2009-08-20 16:23:43 +03:00
|
|
|
/*
|
|
|
|
|
* ClamAV bytecode internal API
|
|
|
|
|
*
|
2022-01-06 16:53:44 -08:00
|
|
|
* Copyright (C) 2013-2022 Cisco Systems, Inc. and/or its affiliates. All rights reserved.
|
2019-01-25 10:15:50 -05:00
|
|
|
* Copyright (C) 2009-2013 Sourcefire, Inc.
|
2009-08-20 16:23:43 +03:00
|
|
|
*
|
2009-09-04 16:24:52 +03:00
|
|
|
* Authors: Török Edvin
|
|
|
|
|
*
|
2009-08-20 16:23:43 +03:00
|
|
|
* This program is free software; you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU General Public License version 2 as
|
|
|
|
|
* published by the Free Software Foundation.
|
|
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
|
* along with this program; if not, write to the Free Software
|
|
|
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
|
|
|
|
|
* MA 02110-1301, USA.
|
|
|
|
|
*/
|
|
|
|
|
|
2009-12-11 20:57:41 +02:00
|
|
|
#ifdef HAVE_CONFIG_H
|
|
|
|
|
#include "clamav-config.h"
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef HAVE_UNISTD_H
|
2009-09-07 18:01:43 +03:00
|
|
|
#include <unistd.h>
|
2009-12-11 20:57:41 +02:00
|
|
|
#endif
|
2009-09-04 17:29:13 +03:00
|
|
|
#include <stdlib.h>
|
2009-12-02 17:13:07 +02:00
|
|
|
#include <fcntl.h>
|
|
|
|
|
#include <errno.h>
|
2010-01-20 16:19:18 +02:00
|
|
|
#include <string.h>
|
2010-05-12 18:26:02 +03:00
|
|
|
#include <math.h>
|
2010-05-13 00:27:00 +03:00
|
|
|
#include <ctype.h>
|
2014-02-08 00:31:12 -05:00
|
|
|
|
Add CMake build tooling
This patch adds experimental-quality CMake build tooling.
The libmspack build required a modification to use "" instead of <> for
header #includes. This will hopefully be included in the libmspack
upstream project when adding CMake build tooling to libmspack.
Removed use of libltdl when using CMake.
Flex & Bison are now required to build.
If -DMAINTAINER_MODE, then GPERF is also required, though it currently
doesn't actually do anything. TODO!
I found that the autotools build system was generating the lexer output
but not actually compiling it, instead using previously generated (and
manually renamed) lexer c source. As a consequence, changes to the .l
and .y files weren't making it into the build. To resolve this, I
removed generated flex/bison files and fixed the tooling to use the
freshly generated files. Flex and bison are now required build tools.
On Windows, this adds a dependency on the winflexbison package,
which can be obtained using Chocolatey or may be manually installed.
CMake tooling only has partial support for building with external LLVM
library, and no support for the internal LLVM (to be removed in the
future). I.e. The CMake build currently only supports the bytecode
interpreter.
Many files used include paths relative to the top source directory or
relative to the current project, rather than relative to each build
target. Modern CMake support requires including internal dependency
headers the same way you would external dependency headers (albeit
with "" instead of <>). This meant correcting all header includes to
be relative to the build targets and not relative to the workspace.
For example, ...
```c
include "../libclamav/clamav.h"
include "clamd/clamd_others.h"
```
... becomes:
```c
// libclamav
include "clamav.h"
// clamd
include "clamd_others.h"
```
Fixes header name conflicts by renaming a few of the files.
Converted the "shared" code into a static library, which depends on
libclamav. The ironically named "shared" static library provides
features common to the ClamAV apps which are not required in
libclamav itself and are not intended for use by downstream projects.
This change was required for correct modern CMake practices but was
also required to use the automake "subdir-objects" option.
This eliminates warnings when running autoreconf which, in the next
version of autoconf & automake are likely to break the build.
libclamav used to build in multiple stages where an earlier stage is
a static library containing utils required by the "shared" code.
Linking clamdscan and clamdtop with this libclamav utils static lib
allowed these two apps to function without libclamav. While this is
nice in theory, the practical gains are minimal and it complicates
the build system. As such, the autotools and CMake tooling was
simplified for improved maintainability and this feature was thrown
out. clamdtop and clamdscan now require libclamav to function.
Removed the nopthreads version of the autotools
libclamav_internal_utils static library and added pthread linking to
a couple apps that may have issues building on some platforms without
it, with the intention of removing needless complexity from the
source. Kept the regular version of libclamav_internal_utils.la
though it is no longer used anywhere but in libclamav.
Added an experimental doxygen build option which attempts to build
clamav.h and libfreshclam doxygen html docs.
The CMake build tooling also may build the example program(s), which
isn't a feature in the Autotools build system.
Changed C standard to C90+ due to inline linking issues with socket.h
when linking libfreshclam.so on Linux.
Generate common.rc for win32.
Fix tabs/spaces in shared Makefile.am, and remove vestigial ifndef
from misc.c.
Add CMake files to the automake dist, so users can try the new
CMake tooling w/out having to build from a git clone.
clamonacc changes:
- Renamed FANOTIFY macro to HAVE_SYS_FANOTIFY_H to better match other
similar macros.
- Added a new clamav-clamonacc.service systemd unit file, based on
the work of ChadDevOps & Aaron Brighton.
- Added missing clamonacc man page.
Updates to clamdscan man page, add missing options.
Remove vestigial CL_NOLIBCLAMAV definitions (all apps now use
libclamav).
Rename Windows mspack.dll to libmspack.dll so all ClamAV-built
libraries have the lib-prefix with Visual Studio as with CMake.
2020-08-13 00:25:34 -07:00
|
|
|
#if HAVE_JSON
|
|
|
|
|
#include <json.h>
|
|
|
|
|
#endif
|
|
|
|
|
#if HAVE_BZLIB_H
|
|
|
|
|
#include <bzlib.h>
|
|
|
|
|
#endif
|
|
|
|
|
|
2014-07-01 19:38:01 -04:00
|
|
|
#include "clamav.h"
|
2009-09-04 17:29:13 +03:00
|
|
|
#include "clambc.h"
|
2009-12-09 16:50:55 +02:00
|
|
|
#include "bytecode.h"
|
2009-09-04 17:29:13 +03:00
|
|
|
#include "bytecode_priv.h"
|
2009-08-20 16:23:43 +03:00
|
|
|
#include "type_desc.h"
|
|
|
|
|
#include "bytecode_api.h"
|
2009-09-04 16:24:52 +03:00
|
|
|
#include "bytecode_api_impl.h"
|
2009-09-11 15:12:17 +03:00
|
|
|
#include "others.h"
|
2010-01-18 19:31:59 +02:00
|
|
|
#include "pe.h"
|
2010-08-02 15:42:58 +03:00
|
|
|
#include "pdf.h"
|
2010-01-20 17:16:27 +02:00
|
|
|
#include "disasm.h"
|
2010-03-22 13:00:23 +02:00
|
|
|
#include "scanners.h"
|
2010-03-31 10:53:11 +03:00
|
|
|
#include "jsparse/js-norm.h"
|
2010-05-12 18:26:02 +03:00
|
|
|
#include "hashtab.h"
|
|
|
|
|
#include "str.h"
|
|
|
|
|
#include "filetypes.h"
|
2020-04-29 09:26:07 -07:00
|
|
|
#include "lzma_iface.h"
|
2009-08-20 16:23:43 +03:00
|
|
|
|
2010-10-18 10:35:29 +03:00
|
|
|
#define EV ctx->bc_events
|
|
|
|
|
|
|
|
|
|
#define STRINGIFY(x) #x
|
|
|
|
|
#define TOSTRING(x) STRINGIFY(x)
|
2018-12-03 12:40:13 -05:00
|
|
|
#define API_MISUSE() cli_event_error_str(EV, "API misuse @" TOSTRING(__LINE__))
|
2010-10-18 10:35:29 +03:00
|
|
|
|
2020-04-29 09:26:07 -07:00
|
|
|
struct bc_lzma {
|
|
|
|
|
struct CLI_LZMA stream;
|
|
|
|
|
int32_t from;
|
|
|
|
|
int32_t to;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
#if HAVE_BZLIB_H
|
|
|
|
|
struct bc_bzip2 {
|
|
|
|
|
bz_stream stream;
|
|
|
|
|
int32_t from;
|
|
|
|
|
int32_t to;
|
|
|
|
|
};
|
|
|
|
|
#endif
|
|
|
|
|
|
2009-09-04 16:24:52 +03:00
|
|
|
uint32_t cli_bcapi_test1(struct cli_bc_ctx *ctx, uint32_t a, uint32_t b)
|
2009-08-20 16:23:43 +03:00
|
|
|
{
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(ctx);
|
2018-12-03 12:40:13 -05:00
|
|
|
return (a == 0xf00dbeef && b == 0xbeeff00d) ? 0x12345678 : 0x55;
|
2009-08-20 16:23:43 +03:00
|
|
|
}
|
2009-09-04 17:29:13 +03:00
|
|
|
|
2010-01-20 20:04:01 +02:00
|
|
|
uint32_t cli_bcapi_test2(struct cli_bc_ctx *ctx, uint32_t a)
|
|
|
|
|
{
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(ctx);
|
2010-01-20 20:04:01 +02:00
|
|
|
return a == 0xf00d ? 0xd00f : 0x5555;
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_read(struct cli_bc_ctx *ctx, uint8_t *data, int32_t size)
|
2009-09-04 17:29:13 +03:00
|
|
|
{
|
2019-05-04 15:54:54 -04:00
|
|
|
size_t n;
|
2010-10-18 10:35:29 +03:00
|
|
|
if (!ctx->fmap) {
|
2014-01-16 17:57:21 -05:00
|
|
|
API_MISUSE();
|
|
|
|
|
return -1;
|
2010-10-18 10:35:29 +03:00
|
|
|
}
|
2010-03-19 13:20:59 +02:00
|
|
|
if (size < 0 || size > CLI_MAX_ALLOCATION) {
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_warnmsg("bytecode: negative read size: %d\n", size);
|
|
|
|
|
API_MISUSE();
|
|
|
|
|
return -1;
|
2010-01-21 16:48:56 +02:00
|
|
|
}
|
|
|
|
|
n = fmap_readn(ctx->fmap, data, ctx->off, size);
|
2019-05-04 15:54:54 -04:00
|
|
|
if ((n == 0) || (n == (size_t)-1)) {
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_dbgmsg("bcapi_read: fmap_readn failed (requested %d)\n", size);
|
|
|
|
|
cli_event_count(EV, BCEV_READ_ERR);
|
2019-05-04 15:54:54 -04:00
|
|
|
return (int32_t)n;
|
2010-03-24 17:55:04 +02:00
|
|
|
}
|
2010-10-18 10:35:29 +03:00
|
|
|
cli_event_int(EV, BCEV_OFFSET, ctx->off);
|
|
|
|
|
cli_event_fastdata(EV, BCEV_READ, data, size);
|
2022-02-16 00:13:55 +01:00
|
|
|
// cli_event_data(EV, BCEV_READ, data, n);
|
2010-01-21 16:48:56 +02:00
|
|
|
ctx->off += n;
|
2019-05-04 15:54:54 -04:00
|
|
|
return (int32_t)n;
|
2009-09-04 17:29:13 +03:00
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_seek(struct cli_bc_ctx *ctx, int32_t pos, uint32_t whence)
|
2009-09-04 17:29:13 +03:00
|
|
|
{
|
|
|
|
|
off_t off;
|
2010-03-24 17:55:04 +02:00
|
|
|
if (!ctx->fmap) {
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_dbgmsg("bcapi_seek: no fmap\n");
|
|
|
|
|
API_MISUSE();
|
|
|
|
|
return -1;
|
2010-03-24 17:55:04 +02:00
|
|
|
}
|
2009-09-04 17:29:13 +03:00
|
|
|
switch (whence) {
|
2014-01-16 17:57:21 -05:00
|
|
|
case 0:
|
|
|
|
|
off = pos;
|
|
|
|
|
break;
|
|
|
|
|
case 1:
|
|
|
|
|
off = ctx->off + pos;
|
|
|
|
|
break;
|
|
|
|
|
case 2:
|
|
|
|
|
off = ctx->file_size + pos;
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
API_MISUSE();
|
|
|
|
|
cli_dbgmsg("bcapi_seek: invalid whence value\n");
|
|
|
|
|
return -1;
|
2009-09-04 17:29:13 +03:00
|
|
|
}
|
2010-03-24 17:55:04 +02:00
|
|
|
if (off < 0 || off > ctx->file_size) {
|
2017-02-15 14:07:50 -05:00
|
|
|
cli_dbgmsg("bcapi_seek: out of file: %lld (max %d)\n",
|
|
|
|
|
(long long)off, ctx->file_size);
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-03-24 17:55:04 +02:00
|
|
|
}
|
2010-10-18 10:35:29 +03:00
|
|
|
cli_event_int(EV, BCEV_OFFSET, off);
|
2009-09-04 17:29:13 +03:00
|
|
|
ctx->off = off;
|
|
|
|
|
return off;
|
|
|
|
|
}
|
2009-09-11 15:12:17 +03:00
|
|
|
|
2009-09-21 18:48:43 +03:00
|
|
|
uint32_t cli_bcapi_debug_print_str(struct cli_bc_ctx *ctx, const uint8_t *str, uint32_t len)
|
2009-09-11 15:12:17 +03:00
|
|
|
{
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(len);
|
2018-12-03 12:40:13 -05:00
|
|
|
cli_event_fastdata(EV, BCEV_DBG_STR, str, strlen((const char *)str));
|
2009-09-11 15:12:17 +03:00
|
|
|
cli_dbgmsg("bytecode debug: %s\n", str);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2010-01-20 20:04:01 +02:00
|
|
|
uint32_t cli_bcapi_debug_print_uint(struct cli_bc_ctx *ctx, uint32_t a)
|
2009-09-11 15:12:17 +03:00
|
|
|
{
|
2010-10-18 10:35:29 +03:00
|
|
|
cli_event_int(EV, BCEV_DBG_INT, a);
|
2022-02-16 00:13:55 +01:00
|
|
|
// cli_dbgmsg("bytecode debug: %d\n", a);
|
|
|
|
|
// return 0;
|
2010-05-13 20:02:02 +03:00
|
|
|
if (!cli_debug_flag)
|
2014-01-16 17:57:21 -05:00
|
|
|
return 0;
|
2022-04-30 19:11:03 -07:00
|
|
|
|
|
|
|
|
return cli_eprintf("%d", a);
|
2009-09-11 15:12:17 +03:00
|
|
|
}
|
2009-09-22 11:03:17 +03:00
|
|
|
|
|
|
|
|
/*TODO: compiler should make sure that only constants are passed here, and not
|
|
|
|
|
* pointers to arbitrary locations that may not be valid when bytecode finishes
|
|
|
|
|
* executing */
|
2018-12-03 12:40:13 -05:00
|
|
|
uint32_t cli_bcapi_setvirusname(struct cli_bc_ctx *ctx, const uint8_t *name, uint32_t len)
|
2009-09-22 11:03:17 +03:00
|
|
|
{
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(len);
|
2018-12-03 12:40:13 -05:00
|
|
|
ctx->virname = (const char *)name;
|
2009-10-02 12:27:52 +03:00
|
|
|
return 0;
|
2009-09-22 11:03:17 +03:00
|
|
|
}
|
2009-11-06 16:34:46 +02:00
|
|
|
|
|
|
|
|
uint32_t cli_bcapi_disasm_x86(struct cli_bc_ctx *ctx, struct DISASM_RESULT *res, uint32_t len)
|
|
|
|
|
{
|
2010-01-20 17:16:27 +02:00
|
|
|
int n;
|
2010-04-13 16:19:47 +03:00
|
|
|
const unsigned char *buf;
|
2018-12-03 12:40:13 -05:00
|
|
|
const unsigned char *next;
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(len);
|
|
|
|
|
if (!res || !ctx->fmap || (size_t)(ctx->off) >= ctx->fmap->len) {
|
2014-01-16 17:57:21 -05:00
|
|
|
API_MISUSE();
|
|
|
|
|
return -1;
|
2010-10-18 10:35:29 +03:00
|
|
|
}
|
2010-01-20 18:20:53 +02:00
|
|
|
/* 32 should be longest instr we support decoding.
