Stowage/clamav
2
0
Fork 0
mirror of https://github.com/Cisco-Talos/clamav.git synced 2025-10-19 10:23:17 +00:00
Code Issues Projects Releases Packages Wiki Activity

bb12186 - Fix to prevent possible crash when loading ldb database and PCRE is not available. Patch courtest of Tomasz Kojm.

Browse source
This commit is contained in:
Micah Snyder 2019-02-28 10:34:10 -05:00
parent 8a5f206964
commit 262edbc886
2 changed files with 30 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

31
NEWS.md
View file

@ -17,11 +17,16 @@ ClamAV 0.102.0 is in development.
- The new home for the documentation markdown is in our
[ClamAV FAQ Github repository](https://github.com/Cisco-Talos/clamav-faq)
### Additional minor bug fixes
- Fix to prevent a possible crash when loading LDB type signature databases
and PCRE is not available. Patch courtesy of Tomasz Kojm.
### Acknowledgements
The ClamAV team thanks the following individuals for their code submissions:
-
- Tomasz Kojm
## 0.101.1
@ -119,18 +124,18 @@ we've cooked up over the past 6 months.
| | `AlertEncryptedArchive` |
| | `AlertEncryptedDoc` |
| Old `clamscan` option | *New* `clamscan` option |
| ---------------------------- | -------------------------------- |
| `--algorithmic-detection` | `--heuristic-alerts` |
| `--detect-broken` | `--alert-broken` |
| `--phishing-cloak` | `--alert-phishing-cloak` |
| `--phishing-ssl` | `--alert-phishing-ssl` |
| `--partition-intersection` | `--alert-partition-intersection` |
| `--block-max` | `--alert-exceeds-max` |
| `--block-macros` | `--alert-macros` |
| `--block-encrypted` | `--alert-encrypted` |
| | `--alert-encrypted-archive` |
| | `--alert-encrypted-doc` |
| Old `clamscan` option | *New* `clamscan` option |
| -------------------------- | -------------------------------- |
| `--algorithmic-detection` | `--heuristic-alerts` |
| `--detect-broken` | `--alert-broken` |
| `--phishing-cloak` | `--alert-phishing-cloak` |
| `--phishing-ssl` | `--alert-phishing-ssl` |
| `--partition-intersection` | `--alert-partition-intersection` |
| `--block-max` | `--alert-exceeds-max` |
| `--block-macros` | `--alert-macros` |
| `--block-encrypted` | `--alert-encrypted` |
| | `--alert-encrypted-archive` |
| | `--alert-encrypted-doc` |
### Some more subtle improvements

24
libclamav/readdb.c
View file

@ -1740,18 +1740,6 @@ static int load_oneldb(char *buffer, int chkpua, struct cl_engine *engine, unsig
}
subsigs++;
#if !HAVE_PCRE
/* Regex Usage and Support Check */
for (i = 0; i < subsigs; ++i) {
char *slash = strchr(tokens[i + 3], '/');
if (slash && strchr(slash + 1, '/')) {
cli_warnmsg("cli_loadldb: logical signature for %s uses PCREs but support is disabled, skipping\n", virname);
(*sigs)--;
return CL_SUCCESS;
}
}
#endif
if (!line) {
/* This is a logical signature from the bytecode, we need all
* subsignatures, even if not referenced from the logical expression */
@ -1766,6 +1754,18 @@ static int load_oneldb(char *buffer, int chkpua, struct cl_engine *engine, unsig
return CL_EMALFDB;
}
#if !HAVE_PCRE
/* Regex Usage and Support Check */
for (i = 0; i < subsigs; ++i) {
char *slash = strchr(tokens[i + 3], '/');
if (slash && strchr(slash + 1, '/')) {
cli_warnmsg("cli_loadldb: logical signature for %s uses PCREs but support is disabled, skipping\n", virname);
(*sigs)--;
return CL_SUCCESS;
}
}
#endif
/* enforce MAX_LDB_SUBSIGS(currently 64) subsig cap */
if (subsigs > MAX_LDB_SUBSIGS) {
cli_errmsg("cli_loadldb: Broken logical expression or too many subsignatures\n");