Stowage/clamav
2
0
Fork 0
mirror of https://github.com/Cisco-Talos/clamav.git synced 2025-10-19 10:23:17 +00:00
Code Issues Projects Releases Packages Wiki Activity

Fix many warnings

Browse source
This commit is contained in:
Micah Snyder 2023-04-07 19:51:04 -07:00 committed by Micah Snyder
parent 7d66717f44
commit 38386349c5
30 changed files with 154 additions and 74 deletions
Download patch file Download diff file Expand all files Collapse all files

4
clamav-milter/clamav-milter.c
View file

@ -178,8 +178,8 @@ int main(int argc, char **argv)
char myname[255];
if (((opt = optget(opts, "ReportHostname"))->enabled &&
strncpy(myname, opt->strarg, sizeof(myname))) ||
!gethostname(myname, sizeof(myname))) {
strncpy(myname, opt->strarg, sizeof(myname) - 1)) ||
!gethostname(myname, sizeof(myname) - 1)) {
myname[sizeof(myname) - 1] = '\0';
snprintf(xvirushdr, sizeof(xvirushdr), "clamav-milter %s at %s",

2
clamav-milter/clamfi.c
View file

@ -61,7 +61,7 @@ static sfsistat (*InfectedAction)(SMFICTX *ctx);
static char *rejectfmt = NULL;
int addxvirus = 0; /* 0 - don't add | 1 - replace | 2 - add */
char xvirushdr[255];
char xvirushdr[300];
char *viraction = NULL;
int multircpt = 1;

2
clamav-milter/clamfi.h
View file

@ -27,7 +27,7 @@
extern uint64_t maxfilesize;
extern int addxvirus;
extern char xvirushdr[255];
extern char xvirushdr[300];
extern int multircpt;
sfsistat clamfi_body(SMFICTX *ctx, unsigned char *bodyp, size_t len);

1
clamonacc/client/client.c
View file

@ -406,7 +406,6 @@ cl_error_t onas_setup_client(struct onas_context **ctx)
{
const struct optstruct *opts;
const struct optstruct *opt;
cl_error_t err;
int remote;

10
examples/ex_cl_cvdunpack.c
View file

@ -41,22 +41,12 @@
*/
int main(int argc, char **argv)
{
int fd;
cl_error_t ret;
const char *filename;
const char *destination_directory;
bool dont_verify = false;
char dest_buff[1024];
unsigned long int size = 0;
unsigned int sigs = 0;
long double mb;
const char *virname;
struct cl_engine *engine;
struct cl_scan_options options;
switch (argc) {
case 2:
filename = argv[1];

5
examples/ex_file_inspection_callback.c
View file

@ -94,6 +94,9 @@ cl_error_t post_callback(
const char *virname,
void *context) // Could be used to retrieve / store contextual information for app
{
(void)fd;
(void)context;
printf("result: %d\n", result);
printf("virname: %s\n", virname);
printf("\n\n");
@ -120,7 +123,7 @@ int main(int argc, char **argv)
long double mb;
const char *virname;
const char *filename;
struct cl_engine *engine;
struct cl_engine *engine = NULL;
struct cl_scan_options options;
char database_filepath[256];
bool created_database = false;

2
examples/ex_prescan_callback.c
View file

@ -76,7 +76,7 @@ int main(int argc, char **argv)
long double mb;
const char *virname;
const char *filename;
struct cl_engine *engine;
struct cl_engine *engine = NULL;
struct cl_scan_options options;
if (argc != 2) {

2
libclamav/bytecode_api.c
View file

@ -2315,7 +2315,7 @@ int32_t cli_bcapi_json_get_string(struct cli_bc_ctx *ctx, int8_t *str, int32_t s
return str_len;
} else {
/* limit on len+1 */
strncpy((char *)str, jstr, len);
memcpy((char *)str, jstr, len);
str[len] = '\0';
return len + 1;
}