|
|
|
|
|
* When we'll support mmx/sse instructions this should be updated! */
|
2018-12-03 12:40:13 -05:00
|
|
|
n = MIN(32, ctx->fmap->len - ctx->off);
|
2010-01-20 17:16:27 +02:00
|
|
|
buf = fmap_need_off_once(ctx->fmap, ctx->off, n);
|
2013-02-13 14:21:37 -05:00
|
|
|
if (buf)
|
|
|
|
|
next = cli_disasm_one(buf, n, res, 0);
|
|
|
|
|
else
|
|
|
|
|
next = NULL;
|
2010-03-24 17:55:04 +02:00
|
|
|
if (!next) {
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_dbgmsg("bcapi_disasm: failed\n");
|
|
|
|
|
cli_event_count(EV, BCEV_DISASM_FAIL);
|
|
|
|
|
return -1;
|
2010-03-24 17:55:04 +02:00
|
|
|
}
|
2010-01-20 17:16:27 +02:00
|
|
|
return ctx->off + next - buf;
|
2009-11-06 16:34:46 +02:00
|
|
|
}
|
|
|
|
|
|
2009-12-08 23:02:49 +02:00
|
|
|
/* TODO: field in ctx, id of last bytecode that called magicscandesc, reset
|
|
|
|
|
* after hooks/other bytecodes are run. TODO: need a more generic solution
|
|
|
|
|
* to avoid uselessly recursing on bytecode-unpacked files, but also a way to
|
|
|
|
|
* override the limit if we need it in a special situation */
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_write(struct cli_bc_ctx *ctx, uint8_t *data, int32_t len)
|
2009-11-06 16:34:46 +02:00
|
|
|
{
|
2010-10-18 10:35:29 +03:00
|
|
|
char err[128];
|
2019-05-04 15:54:54 -04:00
|
|
|
size_t res;
|
2010-10-18 10:35:29 +03:00
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
cli_ctx *cctx = (cli_ctx *)ctx->ctx;
|
2009-12-02 17:13:07 +02:00
|
|
|
if (len < 0) {
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_warnmsg("Bytecode API: called with negative length!\n");
|
|
|
|
|
API_MISUSE();
|
|
|
|
|
return -1;
|
2009-12-02 17:13:07 +02:00
|
|
|
}
|
2010-03-19 15:47:26 +02:00
|
|
|
if (!ctx->outfd) {
|
2014-01-16 17:57:21 -05:00
|
|
|
ctx->tempfile = cli_gentemp(cctx ? cctx->engine->tmpdir : NULL);
|
|
|
|
|
if (!ctx->tempfile) {
|
|
|
|
|
cli_dbgmsg("Bytecode API: Unable to allocate memory for tempfile\n");
|
|
|
|
|
cli_event_error_oom(EV, 0);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2018-12-03 12:40:13 -05:00
|
|
|
ctx->outfd = open(ctx->tempfile, O_RDWR | O_CREAT | O_EXCL | O_TRUNC | O_BINARY, 0600);
|
2014-01-16 17:57:21 -05:00
|
|
|
if (ctx->outfd == -1) {
|
|
|
|
|
ctx->outfd = 0;
|
|
|
|
|
cli_warnmsg("Bytecode API: Can't create file %s: %s\n", ctx->tempfile, cli_strerror(errno, err, sizeof(err)));
|
|
|
|
|
cli_event_error_str(EV, "cli_bcapi_write: Can't create temporary file");
|
|
|
|
|
free(ctx->tempfile);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
cli_dbgmsg("bytecode opened new tempfile: %s\n", ctx->tempfile);
|
2009-12-02 17:13:07 +02:00
|
|
|
}
|
2010-10-18 10:35:29 +03:00
|
|
|
|
|
|
|
|
cli_event_fastdata(ctx->bc_events, BCEV_WRITE, data, len);
|
2009-12-02 17:13:07 +02:00
|
|
|
if (cli_checklimits("bytecode api", cctx, ctx->written + len, 0, 0))
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2019-05-04 15:54:54 -04:00
|
|
|
res = cli_writen(ctx->outfd, data, (size_t)len);
|
2009-12-02 17:13:07 +02:00
|
|
|
if (res > 0) ctx->written += res;
|
2019-05-04 15:54:54 -04:00
|
|
|
if (res == (size_t)-1) {
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_warnmsg("Bytecode API: write failed: %s\n", cli_strerror(errno, err, sizeof(err)));
|
|
|
|
|
cli_event_error_str(EV, "cli_bcapi_write: write failed");
|
2010-10-18 10:35:29 +03:00
|
|
|
}
|
2019-05-04 15:54:54 -04:00
|
|
|
return (int32_t)res;
|
2009-11-06 16:34:46 +02:00
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
void cli_bytecode_context_set_trace(struct cli_bc_ctx *ctx, unsigned level,
|
2014-01-16 17:57:21 -05:00
|
|
|
bc_dbg_callback_trace trace,
|
|
|
|
|
bc_dbg_callback_trace_op trace_op,
|
|
|
|
|
bc_dbg_callback_trace_val trace_val,
|
|
|
|
|
bc_dbg_callback_trace_ptr trace_ptr)
|
2009-12-09 16:50:55 +02:00
|
|
|
{
|
2018-12-03 12:40:13 -05:00
|
|
|
ctx->trace = trace;
|
|
|
|
|
ctx->trace_op = trace_op;
|
|
|
|
|
ctx->trace_val = trace_val;
|
|
|
|
|
ctx->trace_ptr = trace_ptr;
|
2009-12-09 16:50:55 +02:00
|
|
|
ctx->trace_level = level;
|
|
|
|
|
}
|
|
|
|
|
|
2010-01-27 11:04:34 +02:00
|
|
|
uint32_t cli_bcapi_trace_scope(struct cli_bc_ctx *ctx, const uint8_t *scope, uint32_t scopeid)
|
2009-12-08 23:02:49 +02:00
|
|
|
{
|
2009-12-09 16:50:55 +02:00
|
|
|
if (LIKELY(!ctx->trace_level))
|
2014-01-16 17:57:21 -05:00
|
|
|
return 0;
|
2018-12-03 12:40:13 -05:00
|
|
|
if (ctx->scope != (const char *)scope) {
|
|
|
|
|
ctx->scope = (const char *)scope ? (const char *)scope : "?";
|
2014-01-16 17:57:21 -05:00
|
|
|
ctx->scopeid = scopeid;
|
2018-12-03 12:40:13 -05:00
|
|
|
ctx->trace_level |= 0x80; /* temporarily increase level to print params */
|
2009-12-09 16:50:55 +02:00
|
|
|
} else if ((ctx->trace_level >= trace_scope) && ctx->scopeid != scopeid) {
|
2014-01-16 17:57:21 -05:00
|
|
|
ctx->scopeid = scopeid;
|
2018-12-03 12:40:13 -05:00
|
|
|
ctx->trace_level |= 0x40; /* temporarily increase level to print location */
|
2009-12-08 23:02:49 +02:00
|
|
|
}
|
2009-12-09 16:50:55 +02:00
|
|
|
return 0;
|
2009-12-08 23:02:49 +02:00
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
uint32_t cli_bcapi_trace_directory(struct cli_bc_ctx *ctx, const uint8_t *dir, uint32_t dummy)
|
2009-12-08 23:02:49 +02:00
|
|
|
{
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(dummy);
|
2009-12-09 16:50:55 +02:00
|
|
|
if (LIKELY(!ctx->trace_level))
|
2014-01-16 17:57:21 -05:00
|
|
|
return 0;
|
2018-12-03 12:40:13 -05:00
|
|
|
ctx->directory = (const char *)dir ? (const char *)dir : "";
|
2009-12-08 23:02:49 +02:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2010-01-27 11:04:34 +02:00
|
|
|
uint32_t cli_bcapi_trace_source(struct cli_bc_ctx *ctx, const uint8_t *file, uint32_t line)
|
2009-12-08 23:02:49 +02:00
|
|
|
{
|
2009-12-09 16:50:55 +02:00
|
|
|
if (LIKELY(ctx->trace_level < trace_line))
|
2014-01-16 17:57:21 -05:00
|
|
|
return 0;
|
2018-12-03 12:40:13 -05:00
|
|
|
if (ctx->file != (const char *)file || ctx->line != line) {
|
|
|
|
|
ctx->col = 0;
|
|
|
|
|
ctx->file = (const char *)file ? (const char *)file : "??";
|
2014-01-16 17:57:21 -05:00
|
|
|
ctx->line = line;
|
2009-12-08 23:02:49 +02:00
|
|
|
}
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2010-01-27 11:04:34 +02:00
|
|
|
uint32_t cli_bcapi_trace_op(struct cli_bc_ctx *ctx, const uint8_t *op, uint32_t col)
|
2009-12-08 23:02:49 +02:00
|
|
|
{
|
2009-12-09 16:50:55 +02:00
|
|
|
if (LIKELY(ctx->trace_level < trace_col))
|
2014-01-16 17:57:21 -05:00
|
|
|
return 0;
|
2018-12-03 12:40:13 -05:00
|
|
|
if (ctx->trace_level & 0xc0) {
|
2014-01-16 17:57:21 -05:00
|
|
|
ctx->col = col;
|
|
|
|
|
/* func/scope changed and they needed param/location event */
|
2018-12-03 12:40:13 -05:00
|
|
|
ctx->trace(ctx, (ctx->trace_level & 0x80) ? trace_func : trace_scope);
|
2014-01-16 17:57:21 -05:00
|
|
|
ctx->trace_level &= ~0xc0;
|
2009-12-09 11:41:20 +02:00
|
|
|
}
|
2009-12-09 16:50:55 +02:00
|
|
|
if (LIKELY(ctx->trace_level < trace_col))
|
2014-01-16 17:57:21 -05:00
|
|
|
return 0;
|
2009-12-09 16:50:55 +02:00
|
|
|
if (ctx->col != col) {
|
2014-01-16 17:57:21 -05:00
|
|
|
ctx->col = col;
|
|
|
|
|
ctx->trace(ctx, trace_col);
|
2009-12-09 16:50:55 +02:00
|
|
|
} else {
|
2014-01-16 17:57:21 -05:00
|
|
|
ctx->trace(ctx, trace_line);
|
2009-12-08 23:02:49 +02:00
|
|
|
}
|
2009-12-09 16:50:55 +02:00
|
|
|
if (LIKELY(ctx->trace_level < trace_op))
|
2014-01-16 17:57:21 -05:00
|
|
|
return 0;
|
2009-12-09 16:50:55 +02:00
|
|
|
if (ctx->trace_op && op)
|
2018-12-03 12:40:13 -05:00
|
|
|
ctx->trace_op(ctx, (const char *)op);
|
2009-12-08 23:02:49 +02:00
|
|
|
return 0;
|
|
|
|
|
}
|
2009-11-06 16:34:46 +02:00
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
uint32_t cli_bcapi_trace_value(struct cli_bc_ctx *ctx, const uint8_t *name, uint32_t value)
|
2009-12-08 23:02:49 +02:00
|
|
|
{
|
2009-12-09 16:50:55 +02:00
|
|
|
if (LIKELY(ctx->trace_level < trace_val))
|
2014-01-16 17:57:21 -05:00
|
|
|
return 0;
|
2018-12-03 12:40:13 -05:00
|
|
|
if (ctx->trace_level & 0x80) {
|
|
|
|
|
if ((ctx->trace_level & 0x7f) < trace_param)
|
2014-01-16 17:57:21 -05:00
|
|
|
return 0;
|
|
|
|
|
ctx->trace(ctx, trace_param);
|
2009-12-09 16:50:55 +02:00
|
|
|
}
|
|
|
|
|
if (ctx->trace_val && name)
|
2018-12-03 12:40:13 -05:00
|
|
|
ctx->trace_val(ctx, (const char *)name, value);
|
2009-12-09 16:50:55 +02:00
|
|
|
return 0;
|
2009-12-08 23:02:49 +02:00
|
|
|
}
|
2009-12-17 17:40:35 +02:00
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
uint32_t cli_bcapi_trace_ptr(struct cli_bc_ctx *ctx, const uint8_t *ptr, uint32_t dummy)
|
2009-12-17 17:40:35 +02:00
|
|
|
{
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(dummy);
|
2009-12-17 17:40:35 +02:00
|
|
|
if (LIKELY(ctx->trace_level < trace_val))
|
2014-01-16 17:57:21 -05:00
|
|
|
return 0;
|
2018-12-03 12:40:13 -05:00
|
|
|
if (ctx->trace_level & 0x80) {
|
|
|
|
|
if ((ctx->trace_level & 0x7f) < trace_param)
|
2014-01-16 17:57:21 -05:00
|
|
|
return 0;
|
|
|
|
|
ctx->trace(ctx, trace_param);
|
2009-12-17 17:40:35 +02:00
|
|
|
}
|
|
|
|
|
if (ctx->trace_ptr)
|
2014-01-16 17:57:21 -05:00
|
|
|
ctx->trace_ptr(ctx, ptr);
|
2009-12-17 17:40:35 +02:00
|
|
|
return 0;
|
|
|
|
|
}
|
2010-01-18 19:31:59 +02:00
|
|
|
|
2010-01-20 20:04:01 +02:00
|
|
|
uint32_t cli_bcapi_pe_rawaddr(struct cli_bc_ctx *ctx, uint32_t rva)
|
2010-01-18 19:31:59 +02:00
|
|
|
{
|
2018-12-03 12:40:13 -05:00
|
|
|
uint32_t ret;
|
|
|
|
|
unsigned err = 0;
|
|
|
|
|
const struct cli_pe_hook_data *pe = ctx->hooks.pedata;
|
Code cleanup: Refactor to clean up formatting issues
Refactored the clamscan code that determines 'what to scan' in order
to clean up some very messy logic and also to get around a difference in
how vscode and clang-format handle formatting #ifdef blocks in the
middle of an else/if.
In addition to refactoring, there is a slight behavior improvement. With
this change, doing `clamscan blah -` will now scan `blah` and then also
scan `stdin`. You can even do `clamscan - blah` to now scan `stdin` and
then scan `blah`. Before, The `-` had to be the only "filename" argument
in order to scan from stdin.
In addition, added a bunch of extra empty lines or changing multi-line
function calls to single-line function calls in order to get around a
bug in clang-format with these two options do not playing nice together:
- AlignConsecutiveAssignments: true
- AlignAfterOpenBracket: true
AlignAfterOpenBracket is not taking account the spaces inserted by
AlignConsecutiveAssignments, so you end up with stuff like this:
```c
bleeblah = 1;
blah = function(arg1,
arg2,
arg3);
// ^--- these args 4-left from where they should be.
```
VSCode, meanwhile, somehow fixes this whitespace issue so code that is
correctly formatted by VSCode doesn't have this bug, meaning that:
1. The clang-format check in GH Actions fails.
2. We'd all have to stop using format-on-save in VSCode and accept the
bug if we wanted those GH Actions tests to pass.
Adding an empty line before variable assignments from multi-line
function calls evades the buggy behavior.
This commit should resolve the clang-format github action test failures,
for now.
2022-03-10 20:55:13 -08:00
|
|
|
|
|
|
|
|
ret = cli_rawaddr(rva, ctx->sections, pe->nsections, &err,
|
|
|
|
|
ctx->file_size, pe->hdr_size);
|
2018-12-03 12:40:13 -05:00
|
|
|
if (err) {
|
|
|
|
|
cli_dbgmsg("bcapi_pe_rawaddr invalid rva: %u\n", rva);
|
|
|
|
|
return PE_INVALID_RVA;
|
|
|
|
|
}
|
|
|
|
|
return ret;
|
2010-01-18 19:31:59 +02:00
|
|
|
}
|
2010-01-20 16:19:18 +02:00
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
static inline const char *cli_memmem(const char *haystack, unsigned hlen,
|
2014-01-16 17:57:21 -05:00
|
|
|
const unsigned char *needle, unsigned nlen)
|
2010-01-20 16:19:18 +02:00
|
|
|
{
|
|
|
|
|
const char *p;
|
|
|
|
|
unsigned char c;
|
2010-10-18 10:35:29 +03:00
|
|
|
if (!needle || !haystack) {
|
2014-01-16 17:57:21 -05:00
|
|
|
return NULL;
|
2010-10-18 10:35:29 +03:00
|
|
|
}
|
2010-01-20 16:19:18 +02:00
|
|
|
c = *needle++;
|
|
|
|
|
if (nlen == 1)
|
2014-01-16 17:57:21 -05:00
|
|
|
return memchr(haystack, c, hlen);
|
2010-01-20 16:19:18 +02:00
|
|
|
|
|
|
|
|
while (hlen >= nlen) {
|
2018-12-03 12:40:13 -05:00
|
|
|
p = haystack;
|
2014-01-16 17:57:21 -05:00
|
|
|
haystack = memchr(haystack, c, hlen - nlen + 1);
|
|
|
|
|
if (!haystack)
|
|
|
|
|
return NULL;
|
2018-12-03 12:40:13 -05:00
|
|
|
hlen -= haystack + 1 - p;
|
2014-01-16 17:57:21 -05:00
|
|
|
p = haystack + 1;
|
2018-12-03 12:40:13 -05:00
|
|
|
if (!memcmp(p, needle, nlen - 1))
|
2014-01-16 17:57:21 -05:00
|
|
|
return haystack;
|
|
|
|
|
haystack = p;
|
2010-01-20 16:19:18 +02:00
|
|
|
}
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_file_find(struct cli_bc_ctx *ctx, const uint8_t *data, uint32_t len)
|
2010-05-12 18:26:02 +03:00
|
|
|
{
|
|
|
|
|
fmap_t *map = ctx->fmap;
|
|
|
|
|
if (!map || len <= 0) {
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_dbgmsg("bcapi_file_find preconditions not met\n");
|
|
|
|
|
API_MISUSE();
|
|
|
|
|
return -1;
|
2010-05-12 18:26:02 +03:00
|
|
|
}
|
|
|
|
|
return cli_bcapi_file_find_limit(ctx, data, len, map->len);
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_file_find_limit(struct cli_bc_ctx *ctx, const uint8_t *data, uint32_t len, int32_t limit)
|
2010-01-20 16:19:18 +02:00
|
|
|
{
|
|
|
|
|
char buf[4096];
|
2018-12-03 12:40:13 -05:00
|
|
|
fmap_t *map = ctx->fmap;
|
2010-04-13 16:19:47 +03:00
|
|
|
uint32_t off = ctx->off;
|
2019-05-04 15:54:54 -04:00
|
|
|
size_t n;
|
|
|
|
|
size_t limit_sz;
|
2010-01-20 16:19:18 +02:00
|
|
|
|
2019-05-04 15:54:54 -04:00
|
|
|
if (!map || (len > sizeof(buf) / 4) || (len <= 0) || (limit <= 0)) {
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_dbgmsg("bcapi_file_find_limit preconditions not met\n");
|
|
|
|
|
API_MISUSE();
|
|
|
|
|
return -1;
|
2010-03-24 17:55:04 +02:00
|
|
|
}
|
2010-10-18 10:35:29 +03:00
|
|
|
|
2019-05-04 15:54:54 -04:00
|
|
|
limit_sz = (size_t)limit;
|
|
|
|
|
|
2010-10-18 10:35:29 +03:00
|
|
|
cli_event_int(EV, BCEV_OFFSET, off);
|
|
|
|
|
cli_event_fastdata(EV, BCEV_FIND, data, len);
|
2010-01-20 16:19:18 +02:00
|
|
|
for (;;) {
|
2014-01-16 17:57:21 -05:00
|
|
|
const char *p;
|
2019-05-04 15:54:54 -04:00
|
|
|
size_t readlen = sizeof(buf);
|
|
|
|
|
if (off + readlen > limit_sz) {
|
|
|
|
|
if (off > limit_sz) {
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2019-05-04 15:54:54 -04:00
|
|
|
} else {
|
|
|
|
|
readlen = limit_sz - off;
|
|
|
|
|
}
|
2014-01-16 17:57:21 -05:00
|
|
|
}
|
|
|
|
|
n = fmap_readn(map, buf, off, readlen);
|
2019-05-04 15:54:54 -04:00
|
|
|
if ((n < len) || (n == (size_t)-1))
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
|
|
|
|
p = cli_memmem(buf, n, data, len);
|
|
|
|
|
if (p)
|
2019-05-04 15:54:54 -04:00
|
|
|
return off + (p - buf);
|
2014-01-16 17:57:21 -05:00
|
|
|
off += n;
|
2010-01-20 16:19:18 +02:00
|
|
|
}
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2010-01-20 20:04:01 +02:00
|
|
|
int32_t cli_bcapi_file_byteat(struct cli_bc_ctx *ctx, uint32_t off)
|
2010-01-20 16:19:18 +02:00
|
|
|
{
|
|
|
|
|
unsigned char c;
|
2010-03-24 17:55:04 +02:00
|
|
|
if (!ctx->fmap) {
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_dbgmsg("bcapi_file_byteat: no fmap\n");
|
|
|
|
|
return -1;
|
2010-03-24 17:55:04 +02:00
|
|
|
}
|
2010-10-18 10:35:29 +03:00
|
|
|
cli_event_int(EV, BCEV_OFFSET, off);
|
2010-03-24 17:55:04 +02:00
|
|
|
if (fmap_readn(ctx->fmap, &c, off, 1) != 1) {
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_dbgmsg("bcapi_file_byteat: fmap_readn failed at %u\n", off);
|
|
|
|
|
return -1;
|
2010-03-24 17:55:04 +02:00
|
|
|
}
|
2010-01-20 16:19:18 +02:00
|
|
|
return c;
|
|
|
|
|
}
|
2010-01-20 20:04:01 +02:00
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
uint8_t *cli_bcapi_malloc(struct cli_bc_ctx *ctx, uint32_t size)
|
2010-01-20 20:04:01 +02:00
|
|
|
{
|
2010-10-18 10:35:29 +03:00
|
|
|
void *v;
|
2010-01-20 20:04:01 +02:00
|
|
|
#if USE_MPOOL
|
|
|
|
|
if (!ctx->mpool) {
|
2014-01-16 17:57:21 -05:00
|
|
|
ctx->mpool = mpool_create();
|
|
|
|
|
if (!ctx->mpool) {
|
|
|
|
|
cli_dbgmsg("bytecode: mpool_create failed!\n");
|
|
|
|
|
cli_event_error_oom(EV, 0);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
2010-01-20 20:04:01 +02:00
|
|
|
}
|
2019-05-03 18:16:03 -04:00
|
|
|
v = MPOOL_MALLOC(ctx->mpool, size);
|
2010-01-20 20:04:01 +02:00
|
|
|
#else
|
|
|
|
|
/* TODO: implement using a list of pointers we allocated! */
|
|
|
|
|
cli_errmsg("cli_bcapi_malloc not implemented for systems without mmap yet!\n");
|
2010-10-18 10:35:29 +03:00
|
|
|
v = cli_malloc(size);
|
2010-01-20 20:04:01 +02:00
|
|
|
#endif
|
2010-10-18 10:35:29 +03:00
|
|
|
if (!v)
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_event_error_oom(EV, size);
|
2010-10-18 10:35:29 +03:00
|
|
|
return v;
|
2010-01-20 20:04:01 +02:00
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_get_pe_section(struct cli_bc_ctx *ctx, struct cli_exe_section *section, uint32_t num)
|
2010-02-12 16:47:44 +02:00
|
|
|
{
|
|
|
|
|
if (num < ctx->hooks.pedata->nsections) {
|
2014-01-16 17:57:21 -05:00
|
|
|
memcpy(section, &ctx->sections[num], sizeof(struct cli_exe_section));
|
|
|
|
|
return 0;
|
2010-02-12 16:47:44 +02:00
|
|
|
}
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2010-03-19 13:20:59 +02:00
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_fill_buffer(struct cli_bc_ctx *ctx, uint8_t *buf,
|
2014-01-16 17:57:21 -05:00
|
|
|
uint32_t buflen, uint32_t filled,
|
|
|
|
|
uint32_t pos, uint32_t fill)
|
2010-03-19 13:20:59 +02:00
|
|
|
{
|
|
|
|
|
int32_t res, remaining, tofill;
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(fill);
|
2010-03-19 15:47:26 +02:00
|
|
|
if (!buf || !buflen || buflen > CLI_MAX_ALLOCATION || filled > buflen) {
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_dbgmsg("fill_buffer1\n");
|
|
|
|
|
API_MISUSE();
|
|
|
|
|
return -1;
|
2010-03-19 15:47:26 +02:00
|
|
|
}
|
|
|
|
|
if (ctx->off >= ctx->file_size) {
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_dbgmsg("fill_buffer2\n");
|
|
|
|
|
API_MISUSE();
|
|
|
|
|
return 0;
|
2010-03-19 15:47:26 +02:00
|
|
|
}
|
2010-03-19 13:20:59 +02:00
|
|
|
remaining = filled - pos;
|
|
|
|
|
if (remaining) {
|
2018-12-03 12:40:13 -05:00
|
|
|
if (!CLI_ISCONTAINED(buf, buflen, buf + pos, remaining)) {
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_dbgmsg("fill_buffer3\n");
|
|
|
|
|
API_MISUSE();
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2018-12-03 12:40:13 -05:00
|
|
|
memmove(buf, buf + pos, remaining);
|
2010-03-19 13:20:59 +02:00
|
|
|
}
|
|
|
|
|
tofill = buflen - remaining;
|
2018-12-03 12:40:13 -05:00
|
|
|
if (!CLI_ISCONTAINED(buf, buflen, buf + remaining, tofill)) {
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_dbgmsg("fill_buffer4\n");
|
|
|
|
|
API_MISUSE();
|
|
|
|
|
return -1;
|
2010-03-19 15:47:26 +02:00
|
|
|
}
|
2018-12-03 12:40:13 -05:00
|
|
|
res = cli_bcapi_read(ctx, buf + remaining, tofill);
|
2010-03-24 17:55:04 +02:00
|
|
|
if (res <= 0) {
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_dbgmsg("fill_buffer5\n");
|
|
|
|
|
API_MISUSE();
|
|
|
|
|
return res;
|
2010-03-24 17:55:04 +02:00
|
|
|
}
|
2010-03-19 13:20:59 +02:00
|
|
|
return remaining + res;
|
|
|
|
|
}
|
2010-03-19 15:47:26 +02:00
|
|
|
|
|
|
|
|
int32_t cli_bcapi_extract_new(struct cli_bc_ctx *ctx, int32_t id)
|
|
|
|
|
{
|
|
|
|
|
cli_ctx *cctx;
|
2010-04-13 16:19:47 +03:00
|
|
|
int res = -1;
|
2010-10-18 10:35:29 +03:00
|
|
|
|
|
|
|
|
cli_event_count(EV, BCEV_EXTRACTED);
|
2010-03-19 15:47:26 +02:00
|
|
|
cli_dbgmsg("previous tempfile had %u bytes\n", ctx->written);
|
|
|
|
|
if (!ctx->written)
|
2014-01-16 17:57:21 -05:00
|
|
|
return 0;
|
2010-03-29 23:47:59 +03:00
|
|
|
if (ctx->ctx && cli_updatelimits(ctx->ctx, ctx->written))
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-03-19 15:47:26 +02:00
|
|
|
ctx->written = 0;
|
2013-02-28 19:32:29 -05:00
|
|
|
if (lseek(ctx->outfd, 0, SEEK_SET) == -1) {
|
|
|
|
|
cli_dbgmsg("bytecode: call to lseek() has failed\n");
|
|
|
|
|
return CL_ESEEK;
|
|
|
|
|
}
|
2010-03-19 15:47:26 +02:00
|
|
|
cli_dbgmsg("bytecode: scanning extracted file %s\n", ctx->tempfile);
|
2018-12-03 12:40:13 -05:00
|
|
|
cctx = (cli_ctx *)ctx->ctx;
|
2010-03-29 23:47:59 +03:00
|
|
|
if (cctx) {
|
libclamav: Fix scan recursion tracking
Scan recursion is the process of identifying files embedded in other
files and then scanning them, recursively.
