 |
|
299 | 299 |
cli_dbgmsg("Got a match: %s with %s\n",buffer,*info); |