38
libclamav/bytecode_vm.c
View file

@ -388,6 +388,8 @@ static always_inline struct stack_entry *pop_stack(struct stack *stack,
READ1(op1, BINOP(1)); \
sop0 = op0; \
sop1 = op1; \
(void)sop0; \
(void)sop1; \
OP; \
W0(inst->dest, res); \
break; \
@ -399,6 +401,8 @@ static always_inline struct stack_entry *pop_stack(struct stack *stack,
READ8(op1, BINOP(1)); \
sop0 = op0; \
sop1 = op1; \
(void)sop0; \
(void)sop1; \
OP; \
W1(inst->dest, res); \
break; \
@ -410,6 +414,8 @@ static always_inline struct stack_entry *pop_stack(struct stack *stack,
READ16(op1, BINOP(1)); \
sop0 = op0; \
sop1 = op1; \
(void)sop0; \
(void)sop1; \
OP; \
W2(inst->dest, res); \
break; \
@ -421,6 +427,8 @@ static always_inline struct stack_entry *pop_stack(struct stack *stack,
READ32(op1, BINOP(1)); \
sop0 = op0; \
sop1 = op1; \
(void)sop0; \
(void)sop1; \
OP; \
W3(inst->dest, res); \
break; \
@ -432,6 +440,8 @@ static always_inline struct stack_entry *pop_stack(struct stack *stack,
READ64(op1, BINOP(1)); \
sop0 = op0; \
sop1 = op1; \
(void)sop0; \
(void)sop1; \
OP; \
W4(inst->dest, res); \
break; \
@ -534,6 +544,24 @@ static always_inline struct stack_entry *pop_stack(struct stack *stack,
break; \
}
#define DEFINE_OP_BC_RET_VOID(OP, T) \
case OP: { \
operand_t ret; \
CHECK_GT(stack_depth, 0); \
stack_depth--; \
stack_entry = pop_stack(&stack, stack_entry, &func, &ret, &bb, \
&bb_inst); \
values = stack_entry ? stack_entry->values : ctx->values; \
CHECK_GT(func->numBytes, ret); \
if (!bb) { \
stop = CL_BREAK; \
continue; \
} \
stackid = ptr_register_stack(&ptrinfos, values, 0, func->numBytes) >> 32; \
inst = &bb->insts[bb_inst]; \
break; \
}
struct ptr_info {
uint8_t *base;
uint32_t size;
@ -797,11 +825,11 @@ cl_error_t cli_vm_execute(const struct cli_bc *bc, struct cli_bc_ctx *ctx, const
DEFINE_OP_BC_RET_N(OP_BC_RET * 5 + 3, uint32_t, READ32, WRITE32);
DEFINE_OP_BC_RET_N(OP_BC_RET * 5 + 4, uint64_t, READ64, WRITE64);
DEFINE_OP_BC_RET_N(OP_BC_RET_VOID * 5, uint8_t, (void), (void));
DEFINE_OP_BC_RET_N(OP_BC_RET_VOID * 5 + 1, uint8_t, (void), (void));
DEFINE_OP_BC_RET_N(OP_BC_RET_VOID * 5 + 2, uint8_t, (void), (void));
DEFINE_OP_BC_RET_N(OP_BC_RET_VOID * 5 + 3, uint8_t, (void), (void));
DEFINE_OP_BC_RET_N(OP_BC_RET_VOID * 5 + 4, uint8_t, (void), (void));
DEFINE_OP_BC_RET_VOID(OP_BC_RET_VOID * 5, uint8_t);
DEFINE_OP_BC_RET_VOID(OP_BC_RET_VOID * 5 + 1, uint8_t);
DEFINE_OP_BC_RET_VOID(OP_BC_RET_VOID * 5 + 2, uint8_t);
DEFINE_OP_BC_RET_VOID(OP_BC_RET_VOID * 5 + 3, uint8_t);
DEFINE_OP_BC_RET_VOID(OP_BC_RET_VOID * 5 + 4, uint8_t);
DEFINE_ICMPOP(OP_BC_ICMP_EQ, res = (op0 == op1));
DEFINE_ICMPOP(OP_BC_ICMP_NE, res = (op0 != op1));