Internally this process is more complex than it may sound because a file
may have multiple layers of types before finding a new "file".
At present we treat the recursion count in the scanning context as an
index into both our fmap list AND our container list. These two lists
are conceptually a part of the same thing and should be unified.
But what's concerning is that the "recursion level" isn't actually
incremented or decremented at the same time that we add a layer to the
fmap or container lists but instead is more touchy-feely, increasing
when we find a new "file".
To account for this shadiness, the size of the fmap and container lists
has always been a little longer than our "max scan recursion" limit so
we don't accidentally overflow the fmap or container arrays (!).
I've implemented a single recursion-stack as an array, similar to before,
which includes a pointer to each fmap at each layer, along with the size
and type. Push and pop functions add and remove layers whenever a new
fmap is added. A boolean argument when pushing indicates if the new layer
represents a new buffer or new file (descriptor). A new buffer will reset
the "nested fmap level" (described below).
This commit also provides a solution for an issue where we detect
embedded files more than once during scan recursion.
For illustration, imagine a tarball named foo.tar.gz with this structure:
| description | type | rec level | nested fmap level |
| ------------------------- | ----- | --------- | ----------------- |
| foo.tar.gz | GZ | 0 | 0 |
| └── foo.tar | TAR | 1 | 0 |
| ├── bar.zip | ZIP | 2 | 1 |
| │ └── hola.txt | ASCII | 3 | 0 |
| └── baz.exe | PE | 2 | 1 |
But suppose baz.exe embeds a ZIP archive and a 7Z archive, like this:
| description | type | rec level | nested fmap level |
| ------------------------- | ----- | --------- | ----------------- |
| baz.exe | PE | 0 | 0 |
| ├── sfx.zip | ZIP | 1 | 1 |
| │ └── hello.txt | ASCII | 2 | 0 |
| └── sfx.7z | 7Z | 1 | 1 |
| └── world.txt | ASCII | 2 | 0 |
(A) If we scan for embedded files at any layer, we may detect:
| description | type | rec level | nested fmap level |
| ------------------------- | ----- | --------- | ----------------- |
| foo.tar.gz | GZ | 0 | 0 |
| ├── foo.tar | TAR | 1 | 0 |
| │ ├── bar.zip | ZIP | 2 | 1 |
| │ │ └── hola.txt | ASCII | 3 | 0 |
| │ ├── baz.exe | PE | 2 | 1 |
| │ │ ├── sfx.zip | ZIP | 3 | 1 |
| │ │ │ └── hello.txt | ASCII | 4 | 0 |
| │ │ └── sfx.7z | 7Z | 3 | 1 |
| │ │ └── world.txt | ASCII | 4 | 0 |
| │ ├── sfx.zip | ZIP | 2 | 1 |
| │ │ └── hello.txt | ASCII | 3 | 0 |
| │ └── sfx.7z | 7Z | 2 | 1 |
| │ └── world.txt | ASCII | 3 | 0 |
| ├── sfx.zip | ZIP | 1 | 1 |
| └── sfx.7z | 7Z | 1 | 1 |
(A) is bad because it scans content more than once.
Note that for the GZ layer, it may detect the ZIP and 7Z if the
signature hits on the compressed data, which it might, though
extracting the ZIP and 7Z will likely fail.
The reason the above doesn't happen now is that we restrict embedded
type scans for a bunch of archive formats to include GZ and TAR.
(B) If we scan for embedded files at the foo.tar layer, we may detect:
| description | type | rec level | nested fmap level |
| ------------------------- | ----- | --------- | ----------------- |
| foo.tar.gz | GZ | 0 | 0 |
| └── foo.tar | TAR | 1 | 0 |
| ├── bar.zip | ZIP | 2 | 1 |
| │ └── hola.txt | ASCII | 3 | 0 |
| ├── baz.exe | PE | 2 | 1 |
| ├── sfx.zip | ZIP | 2 | 1 |
| │ └── hello.txt | ASCII | 3 | 0 |
| └── sfx.7z | 7Z | 2 | 1 |
| └── world.txt | ASCII | 3 | 0 |
(B) is almost right. But we can achieve it easily enough only scanning for
embedded content in the current fmap when the "nested fmap level" is 0.
The upside is that it should safely detect all embedded content, even if
it may think the sfz.zip and sfx.7z are in foo.tar instead of in baz.exe.
The biggest risk I can think of affects ZIPs. SFXZIP detection
is identical to ZIP detection, which is why we don't allow SFXZIP to be
detected if insize of a ZIP. If we only allow embedded type scanning at
fmap-layer 0 in each buffer, this will fail to detect the embedded ZIP
if the bar.exe was not compressed in foo.zip and if non-compressed files
extracted from ZIPs aren't extracted as new buffers:
| description | type | rec level | nested fmap level |
| ------------------------- | ----- | --------- | ----------------- |
| foo.zip | ZIP | 0 | 0 |
| └── bar.exe | PE | 1 | 1 |
| └── sfx.zip | ZIP | 2 | 2 |
Provided that we ensure all files extracted from zips are scanned in
new buffers, option (B) should be safe.
(C) If we scan for embedded files at the baz.exe layer, we may detect:
| description | type | rec level | nested fmap level |
| ------------------------- | ----- | --------- | ----------------- |
| foo.tar.gz | GZ | 0 | 0 |
| └── foo.tar | TAR | 1 | 0 |
| ├── bar.zip | ZIP | 2 | 1 |
| │ └── hola.txt | ASCII | 3 | 0 |
| └── baz.exe | PE | 2 | 1 |
| ├── sfx.zip | ZIP | 3 | 1 |
| │ └── hello.txt | ASCII | 4 | 0 |
| └── sfx.7z | 7Z | 3 | 1 |
| └── world.txt | ASCII | 4 | 0 |
(C) is right. But it's harder to achieve. For this example we can get it by
restricting 7ZSFX and ZIPSFX detection only when scanning an executable.
But that may mean losing detection of archives embedded elsewhere.
And we'd have to identify allowable container types for each possible
embedded type, which would be very difficult.
So this commit aims to solve the issue the (B)-way.
Note that in all situations, we still have to scan with file typing
enabled to determine if we need to reassign the current file type, such
as re-identifying a Bzip2 archive as a DMG that happens to be Bzip2-
compressed. Detection of DMG and a handful of other types rely on
finding data partway through or near the ned of a file before
reassigning the entire file as the new type.
Other fixes and considerations in this commit:
- The utf16 HTML parser has weak error handling, particularly with respect
to creating a nested fmap for scanning the ascii decoded file.
This commit cleans up the error handling and wraps the nested scan with
the recursion-stack push()/pop() for correct recursion tracking.
Before this commit, each container layer had a flag to indicate if the
container layer is valid.
We need something similar so that the cli_recursion_stack_get_*()
functions ignore normalized layers. Details...
Imagine an LDB signature for HTML content that specifies a ZIP
container. If the signature actually alerts on the normalized HTML and
you don't ignore normalized layers for the container check, it will
appear as though the alert is in an HTML container rather than a ZIP
container.
This commit accomplishes this with a boolean you set in the scan context
before scanning a new layer. Then when the new fmap is created, it will
use that flag to set similar flag for the layer. The context flag is
reset those that anything after this doesn't have that flag.
The flag allows the new recursion_stack_get() function to ignore
normalized layers when iterating the stack to return a layer at a
requested index, negative or positive.
Scanning normalized extracted/normalized javascript and VBA should also
use the 'layer is normalized' flag.
- This commit also fixes Heuristic.Broken.Executable alert for ELF files
to make sure that:
A) these only alert if cli_append_virus() returns CL_VIRUS (aka it
respects the FP check).
B) all broken-executable alerts for ELF only happen if the
SCAN_HEURISTIC_BROKEN option is enabled.
- This commit also cleans up the error handling in cli_magic_scan_dir().
This was needed so we could correctly apply the layer-is-normalized-flag
to all VBA macros extracted to a directory when scanning the directory.
- Also fix an issue where exceeding scan maximums wouldn't cause embedded
file detection scans to abort. Granted we don't actually want to abort
if max filesize or max recursion depth are exceeded... only if max
scansize, max files, and max scantime are exceeded.
Add 'abort_scan' flag to scan context, to protect against depending on
correct error propagation for fatal conditions. Instead, setting this
flag in the scan context should guarantee that a fatal condition deep in
scan recursion isn't lost which result in more stuff being scanned
instead of aborting. This shouldn't be necessary, but some status codes
like CL_ETIMEOUT never used to be fatal and it's easier to do this than
to verify every parser only returns CL_ETIMEOUT and other "fatal
status codes" in fatal conditions.
- Remove duplicate is_tar() prototype from filestypes.c and include
is_tar.h instead.
- Presently we create the fmap hash when creating the fmap.
This wastes a bit of CPU if the hash is never needed.
Now that we're creating fmap's for all embedded files discovered with
file type recognition scans, this is a much more frequent occurence and
really slows things down.
This commit fixes the issue by only creating fmap hashes as needed.
This should not only resolve the perfomance impact of creating fmap's
for all embedded files, but also should improve performance in general.
- Add allmatch check to the zip parser after the central-header meta
match. That way we don't multiple alerts with the same match except in
allmatch mode. Clean up error handling in the zip parser a tiny bit.
- Fixes to ensure that the scan limits such as scansize, filesize,
recursion depth, # of embedded files, and scantime are always reported
if AlertExceedsMax (--alert-exceeds-max) is enabled.
- Fixed an issue where non-fatal alerts for exceeding scan maximums may
mask signature matches later on. I changed it so these alerts use the
"possibly unwanted" alert-type and thus only alert if no other alerts
were found or if all-match or heuristic-precedence are enabled.
- Added the "Heuristics.Limits.Exceeded.*" events to the JSON metadata
when the --gen-json feature is enabled. These will show up once under
"ParseErrors" the first time a limit is exceeded. In the present
implementation, only one limits-exceeded events will be added, so as to
prevent a malicious or malformed sample from filling the JSON buffer
with millions of events and using a tonne of RAM.
2021-09-11 14:15:21 -07:00
|
|
|
res = cli_magic_scan_desc_type(ctx->outfd, ctx->tempfile, cctx, ctx->containertype, NULL);
|
2014-01-16 17:57:21 -05:00
|
|
|
if (res == CL_VIRUS) {
|
|
|
|
|
ctx->virname = cli_get_last_virus(cctx);
|
2018-12-03 12:40:13 -05:00
|
|
|
ctx->found = 1;
|
2014-01-16 17:57:21 -05:00
|
|
|
}
|
2010-03-29 23:47:59 +03:00
|
|
|
}
|
2010-03-19 15:47:26 +02:00
|
|
|
if ((cctx && cctx->engine->keeptmp) ||
|
2014-01-16 17:57:21 -05:00
|
|
|
(ftruncate(ctx->outfd, 0) == -1)) {
|
2010-03-19 15:47:26 +02:00
|
|
|
|
2014-01-16 17:57:21 -05:00
|
|
|
close(ctx->outfd);
|
|
|
|
|
if (!(cctx && cctx->engine->keeptmp) && ctx->tempfile)
|
|
|
|
|
cli_unlink(ctx->tempfile);
|
|
|
|
|
free(ctx->tempfile);
|
|
|
|
|
ctx->tempfile = NULL;
|
2018-12-03 12:40:13 -05:00
|
|
|
ctx->outfd = 0;
|
2010-03-19 15:47:26 +02:00
|
|
|
}
|
|
|
|
|
cli_dbgmsg("bytecode: extracting new file with id %u\n", id);
|
|
|
|
|
return res;
|
|
|
|
|
}
|
2010-03-19 22:20:55 +02:00
|
|
|
|
|
|
|
|
#define BUF 16
|
|
|
|
|
int32_t cli_bcapi_read_number(struct cli_bc_ctx *ctx, uint32_t radix)
|
|
|
|
|
{
|
|
|
|
|
unsigned i;
|
2012-01-05 14:16:09 +02:00
|
|
|
const char *p;
|
2010-03-19 22:20:55 +02:00
|
|
|
int32_t result;
|
|
|
|
|
|
2010-03-22 13:00:23 +02:00
|
|
|
if ((radix != 10 && radix != 16) || !ctx->fmap)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-10-18 10:35:29 +03:00
|
|
|
cli_event_int(EV, BCEV_OFFSET, ctx->off);
|
2010-03-19 22:20:55 +02:00
|
|
|
while ((p = fmap_need_off_once(ctx->fmap, ctx->off, BUF))) {
|
2018-12-03 12:40:13 -05:00
|
|
|
for (i = 0; i < BUF; i++) {
|
2014-01-16 17:57:21 -05:00
|
|
|
if ((p[i] >= '0' && p[i] <= '9') || (radix == 16 && ((p[i] >= 'a' && p[i] <= 'f') || (p[i] >= 'A' && p[i] <= 'F')))) {
|
|
|
|
|
char *endptr;
|
2018-12-03 12:40:13 -05:00
|
|
|
p = fmap_need_ptr_once(ctx->fmap, p + i, 16);
|
2014-01-16 17:57:21 -05:00
|
|
|
if (!p)
|
|
|
|
|
return -1;
|
|
|
|
|
result = strtoul(p, &endptr, radix);
|
|
|
|
|
ctx->off += i + (endptr - p);
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
ctx->off += BUF;
|
2010-03-19 22:20:55 +02:00
|
|
|
}
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_hashset_new(struct cli_bc_ctx *ctx)
|
2010-03-20 21:18:54 +02:00
|
|
|
{
|
2018-12-03 12:40:13 -05:00
|
|
|
unsigned n = ctx->nhashsets + 1;
|
|
|
|
|
struct cli_hashset *s = cli_realloc(ctx->hashsets, sizeof(*ctx->hashsets) * n);
|
2010-10-18 10:35:29 +03:00
|
|
|
if (!s) {
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_event_error_oom(EV, 0);
|
|
|
|
|
return -1;
|
2010-10-18 10:35:29 +03:00
|
|
|
}
|
2018-12-03 12:40:13 -05:00
|
|
|
ctx->hashsets = s;
|
2010-03-21 15:10:49 +02:00
|
|
|
ctx->nhashsets = n;
|
2018-12-03 12:40:13 -05:00
|
|
|
s = &s[n - 1];
|
2010-03-21 15:10:49 +02:00
|
|
|
cli_hashset_init(s, 16, 80);
|
2018-12-03 12:40:13 -05:00
|
|
|
return n - 1;
|
2010-03-21 15:10:49 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static struct cli_hashset *get_hashset(struct cli_bc_ctx *ctx, int32_t id)
|
|
|
|
|
{
|
2014-07-10 18:11:49 -04:00
|
|
|
if (id < 0 || (unsigned int)id >= ctx->nhashsets || !ctx->hashsets) {
|
2014-01-16 17:57:21 -05:00
|
|
|
API_MISUSE();
|
|
|
|
|
return NULL;
|
2010-10-18 10:35:29 +03:00
|
|
|
}
|
2010-03-21 15:10:49 +02:00
|
|
|
return &ctx->hashsets[id];
|
2010-03-20 21:18:54 +02:00
|
|
|
}
|
2010-03-21 15:10:49 +02:00
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_hashset_add(struct cli_bc_ctx *ctx, int32_t id, uint32_t key)
|
2010-03-20 21:18:54 +02:00
|
|
|
{
|
2010-03-21 15:10:49 +02:00
|
|
|
struct cli_hashset *s = get_hashset(ctx, id);
|
|
|
|
|
if (!s)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-03-21 15:10:49 +02:00
|
|
|
return cli_hashset_addkey(s, key);
|
2010-03-20 21:18:54 +02:00
|
|
|
}
|
2010-03-21 15:10:49 +02:00
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_hashset_remove(struct cli_bc_ctx *ctx, int32_t id, uint32_t key)
|
2010-03-20 21:18:54 +02:00
|
|
|
{
|
2010-03-21 15:10:49 +02:00
|
|
|
struct cli_hashset *s = get_hashset(ctx, id);
|
|
|
|
|
if (!s)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-03-24 17:59:41 +02:00
|
|
|
return cli_hashset_removekey(s, key);
|
2010-03-20 21:18:54 +02:00
|
|
|
}
|
2010-03-21 15:10:49 +02:00
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_hashset_contains(struct cli_bc_ctx *ctx, int32_t id, uint32_t key)
|
2010-03-20 21:18:54 +02:00
|
|
|
{
|
2010-03-21 15:10:49 +02:00
|
|
|
struct cli_hashset *s = get_hashset(ctx, id);
|
|
|
|
|
if (!s)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-03-21 15:10:49 +02:00
|
|
|
return cli_hashset_contains(s, key);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int32_t cli_bcapi_hashset_empty(struct cli_bc_ctx *ctx, int32_t id)
|
|
|
|
|
{
|
|
|
|
|
struct cli_hashset *s = get_hashset(ctx, id);
|
2012-07-10 13:17:45 -04:00
|
|
|
return s ? !s->count : 1;
|
2010-03-20 21:18:54 +02:00
|
|
|
}
|
2010-03-21 15:10:49 +02:00
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_hashset_done(struct cli_bc_ctx *ctx, int32_t id)
|
2010-03-20 21:18:54 +02:00
|
|
|
{
|
2010-03-24 17:07:14 +02:00
|
|
|
struct cli_hashset *s = get_hashset(ctx, id);
|
|
|
|
|
if (!s)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-03-24 17:07:14 +02:00
|
|
|
cli_hashset_destroy(s);
|
2018-12-03 12:40:13 -05:00
|
|
|
if ((unsigned int)id == ctx->nhashsets - 1) {
|
2014-01-16 17:57:21 -05:00
|
|
|
ctx->nhashsets--;
|
|
|
|
|
if (!ctx->nhashsets) {
|
|
|
|
|
free(ctx->hashsets);
|
|
|
|
|
ctx->hashsets = NULL;
|
|
|
|
|
} else {
|
2018-12-03 12:40:13 -05:00
|
|
|
s = cli_realloc(ctx->hashsets, ctx->nhashsets * sizeof(*s));
|
2014-01-16 17:57:21 -05:00
|
|
|
if (s)
|
|
|
|
|
ctx->hashsets = s;
|
|
|
|
|
}
|
2010-05-12 18:26:02 +03:00
|
|
|
}
|
2010-03-24 17:07:14 +02:00
|
|
|
return 0;
|
2010-03-20 21:18:54 +02:00
|
|
|
}
|
|
|
|
|
|
2010-03-21 12:56:05 +02:00
|
|
|
int32_t cli_bcapi_buffer_pipe_new(struct cli_bc_ctx *ctx, uint32_t size)
|
2010-03-20 21:18:54 +02:00
|
|
|
{
|
2010-03-21 12:56:05 +02:00
|
|
|
unsigned char *data;
|
|
|
|
|
struct bc_buffer *b;
|
|
|
|
|
unsigned n = ctx->nbuffers + 1;
|
|
|
|
|
|
2010-03-24 17:37:23 +02:00
|
|
|
data = cli_calloc(1, size);
|
2010-03-21 12:56:05 +02:00
|
|
|
if (!data)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2018-12-03 12:40:13 -05:00
|
|
|
b = cli_realloc(ctx->buffers, sizeof(*ctx->buffers) * n);
|
2010-03-21 12:56:05 +02:00
|
|
|
if (!b) {
|
2014-01-16 17:57:21 -05:00
|
|
|
free(data);
|
|
|
|
|
return -1;
|
2010-03-21 12:56:05 +02:00
|
|
|
}
|
2018-12-03 12:40:13 -05:00
|
|
|
ctx->buffers = b;
|
2010-03-21 12:56:05 +02:00
|
|
|
ctx->nbuffers = n;
|
2018-12-03 12:40:13 -05:00
|
|
|
b = &b[n - 1];
|
2010-03-21 12:56:05 +02:00
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
b->data = data;
|
|
|
|
|
b->size = size;
|
2010-03-21 12:56:05 +02:00
|
|
|
b->write_cursor = b->read_cursor = 0;
|
2018-12-03 12:40:13 -05:00
|
|
|
return n - 1;
|
2010-03-21 12:56:05 +02:00
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_buffer_pipe_new_fromfile(struct cli_bc_ctx *ctx, uint32_t at)
|
2010-03-21 12:56:05 +02:00
|
|
|
{
|
|
|
|
|
struct bc_buffer *b;
|
|
|
|
|
unsigned n = ctx->nbuffers + 1;
|
|
|
|
|
|
|
|
|
|
if (at >= ctx->file_size)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-03-21 12:56:05 +02:00
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
b = cli_realloc(ctx->buffers, sizeof(*ctx->buffers) * n);
|
2010-03-21 12:56:05 +02:00
|
|
|
if (!b) {
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-03-21 12:56:05 +02:00
|
|
|
}
|
2018-12-03 12:40:13 -05:00
|
|
|
ctx->buffers = b;
|
2010-03-21 12:56:05 +02:00
|
|
|
ctx->nbuffers = n;
|
2018-12-03 12:40:13 -05:00
|
|
|
b = &b[n - 1];
|
2010-03-21 12:56:05 +02:00
|
|
|
|
|
|
|
|
/* NULL data means read from file at pos read_cursor */
|
2018-12-03 12:40:13 -05:00
|
|
|
b->data = NULL;
|
|
|
|
|
b->size = 0;
|
|
|
|
|
b->read_cursor = at;
|
2010-03-21 12:56:05 +02:00
|
|
|
b->write_cursor = 0;
|
2018-12-03 12:40:13 -05:00
|
|
|
return n - 1;
|
2010-03-21 12:56:05 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static struct bc_buffer *get_buffer(struct cli_bc_ctx *ctx, int32_t id)
|
|
|
|
|
{
|
2014-07-10 18:11:49 -04:00
|
|
|
if (!ctx->buffers || id < 0 || (unsigned int)id >= ctx->nbuffers) {
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_dbgmsg("bytecode api: invalid buffer id %u\n", id);
|
|
|
|
|
return NULL;
|
2010-03-21 15:10:49 +02:00
|
|
|
}
|
2010-03-21 12:56:05 +02:00
|
|
|
return &ctx->buffers[id];
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
uint32_t cli_bcapi_buffer_pipe_read_avail(struct cli_bc_ctx *ctx, int32_t id)
|
2010-03-21 12:56:05 +02:00
|
|
|
{
|
|
|
|
|
struct bc_buffer *b = get_buffer(ctx, id);
|
|
|
|
|
if (!b)
|
2014-01-16 17:57:21 -05:00
|
|
|
return 0;
|
2010-03-21 12:56:05 +02:00
|
|
|
if (b->data) {
|
2014-01-16 17:57:21 -05:00
|
|
|
if (b->write_cursor <= b->read_cursor)
|
|
|
|
|
return 0;
|
|
|
|
|
return b->write_cursor - b->read_cursor;
|
2010-03-21 12:56:05 +02:00
|
|
|
}
|
2010-05-12 20:01:37 +03:00
|
|
|
if (!ctx->fmap || b->read_cursor >= ctx->file_size)
|
2014-01-16 17:57:21 -05:00
|
|
|
return 0;
|
2010-05-12 20:01:37 +03:00
|
|
|
if (b->read_cursor + BUFSIZ <= ctx->file_size)
|
2014-01-16 17:57:21 -05:00
|
|
|
return BUFSIZ;
|
2010-05-12 20:01:37 +03:00
|
|
|
return ctx->file_size - b->read_cursor;
|
2010-03-21 12:56:05 +02:00
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
const uint8_t *cli_bcapi_buffer_pipe_read_get(struct cli_bc_ctx *ctx, int32_t id, uint32_t size)
|
2010-03-21 12:56:05 +02:00
|
|
|
{
|
|
|
|
|
struct bc_buffer *b = get_buffer(ctx, id);
|
|
|
|
|
if (!b || size > cli_bcapi_buffer_pipe_read_avail(ctx, id) || !size)
|
2014-01-16 17:57:21 -05:00
|
|
|
return NULL;
|
2010-03-21 12:56:05 +02:00
|
|
|
if (b->data)
|
2014-01-16 17:57:21 -05:00
|
|
|
return b->data + b->read_cursor;
|
2010-03-21 12:56:05 +02:00
|
|
|
return fmap_need_off(ctx->fmap, b->read_cursor, size);
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_buffer_pipe_read_stopped(struct cli_bc_ctx *ctx, int32_t id, uint32_t amount)
|
2010-03-21 12:56:05 +02:00
|
|
|
{
|
|
|
|
|
struct bc_buffer *b = get_buffer(ctx, id);
|
|
|
|
|
if (!b)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-03-21 12:56:05 +02:00
|
|
|
if (b->data) {
|
2014-01-16 17:57:21 -05:00
|
|
|
if (b->write_cursor <= b->read_cursor)
|
|
|
|
|
return -1;
|
|
|
|
|
if (b->read_cursor + amount > b->write_cursor)
|
|
|
|
|
b->read_cursor = b->write_cursor;
|
|
|
|
|
else
|
|
|
|
|
b->read_cursor += amount;
|
|
|
|
|
if (b->read_cursor >= b->size &&
|
|
|
|
|
b->write_cursor >= b->size)
|
|
|
|
|
b->read_cursor = b->write_cursor = 0;
|
|
|
|
|
return 0;
|
2010-03-21 12:56:05 +02:00
|
|
|
}
|
|
|
|
|
b->read_cursor += amount;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
uint32_t cli_bcapi_buffer_pipe_write_avail(struct cli_bc_ctx *ctx, int32_t id)
|
|
|
|
|
{
|
|
|
|
|
struct bc_buffer *b = get_buffer(ctx, id);
|
|
|
|
|
if (!b)
|
2014-01-16 17:57:21 -05:00
|
|
|
return 0;
|
2010-03-21 12:56:05 +02:00
|
|
|
if (!b->data)
|
2014-01-16 17:57:21 -05:00
|
|
|
return 0;
|
2010-03-21 12:56:05 +02:00
|
|
|
if (b->write_cursor >= b->size)
|
2014-01-16 17:57:21 -05:00
|
|
|
return 0;
|
2010-03-21 12:56:05 +02:00
|
|
|
return b->size - b->write_cursor;
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
uint8_t *cli_bcapi_buffer_pipe_write_get(struct cli_bc_ctx *ctx, int32_t id, uint32_t size)
|
2010-03-21 12:56:05 +02:00
|
|
|
{
|
|
|
|
|
struct bc_buffer *b = get_buffer(ctx, id);
|
|
|
|
|
if (!b || size > cli_bcapi_buffer_pipe_write_avail(ctx, id) || !size)
|
2014-01-16 17:57:21 -05:00
|
|
|
return NULL;
|
2010-03-21 12:56:05 +02:00
|
|
|
if (!b->data)
|
2014-01-16 17:57:21 -05:00
|
|
|
return NULL;
|
2010-03-21 12:56:05 +02:00
|
|
|
return b->data + b->write_cursor;
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_buffer_pipe_write_stopped(struct cli_bc_ctx *ctx, int32_t id, uint32_t size)
|
2010-03-21 12:56:05 +02:00
|
|
|
{
|
|
|
|
|
struct bc_buffer *b = get_buffer(ctx, id);
|
|
|
|
|
if (!b || !b->data)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-03-21 12:56:05 +02:00
|
|
|
if (b->write_cursor + size >= b->size)
|
2014-01-16 17:57:21 -05:00
|
|
|
b->write_cursor = b->size;
|
2010-03-21 12:56:05 +02:00
|
|
|
else
|
2014-01-16 17:57:21 -05:00
|
|
|
b->write_cursor += size;
|
2010-03-21 12:56:05 +02:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_buffer_pipe_done(struct cli_bc_ctx *ctx, int32_t id)
|
2010-03-21 12:56:05 +02:00
|
|
|
{
|
2010-03-24 17:07:14 +02:00
|
|
|
struct bc_buffer *b = get_buffer(ctx, id);
|
|
|
|
|
if (!b)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-03-24 17:07:14 +02:00
|
|
|
free(b->data);
|
|
|
|
|
b->data = NULL;
|
|
|
|
|
return -0;
|
2010-03-21 12:56:05 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int32_t cli_bcapi_inflate_init(struct cli_bc_ctx *ctx, int32_t from, int32_t to, int32_t windowBits)
|
|
|
|
|
{
|
|
|
|
|
int ret;
|
|
|
|
|
z_stream stream;
|
|
|
|
|
struct bc_inflate *b;
|
|
|
|
|
unsigned n = ctx->ninflates + 1;
|
2010-03-21 15:10:49 +02:00
|
|
|
if (!get_buffer(ctx, from) || !get_buffer(ctx, to)) {
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_dbgmsg("bytecode api: inflate_init: invalid buffers!\n");
|
|
|
|
|
return -1;
|
2010-03-21 15:10:49 +02:00
|
|
|
}
|
2018-12-03 12:40:13 -05:00
|
|
|
b = cli_realloc(ctx->inflates, sizeof(*ctx->inflates) * n);
|
2017-08-18 16:06:26 -04:00
|
|
|
if (!b) {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2018-12-03 12:40:13 -05:00
|
|
|
ctx->inflates = b;
|
2017-08-18 16:06:26 -04:00
|
|
|
ctx->ninflates = n;
|
2018-12-03 12:40:13 -05:00
|
|
|
b = &b[n - 1];
|
2017-08-18 16:06:26 -04:00
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
b->from = from;
|
|
|
|
|
b->to = to;
|
2017-08-18 16:06:26 -04:00
|
|
|
b->needSync = 0;
|
|
|
|
|
memset(&b->stream, 0, sizeof(stream));
|
|
|
|
|
ret = inflateInit2(&b->stream, windowBits);
|
2010-03-21 12:56:05 +02:00
|
|
|
switch (ret) {
|
2014-01-16 17:57:21 -05:00
|
|
|
case Z_MEM_ERROR:
|
|
|
|
|
cli_dbgmsg("bytecode api: inflateInit2: out of memory!\n");
|
|
|
|
|
return -1;
|
|
|
|
|
case Z_VERSION_ERROR:
|
|
|
|
|
cli_dbgmsg("bytecode api: inflateinit2: zlib version error!\n");
|
|
|
|
|
return -1;
|
|
|
|
|
case Z_STREAM_ERROR:
|
|
|
|
|
cli_dbgmsg("bytecode api: inflateinit2: zlib stream error!\n");
|
|
|
|
|
return -1;
|
|
|
|
|
case Z_OK:
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
cli_dbgmsg("bytecode api: inflateInit2: unknown error %d\n", ret);
|
|
|
|
|
return -1;
|
2010-03-21 12:56:05 +02:00
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
return n - 1;
|
2010-03-20 21:18:54 +02:00
|
|
|
}
|
|
|
|
|
|
2010-03-21 12:56:05 +02:00
|
|
|
static struct bc_inflate *get_inflate(struct cli_bc_ctx *ctx, int32_t id)
|
2010-03-20 21:18:54 +02:00
|
|
|
{
|
2014-07-10 18:11:49 -04:00
|
|
|
if (id < 0 || (unsigned int)id >= ctx->ninflates || !ctx->inflates)
|
2014-01-16 17:57:21 -05:00
|
|
|
return NULL;
|
2010-03-21 12:56:05 +02:00
|
|
|
return &ctx->inflates[id];
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_inflate_process(struct cli_bc_ctx *ctx, int32_t id)
|
2010-03-21 12:56:05 +02:00
|
|
|
{
|
|
|
|
|
int ret;
|
|
|
|
|
unsigned avail_in_orig, avail_out_orig;
|
|
|
|
|
struct bc_inflate *b = get_inflate(ctx, id);
|
2010-03-21 15:10:49 +02:00
|
|
|
if (!b || b->from == -1 || b->to == -1)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-03-21 12:56:05 +02:00
|
|
|
|
|
|
|
|
b->stream.avail_in = avail_in_orig =
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_bcapi_buffer_pipe_read_avail(ctx, b->from);
|
2010-03-21 12:56:05 +02:00
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
b->stream.next_in = (void *)cli_bcapi_buffer_pipe_read_get(ctx, b->from,
|
|
|
|
|
b->stream.avail_in);
|
2010-03-21 12:56:05 +02:00
|
|
|
|
|
|
|
|
b->stream.avail_out = avail_out_orig =
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_bcapi_buffer_pipe_write_avail(ctx, b->to);
|
2010-03-21 12:56:05 +02:00
|
|
|
|
|
|
|
|
b->stream.next_out = cli_bcapi_buffer_pipe_write_get(ctx, b->to,
|
2014-01-16 17:57:21 -05:00
|
|
|
b->stream.avail_out);
|
2010-03-21 12:56:05 +02:00
|
|
|
|
2010-03-22 13:41:18 +02:00
|
|
|
if (!b->stream.avail_in || !b->stream.avail_out || !b->stream.next_in || !b->stream.next_out)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-03-21 12:56:05 +02:00
|
|
|
/* try hard to extract data, skipping over corrupted data */
|
|
|
|
|
do {
|
2014-01-16 17:57:21 -05:00
|
|
|
if (!b->needSync) {
|
|
|
|
|
ret = inflate(&b->stream, Z_NO_FLUSH);
|
|
|
|
|
if (ret == Z_DATA_ERROR) {
|
|
|
|
|
cli_dbgmsg("bytecode api: inflate at %lu: %s, trying to recover\n", b->stream.total_in,
|
|
|
|
|
b->stream.msg);
|
|
|
|
|
b->needSync = 1;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if (b->needSync) {
|
|
|
|
|
ret = inflateSync(&b->stream);
|
|
|
|
|
if (ret == Z_OK) {
|
|
|
|
|
cli_dbgmsg("bytecode api: successfully recovered inflate stream\n");
|
|
|
|
|
b->needSync = 0;
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
break;
|
2010-03-21 12:56:05 +02:00
|
|
|
} while (1);
|
|
|
|
|
cli_bcapi_buffer_pipe_read_stopped(ctx, b->from, avail_in_orig - b->stream.avail_in);
|
|
|
|
|
cli_bcapi_buffer_pipe_write_stopped(ctx, b->to, avail_out_orig - b->stream.avail_out);
|
|
|
|
|
|
|
|
|
|
if (ret == Z_MEM_ERROR) {
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_dbgmsg("bytecode api: out of memory!\n");
|
|
|
|
|
cli_bcapi_inflate_done(ctx, id);
|
|
|
|
|
return ret;
|
2010-03-21 12:56:05 +02:00
|
|
|
}
|
|
|
|
|
if (ret == Z_STREAM_END) {
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_bcapi_inflate_done(ctx, id);
|
2010-03-21 12:56:05 +02:00
|
|
|
}
|
|
|
|
|
if (ret == Z_BUF_ERROR) {
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_dbgmsg("bytecode api: buffer error!\n");
|
2010-03-21 12:56:05 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return ret;
|
2010-03-20 21:18:54 +02:00
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_inflate_done(struct cli_bc_ctx *ctx, int32_t id)
|
2010-03-20 21:18:54 +02:00
|
|
|
{
|
2010-03-21 12:56:05 +02:00
|
|
|
int ret;
|
|
|
|
|
struct bc_inflate *b = get_inflate(ctx, id);
|
|
|
|
|
if (!b || b->from == -1 || b->to == -1)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-03-21 12:56:05 +02:00
|
|
|
ret = inflateEnd(&b->stream);
|
|
|
|
|
if (ret == Z_STREAM_ERROR)
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_dbgmsg("bytecode api: inflateEnd: %s\n", b->stream.msg);
|
2010-03-21 12:56:05 +02:00
|
|
|
b->from = b->to = -1;
|
|
|
|
|
return ret;
|
2010-03-20 21:18:54 +02:00
|
|
|
}
|
2010-03-21 12:56:05 +02:00
|
|
|
|
2020-04-29 09:26:07 -07:00
|
|
|
int32_t cli_bcapi_lzma_init(struct cli_bc_ctx *ctx, int32_t from, int32_t to)
|
|
|
|
|
{
|
|
|
|
|
int ret;
|
|
|
|
|
struct bc_lzma *b;
|
|
|
|
|
unsigned n = ctx->nlzmas + 1;
|
|
|
|
|
unsigned avail_in_orig;
|
|
|
|
|
|
|
|
|
|
if (!get_buffer(ctx, from) || !get_buffer(ctx, to)) {
|
|
|
|
|
cli_dbgmsg("bytecode api: lzma_init: invalid buffers!\n");
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
avail_in_orig = cli_bcapi_buffer_pipe_read_avail(ctx, from);
|
|
|
|
|
if (avail_in_orig < LZMA_PROPS_SIZE + 8) {
|
|
|
|
|
cli_dbgmsg("bytecode api: lzma_init: not enough bytes in pipe to read LZMA header!\n");
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
b = cli_realloc(ctx->lzmas, sizeof(*ctx->lzmas) * n);
|
|
|
|
|
if (!b) {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
ctx->lzmas = b;
|
|
|
|
|
ctx->nlzmas = n;
|
|
|
|
|
b = &b[n - 1];
|
|
|
|
|
|
|
|
|
|
b->from = from;
|
|
|
|
|
b->to = to;
|
|
|
|
|
memset(&b->stream, 0, sizeof(b->stream));
|
|
|
|
|
|
|
|
|
|
b->stream.avail_in = avail_in_orig;
|
Code cleanup: Refactor to clean up formatting issues
Refactored the clamscan code that determines 'what to scan' in order
to clean up some very messy logic and also to get around a difference in
how vscode and clang-format handle formatting #ifdef blocks in the
middle of an else/if.
In addition to refactoring, there is a slight behavior improvement. With
this change, doing `clamscan blah -` will now scan `blah` and then also
scan `stdin`. You can even do `clamscan - blah` to now scan `stdin` and
then scan `blah`. Before, The `-` had to be the only "filename" argument
in order to scan from stdin.
In addition, added a bunch of extra empty lines or changing multi-line
function calls to single-line function calls in order to get around a
bug in clang-format with these two options do not playing nice together:
- AlignConsecutiveAssignments: true
- AlignAfterOpenBracket: true
AlignAfterOpenBracket is not taking account the spaces inserted by
AlignConsecutiveAssignments, so you end up with stuff like this:
```c
bleeblah = 1;
blah = function(arg1,
arg2,
arg3);
// ^--- these args 4-left from where they should be.
```
VSCode, meanwhile, somehow fixes this whitespace issue so code that is
correctly formatted by VSCode doesn't have this bug, meaning that:
1. The clang-format check in GH Actions fails.
2. We'd all have to stop using format-on-save in VSCode and accept the
bug if we wanted those GH Actions tests to pass.
Adding an empty line before variable assignments from multi-line
function calls evades the buggy behavior.
This commit should resolve the clang-format github action test failures,
for now.