6
libclamav/disasm.c
View file

@ -1316,9 +1316,11 @@ static const uint8_t *disasm_x86(const uint8_t *command, unsigned int len, struc
switch (x87_st[table][rm].args) {
case X87_S:
reversed = 1;
/* fall-through */
case X87_R:
s->args[reversed ^ 1].access = ACCESS_REG;
s->args[reversed ^ 1].reg = X86_REG_ST0;
/* fall-through */
case X87_ONE:
s->args[reversed].access = ACCESS_REG;
s->args[reversed].reg = X86_REG_ST0 + (rm & 7);
@ -1453,6 +1455,7 @@ static const uint8_t *disasm_x86(const uint8_t *command, unsigned int len, struc
case ADDR_MRM_GEN_CR:
case ADDR_MRM_GEN_DR:
reversed = 1;
/* fall-through */
case ADDR_MRM_GEN_EG:
case ADDR_MRM_GEN_ES:
@ -1500,8 +1503,10 @@ static const uint8_t *disasm_x86(const uint8_t *command, unsigned int len, struc
break;
case SIZE_WD:
s->args[reversed].size += (s->opsize == 0);
/* fall-through */
case SIZE_WORD:
s->args[reversed].size++;
/* fall-through */
case SIZE_BYTE:
break;
default:
@ -1743,6 +1748,7 @@ const uint8_t *cli_disasm_one(const uint8_t *buff, unsigned int len,
break;
case ACCESS_REG:
w->arg[i][1] = s.args[i].reg;
/* fall-through */
default:
cli_writeint32(&w->arg[i][2], s.args[i].arg.q);
cli_writeint32(&w->arg[i][6], s.args[i].arg.q >> 32);

25
libclamav/explode.c
View file

@ -198,8 +198,8 @@ int explode_init(struct xplstate *X, uint16_t flags)
} \
}
#define GETCODES(CASE, WHICH, HOWMANY) \
case CASE: { \
#define GETCODES(WHICH, HOWMANY) \
{ \
if (!X->avail_in) return EXPLODE_EBUFF; \
if (!X->got) \
need = *X->next_in; \
@ -227,6 +227,7 @@ int explode_init(struct xplstate *X, uint16_t flags)
#define SETCASE(CASE) \
X->state = (CASE); \
/* fall-through */ \
case (CASE): { /* FAKE */ \
}
@ -236,14 +237,19 @@ int explode(struct xplstate *X)
int temp = -1;
switch (X->state) {
/* grab compressed coded literals, if present */
GETCODES(GRABLITS, lit_tree, 256);
/* grab compressed coded lens */
GETCODES(GRABLENS, len_tree, 64);
/* grab compressed coded dists */
GETCODES(GRABDISTS, dist_tree, 64);
case GRABLITS: { /* grab compressed coded literals, if present */
GETCODES(lit_tree, 256);
} /* fall-through */
case EXPLODE:
case GRABLENS: { /* grab compressed coded lens */
GETCODES(len_tree, 64);
} /* fall-through */
case GRABDISTS: { /* grab compressed coded dists */
GETCODES(dist_tree, 64);
} /* fall-through */
case EXPLODE: {
while (X->avail_in || X->bits) {
GETBIT; /* can't fail */
if (val) {
@ -315,6 +321,7 @@ int explode(struct xplstate *X)
}
X->state = EXPLODE;
}
}
}
return EXPLODE_EBUFF;
}

2
libclamav/filtering.c
View file

@ -210,7 +210,7 @@ int filter_add_static(struct filter *m, const unsigned char *pattern, unsigned l
for (j = 0; (best < 100 && j < MAX_CHOICES) || (j < maxlen); j++) {
uint32_t num = MAXSOPATLEN;
uint8_t k;
if (j + 2 > len)
if ((unsigned long)(j + 2) > len)
break;
for (k = j; k < len - 1 && (k - j < MAXSOPATLEN); k++) {
q = cli_readint16(&pattern[k]);

4
libclamav/hwp.c
View file

@ -1525,7 +1525,7 @@ static inline cl_error_t parsehwp3_infoblk_1(cli_ctx *ctx, fmap_t *dmap, size_t
char field[HWP3_FIELD_LENGTH];
#endif
#if HAVE_JSON
json_object *infoblk_1, *contents, *counter, *entry;
json_object *infoblk_1, *contents = NULL, *counter, *entry = NULL;
#endif
hwp3_debug("HWP3.x: Information Block @ offset %llu\n", infoloc);
@ -1757,7 +1757,7 @@ static cl_error_t hwp3_cb(void *cbdata, int fd, const char *filepath, cli_ctx *c
int i, p = 0, last = 0;
uint16_t nstyles;
#if HAVE_JSON
json_object *fonts;
json_object *fonts = NULL;
#endif
UNUSEDPARAM(filepath);