2022-03-10 20:55:13 -08:00
|
|
|
|
|
|
|
|
b->stream.next_in = (void *)cli_bcapi_buffer_pipe_read_get(ctx, b->from,
|
|
|
|
|
b->stream.avail_in);
|
2020-04-29 09:26:07 -07:00
|
|
|
|
|
|
|
|
if ((ret = cli_LzmaInit(&b->stream, 0)) != LZMA_RESULT_OK) {
|
|
|
|
|
cli_dbgmsg("bytecode api: LzmaInit: Failed to initialize LZMA decompressor: %d!\n", ret);
|
|
|
|
|
cli_bcapi_buffer_pipe_read_stopped(ctx, b->from, avail_in_orig - b->stream.avail_in);
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
cli_bcapi_buffer_pipe_read_stopped(ctx, b->from, avail_in_orig - b->stream.avail_in);
|
|
|
|
|
return n - 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static struct bc_lzma *get_lzma(struct cli_bc_ctx *ctx, int32_t id)
|
|
|
|
|
{
|
|
|
|
|
if (id < 0 || (unsigned int)id >= ctx->nlzmas || !ctx->lzmas)
|
|
|
|
|
return NULL;
|
|
|
|
|
return &ctx->lzmas[id];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int32_t cli_bcapi_lzma_process(struct cli_bc_ctx *ctx, int32_t id)
|
|
|
|
|
{
|
|
|
|
|
int ret;
|
|
|
|
|
unsigned avail_in_orig, avail_out_orig;
|
|
|
|
|
struct bc_lzma *b = get_lzma(ctx, id);
|
|
|
|
|
if (!b || b->from == -1 || b->to == -1)
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
b->stream.avail_in = avail_in_orig =
|
|
|
|
|
cli_bcapi_buffer_pipe_read_avail(ctx, b->from);
|
|
|
|
|
|
|
|
|
|
b->stream.next_in = (void *)cli_bcapi_buffer_pipe_read_get(ctx, b->from,
|
|
|
|
|
b->stream.avail_in);
|
|
|
|
|
|
|
|
|
|
b->stream.avail_out = avail_out_orig =
|
|
|
|
|
cli_bcapi_buffer_pipe_write_avail(ctx, b->to);
|
|
|
|
|
b->stream.next_out = (uint8_t *)cli_bcapi_buffer_pipe_write_get(ctx, b->to,
|
|
|
|
|
b->stream.avail_out);
|
|
|
|
|
|
|
|
|
|
if (!b->stream.avail_in || !b->stream.avail_out || !b->stream.next_in || !b->stream.next_out)
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
ret = cli_LzmaDecode(&b->stream);
|
|
|
|
|
cli_bcapi_buffer_pipe_read_stopped(ctx, b->from, avail_in_orig - b->stream.avail_in);
|
|
|
|
|
cli_bcapi_buffer_pipe_write_stopped(ctx, b->to, avail_out_orig - b->stream.avail_out);
|
|
|
|
|
|
|
|
|
|
if (ret != LZMA_RESULT_OK && ret != LZMA_STREAM_END) {
|
|
|
|
|
cli_dbgmsg("bytecode api: LzmaDecode: Error %d while decoding\n", ret);
|
|
|
|
|
cli_bcapi_lzma_done(ctx, id);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int32_t cli_bcapi_lzma_done(struct cli_bc_ctx *ctx, int32_t id)
|
|
|
|
|
{
|
|
|
|
|
struct bc_lzma *b = get_lzma(ctx, id);
|
|
|
|
|
if (!b || b->from == -1 || b->to == -1)
|
|
|
|
|
return -1;
|
|
|
|
|
cli_LzmaShutdown(&b->stream);
|
|
|
|
|
b->from = b->to = -1;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int32_t cli_bcapi_bzip2_init(struct cli_bc_ctx *ctx, int32_t from, int32_t to)
|
|
|
|
|
{
|
|
|
|
|
#if HAVE_BZLIB_H
|
|
|
|
|
int ret;
|
|
|
|
|
struct bc_bzip2 *b;
|
|
|
|
|
unsigned n = ctx->nbzip2s + 1;
|
|
|
|
|
if (!get_buffer(ctx, from) || !get_buffer(ctx, to)) {
|
|
|
|
|
cli_dbgmsg("bytecode api: bzip2_init: invalid buffers!\n");
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
b = cli_realloc(ctx->bzip2s, sizeof(*ctx->bzip2s) * n);
|
|
|
|
|
if (!b) {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
ctx->bzip2s = b;
|
|
|
|
|
ctx->nbzip2s = n;
|
|
|
|
|
b = &b[n - 1];
|
|
|
|
|
|
|
|
|
|
b->from = from;
|
|
|
|
|
b->to = to;
|
|
|
|
|
memset(&b->stream, 0, sizeof(b->stream));
|
|
|
|
|
ret = BZ2_bzDecompressInit(&b->stream, 0, 0);
|
|
|
|
|
switch (ret) {
|
|
|
|
|
case BZ_CONFIG_ERROR:
|
|
|
|
|
cli_dbgmsg("bytecode api: BZ2_bzDecompressInit: Library has been mis-compiled!\n");
|
|
|
|
|
return -1;
|
|
|
|
|
case BZ_PARAM_ERROR:
|
|
|
|
|
cli_dbgmsg("bytecode api: BZ2_bzDecompressInit: Invalid arguments!\n");
|
|
|
|
|
return -1;
|
|
|
|
|
case BZ_MEM_ERROR:
|
|
|
|
|
cli_dbgmsg("bytecode api: BZ2_bzDecompressInit: Insufficient memory available!\n");
|
|
|
|
|
return -1;
|
|
|
|
|
case BZ_OK:
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
cli_dbgmsg("bytecode api: BZ2_bzDecompressInit: unknown error %d\n", ret);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return n - 1;
|
|
|
|
|
#else
|
|
|
|
|
return -1;
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#if HAVE_BZLIB_H
|
|
|
|
|
static struct bc_bzip2 *get_bzip2(struct cli_bc_ctx *ctx, int32_t id)
|
|
|
|
|
{
|
|
|
|
|
if (id < 0 || (unsigned int)id >= ctx->nbzip2s || !ctx->bzip2s)
|
|
|
|
|
return NULL;
|
|
|
|
|
return &ctx->bzip2s[id];
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
int32_t cli_bcapi_bzip2_process(struct cli_bc_ctx *ctx, int32_t id)
|
|
|
|
|
{
|
|
|
|
|
#if HAVE_BZLIB_H
|
|
|
|
|
int ret;
|
|
|
|
|
unsigned avail_in_orig, avail_out_orig;
|
|
|
|
|
struct bc_bzip2 *b = get_bzip2(ctx, id);
|
|
|
|
|
if (!b || b->from == -1 || b->to == -1)
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
b->stream.avail_in = avail_in_orig =
|
|
|
|
|
cli_bcapi_buffer_pipe_read_avail(ctx, b->from);
|
|
|
|
|
|
|
|
|
|
b->stream.next_in = (void *)cli_bcapi_buffer_pipe_read_get(ctx, b->from,
|
|
|
|
|
b->stream.avail_in);
|
|
|
|
|
|
|
|
|
|
b->stream.avail_out = avail_out_orig =
|
|
|
|
|
cli_bcapi_buffer_pipe_write_avail(ctx, b->to);
|
|
|
|
|
|
|
|
|
|
b->stream.next_out = (char *)cli_bcapi_buffer_pipe_write_get(ctx, b->to,
|
|
|
|
|
b->stream.avail_out);
|
|
|
|
|
|
|
|
|
|
if (!b->stream.avail_in || !b->stream.avail_out || !b->stream.next_in || !b->stream.next_out)
|
|
|
|
|
return -1;
|
|
|
|
|
/* try hard to extract data, skipping over corrupted data */
|
|
|
|
|
ret = BZ2_bzDecompress(&b->stream);
|
|
|
|
|
cli_bcapi_buffer_pipe_read_stopped(ctx, b->from, avail_in_orig - b->stream.avail_in);
|
|
|
|
|
cli_bcapi_buffer_pipe_write_stopped(ctx, b->to, avail_out_orig - b->stream.avail_out);
|
|
|
|
|
|
|
|
|
|
/* check if nothing written whatsoever */
|
|
|
|
|
if ((ret != BZ_OK) && (b->stream.avail_out == avail_out_orig)) {
|
|
|
|
|
/* Inflation failed */
|
|
|
|
|
cli_errmsg("cli_bcapi_bzip2_process: failed to decompress data\n");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
#else
|
|
|
|
|
return -1;
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int32_t cli_bcapi_bzip2_done(struct cli_bc_ctx *ctx, int32_t id)
|
|
|
|
|
{
|
|
|
|
|
#if HAVE_BZLIB_H
|
|
|
|
|
struct bc_bzip2 *b = get_bzip2(ctx, id);
|
|
|
|
|
if (!b || b->from == -1 || b->to == -1)
|
|
|
|
|
return -1;
|
|
|
|
|
BZ2_bzDecompressEnd(&b->stream);
|
|
|
|
|
b->from = b->to = -1;
|
|
|
|
|
return 0;
|
|
|
|
|
#else
|
|
|
|
|
return -1;
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_bytecode_rt_error(struct cli_bc_ctx *ctx, int32_t id)
|
2010-03-22 14:58:58 +02:00
|
|
|
{
|
|
|
|
|
int32_t line = id >> 8;
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t col = id & 0xff;
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(ctx);
|
2010-03-22 14:58:58 +02:00
|
|
|
cli_warnmsg("Bytecode runtime error at line %u, col %u\n", line, col);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2010-03-31 10:53:11 +03:00
|
|
|
int32_t cli_bcapi_jsnorm_init(struct cli_bc_ctx *ctx, int32_t from)
|
|
|
|
|
{
|
|
|
|
|
struct parser_state *state;
|
|
|
|
|
struct bc_jsnorm *b;
|
2018-12-03 12:40:13 -05:00
|
|
|
unsigned n = ctx->njsnorms + 1;
|
2010-03-31 10:53:11 +03:00
|
|
|
if (!get_buffer(ctx, from)) {
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_dbgmsg("bytecode api: jsnorm_init: invalid buffers!\n");
|
|
|
|
|
return -1;
|
2010-03-31 10:53:11 +03:00
|
|
|
}
|
|
|
|
|
state = cli_js_init();
|
|
|
|
|
if (!state)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2018-12-03 12:40:13 -05:00
|
|
|
b = cli_realloc(ctx->jsnorms, sizeof(*ctx->jsnorms) * n);
|
2010-03-31 10:53:11 +03:00
|
|
|
if (!b) {
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_js_destroy(state);
|
|
|
|
|
return -1;
|
2010-03-31 10:53:11 +03:00
|
|
|
}
|
2018-12-03 12:40:13 -05:00
|
|
|
ctx->jsnorms = b;
|
2010-03-31 10:53:11 +03:00
|
|
|
ctx->njsnorms = n;
|
2018-12-03 12:40:13 -05:00
|
|
|
b = &b[n - 1];
|
|
|
|
|
b->from = from;
|
|
|
|
|
b->state = state;
|
2010-03-31 10:53:11 +03:00
|
|
|
if (!ctx->jsnormdir) {
|
2018-12-03 12:40:13 -05:00
|
|
|
cli_ctx *cctx = (cli_ctx *)ctx->ctx;
|
Improve tmp sub-directory names
At present many parsers create tmp subdirectories to store extracted
files. For parsers like the vba parser, this is required as the
directory is later scanned. For other parsers, these subdirectories are
probably not helpful now that we provide recursive sub-dirs when
--leave-temps is enabled. It's not quite as simple as removing the extra
subdirectories, however. Certain parsers, like autoit, don't create very
unique filenames and would result in file name collisions when
--leave-temps is not enabled.
The best thing to do would be to make sure each parser uses unique
filenames and doesn't rely on cli_magic_scan_dir() to scan extracted
content before removing the extra subdirectory. In the meantime, this
commit gives the extra subdirectories meaningful names to improve
readability.
This commit also:
- Provides the 'bmp' prefix for extracted PE icons.
- Removes empty tmp subdirs when extracting rtf files, to eliminate
clutter.
- The PDF parser sometimes creates tmp files when decompressing streams
before it knows if there is actually any content to decompress. This
resulted in a large number of empty files. While it would be best to
avoid creating empty files in the first place, that's not quite as
as it sounds. This commit does the next best thing and deletes the
tmp files if nothing was actually extracted, even if --leave-temps is
enabled.
- Removes the "scantemp" prefix for unnamed fmaps scanned with
cli_magic_scan(). The 5-character hashes given to tmp files with
prefixes resulted in occasional file name collisions when extracting
certain file types with thousands of embedded files.
- The VBA and TAR parsers mistakenly used NAME_MAX instead of PATH_MAX,
resulting in truncated file paths and failed extraction when
--leave-temps is enabled and a lot of recursion is in play. This commit
switches them from NAME_MAX to PATH_MAX.
2020-03-27 16:06:22 -04:00
|
|
|
ctx->jsnormdir = cli_gentemp_with_prefix(cctx ? cctx->engine->tmpdir : NULL, "normalized-js");
|
2014-01-16 17:57:21 -05:00
|
|
|
if (ctx->jsnormdir) {
|
|
|
|
|
if (mkdir(ctx->jsnormdir, 0700)) {
|
|
|
|
|
cli_dbgmsg("js: can't create temp dir %s\n", ctx->jsnormdir);
|
|
|
|
|
free(ctx->jsnormdir);
|
|
|
|
|
return CL_ETMPDIR;
|
|
|
|
|
}
|
|
|
|
|
}
|
2010-03-31 10:53:11 +03:00
|
|
|
}
|
2018-12-03 12:40:13 -05:00
|
|
|
return n - 1;
|
2010-03-31 10:53:11 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static struct bc_jsnorm *get_jsnorm(struct cli_bc_ctx *ctx, int32_t id)
|
|
|
|
|
{
|
2014-07-10 18:11:49 -04:00
|
|
|
if (id < 0 || (unsigned int)id >= ctx->njsnorms || !ctx->jsnorms)
|
2014-01-16 17:57:21 -05:00
|
|
|
return NULL;
|
2010-03-31 10:53:11 +03:00
|
|
|
return &ctx->jsnorms[id];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int32_t cli_bcapi_jsnorm_process(struct cli_bc_ctx *ctx, int32_t id)
|
|
|
|
|
{
|
|
|
|
|
unsigned avail;
|
2012-01-05 14:16:09 +02:00
|
|
|
const unsigned char *in;
|
2018-12-03 12:40:13 -05:00
|
|
|
cli_ctx *cctx = ctx->ctx;
|
2010-03-31 10:53:11 +03:00
|
|
|
struct bc_jsnorm *b = get_jsnorm(ctx, id);
|
|
|
|
|
if (!b || b->from == -1 || !b->state)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-03-31 10:53:11 +03:00
|
|
|
|
|
|
|
|
avail = cli_bcapi_buffer_pipe_read_avail(ctx, b->from);
|
2018-12-03 12:40:13 -05:00
|
|
|
in = cli_bcapi_buffer_pipe_read_get(ctx, b->from, avail);
|
2010-03-31 10:53:11 +03:00
|
|
|
if (!avail || !in)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-03-31 10:53:11 +03:00
|
|
|
if (cctx && cli_checklimits("bytecode js api", cctx, ctx->jsnormwritten + avail, 0, 0))
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-03-31 10:53:11 +03:00
|
|
|
cli_bcapi_buffer_pipe_read_stopped(ctx, b->from, avail);
|
2018-12-03 12:40:13 -05:00
|
|
|
cli_js_process_buffer(b->state, (char *)in, avail);
|
2010-03-31 10:53:11 +03:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_jsnorm_done(struct cli_bc_ctx *ctx, int32_t id)
|
2010-03-31 10:53:11 +03:00
|
|
|
{
|
|
|
|
|
struct bc_jsnorm *b = get_jsnorm(ctx, id);
|
|
|
|
|
if (!b || b->from == -1)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-03-31 10:53:11 +03:00
|
|
|
if (ctx->ctx && cli_updatelimits(ctx->ctx, ctx->jsnormwritten))
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-03-31 10:53:11 +03:00
|
|
|
ctx->jsnormwritten = 0;
|
|
|
|
|
cli_js_parse_done(b->state);
|
|
|
|
|
cli_js_output(b->state, ctx->jsnormdir);
|
|
|
|
|
cli_js_destroy(b->state);
|
|
|
|
|
b->from = -1;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2010-05-12 18:26:02 +03:00
|
|
|
|
2010-05-14 11:09:16 +03:00
|
|
|
static inline double myround(double a)
|
|
|
|
|
{
|
|
|
|
|
if (a < 0)
|
2018-12-03 12:40:13 -05:00
|
|
|
return a - 0.5;
|
|
|
|
|
return a + 0.5;
|
2010-05-14 11:09:16 +03:00
|
|
|
}
|
|
|
|
|
|
2010-05-12 18:26:02 +03:00
|
|
|
int32_t cli_bcapi_ilog2(struct cli_bc_ctx *ctx, uint32_t a, uint32_t b)
|
|
|
|
|
{
|
|
|
|
|
double f;
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(ctx);
|
2010-05-12 18:26:02 +03:00
|
|
|
if (!b)
|
2014-01-16 17:57:21 -05:00
|
|
|
return 0x7fffffff;
|
2010-05-12 18:26:02 +03:00
|
|
|
/* log(a/b) is -32..32, so 2^26*32=2^31 covers the entire range of int32 */
|
2018-12-03 12:40:13 -05:00
|
|
|
f = (1 << 26) * log((double)a / b) / log(2);
|
2010-05-14 11:09:16 +03:00
|
|
|
return (int32_t)myround(f);
|
2010-05-12 18:26:02 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int32_t cli_bcapi_ipow(struct cli_bc_ctx *ctx, int32_t a, int32_t b, int32_t c)
|
|
|
|
|
{
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(ctx);
|
2010-05-12 18:26:02 +03:00
|
|
|
if (!a && b < 0)
|
2014-01-16 17:57:21 -05:00
|
|
|
return 0x7fffffff;
|
2018-12-03 12:40:13 -05:00
|
|
|
return (int32_t)myround(c * pow(a, b));
|
2010-05-12 18:26:02 +03:00
|
|
|
}
|
|
|
|
|
|
2010-05-14 10:35:16 +03:00
|
|
|
uint32_t cli_bcapi_iexp(struct cli_bc_ctx *ctx, int32_t a, int32_t b, int32_t c)
|
2010-05-12 18:26:02 +03:00
|
|
|
{
|
|
|
|
|
double f;
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(ctx);
|
2010-05-12 18:26:02 +03:00
|
|
|
if (!b)
|
2014-01-16 17:57:21 -05:00
|
|
|
return 0x7fffffff;
|
2018-12-03 12:40:13 -05:00
|
|
|
f = c * exp((double)a / b);
|
2010-05-14 11:09:16 +03:00
|
|
|
return (uint32_t)myround(f);
|
2010-05-12 18:26:02 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int32_t cli_bcapi_isin(struct cli_bc_ctx *ctx, int32_t a, int32_t b, int32_t c)
|
|
|
|
|
{
|
|
|
|
|
double f;
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(ctx);
|
2010-05-12 18:26:02 +03:00
|
|
|
if (!b)
|
2014-01-16 17:57:21 -05:00
|
|
|
return 0x7fffffff;
|
2018-12-03 12:40:13 -05:00
|
|
|
f = c * sin((double)a / b);
|
2010-05-14 11:09:16 +03:00
|
|
|
return (int32_t)myround(f);
|
2010-05-12 18:26:02 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int32_t cli_bcapi_icos(struct cli_bc_ctx *ctx, int32_t a, int32_t b, int32_t c)
|
|
|
|
|
{
|
|
|
|
|
double f;
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(ctx);
|
2010-05-12 18:26:02 +03:00
|
|
|
if (!b)
|
2014-01-16 17:57:21 -05:00
|
|
|
return 0x7fffffff;
|
2018-12-03 12:40:13 -05:00
|
|
|
f = c * cos((double)a / b);
|
2010-05-14 11:09:16 +03:00
|
|
|
return (int32_t)myround(f);
|
2010-05-12 18:26:02 +03:00
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_memstr(struct cli_bc_ctx *ctx, const uint8_t *h, int32_t hs,
|
|
|
|
|
const uint8_t *n, int32_t ns)
|
2010-05-12 18:26:02 +03:00
|
|
|
{
|
|
|
|
|
const uint8_t *s;
|
2010-10-18 10:35:29 +03:00
|
|
|
if (!h || !n || hs < 0 || ns < 0) {
|
2014-01-16 17:57:21 -05:00
|
|
|
API_MISUSE();
|
|
|
|
|
return -1;
|
2010-10-18 10:35:29 +03:00
|
|
|
}
|
|
|
|
|
cli_event_fastdata(EV, BCEV_MEM_1, h, hs);
|
|
|
|
|
cli_event_fastdata(EV, BCEV_MEM_2, n, ns);
|
2018-12-03 12:40:13 -05:00
|
|
|
s = (const uint8_t *)cli_memstr((const char *)h, hs, (const char *)n, ns);
|
2010-05-12 18:26:02 +03:00
|
|
|
if (!s)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-05-12 18:26:02 +03:00
|
|
|
return s - h;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int32_t cli_bcapi_hex2ui(struct cli_bc_ctx *ctx, uint32_t ah, uint32_t bh)
|
|
|
|
|
{
|
2010-08-02 15:42:58 +03:00
|
|
|
char result = 0;
|
2010-05-12 18:26:02 +03:00
|
|
|
unsigned char in[2];
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(ctx);
|
|
|
|
|
|
2010-05-12 18:26:02 +03:00
|
|
|
in[0] = ah;
|
|
|
|
|
in[1] = bh;
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
if (cli_hex2str_to((const char *)in, &result, 2) == -1)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-05-12 18:26:02 +03:00
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_atoi(struct cli_bc_ctx *ctx, const uint8_t *str, int32_t len)
|
2010-05-12 18:26:02 +03:00
|
|
|
{
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t number = 0;
|
2010-05-12 18:26:02 +03:00
|
|
|
const uint8_t *end = str + len;
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(ctx);
|
|
|
|
|
|
2010-05-12 18:26:02 +03:00
|
|
|
while (isspace(*str) && str < end) str++;
|
|
|
|
|
if (str == end)
|
2018-12-03 12:40:13 -05:00
|
|
|
return -1; /* all spaces */
|
2010-05-12 18:26:02 +03:00
|
|
|
if (*str == '+') str++;
|
|
|
|
|
if (str == end)
|
2018-12-03 12:40:13 -05:00
|
|
|
return -1; /* all spaces and +*/
|
2010-05-12 18:26:02 +03:00
|
|
|
if (*str == '-')
|
2018-12-03 12:40:13 -05:00
|
|
|
return -1; /* only positive numbers */
|
2010-05-12 18:26:02 +03:00
|
|
|
if (!isdigit(*str))
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-05-12 18:26:02 +03:00
|
|
|
while (isdigit(*str) && str < end) {
|
2018-12-03 12:40:13 -05:00
|
|
|
number = number * 10 + (*str - '0');
|
2010-05-12 18:26:02 +03:00
|
|
|
}
|
|
|
|
|
return number;
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
uint32_t cli_bcapi_debug_print_str_start(struct cli_bc_ctx *ctx, const uint8_t *s, uint32_t len)
|
2010-05-12 18:26:02 +03:00
|
|
|
{
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(ctx);
|
|
|
|
|
|
2010-05-12 18:26:02 +03:00
|
|
|
if (!s || len <= 0)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-10-18 10:35:29 +03:00
|
|
|
cli_event_fastdata(EV, BCEV_DBG_STR, s, len);
|
2010-05-13 00:27:00 +03:00
|
|
|
cli_dbgmsg("bytecode debug: %.*s", len, s);
|
2010-05-12 18:26:02 +03:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
uint32_t cli_bcapi_debug_print_str_nonl(struct cli_bc_ctx *ctx, const uint8_t *s, uint32_t len)
|
2010-05-12 18:26:02 +03:00
|
|
|
{
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(ctx);
|
|
|
|
|
|
2010-05-12 18:26:02 +03:00
|
|
|
if (!s || len <= 0)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-05-13 20:02:02 +03:00
|
|
|
if (!cli_debug_flag)
|
2014-01-16 17:57:21 -05:00
|
|
|
return 0;
|
2010-05-13 00:27:00 +03:00
|
|
|
return fwrite(s, 1, len, stderr);
|
2010-05-12 18:26:02 +03:00
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
uint32_t cli_bcapi_entropy_buffer(struct cli_bc_ctx *ctx, uint8_t *s, int32_t len)
|
2010-05-12 18:26:02 +03:00
|
|
|
{
|
|
|
|
|
uint32_t probTable[256];
|
2014-07-10 18:11:49 -04:00
|
|
|
unsigned int i;
|
2010-05-12 18:26:02 +03:00
|
|
|
double entropy = 0;
|
2018-12-03 12:40:13 -05:00
|
|
|
double log2 = log(2);
|
2010-05-12 18:26:02 +03:00
|
|
|
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(ctx);
|
|
|
|
|
|
2010-05-12 18:26:02 +03:00
|
|
|
if (!s || len <= 0)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-05-12 18:26:02 +03:00
|
|
|
memset(probTable, 0, sizeof(probTable));
|
2018-12-03 12:40:13 -05:00
|
|
|
for (i = 0; i < (unsigned int)len; i++) {
|
2014-01-16 17:57:21 -05:00
|
|
|
probTable[s[i]]++;
|
2010-05-12 18:26:02 +03:00
|
|
|
}
|
2018-12-03 12:40:13 -05:00
|
|
|
for (i = 0; i < 256; i++) {
|
2014-01-16 17:57:21 -05:00
|
|
|
double p;
|
|
|
|
|
if (!probTable[i])
|
|
|
|
|
continue;
|
|
|
|
|
p = (double)probTable[i] / len;
|
2018-12-03 12:40:13 -05:00
|
|
|
entropy += -p * log(p) / log2;
|
2010-05-12 18:26:02 +03:00
|
|
|
}
|
2018-12-03 12:40:13 -05:00
|
|
|
entropy *= 1 << 26;
|
2010-05-12 18:26:02 +03:00
|
|
|
return (uint32_t)entropy;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int32_t cli_bcapi_map_new(struct cli_bc_ctx *ctx, int32_t keysize, int32_t valuesize)
|
|
|
|
|
{
|
2018-12-03 12:40:13 -05:00
|
|
|
unsigned n = ctx->nmaps + 1;
|
2010-05-13 23:35:47 +03:00
|
|
|
struct cli_map *s;
|
|
|
|
|
if (!keysize)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2018-12-03 12:40:13 -05:00
|
|
|
s = cli_realloc(ctx->maps, sizeof(*ctx->maps) * n);
|
2010-05-13 23:35:47 +03:00
|
|
|
if (!s)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2018-12-03 12:40:13 -05:00
|
|
|
ctx->maps = s;
|
2010-05-12 18:26:02 +03:00
|
|
|
ctx->nmaps = n;
|
2018-12-03 12:40:13 -05:00
|
|
|
s = &s[n - 1];
|
2010-05-12 18:26:02 +03:00
|
|
|
cli_map_init(s, keysize, valuesize, 16);
|
2018-12-03 12:40:13 -05:00
|
|
|
return n - 1;
|
2010-05-12 18:26:02 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static struct cli_map *get_hashtab(struct cli_bc_ctx *ctx, int32_t id)
|
|
|
|
|
{
|
2014-07-10 18:11:49 -04:00
|
|
|
if (id < 0 || (unsigned int)id >= ctx->nmaps || !ctx->maps)
|
2014-01-16 17:57:21 -05:00
|
|
|
return NULL;
|
2010-05-12 18:26:02 +03:00
|
|
|
return &ctx->maps[id];
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_map_addkey(struct cli_bc_ctx *ctx, const uint8_t *key, int32_t keysize, int32_t id)
|
2010-05-12 18:26:02 +03:00
|
|
|
{
|
|
|
|
|
struct cli_map *s = get_hashtab(ctx, id);
|
|
|
|
|
if (!s)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-05-12 18:26:02 +03:00
|
|
|
return cli_map_addkey(s, key, keysize);
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_map_setvalue(struct cli_bc_ctx *ctx, const uint8_t *value, int32_t valuesize, int32_t id)
|
2010-05-12 18:26:02 +03:00
|
|
|
{
|
|
|
|
|
struct cli_map *s = get_hashtab(ctx, id);
|
|
|
|
|
if (!s)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-05-12 18:26:02 +03:00
|
|
|
return cli_map_setvalue(s, value, valuesize);
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_map_remove(struct cli_bc_ctx *ctx, const uint8_t *key, int32_t keysize, int32_t id)
|
2010-05-12 18:26:02 +03:00
|
|
|
{
|
|
|
|
|
struct cli_map *s = get_hashtab(ctx, id);
|
|
|
|
|
if (!s)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-05-12 18:26:02 +03:00
|
|
|
return cli_map_removekey(s, key, keysize);
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_map_find(struct cli_bc_ctx *ctx, const uint8_t *key, int32_t keysize, int32_t id)
|
2010-05-12 18:26:02 +03:00
|
|
|
{
|
|
|
|
|
struct cli_map *s = get_hashtab(ctx, id);
|
|
|
|
|
if (!s)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-05-12 18:26:02 +03:00
|
|
|
return cli_map_find(s, key, keysize);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int32_t cli_bcapi_map_getvaluesize(struct cli_bc_ctx *ctx, int32_t id)
|
|
|
|
|
{
|
|
|
|
|
struct cli_map *s = get_hashtab(ctx, id);
|
|
|
|
|
if (!s)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-05-12 18:26:02 +03:00
|
|
|
return cli_map_getvalue_size(s);
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
uint8_t *cli_bcapi_map_getvalue(struct cli_bc_ctx *ctx, int32_t id, int32_t valuesize)
|
2010-05-12 18:26:02 +03:00
|
|
|
{
|
|
|
|
|
struct cli_map *s = get_hashtab(ctx, id);
|
|
|
|
|
if (!s)
|
2014-01-16 17:57:21 -05:00
|
|
|
return NULL;
|
2010-05-12 18:26:02 +03:00
|
|
|
if (cli_map_getvalue_size(s) != valuesize)
|
2014-01-16 17:57:21 -05:00
|
|
|
return NULL;
|
2010-05-12 18:26:02 +03:00
|
|
|
return cli_map_getvalue(s);
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_map_done(struct cli_bc_ctx *ctx, int32_t id)
|
2010-05-12 18:26:02 +03:00
|
|
|
{
|
|
|
|
|
struct cli_map *s = get_hashtab(ctx, id);
|
|
|
|
|
if (!s)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-05-12 18:26:02 +03:00
|
|
|
cli_map_delete(s);
|
2018-12-03 12:40:13 -05:00
|
|
|
if ((unsigned int)id == ctx->nmaps - 1) {
|
2014-01-16 17:57:21 -05:00
|
|
|
ctx->nmaps--;
|
|
|
|
|
if (!ctx->nmaps) {
|
|
|
|
|
free(ctx->maps);
|
|
|
|
|
ctx->maps = NULL;
|
|
|
|
|
} else {
|
2018-12-03 12:40:13 -05:00
|
|
|
s = cli_realloc(ctx->maps, ctx->nmaps * (sizeof(*s)));
|
2014-01-16 17:57:21 -05:00
|
|
|
if (s)
|
|
|
|
|
ctx->maps = s;
|
|
|
|
|
}
|
2010-05-12 18:26:02 +03:00
|
|
|
}
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
uint32_t cli_bcapi_engine_functionality_level(struct cli_bc_ctx *ctx)
|
|
|
|
|
{
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(ctx);
|
2010-05-12 18:26:02 +03:00
|
|
|
return cl_retflevel();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
uint32_t cli_bcapi_engine_dconf_level(struct cli_bc_ctx *ctx)
|
|
|
|
|
{
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(ctx);
|
2010-05-12 18:26:02 +03:00
|
|
|
return CL_FLEVEL_DCONF;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
uint32_t cli_bcapi_engine_scan_options(struct cli_bc_ctx *ctx)
|
|
|
|
|
{
|
2018-12-03 12:40:13 -05:00
|
|
|
cli_ctx *cctx = (cli_ctx *)ctx->ctx;
|
2018-07-20 22:28:48 -04:00
|
|
|
uint32_t options = CL_SCAN_RAW;
|
2018-12-03 12:40:13 -05:00
|
|
|
|
2018-07-20 22:28:48 -04:00
|
|
|
if (cctx->options->general & CL_SCAN_GENERAL_ALLMATCHES)
|
|
|
|
|
options |= CL_SCAN_ALLMATCHES;
|
|
|
|
|
if (cctx->options->general & CL_SCAN_GENERAL_HEURISTICS)
|
|
|
|
|
options |= CL_SCAN_ALGORITHMIC;
|
|
|
|
|
if (cctx->options->general & CL_SCAN_GENERAL_COLLECT_METADATA)
|
|
|
|
|
options |= CL_SCAN_FILE_PROPERTIES;
|
|
|
|
|
if (cctx->options->general & CL_SCAN_GENERAL_HEURISTIC_PRECEDENCE)
|
|
|
|
|
options |= CL_SCAN_HEURISTIC_PRECEDENCE;
|
|
|
|
|
|
|
|
|
|
if (cctx->options->parse & CL_SCAN_PARSE_ARCHIVE)
|
|
|
|
|
options |= CL_SCAN_ARCHIVE;
|
|
|
|
|
if (cctx->options->parse & CL_SCAN_PARSE_ELF)
|
|
|
|
|
options |= CL_SCAN_ELF;
|
|
|
|
|
if (cctx->options->parse & CL_SCAN_PARSE_PDF)
|
|
|
|
|
options |= CL_SCAN_PDF;
|
|
|
|
|
if (cctx->options->parse & CL_SCAN_PARSE_SWF)
|
|
|
|
|
options |= CL_SCAN_SWF;
|
|
|
|
|
if (cctx->options->parse & CL_SCAN_PARSE_HWP3)
|
|
|
|
|
options |= CL_SCAN_HWP3;
|
|
|
|
|
if (cctx->options->parse & CL_SCAN_PARSE_XMLDOCS)
|
|
|
|
|
options |= CL_SCAN_XMLDOCS;
|
|
|
|
|
if (cctx->options->parse & CL_SCAN_PARSE_MAIL)
|
|
|
|
|
options |= CL_SCAN_MAIL;
|
|
|
|
|
if (cctx->options->parse & CL_SCAN_PARSE_OLE2)
|
|
|
|
|
options |= CL_SCAN_OLE2;
|
|
|
|
|
if (cctx->options->parse & CL_SCAN_PARSE_HTML)
|
|
|
|
|
options |= CL_SCAN_HTML;
|
|
|
|
|
if (cctx->options->parse & CL_SCAN_PARSE_PE)
|
|
|
|
|
options |= CL_SCAN_PE;
|
|
|
|
|
// if (cctx->options->parse & CL_SCAN_MAIL_URL)
|
|
|
|
|
// options |= CL_SCAN_MAILURL; /* deprecated circa 2009 */
|
|
|
|
|
|
|
|
|
|
if (cctx->options->heuristic & CL_SCAN_HEURISTIC_BROKEN)
|
|
|
|
|
options |= CL_SCAN_BLOCKBROKEN;
|
|
|
|
|
if (cctx->options->heuristic & CL_SCAN_HEURISTIC_EXCEEDS_MAX)
|
|
|
|
|
options |= CL_SCAN_BLOCKMAX;
|
|
|
|
|
if (cctx->options->heuristic & CL_SCAN_HEURISTIC_PHISHING_SSL_MISMATCH)
|
|
|
|
|
options |= CL_SCAN_PHISHING_BLOCKSSL;
|
|
|
|
|
if (cctx->options->heuristic & CL_SCAN_HEURISTIC_PHISHING_CLOAK)
|
|
|
|
|
options |= CL_SCAN_PHISHING_BLOCKCLOAK;
|
|
|
|
|
if (cctx->options->heuristic & CL_SCAN_HEURISTIC_MACROS)
|
|
|
|
|
options |= CL_SCAN_BLOCKMACROS;
|
2018-12-03 12:40:13 -05:00
|
|
|
if ((cctx->options->heuristic & CL_SCAN_HEURISTIC_ENCRYPTED_ARCHIVE) ||
|
2018-10-10 06:02:28 -07:00
|
|
|
(cctx->options->heuristic & CL_SCAN_HEURISTIC_ENCRYPTED_DOC))
|
2018-07-20 22:28:48 -04:00
|
|
|
options |= CL_SCAN_BLOCKENCRYPTED;
|
|
|
|
|
if (cctx->options->heuristic & CL_SCAN_HEURISTIC_PARTITION_INTXN)
|
|
|
|
|
options |= CL_SCAN_PARTITION_INTXN;
|
|
|
|
|
if (cctx->options->heuristic & CL_SCAN_HEURISTIC_STRUCTURED)
|
|
|
|
|
options |= CL_SCAN_STRUCTURED;
|
|
|
|
|
if (cctx->options->heuristic & CL_SCAN_HEURISTIC_STRUCTURED_SSN_NORMAL)
|
|
|
|
|
options |= CL_SCAN_STRUCTURED_SSN_NORMAL;
|
|
|
|
|
if (cctx->options->heuristic & CL_SCAN_HEURISTIC_STRUCTURED_SSN_STRIPPED)
|
|
|
|
|
options |= CL_SCAN_STRUCTURED_SSN_STRIPPED;
|
|
|
|
|
|
|
|
|
|
if (cctx->options->mail & CL_SCAN_MAIL_PARTIAL_MESSAGE)
|
|
|
|
|
options |= CL_SCAN_PARTIAL_MESSAGE;
|
|
|
|
|
|
|
|
|
|
if (cctx->options->dev & CL_SCAN_DEV_COLLECT_SHA)
|
|
|
|
|
options |= CL_SCAN_INTERNAL_COLLECT_SHA;
|
|
|
|
|
if (cctx->options->dev & CL_SCAN_DEV_COLLECT_PERFORMANCE_INFO)
|
|
|
|
|
options |= CL_SCAN_PERFORMANCE_INFO;
|
|
|
|
|
|
|
|
|
|
return options;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
uint32_t cli_bcapi_engine_scan_options_ex(struct cli_bc_ctx *ctx, const uint8_t *option_name, uint32_t name_len)
|
|
|
|
|
{
|
2018-12-03 12:40:13 -05:00
|
|
|
uint32_t i = 0;
|
2018-11-14 16:58:30 -05:00
|
|
|
uint32_t result = 0;
|
2018-07-20 22:28:48 -04:00
|
|
|
char *option_name_l = NULL;
|
|
|
|
|
|
|
|
|
|
if (ctx == NULL || option_name == NULL || name_len == 0) {
|
2019-05-05 15:03:13 -04:00
|
|
|
cli_warnmsg("engine_scan_options_ex: Invalid arguments!\n");
|
|
|
|
|
goto done;
|
2018-07-20 22:28:48 -04:00
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
cli_ctx *cctx = (cli_ctx *)ctx->ctx;
|
2018-07-20 22:28:48 -04:00
|
|
|
if (cctx == NULL || cctx->options == NULL) {
|
2019-05-05 15:03:13 -04:00
|
|
|
cli_warnmsg("engine_scan_options_ex: Invalid arguments!\n");
|
|
|
|
|
goto done;
|
2018-07-20 22:28:48 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
option_name_l = malloc(name_len + 1);
|
2019-05-05 15:03:13 -04:00
|
|
|
if (NULL == option_name_l) {
|
|
|
|
|
cli_warnmsg("Failed to allocate memory for option name.\n");
|
|
|
|
|
goto done;
|
|
|
|
|
}
|
|
|
|
|
|
2018-07-20 22:28:48 -04:00
|
|
|
for (i = 0; i < name_len; i++) {
|
|
|
|
|
option_name_l[0] = tolower(option_name[i]);
|
|
|
|
|
}
|
|
|
|
|
option_name_l[name_len] = '\0';
|
|
|
|
|
|
|
|
|
|
if (strncmp(option_name_l, "general", MIN(name_len, sizeof("general")))) {
|
|
|
|
|
if (cli_memstr(option_name_l, name_len, "allmatch", sizeof("allmatch"))) {
|
2018-11-14 16:58:30 -05:00
|
|
|
result = (cctx->options->general & CL_SCAN_GENERAL_ALLMATCHES) ? 1 : 0;
|
|
|
|
|
} else if (cli_memstr(option_name_l, name_len, "collect metadata", sizeof("collect metadata"))) {
|
|
|
|
|
result = (cctx->options->general & CL_SCAN_GENERAL_COLLECT_METADATA) ? 1 : 0;
|
|
|
|
|
} else if (cli_memstr(option_name_l, name_len, "heuristics", sizeof("heuristics"))) {
|
|
|
|
|
result = (cctx->options->general & CL_SCAN_GENERAL_HEURISTICS) ? 1 : 0;
|
|
|
|
|
} else if (cli_memstr(option_name_l, name_len, "precedence", sizeof("precedence"))) {
|
|
|
|
|
result = (cctx->options->general & CL_SCAN_GENERAL_HEURISTIC_PRECEDENCE) ? 1 : 0;
|
2018-07-20 22:28:48 -04:00
|
|
|
}
|
|
|
|
|
/* else unknown option */
|
2018-12-03 12:40:13 -05:00
|
|
|
} else if (strncmp(option_name_l, "parse", MIN(name_len, sizeof("parse")))) {
|
2018-07-20 22:28:48 -04:00
|
|
|
if (cli_memstr(option_name_l, name_len, "archive", sizeof("archive"))) {
|
2018-11-14 16:58:30 -05:00
|
|
|
result = (cctx->options->parse & CL_SCAN_PARSE_ARCHIVE) ? 1 : 0;
|
|
|
|
|
} else if (cli_memstr(option_name_l, name_len, "elf", sizeof("elf"))) {
|
|
|
|
|
result = (cctx->options->parse & CL_SCAN_PARSE_ELF) ? 1 : 0;
|
|
|
|
|
} else if (cli_memstr(option_name_l, name_len, "pdf", sizeof("pdf"))) {
|
|
|
|
|
result = (cctx->options->parse & CL_SCAN_PARSE_PDF) ? 1 : 0;
|
|
|
|
|
} else if (cli_memstr(option_name_l, name_len, "swf", sizeof("swf"))) {
|
|
|
|
|
result = (cctx->options->parse & CL_SCAN_PARSE_SWF) ? 1 : 0;
|
|
|
|
|
} else if (cli_memstr(option_name_l, name_len, "hwp3", sizeof("hwp3"))) {
|
|
|
|
|
result = (cctx->options->parse & CL_SCAN_PARSE_HWP3) ? 1 : 0;
|
|
|
|
|
} else if (cli_memstr(option_name_l, name_len, "xmldocs", sizeof("xmldocs"))) {
|
|
|
|
|
result = (cctx->options->parse & CL_SCAN_PARSE_XMLDOCS) ? 1 : 0;
|
|
|
|
|
} else if (cli_memstr(option_name_l, name_len, "mail", sizeof("mail"))) {
|
|
|
|
|
result = (cctx->options->parse & CL_SCAN_PARSE_MAIL) ? 1 : 0;
|
|
|
|
|
} else if (cli_memstr(option_name_l, name_len, "ole2", sizeof("ole2"))) {
|
|
|
|
|
result = (cctx->options->parse & CL_SCAN_PARSE_OLE2) ? 1 : 0;
|
|
|
|
|
} else if (cli_memstr(option_name_l, name_len, "html", sizeof("html"))) {
|
|
|
|
|
result = (cctx->options->parse & CL_SCAN_PARSE_HTML) ? 1 : 0;
|
|
|
|
|
} else if (cli_memstr(option_name_l, name_len, "pe", sizeof("pe"))) {
|
|
|
|
|
result = (cctx->options->parse & CL_SCAN_PARSE_PE) ? 1 : 0;
|
2018-07-20 22:28:48 -04:00
|
|
|
}
|
|
|
|
|
/* else unknown option */
|
2018-12-03 12:40:13 -05:00
|
|
|
} else if (strncmp(option_name_l, "heuristic", MIN(name_len, sizeof("heuristic")))) {
|
2018-07-20 22:28:48 -04:00
|
|
|
if (cli_memstr(option_name_l, name_len, "broken", sizeof("broken"))) {
|
2018-11-14 16:58:30 -05:00
|
|
|
result = (cctx->options->heuristic & CL_SCAN_HEURISTIC_BROKEN) ? 1 : 0;
|
|
|
|
|
} else if (cli_memstr(option_name_l, name_len, "exceeds max", sizeof("exceeds max"))) {
|
|
|
|
|
result = (cctx->options->heuristic & CL_SCAN_HEURISTIC_EXCEEDS_MAX) ? 1 : 0;
|
|
|
|
|
} else if (cli_memstr(option_name_l, name_len, "phishing ssl mismatch", sizeof("phishing ssl mismatch"))) {
|
|
|
|
|
result = (cctx->options->heuristic & CL_SCAN_HEURISTIC_PHISHING_SSL_MISMATCH) ? 1 : 0;
|
|
|
|
|
} else if (cli_memstr(option_name_l, name_len, "phishing cloak", sizeof("phishing cloak"))) {
|
|
|
|
|
result = (cctx->options->heuristic & CL_SCAN_HEURISTIC_PHISHING_CLOAK) ? 1 : 0;
|
|
|
|
|
} else if (cli_memstr(option_name_l, name_len, "macros", sizeof("macros"))) {
|
|
|
|
|
result = (cctx->options->heuristic & CL_SCAN_HEURISTIC_MACROS) ? 1 : 0;
|
|
|
|
|
} else if (cli_memstr(option_name_l, name_len, "encrypted archive", sizeof("encrypted archive"))) {
|
|
|
|
|
result = (cctx->options->heuristic & CL_SCAN_HEURISTIC_ENCRYPTED_ARCHIVE) ? 1 : 0;
|
|
|
|
|
} else if (cli_memstr(option_name_l, name_len, "encrypted doc", sizeof("encrypted doc"))) {
|
|
|
|
|
result = (cctx->options->heuristic & CL_SCAN_HEURISTIC_ENCRYPTED_DOC) ? 1 : 0;
|
Add CMake build tooling
This patch adds experimental-quality CMake build tooling.
The libmspack build required a modification to use "" instead of <> for
header #includes. This will hopefully be included in the libmspack
upstream project when adding CMake build tooling to libmspack.
Removed use of libltdl when using CMake.
Flex & Bison are now required to build.
If -DMAINTAINER_MODE, then GPERF is also required, though it currently
doesn't actually do anything. TODO!
I found that the autotools build system was generating the lexer output
but not actually compiling it, instead using previously generated (and
manually renamed) lexer c source. As a consequence, changes to the .l
and .y files weren't making it into the build. To resolve this, I
removed generated flex/bison files and fixed the tooling to use the
freshly generated files. Flex and bison are now required build tools.
On Windows, this adds a dependency on the winflexbison package,
which can be obtained using Chocolatey or may be manually installed.
CMake tooling only has partial support for building with external LLVM
library, and no support for the internal LLVM (to be removed in the
future). I.e. The CMake build currently only supports the bytecode
interpreter.
Many files used include paths relative to the top source directory or
relative to the current project, rather than relative to each build
target. Modern CMake support requires including internal dependency
headers the same way you would external dependency headers (albeit
with "" instead of <>). This meant correcting all header includes to
be relative to the build targets and not relative to the workspace.
For example, ...
```c
include "../libclamav/clamav.h"
include "clamd/clamd_others.h"
```
... becomes:
```c
// libclamav
include "clamav.h"
// clamd
include "clamd_others.h"
```
Fixes header name conflicts by renaming a few of the files.
Converted the "shared" code into a static library, which depends on
libclamav. The ironically named "shared" static library provides
features common to the ClamAV apps which are not required in
libclamav itself and are not intended for use by downstream projects.
This change was required for correct modern CMake practices but was
also required to use the automake "subdir-objects" option.
This eliminates warnings when running autoreconf which, in the next
version of autoconf & automake are likely to break the build.
libclamav used to build in multiple stages where an earlier stage is
a static library containing utils required by the "shared" code.
Linking clamdscan and clamdtop with this libclamav utils static lib
allowed these two apps to function without libclamav. While this is
nice in theory, the practical gains are minimal and it complicates
the build system. As such, the autotools and CMake tooling was
simplified for improved maintainability and this feature was thrown
out. clamdtop and clamdscan now require libclamav to function.
Removed the nopthreads version of the autotools
libclamav_internal_utils static library and added pthread linking to
a couple apps that may have issues building on some platforms without
it, with the intention of removing needless complexity from the
source. Kept the regular version of libclamav_internal_utils.la
though it is no longer used anywhere but in libclamav.
Added an experimental doxygen build option which attempts to build
clamav.h and libfreshclam doxygen html docs.
The CMake build tooling also may build the example program(s), which
isn't a feature in the Autotools build system.
Changed C standard to C90+ due to inline linking issues with socket.h
when linking libfreshclam.so on Linux.
Generate common.rc for win32.
Fix tabs/spaces in shared Makefile.am, and remove vestigial ifndef
from misc.c.
Add CMake files to the automake dist, so users can try the new
CMake tooling w/out having to build from a git clone.
clamonacc changes:
- Renamed FANOTIFY macro to HAVE_SYS_FANOTIFY_H to better match other
similar macros.
- Added a new clamav-clamonacc.service systemd unit file, based on
the work of ChadDevOps & Aaron Brighton.
- Added missing clamonacc man page.
Updates to clamdscan man page, add missing options.
Remove vestigial CL_NOLIBCLAMAV definitions (all apps now use
libclamav).
Rename Windows mspack.dll to libmspack.dll so all ClamAV-built
libraries have the lib-prefix with Visual Studio as with CMake.