13
libclamav/inflate64.c
View file

@ -1,9 +1,9 @@
/*
/*
* This file contains code from zlib library v.1.2.3 with modifications
* by aCaB <acab@clamav.net> to allow decompression of deflate64 streams
* (aka zip method 9). The implementation is heavily inspired by InfoZip
* and zlib's inf9back.c
*
*
* Full copy of the original zlib license follows:
*/
@ -439,11 +439,13 @@ int flush;
strm->adler = state->check = REVERSE(hold);
INITBITS();
state->mode = DICT;
/* fall-through */
case DICT:
RESTORE();
return Z_NEED_DICT;
case TYPE:
if (flush == Z_BLOCK) goto inf_leave;
/* fall-through */
case TYPEDO:
if (state->last) {
BYTEBITS();
@ -487,6 +489,7 @@ int flush;
state->length));
INITBITS();
state->mode = COPY;
/* fall-through */
case COPY:
copy = state->length;
if (copy) {
@ -611,6 +614,7 @@ int flush;
}
Tracev((stderr, "inflate: codes ok\n"));
state->mode = LEN;
/* fall-through */
case LEN:
/* if (have >= 6 && left >= 258) {
RESTORE();
@ -654,6 +658,7 @@ int flush;
}
state->extra = (unsigned)(this.op) & 31;
state->mode = LENEXT;
/* fall-through */
case LENEXT:
if (state->extra) {
NEEDBITS(state->extra);
@ -662,6 +667,7 @@ int flush;
}
Tracevv((stderr, "inflate: length %u\n", state->length));
state->mode = DIST;
/* fall-through */
case DIST:
for (;;) {
this = state->distcode[BITS(state->distbits)];
@ -687,6 +693,7 @@ int flush;
state->offset = (unsigned)this.val;
state->extra = (unsigned)(this.op) & 15;
state->mode = DISTEXT;
/* fall-through */
case DISTEXT:
if (state->extra) {
NEEDBITS(state->extra);
@ -705,6 +712,7 @@ int flush;
}
Tracevv((stderr, "inflate: distance %u\n", state->offset));
state->mode = MATCH;
/* fall-through */
case MATCH:
if (left == 0) goto inf_leave;
copy = out - left;
@ -755,6 +763,7 @@ int flush;
Tracev((stderr, "inflate: check matches trailer\n"));
}
state->mode = DONE;
/* fall-through */
case DONE:
ret = Z_STREAM_END;
goto inf_leave;

2
libclamav/jpeg.c
View file

@ -314,7 +314,7 @@ cl_error_t cli_parsejpeg(cli_ctx *ctx)
cl_error_t status = CL_SUCCESS;
fmap_t *map = NULL;
jpeg_marker_t marker, prev_marker, prev_segment = JPEG_MARKER_NOT_A_MARKER_0x00;
jpeg_marker_t marker = JPEG_MARKER_NOT_A_MARKER_0x00, prev_marker, prev_segment = JPEG_MARKER_NOT_A_MARKER_0x00;
uint8_t buff[50]; /* 50 should be sufficient for now */
uint16_t len_u16;
unsigned int offset = 0, i, len, segment = 0;

2
libclamav/libmspack.c
View file

@ -290,7 +290,7 @@ static void mspack_fmap_message(struct mspack_file *file, const char *fmt, ...)
memset(buff, 0, BUFSIZ);
/* Add the prefix */
strncpy(buff, "LibClamAV debug: ", len);
memcpy(buff, "LibClamAV debug: ", len);
va_start(args, fmt);
vsnprintf(buff + len, sizeof(buff) - len - 2, fmt, args);

3
libclamav/mew.c
View file

@ -340,7 +340,7 @@ int mew_lzma(char *orgsource, const char *buf, uint32_t size_sum, uint32_t vma,
uint32_t new_eax, new_edx, temp;
int i, mainloop;
char var1, var30;
char var1;
const char *source = buf;
char *dest, *new_ebx;
const char *new_ecx, *var0C_ecxcopy;
@ -621,7 +621,6 @@ int mew_lzma(char *orgsource, const char *buf, uint32_t size_sum, uint32_t vma,
t = *(var18 + new_eax);
new_eax = (new_eax & 0xffffff00) | t;
var30 = t;
if (lzma_48635C(t, &new_ecx, &var40, &new_eax, orgsource, size_sum) == 0xffffffff)
return -1;
var20 = 0;

18
libclamav/nsis/infblock.c
View file

@ -1,12 +1,12 @@
/*
* This file is a part of the zlib compression module for NSIS.
*
*
* Copyright and license information can be found below.
* Modifications Copyright (C) 1999-2007 Nullsoft and Contributors
*
*
* The original zlib source code is available at
* http://www.zlib.net/
*
*
* This software is provided 'as-is', without any express or implied
* warranty.
*/
@ -382,7 +382,7 @@ int ZEXPORT nsis_inflate(nsis_z_streamp z)
{
int _k; /* temporary variable */
uInt f = 0; /* number of hufts used in fixed_mem */
/* literal table */
for (_k = 0; _k < 288; _k++)
{
@ -574,11 +574,14 @@ int ZEXPORT nsis_inflate(nsis_z_streamp z)
#define f (_state.f)
/* waiting for "i:"=input, "o:"=output, "x:"=nothing */
/* fall-through */
case CODES_START: /* x: set up for LEN */
c->sub.code.need = c->lbits;
c->sub.code.tree = c->ltree;
s->mode = CODES_LEN;
/* fall-through */
case CODES_LEN: /* i: get length/literal/eob next */
t = c->sub.code.need;
NEEDBITS(t)
@ -618,6 +621,8 @@ int ZEXPORT nsis_inflate(nsis_z_streamp z)
c->sub.code.need = c->dbits;
c->sub.code.tree = c->dtree;
s->mode = CODES_DIST;
/* fall-through */
case CODES_DIST: /* i: get distance next */
t = c->sub.code.need;
NEEDBITS(t)
@ -644,6 +649,8 @@ int ZEXPORT nsis_inflate(nsis_z_streamp z)
c->sub.copy.dist += (uInt)b & (uInt)inflate_mask[t];
DUMPBITS(t)
s->mode = CODES_COPY;
/* fall-through */
case CODES_COPY: /* o: copying bytes in window, waiting for space */
f = (uInt)(q - s->window) < c->sub.copy.dist ?
s->end - (c->sub.copy.dist - (q - s->window)) :
@ -665,7 +672,7 @@ int ZEXPORT nsis_inflate(nsis_z_streamp z)
s->mode = CODES_START;
break;
case CODES_WASH: /* o: got eob, possibly more output */
if (k > 7) /* return unused byte, if any */
if (k > 7)
{
k -= 8;
n++;
@ -676,6 +683,7 @@ int ZEXPORT nsis_inflate(nsis_z_streamp z)
#undef j
#undef e
#undef f
/* fall-through */
case DRY:
FLUSH

12
libclamav/pe.c
View file

@ -3440,7 +3440,7 @@ int cli_scanpe(cli_ctx *ctx)
) ||
( /* upack 1.1/1.2, based on 2 samples */
epbuff[0] == '\xbe' && cli_readint32(epbuff + 1) - EC32(peinfo->pe_opt.opt32.ImageBase) < peinfo->min && /* mov esi */
cli_readint32(epbuff + 1) > EC32(peinfo->pe_opt.opt32.ImageBase) &&
cli_readint32(epbuff + 1) > (int32_t)EC32(peinfo->pe_opt.opt32.ImageBase) &&
epbuff[5] == '\xad' && epbuff[6] == '\x8b' && epbuff[7] == '\xf8' /* loads; mov edi, eax */
)))) {
uint32_t vma, off;
@ -4508,7 +4508,7 @@ cl_error_t cli_peheader(fmap_t *map, struct cli_exe_info *peinfo, uint32_t opts,
uint32_t stored_opt_hdr_size;
struct pe_image_file_hdr *file_hdr;
struct pe_image_optional_hdr32 *opt32;
struct pe_image_optional_hdr64 *opt64;
struct pe_image_optional_hdr64 *opt64 = NULL;
struct pe_image_section_hdr *section_hdrs = NULL;
size_t i, j, section_pe_idx;
unsigned int err;
@ -4811,7 +4811,7 @@ cl_error_t cli_peheader(fmap_t *map, struct cli_exe_info *peinfo, uint32_t opts,
goto done;
}
if (fmap_readn(map, (void *)(((size_t) & (peinfo->pe_opt.opt64)) + sizeof(struct pe_image_optional_hdr32)), at, OPT_HDR_SIZE_DIFF) != OPT_HDR_SIZE_DIFF) {
if (fmap_readn(map, (void *)((size_t)&peinfo->pe_opt.opt64 + sizeof(struct pe_image_optional_hdr32)), at, OPT_HDR_SIZE_DIFF) != OPT_HDR_SIZE_DIFF) {
cli_dbgmsg("cli_peheader: Can't read additional optional file header bytes\n");
ret = CL_EFORMAT;
goto done;
@ -4932,10 +4932,10 @@ cl_error_t cli_peheader(fmap_t *map, struct cli_exe_info *peinfo, uint32_t opts,
#endif
}
salign = (peinfo->is_pe32plus) ? EC32(opt64->SectionAlignment) : EC32(opt32->SectionAlignment);
falign = (peinfo->is_pe32plus) ? EC32(opt64->FileAlignment) : EC32(opt32->FileAlignment);
salign = (peinfo->is_pe32plus && opt64 != NULL) ? EC32(opt64->SectionAlignment) : EC32(opt32->SectionAlignment);
falign = (peinfo->is_pe32plus && opt64 != NULL) ? EC32(opt64->FileAlignment) : EC32(opt32->FileAlignment);
switch (peinfo->is_pe32plus ? EC16(opt64->Subsystem) : EC16(opt32->Subsystem)) {
switch ((peinfo->is_pe32plus && opt64 != NULL) ? EC16(opt64->Subsystem) : EC16(opt32->Subsystem)) {
case 0:
subsystem = "Unknown";
break;