2020-08-13 00:25:34 -07:00
|
|
|
} else if (cli_memstr(option_name_l, name_len, "partition intersection", sizeof("partition intersection"))) {
|
2018-11-14 16:58:30 -05:00
|
|
|
result = (cctx->options->heuristic & CL_SCAN_HEURISTIC_PARTITION_INTXN) ? 1 : 0;
|
|
|
|
|
} else if (cli_memstr(option_name_l, name_len, "structured", sizeof("structured"))) {
|
|
|
|
|
result = (cctx->options->heuristic & CL_SCAN_HEURISTIC_STRUCTURED) ? 1 : 0;
|
|
|
|
|
} else if (cli_memstr(option_name_l, name_len, "structured ssn normal", sizeof("structured ssn normal"))) {
|
|
|
|
|
result = (cctx->options->heuristic & CL_SCAN_HEURISTIC_STRUCTURED_SSN_NORMAL) ? 1 : 0;
|
|
|
|
|
} else if (cli_memstr(option_name_l, name_len, "structured ssn stripped", sizeof("structured ssn stripped"))) {
|
|
|
|
|
result = (cctx->options->heuristic & CL_SCAN_HEURISTIC_STRUCTURED_SSN_STRIPPED) ? 1 : 0;
|
2018-07-20 22:28:48 -04:00
|
|
|
}
|
|
|
|
|
/* else unknown option */
|
2018-12-03 12:40:13 -05:00
|
|
|
} else if (strncmp(option_name_l, "mail", MIN(name_len, sizeof("mail")))) {
|
2018-07-20 22:28:48 -04:00
|
|
|
if (cli_memstr(option_name_l, name_len, "partial message", sizeof("partial message"))) {
|
2018-11-14 16:58:30 -05:00
|
|
|
result = (cctx->options->mail & CL_SCAN_MAIL_PARTIAL_MESSAGE) ? 1 : 0;
|
2018-07-20 22:28:48 -04:00
|
|
|
}
|
|
|
|
|
/* else unknown option */
|
2018-12-03 12:40:13 -05:00
|
|
|
} else if (strncmp(option_name_l, "dev", MIN(name_len, sizeof("dev")))) {
|
2018-07-20 22:28:48 -04:00
|
|
|
if (cli_memstr(option_name_l, name_len, "collect sha", sizeof("collect sha"))) {
|
2018-11-14 16:58:30 -05:00
|
|
|
result = (cctx->options->dev & CL_SCAN_DEV_COLLECT_SHA) ? 1 : 0;
|
|
|
|
|
} else if (cli_memstr(option_name_l, name_len, "collect performance info", sizeof("collect performance info"))) {
|
|
|
|
|
result = (cctx->options->dev & CL_SCAN_DEV_COLLECT_PERFORMANCE_INFO) ? 1 : 0;
|
2018-07-20 22:28:48 -04:00
|
|
|
}
|
|
|
|
|
/* else unknown option */
|
|
|
|
|
}
|
2018-11-14 16:58:30 -05:00
|
|
|
/* else unknown option */
|
|
|
|
|
|
2019-05-05 15:03:13 -04:00
|
|
|
done:
|
|
|
|
|
|
2018-11-14 16:58:30 -05:00
|
|
|
if (NULL != option_name_l)
|
|
|
|
|
free(option_name_l);
|
|
|
|
|
|
|
|
|
|
return result;
|
2010-05-12 18:26:02 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
uint32_t cli_bcapi_engine_db_options(struct cli_bc_ctx *ctx)
|
|
|
|
|
{
|
2018-12-03 12:40:13 -05:00
|
|
|
cli_ctx *cctx = (cli_ctx *)ctx->ctx;
|
2010-05-12 18:26:02 +03:00
|
|
|
return cctx->engine->dboptions;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int32_t cli_bcapi_extract_set_container(struct cli_bc_ctx *ctx, uint32_t ftype)
|
|
|
|
|
{
|
|
|
|
|
if (ftype > CL_TYPE_IGNORED)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-05-12 18:26:02 +03:00
|
|
|
ctx->containertype = ftype;
|
2010-05-13 00:27:00 +03:00
|
|
|
return 0;
|
2010-05-12 18:26:02 +03:00
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_input_switch(struct cli_bc_ctx *ctx, int32_t extracted_file)
|
2010-05-12 18:26:02 +03:00
|
|
|
{
|
|
|
|
|
fmap_t *map;
|
2020-02-29 18:28:39 -05:00
|
|
|
if (0 == extracted_file) {
|
|
|
|
|
/*
|
|
|
|
|
* Set input back to original fmap.
|
|
|
|
|
*/
|
|
|
|
|
if (0 == ctx->extracted_file_input) {
|
|
|
|
|
/* Input already set to original fmap, nothing to do. */
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Free the fmap used for the extracted file */
|
|
|
|
|
funmap(ctx->fmap);
|
|
|
|
|
|
|
|
|
|
/* Restore pointer to original fmap */
|
|
|
|
|
cli_bytecode_context_setfile(ctx, ctx->save_map);
|
|
|
|
|
ctx->save_map = NULL;
|
|
|
|
|
|
2014-01-16 17:57:21 -05:00
|
|
|
ctx->extracted_file_input = 0;
|
2020-02-29 18:28:39 -05:00
|
|
|
cli_dbgmsg("bytecode api: input switched back to main file\n");
|
|
|
|
|
return 0;
|
|
|
|
|
} else {
|
|
|
|
|
/*
|
|
|
|
|
* Set input to extracted file.
|
|
|
|
|
*/
|
|
|
|
|
if (1 == ctx->extracted_file_input) {
|
|
|
|
|
/* Input already set to extracted file, nothing to do. */
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (ctx->outfd < 0) {
|
|
|
|
|
/* no valid fd to switch to use for fmap */
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Create fmap for the extracted file */
|
2020-03-19 21:23:54 -04:00
|
|
|
map = fmap(ctx->outfd, 0, 0, NULL);
|
2020-02-29 18:28:39 -05:00
|
|
|
if (!map) {
|
|
|
|
|
cli_warnmsg("can't mmap() extracted temporary file %s\n", ctx->tempfile);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Save off pointer to original fmap */
|
|
|
|
|
ctx->save_map = ctx->fmap;
|
|
|
|
|
cli_bytecode_context_setfile(ctx, map);
|
|
|
|
|
|
|
|
|
|
ctx->extracted_file_input = 1;
|
|
|
|
|
cli_dbgmsg("bytecode api: input switched to extracted file\n");
|
2014-01-16 17:57:21 -05:00
|
|
|
return 0;
|
2010-05-12 18:26:02 +03:00
|
|
|
}
|
|
|
|
|
}
|
2010-07-29 13:40:13 +03:00
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
uint32_t cli_bcapi_get_environment(struct cli_bc_ctx *ctx, struct cli_environment *env, uint32_t len)
|
2010-07-29 13:40:13 +03:00
|
|
|
{
|
|
|
|
|
if (len > sizeof(*env)) {
|
2014-05-06 15:26:30 -04:00
|
|
|
cli_dbgmsg("cli_bcapi_get_environment len %u > %lu\n", len, (unsigned long)sizeof(*env));
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-07-29 13:40:13 +03:00
|
|
|
}
|
|
|
|
|
memcpy(env, ctx->env, len);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
uint32_t cli_bcapi_disable_bytecode_if(struct cli_bc_ctx *ctx, const int8_t *reason, uint32_t len, uint32_t cond)
|
2010-07-29 13:40:13 +03:00
|
|
|
{
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(len);
|
2010-07-29 13:40:13 +03:00
|
|
|
if (ctx->bc->kind != BC_STARTUP) {
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_dbgmsg("Bytecode must be BC_STARTUP to call disable_bytecode_if\n");
|
|
|
|
|
return -1;
|
2010-07-29 13:40:13 +03:00
|
|
|
}
|
|
|
|
|
if (!cond)
|
2014-01-16 17:57:21 -05:00
|
|
|
return ctx->bytecode_disable_status;
|
2010-07-29 13:40:13 +03:00
|
|
|
if (*reason == '^')
|
2018-12-03 12:40:13 -05:00
|
|
|
cli_warnmsg("Bytecode: disabling completely because %s\n", reason + 1);
|
2010-07-29 13:40:13 +03:00
|
|
|
else
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_dbgmsg("Bytecode: disabling completely because %s\n", reason);
|
2010-07-29 13:40:13 +03:00
|
|
|
ctx->bytecode_disable_status = 2;
|
|
|
|
|
return ctx->bytecode_disable_status;
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
uint32_t cli_bcapi_disable_jit_if(struct cli_bc_ctx *ctx, const int8_t *reason, uint32_t len, uint32_t cond)
|
2010-07-29 13:40:13 +03:00
|
|
|
{
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(len);
|
2010-07-29 13:40:13 +03:00
|
|
|
if (ctx->bc->kind != BC_STARTUP) {
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_dbgmsg("Bytecode must be BC_STARTUP to call disable_jit_if\n");
|
|
|
|
|
return -1;
|
2010-07-29 13:40:13 +03:00
|
|
|
}
|
|
|
|
|
if (!cond)
|
2014-01-16 17:57:21 -05:00
|
|
|
return ctx->bytecode_disable_status;
|
2010-07-29 13:40:13 +03:00
|
|
|
if (*reason == '^')
|
2018-12-03 12:40:13 -05:00
|
|
|
cli_warnmsg("Bytecode: disabling JIT because %s\n", reason + 1);
|
2010-07-29 13:40:13 +03:00
|
|
|
else
|
2014-01-16 17:57:21 -05:00
|
|
|
cli_dbgmsg("Bytecode: disabling JIT because %s\n", reason);
|
2010-07-29 13:40:13 +03:00
|
|
|
if (ctx->bytecode_disable_status != 2) /* no reenabling */
|
2014-01-16 17:57:21 -05:00
|
|
|
ctx->bytecode_disable_status = 1;
|
2010-07-29 13:40:13 +03:00
|
|
|
return ctx->bytecode_disable_status;
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_version_compare(struct cli_bc_ctx *ctx, const uint8_t *lhs, uint32_t lhs_len,
|
|
|
|
|
const uint8_t *rhs, uint32_t rhs_len)
|
2010-07-29 13:40:13 +03:00
|
|
|
{
|
|
|
|
|
unsigned i = 0, j = 0;
|
2018-12-03 12:40:13 -05:00
|
|
|
unsigned long li = 0, ri = 0;
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(ctx);
|
2010-07-29 13:40:13 +03:00
|
|
|
do {
|
2014-01-16 17:57:21 -05:00
|
|
|
while (i < lhs_len && j < rhs_len && lhs[i] == rhs[j] &&
|
|
|
|
|
!isdigit(lhs[i]) && !isdigit(rhs[j])) {
|
2018-12-03 12:40:13 -05:00
|
|
|
i++;
|
|
|
|
|
j++;
|
2014-01-16 17:57:21 -05:00
|
|
|
}
|
|
|
|
|
if (i == lhs_len && j == rhs_len)
|
|
|
|
|
return 0;
|
|
|
|
|
if (i == lhs_len)
|
|
|
|
|
return -1;
|
|
|
|
|
if (j == rhs_len)
|
|
|
|
|
return 1;
|
|
|
|
|
if (!isdigit(lhs[i]) || !isdigit(rhs[j]))
|
|
|
|
|
return lhs[i] < rhs[j] ? -1 : 1;
|
|
|
|
|
while (isdigit(lhs[i]) && i < lhs_len)
|
2018-12-03 12:40:13 -05:00
|
|
|
li = 10 * li + (lhs[i++] - '0');
|
2014-01-16 17:57:21 -05:00
|
|
|
while (isdigit(rhs[j]) && j < rhs_len)
|
2018-12-03 12:40:13 -05:00
|
|
|
ri = 10 * ri + (rhs[j++] - '0');
|
2014-01-16 17:57:21 -05:00
|
|
|
if (li < ri)
|
|
|
|
|
return -1;
|
|
|
|
|
if (li > ri)
|
|
|
|
|
return 1;
|
2010-07-29 13:40:13 +03:00
|
|
|
} while (1);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int check_bits(uint32_t query, uint32_t value, uint8_t shift, uint8_t mask)
|
|
|
|
|
{
|
2018-12-03 12:40:13 -05:00
|
|
|
uint8_t q = (query >> shift) & mask;
|
|
|
|
|
uint8_t v = (value >> shift) & mask;
|
2010-07-29 13:40:13 +03:00
|
|
|
/* q == mask -> ANY */
|
|
|
|
|
if (q == v || q == mask)
|
2014-01-16 17:57:21 -05:00
|
|
|
return 1;
|
2010-07-29 13:40:13 +03:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
uint32_t cli_bcapi_check_platform(struct cli_bc_ctx *ctx, uint32_t a, uint32_t b, uint32_t c)
|
2010-07-29 13:40:13 +03:00
|
|
|
{
|
|
|
|
|
unsigned ret =
|
2014-01-16 17:57:21 -05:00
|
|
|
check_bits(a, ctx->env->platform_id_a, 24, 0xff) &&
|
|
|
|
|
check_bits(a, ctx->env->platform_id_a, 20, 0xf) &&
|
|
|
|
|
check_bits(a, ctx->env->platform_id_a, 16, 0xf) &&
|
|
|
|
|
check_bits(a, ctx->env->platform_id_a, 8, 0xff) &&
|
|
|
|
|
check_bits(a, ctx->env->platform_id_a, 0, 0xff) &&
|
|
|
|
|
check_bits(b, ctx->env->platform_id_b, 28, 0xf) &&
|
|
|
|
|
check_bits(b, ctx->env->platform_id_b, 24, 0xf) &&
|
|
|
|
|
check_bits(b, ctx->env->platform_id_b, 16, 0xff) &&
|
|
|
|
|
check_bits(b, ctx->env->platform_id_b, 8, 0xff) &&
|
|
|
|
|
check_bits(b, ctx->env->platform_id_b, 0, 0xff) &&
|
|
|
|
|
check_bits(c, ctx->env->platform_id_c, 24, 0xff) &&
|
|
|
|
|
check_bits(c, ctx->env->platform_id_c, 16, 0xff) &&
|
|
|
|
|
check_bits(c, ctx->env->platform_id_c, 8, 0xff) &&
|
|
|
|
|
check_bits(c, ctx->env->platform_id_c, 0, 0xff);
|
2010-07-29 13:40:13 +03:00
|
|
|
if (ret) {
|
2018-12-03 12:40:13 -05:00
|
|
|
cli_dbgmsg("check_platform(0x%08x,0x%08x,0x%08x) = match\n", a, b, c);
|
2010-07-29 13:40:13 +03:00
|
|
|
}
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
2010-08-02 15:42:58 +03:00
|
|
|
int cli_bytecode_context_setpdf(struct cli_bc_ctx *ctx, unsigned phase,
|
2014-01-16 17:57:21 -05:00
|
|
|
unsigned nobjs,
|
2018-08-14 14:00:31 -07:00
|
|
|
struct pdf_obj **objs, uint32_t *pdf_flags,
|
2014-01-16 17:57:21 -05:00
|
|
|
uint32_t pdfsize, uint32_t pdfstartoff)
|
2010-08-02 15:42:58 +03:00
|
|
|
{
|
2018-12-03 12:40:13 -05:00
|
|
|
ctx->pdf_nobjs = nobjs;
|
|
|
|
|
ctx->pdf_objs = objs;
|
|
|
|
|
ctx->pdf_flags = pdf_flags;
|
|
|
|
|
ctx->pdf_size = pdfsize;
|
2010-08-02 15:42:58 +03:00
|
|
|
ctx->pdf_startoff = pdfstartoff;
|
2018-12-03 12:40:13 -05:00
|
|
|
ctx->pdf_phase = phase;
|
2010-08-02 15:42:58 +03:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int32_t cli_bcapi_pdf_get_obj_num(struct cli_bc_ctx *ctx)
|
|
|
|
|
{
|
|
|
|
|
if (!ctx->pdf_phase)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-08-02 15:42:58 +03:00
|
|
|
return ctx->pdf_nobjs;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int32_t cli_bcapi_pdf_get_flags(struct cli_bc_ctx *ctx)
|
|
|
|
|
{
|
|
|
|
|
if (!ctx->pdf_phase)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-08-02 15:42:58 +03:00
|
|
|
return *ctx->pdf_flags;
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_pdf_set_flags(struct cli_bc_ctx *ctx, int32_t flags)
|
2010-08-02 15:42:58 +03:00
|
|
|
{
|
|
|
|
|
if (!ctx->pdf_phase)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-08-02 15:42:58 +03:00
|
|
|
cli_dbgmsg("cli_pdf: bytecode set_flags %08x -> %08x\n",
|
2014-01-16 17:57:21 -05:00
|
|
|
*ctx->pdf_flags,
|
|
|
|
|
flags);
|
2010-08-02 15:42:58 +03:00
|
|
|
*ctx->pdf_flags = flags;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_pdf_lookupobj(struct cli_bc_ctx *ctx, uint32_t objid)
|
2010-08-02 15:42:58 +03:00
|
|
|
{
|
|
|
|
|
unsigned i;
|
|
|
|
|
if (!ctx->pdf_phase)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2018-12-03 12:40:13 -05:00
|
|
|
for (i = 0; i < ctx->pdf_nobjs; i++) {
|
2018-08-14 14:00:31 -07:00
|
|
|
if (ctx->pdf_objs[i]->id == objid)
|
2014-01-16 17:57:21 -05:00
|
|
|
return i;
|
2010-08-02 15:42:58 +03:00
|
|
|
}
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
uint32_t cli_bcapi_pdf_getobjsize(struct cli_bc_ctx *ctx, int32_t objidx)
|
2010-08-02 15:42:58 +03:00
|
|
|
{
|
|
|
|
|
if (!ctx->pdf_phase ||
|
2014-07-10 18:11:49 -04:00
|
|
|
(uint32_t)objidx >= ctx->pdf_nobjs ||
|
2014-01-16 17:57:21 -05:00
|
|
|
ctx->pdf_phase == PDF_PHASE_POSTDUMP /* map is obj itself, no access to pdf anymore */
|
2018-12-03 12:40:13 -05:00
|
|
|
)
|
2014-01-16 17:57:21 -05:00
|
|
|
return 0;
|
2014-07-10 18:11:49 -04:00
|
|
|
if ((uint32_t)(objidx + 1) == ctx->pdf_nobjs)
|
2018-08-14 14:00:31 -07:00
|
|
|
return ctx->pdf_size - ctx->pdf_objs[objidx]->start;
|
2018-12-03 12:40:13 -05:00
|
|
|
return ctx->pdf_objs[objidx + 1]->start - ctx->pdf_objs[objidx]->start - 4;
|
2010-08-02 15:42:58 +03:00
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
const uint8_t *cli_bcapi_pdf_getobj(struct cli_bc_ctx *ctx, int32_t objidx, uint32_t amount)
|
2010-08-02 15:42:58 +03:00
|
|
|
{
|
|
|
|
|
uint32_t size = cli_bcapi_pdf_getobjsize(ctx, objidx);
|
|
|
|
|
if (amount > size)
|
2014-01-16 17:57:21 -05:00
|
|
|
return NULL;
|
2018-08-14 14:00:31 -07:00
|
|
|
return fmap_need_off(ctx->fmap, ctx->pdf_objs[objidx]->start, amount);
|
2010-08-02 15:42:58 +03:00
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_pdf_getobjid(struct cli_bc_ctx *ctx, int32_t objidx)
|
2010-08-02 15:42:58 +03:00
|
|
|
{
|
|
|
|
|
if (!ctx->pdf_phase ||
|
2014-07-10 18:11:49 -04:00
|
|
|
(uint32_t)objidx >= ctx->pdf_nobjs)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2018-08-14 14:00:31 -07:00
|
|
|
return ctx->pdf_objs[objidx]->id;
|
2010-08-02 15:42:58 +03:00
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_pdf_getobjflags(struct cli_bc_ctx *ctx, int32_t objidx)
|
2010-08-02 15:42:58 +03:00
|
|
|
{
|
|
|
|
|
if (!ctx->pdf_phase ||
|
2014-07-10 18:11:49 -04:00
|
|
|
(uint32_t)objidx >= ctx->pdf_nobjs)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2018-08-14 14:00:31 -07:00
|
|
|
return ctx->pdf_objs[objidx]->flags;
|
2010-08-02 15:42:58 +03:00
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_pdf_setobjflags(struct cli_bc_ctx *ctx, int32_t objidx, int32_t flags)
|
2010-08-02 15:42:58 +03:00
|
|
|
{
|
|
|
|
|
if (!ctx->pdf_phase ||
|
2014-07-10 18:11:49 -04:00
|
|
|
(uint32_t)objidx >= ctx->pdf_nobjs)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-08-02 15:42:58 +03:00
|
|
|
cli_dbgmsg("cli_pdf: bytecode setobjflags %08x -> %08x\n",
|
2018-08-14 14:00:31 -07:00
|
|
|
ctx->pdf_objs[objidx]->flags,
|
2014-01-16 17:57:21 -05:00
|
|
|
flags);
|
2018-08-14 14:00:31 -07:00
|
|
|
ctx->pdf_objs[objidx]->flags = flags;
|
2010-08-02 15:42:58 +03:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_pdf_get_offset(struct cli_bc_ctx *ctx, int32_t objidx)
|
2010-08-02 15:42:58 +03:00
|
|
|
{
|
|
|
|
|
if (!ctx->pdf_phase ||
|
2014-07-10 18:11:49 -04:00
|
|
|
(uint32_t)objidx >= ctx->pdf_nobjs)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2018-08-14 14:00:31 -07:00
|
|
|
return ctx->pdf_startoff + ctx->pdf_objs[objidx]->start;
|
2010-08-02 15:42:58 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int32_t cli_bcapi_pdf_get_phase(struct cli_bc_ctx *ctx)
|
|
|
|
|
{
|
|
|
|
|
return ctx->pdf_phase;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int32_t cli_bcapi_pdf_get_dumpedobjid(struct cli_bc_ctx *ctx)
|
|
|
|
|
{
|
|
|
|
|
if (ctx->pdf_phase != PDF_PHASE_POSTDUMP)
|
2014-01-16 17:57:21 -05:00
|
|
|
return -1;
|
2010-08-02 15:42:58 +03:00
|
|
|
return ctx->pdf_dumpedid;
|
|
|
|
|
}
|
2010-08-02 17:04:35 +03:00
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_running_on_jit(struct cli_bc_ctx *ctx)
|
2010-10-18 12:31:18 +03:00
|
|
|
{
|
|
|
|
|
ctx->no_diff = 1;
|
|
|
|
|
return ctx->on_jit;
|
|
|
|
|
}
|
2010-10-19 16:23:19 +03:00
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_get_file_reliability(struct cli_bc_ctx *ctx)
|
2010-10-19 16:23:19 +03:00
|
|
|
{
|
2018-12-03 12:40:13 -05:00
|
|
|
cli_ctx *cctx = (cli_ctx *)ctx->ctx;
|
2010-10-19 16:23:19 +03:00
|
|
|
return cctx ? cctx->corrupted_input : 3;
|
|
|
|
|
}
|
2014-05-06 15:26:30 -04:00
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_json_is_active(struct cli_bc_ctx *ctx)
|
2014-05-06 15:26:30 -04:00
|
|
|
{
|
|
|
|
|
#if HAVE_JSON
|
2018-12-03 12:40:13 -05:00
|
|
|
cli_ctx *cctx = (cli_ctx *)ctx->ctx;
|
2014-05-06 15:26:30 -04:00
|
|
|
if (cctx->properties != NULL) {
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
#else
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(ctx);
|
2014-05-06 15:26:30 -04:00
|
|
|
cli_dbgmsg("bytecode api: libjson is not enabled!\n");
|
|
|
|
|
#endif
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
static int32_t cli_bcapi_json_objs_init(struct cli_bc_ctx *ctx)
|
|
|
|
|
{
|
|
|
|
|
#if HAVE_JSON
|
2014-05-06 15:26:30 -04:00
|
|
|
unsigned n = ctx->njsonobjs + 1;
|
2014-06-03 11:47:57 -04:00
|
|
|
json_object **j, **jobjs = (json_object **)(ctx->jsonobjs);
|
2014-05-06 15:26:30 -04:00
|
|
|
cli_ctx *cctx = (cli_ctx *)ctx->ctx;
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
j = cli_realloc(jobjs, sizeof(json_object *) * n);
|
2014-05-06 15:26:30 -04:00
|
|
|
if (!j) { /* memory allocation failure */
|
|
|
|
|
cli_event_error_oom(EV, 0);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2018-12-03 12:40:13 -05:00
|
|
|
ctx->jsonobjs = (void **)j;
|
2014-05-06 15:26:30 -04:00
|
|
|
ctx->njsonobjs = n;
|
2018-12-03 12:40:13 -05:00
|
|
|
j[n - 1] = cctx->properties;
|
2014-05-06 15:26:30 -04:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
#else
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(ctx);
|
2014-05-06 15:26:30 -04:00
|
|
|
return -1;
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
#define INIT_JSON_OBJS(ctx) \
|
|
|
|
|
if (!cli_bcapi_json_is_active(ctx)) \
|
|
|
|
|
return -1; \
|
|
|
|
|
if (ctx->njsonobjs == 0) { \
|
|
|
|
|
if (cli_bcapi_json_objs_init(ctx)) { \
|
|
|
|
|
return -1; \
|
|
|
|
|
} \
|
|
|
|
|
}
|
2014-05-06 15:26:30 -04:00
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_json_get_object(struct cli_bc_ctx *ctx, const int8_t *name, int32_t name_len, int32_t objid)
|
2014-05-06 15:26:30 -04:00
|
|
|
{
|
|
|
|
|
#if HAVE_JSON
|
|
|
|
|
unsigned n;
|
2014-06-03 12:43:23 -04:00
|
|
|
json_object **j, *jobj, **jobjs;
|
2014-05-06 15:26:30 -04:00
|
|
|
char *namep;
|
|
|
|
|
|
|
|
|
|
INIT_JSON_OBJS(ctx);
|
2014-06-03 12:43:23 -04:00
|
|
|
jobjs = ((json_object **)(ctx->jsonobjs));
|
2014-07-10 18:11:49 -04:00
|
|
|
if (objid < 0 || (unsigned int)objid >= ctx->njsonobjs) {
|
2014-05-06 15:26:30 -04:00
|
|
|
cli_dbgmsg("bytecode api[json_get_object]: invalid json objid requested\n");
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!name || name_len < 0) {
|
|
|
|
|
cli_dbgmsg("bytecode api[json_get_object]: unnamed object queried\n");
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
n = ctx->njsonobjs + 1;
|
2014-06-03 11:19:01 -04:00
|
|
|
jobj = jobjs[objid];
|
2014-05-06 15:26:30 -04:00
|
|
|
if (!jobj) /* shouldn't be possible */
|
|
|
|
|
return -1;
|
2018-12-03 12:40:13 -05:00
|
|
|
namep = (char *)cli_malloc(sizeof(char) * (name_len + 1));
|
2014-05-06 15:26:30 -04:00
|
|
|
if (!namep)
|
|
|
|
|
return -1;
|
2018-12-03 12:40:13 -05:00
|
|
|
strncpy(namep, (char *)name, name_len);
|
2014-05-06 15:26:30 -04:00
|
|
|
namep[name_len] = '\0';
|
|
|
|
|
|
2014-06-06 14:38:45 -04:00
|
|
|
if (!json_object_object_get_ex(jobj, namep, &jobj)) { /* object not found */
|
2014-05-06 15:26:30 -04:00
|
|
|
free(namep);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
j = cli_realloc(jobjs, sizeof(json_object *) * n);
|
2014-05-06 15:26:30 -04:00
|
|
|
if (!j) { /* memory allocation failure */
|
|
|
|
|
free(namep);
|
|
|
|
|
cli_event_error_oom(EV, 0);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2018-12-03 12:40:13 -05:00
|
|
|
ctx->jsonobjs = (void **)j;
|
2014-05-06 15:26:30 -04:00
|
|
|
ctx->njsonobjs = n;
|
2018-12-03 12:40:13 -05:00
|
|
|
j[n - 1] = jobj;
|
2014-05-06 15:26:30 -04:00
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
cli_dbgmsg("bytecode api[json_get_object]: assigned %s => ID %d\n", namep, n - 1);
|
2014-05-06 15:26:30 -04:00
|
|
|
free(namep);
|
2018-12-03 12:40:13 -05:00
|
|
|
return n - 1;
|
2014-05-06 15:26:30 -04:00
|
|
|
#else
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(ctx);
|
|
|
|
|
UNUSEDPARAM(name);
|
|
|
|
|
UNUSEDPARAM(name_len);
|
|
|
|
|
UNUSEDPARAM(objid);
|
2014-05-06 15:26:30 -04:00
|
|
|
cli_dbgmsg("bytecode api: libjson is not enabled!\n");
|
|
|
|
|
return -1;
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int32_t cli_bcapi_json_get_type(struct cli_bc_ctx *ctx, int32_t objid)
|
|
|
|
|
{
|
|
|
|
|
#if HAVE_JSON
|
|
|
|
|
enum json_type type;
|
2014-06-03 12:43:23 -04:00
|
|
|
json_object **jobjs;
|
2014-05-06 15:26:30 -04:00
|
|
|
|
|
|
|
|
INIT_JSON_OBJS(ctx);
|
2014-06-03 12:43:23 -04:00
|
|
|
jobjs = ((json_object **)(ctx->jsonobjs));
|
2014-07-10 18:11:49 -04:00
|
|
|
if (objid < 0 || (unsigned int)objid >= ctx->njsonobjs) {
|
2014-05-06 15:26:30 -04:00
|
|
|
cli_dbgmsg("bytecode api[json_get_type]: invalid json objid requested\n");
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2014-06-03 11:19:01 -04:00
|
|
|
type = json_object_get_type(jobjs[objid]);
|
2014-05-06 15:26:30 -04:00
|
|
|
switch (type) {
|
2018-12-03 12:40:13 -05:00
|
|
|
case json_type_null:
|
|
|
|
|
return JSON_TYPE_NULL;
|
|
|
|
|
case json_type_boolean:
|
|
|
|
|
return JSON_TYPE_BOOLEAN;
|
|
|
|
|
case json_type_double:
|
|
|
|
|
return JSON_TYPE_DOUBLE;
|
|
|
|
|
case json_type_int:
|
|
|
|
|
return JSON_TYPE_INT;
|
|
|
|
|
case json_type_object:
|
|
|
|
|
return JSON_TYPE_OBJECT;
|
|
|
|
|
case json_type_array:
|
|
|
|
|
return JSON_TYPE_ARRAY;
|
|
|
|
|
case json_type_string:
|
|
|
|
|
return JSON_TYPE_STRING;
|
|
|
|
|
default:
|
|
|
|
|
cli_dbgmsg("bytecode api[json_get_type]: unrecognized json type %d\n", type);
|
|
|
|
|
}
|
|
|
|
|
|
2014-05-06 15:26:30 -04:00
|
|
|
#else
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(ctx);
|
|
|
|
|
UNUSEDPARAM(objid);
|
2014-05-06 15:26:30 -04:00
|
|
|
cli_dbgmsg("bytecode api: libjson is not enabled!\n");
|
|
|
|
|
#endif
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int32_t cli_bcapi_json_get_array_length(struct cli_bc_ctx *ctx, int32_t objid)
|
|
|
|
|
{
|
|
|
|
|
#if HAVE_JSON
|
|
|
|
|
enum json_type type;
|
2014-06-03 12:43:23 -04:00
|
|
|
json_object **jobjs;
|
2014-05-06 15:26:30 -04:00
|
|
|
|
|
|
|
|
INIT_JSON_OBJS(ctx);
|
2014-06-03 12:43:23 -04:00
|
|
|
jobjs = (json_object **)(ctx->jsonobjs);
|
2014-07-10 18:11:49 -04:00
|
|
|
if (objid < 0 || (unsigned int)objid >= ctx->njsonobjs) {
|
2014-05-06 15:26:30 -04:00
|
|
|
cli_dbgmsg("bytecode api[json_array_get_length]: invalid json objid requested\n");
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2014-06-03 11:19:01 -04:00
|
|
|
type = json_object_get_type(jobjs[objid]);
|
2014-05-06 15:26:30 -04:00
|
|
|
if (type != json_type_array) {
|
|
|
|
|
return -2; /* error code for not an array */
|
|
|
|
|
}
|
|
|
|
|
|
2014-06-03 11:19:01 -04:00
|
|
|
return json_object_array_length(jobjs[objid]);
|
2014-05-06 15:26:30 -04:00
|
|
|
#else
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(ctx);
|
|
|
|
|
UNUSEDPARAM(objid);
|
2014-05-06 15:26:30 -04:00
|
|
|
cli_dbgmsg("bytecode api: libjson is not enabled!\n");
|
|
|
|
|
return -1;
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int32_t cli_bcapi_json_get_array_idx(struct cli_bc_ctx *ctx, int32_t idx, int32_t objid)
|
|
|
|
|
{
|
|
|
|
|
#if HAVE_JSON
|
|
|
|
|
enum json_type type;
|
|
|
|
|
unsigned n;
|
|
|
|
|
int length;
|
2014-06-03 12:43:23 -04:00
|
|
|
json_object **j, *jarr = NULL, *jobj = NULL, **jobjs;
|
2014-05-06 15:26:30 -04:00
|
|
|
|
|
|
|
|
INIT_JSON_OBJS(ctx);
|
2014-06-03 12:43:23 -04:00
|
|
|
jobjs = (json_object **)(ctx->jsonobjs);
|
2014-07-10 18:11:49 -04:00
|
|
|
if (objid < 0 || (unsigned int)objid >= ctx->njsonobjs) {
|
2014-05-06 15:26:30 -04:00
|
|
|
cli_dbgmsg("bytecode api[json_array_get_idx]: invalid json objid requested\n");
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2014-06-03 11:19:01 -04:00
|
|
|
jarr = jobjs[objid];
|
2014-05-06 15:26:30 -04:00
|
|
|
if (!jarr) /* shouldn't be possible */
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
type = json_object_get_type(jarr);
|
|
|
|
|
if (type != json_type_array) {
|
|
|
|
|
return -2; /* error code for not an array */
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
length = json_object_array_length(jarr);
|
|
|
|
|
if (idx >= 0 && idx < length) {
|
|
|
|
|
n = ctx->njsonobjs + 1;
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
jobj = json_object_array_get_idx(jarr, idx);
|
2014-05-06 15:26:30 -04:00
|
|
|
if (!jobj) { /* object not found */
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
j = cli_realloc(jobjs, sizeof(json_object *) * n);
|
2014-05-06 15:26:30 -04:00
|
|
|
if (!j) { /* memory allocation failure */
|
|
|
|
|
cli_event_error_oom(EV, 0);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2018-12-03 12:40:13 -05:00
|
|
|
ctx->jsonobjs = (void **)j;
|
2014-05-06 15:26:30 -04:00
|
|
|
ctx->njsonobjs = n;
|
2018-12-03 12:40:13 -05:00
|
|
|
j[n - 1] = jobj;
|
2014-05-06 15:26:30 -04:00
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
cli_dbgmsg("bytecode api[json_array_get_idx]: assigned array @ %d => ID %d\n", idx, n - 1);
|
|
|
|
|
return n - 1;
|
2014-05-06 15:26:30 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
#else
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(ctx);
|
|
|
|
|
UNUSEDPARAM(idx);
|
|
|
|
|
UNUSEDPARAM(objid);
|
2014-05-06 15:26:30 -04:00
|
|
|
cli_dbgmsg("bytecode api: libjson is not enabled!\n");
|
|
|
|
|
return -1;
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int32_t cli_bcapi_json_get_string_length(struct cli_bc_ctx *ctx, int32_t objid)
|
|
|
|
|
{
|
|
|
|
|
#if HAVE_JSON
|
|
|
|
|
enum json_type type;
|
2014-06-03 12:43:23 -04:00
|
|
|
json_object *jobj, **jobjs;
|
2014-05-06 15:26:30 -04:00
|
|
|
int32_t len;
|
|
|
|
|
const char *jstr;
|
|
|
|
|
|
|
|
|
|
INIT_JSON_OBJS(ctx);
|
2014-06-03 12:43:23 -04:00
|
|
|
jobjs = (json_object **)(ctx->jsonobjs);
|
2014-07-10 18:11:49 -04:00
|
|
|
if (objid < 0 || (unsigned int)objid >= ctx->njsonobjs) {
|
2014-05-06 16:15:08 -04:00
|
|
|
cli_dbgmsg("bytecode api[json_get_string_length]: invalid json objid requested\n");
|
2014-05-06 15:26:30 -04:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2014-06-03 11:19:01 -04:00
|
|
|
jobj = jobjs[objid];
|
2014-05-06 15:26:30 -04:00
|
|
|
if (!jobj) /* shouldn't be possible */
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
type = json_object_get_type(jobj);
|
|
|
|
|
if (type != json_type_string) {
|
|
|
|
|
return -2; /* error code for not an array */
|
|
|
|
|
}
|
|
|
|
|
|
2022-02-16 00:13:55 +01:00
|
|
|
// len = json_object_get_string_len(jobj); /* not in JSON <0.10 */
|
2014-05-06 15:26:30 -04:00
|
|
|
jstr = json_object_get_string(jobj);
|
2018-12-03 12:40:13 -05:00
|
|
|
len = strlen(jstr);
|
2014-05-06 15:26:30 -04:00
|
|
|
|
|
|
|
|
return len;
|
|
|
|
|
#else
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(ctx);
|
|
|
|
|
UNUSEDPARAM(objid);
|
2014-05-06 15:26:30 -04:00
|
|
|
cli_dbgmsg("bytecode api: libjson is not enabled!\n");
|
|
|
|
|
return -1;
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
int32_t cli_bcapi_json_get_string(struct cli_bc_ctx *ctx, int8_t *str, int32_t str_len, int32_t objid)
|
2014-05-06 15:26:30 -04:00
|
|
|
{
|
|
|
|
|
#if HAVE_JSON
|
|
|
|
|
enum json_type type;
|
2014-06-03 12:43:23 -04:00
|
|
|
json_object *jobj, **jobjs;
|
2014-05-06 15:26:30 -04:00
|
|
|
int32_t len;
|
|
|
|
|
const char *jstr;
|
|
|
|
|
|
|
|
|
|
INIT_JSON_OBJS(ctx);
|
2014-06-03 12:43:23 -04:00
|
|
|
jobjs = (json_object **)(ctx->jsonobjs);
|
2014-07-10 18:11:49 -04:00
|
|
|
if (objid < 0 || (unsigned int)objid >= ctx->njsonobjs) {
|
2014-05-06 16:15:08 -04:00
|
|
|
cli_dbgmsg("bytecode api[json_get_string]: invalid json objid requested\n");
|
2014-05-06 15:26:30 -04:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2014-06-03 11:19:01 -04:00
|
|
|
jobj = jobjs[objid];
|
2014-05-06 15:26:30 -04:00
|
|
|
if (!jobj) /* shouldn't be possible */
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
type = json_object_get_type(jobj);
|
|
|
|
|
if (type != json_type_string) {
|
|
|
|
|
return -2; /* error code for not an array */
|
|
|
|
|
}
|
|
|
|
|
|
2022-02-16 00:13:55 +01:00
|
|
|
// len = json_object_get_string_len(jobj); /* not in JSON <0.10 */
|
2014-05-06 15:26:30 -04:00
|
|
|
jstr = json_object_get_string(jobj);
|
2018-12-03 12:40:13 -05:00
|
|
|
len = strlen(jstr);
|
2014-05-06 15:26:30 -04:00
|
|
|
|
2018-12-03 12:40:13 -05:00
|
|
|
if (len + 1 > str_len) {
|
2014-05-06 15:26:30 -04:00
|
|
|
/* limit on str-len */
|
2018-12-03 12:40:13 -05:00
|
|
|
strncpy((char *)str, jstr, str_len - 1);
|
|
|
|
|
str[str_len - 1] = '\0';
|
2014-05-06 15:26:30 -04:00
|
|
|
return str_len;
|
2018-12-03 12:40:13 -05:00
|
|
|
} else {
|
2014-05-06 15:26:30 -04:00
|
|
|
/* limit on len+1 */
|
2014-07-10 18:11:49 -04:00
|
|
|
strncpy((char *)str, jstr, len);
|
2014-05-06 15:26:30 -04:00
|
|
|
str[len] = '\0';
|
2018-12-03 12:40:13 -05:00
|
|
|
return len + 1;
|
2014-05-06 15:26:30 -04:00
|
|
|
}
|
|
|
|
|
#else
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(ctx);
|
|
|
|
|
UNUSEDPARAM(str);
|
|
|
|
|
UNUSEDPARAM(str_len);
|
|
|
|
|
UNUSEDPARAM(objid);
|
2014-05-06 15:26:30 -04:00
|
|
|
cli_dbgmsg("bytecode api: libjson is not enabled!\n");
|
|
|
|
|
return -1;
|
|
|
|
|
#endif
|
|
|
|
|
}
|
2014-05-06 16:15:08 -04:00
|
|
|
|
|
|
|
|
int32_t cli_bcapi_json_get_boolean(struct cli_bc_ctx *ctx, int32_t objid)
|
|
|
|
|
{
|
|
|
|
|
#if HAVE_JSON
|
2014-06-03 12:43:23 -04:00
|
|
|
json_object *jobj, **jobjs;
|
2014-05-06 16:15:08 -04:00
|
|
|
|
|
|
|
|
INIT_JSON_OBJS(ctx);
|
2014-06-03 12:43:23 -04:00
|
|
|
jobjs = (json_object **)(ctx->jsonobjs);
|
2014-07-10 18:11:49 -04:00
|
|
|
if (objid < 0 || (unsigned int)objid >= ctx->njsonobjs) {
|
2014-05-06 16:15:08 -04:00
|
|
|
cli_dbgmsg("bytecode api[json_get_boolean]: invalid json objid requested\n");
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2014-06-03 11:19:01 -04:00
|
|
|
jobj = jobjs[objid];
|
2014-05-06 16:15:08 -04:00
|
|
|
return json_object_get_boolean(jobj);
|
|
|
|
|
#else
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(ctx);
|
|
|
|
|
UNUSEDPARAM(objid);
|
2014-05-06 16:15:08 -04:00
|
|
|
cli_dbgmsg("bytecode api: libjson is not enabled!\n");
|
|
|
|
|
return 0;
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int32_t cli_bcapi_json_get_int(struct cli_bc_ctx *ctx, int32_t objid)
|
|
|
|
|
{
|
|
|
|
|
#if HAVE_JSON
|
2014-06-03 12:43:23 -04:00
|
|
|
json_object *jobj, **jobjs;
|
2014-05-06 16:15:08 -04:00
|
|
|
|
|
|
|
|
INIT_JSON_OBJS(ctx);
|
2014-06-03 12:43:23 -04:00
|
|
|
jobjs = (json_object **)(ctx->jsonobjs);
|
2014-07-10 18:11:49 -04:00
|
|
|
if (objid < 0 || (unsigned int)objid >= ctx->njsonobjs) {
|
2014-05-06 16:15:08 -04:00
|
|
|
cli_dbgmsg("bytecode api[json_get_int]: invalid json objid requested\n");
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2014-06-03 11:19:01 -04:00
|
|
|
jobj = jobjs[objid];
|
2014-05-06 16:15:08 -04:00
|
|
|
return json_object_get_int(jobj);
|
|
|
|
|
#else
|
2014-07-10 18:11:49 -04:00
|
|
|
UNUSEDPARAM(ctx);
|
|
|
|
|
UNUSEDPARAM(objid);
|
2014-05-06 16:15:08 -04:00
|
|
|
cli_dbgmsg("bytecode api: libjson is not enabled!\n");
|
|
|
|
|
return 0;
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
2022-02-16 00:13:55 +01:00
|
|
|
// int64_t cli_bcapi_json_get_int64(struct cli_bc_ctx *ctx, int32_t objid);
|
|
|
|
|
// double cli_bcapi_json_get_double(struct cli_bc_ctx *ctx, int32_t objid);
|