2
libclamav/phishcheck.c
View file

@ -264,7 +264,7 @@ static int string_assign_concatenated(struct string* dest, const char* prefix, c
cli_errmsg("Phishcheck: Unable to allocate memory for string_assign_concatenated\n");
return CL_EMEM;
}
strncpy(ret, prefix, prefix_len);
strncpy(ret, prefix, prefix_len + end - begin + 1);
strncpy(ret + prefix_len, begin, end - begin);
ret[prefix_len + end - begin] = '\0';
string_free(dest);

15
libclamav/readdb.c
View file

@ -1193,6 +1193,7 @@ static int cli_chkpua(const char *signame, const char *pua_cats, unsigned int op
{
char cat[32], *cat_pt, *pt1, *pt2, *endsig;
const char *sig;
size_t catlen;
int ret;
cli_dbgmsg("cli_chkpua: Checking signature [%s]\n", signame);
@ -1219,9 +1220,15 @@ static int cli_chkpua(const char *signame, const char *pua_cats, unsigned int op
}
endsig = strrchr(sig, '.');
strncpy(cat, sig, strlen(sig) - strlen(endsig) + 1);
cat[strlen(sig) - strlen(endsig) + 1] = 0;
cat_pt = strstr(cat, pua_cats);
catlen = MIN(sizeof(cat), strlen(sig) - strlen(endsig));
memcpy(cat, sig, catlen + 1);
// Add null terminator.
cat[catlen + 1] = '\0';
cat_pt = strstr(cat, pua_cats);
cli_dbgmsg("cli_chkpua: cat=[%s]\n", cat);
cli_dbgmsg("cli_chkpua: sig=[%s]\n", sig);
if (options & CL_DB_PUA_INCLUDE)
@ -2736,7 +2743,7 @@ static int cli_loadign(FILE *fs, struct cl_engine *engine, unsigned int options,
int pad = 3 - len;
/* patch-up for Boyer-Moore minimum length of 3: pad with spaces */
if (signame != buffer) {
strncpy(buffer, signame, len);
memcpy(buffer, signame, len);
signame = buffer;
}
buffer[3] = '\0';

9
libclamav/rebuildpe.c
View file

@ -174,7 +174,14 @@ int cli_rebuildpe_align(char *buffer, struct cli_exe_section *sections, int sect
}
for (i = 0; i < sects; i++) {
snprintf(curpe, 8, ".clam%.2d", i + 1);
int snprintf_ret;
snprintf_ret = snprintf(curpe, 8, ".clam%.2d", i + 1);
if (snprintf_ret < 0) {
// More sections than expect -- the section number in the name was trunctated. Whatever. Don't really care.
// The act of checking for an error stops GCC from warning about possible truncation at compile time.
// See: https://stackoverflow.com/questions/51534284/how-to-circumvent-format-truncation-warning-in-gcc
cli_dbgmsg("More sections than expect (%d). The section number in the rebuilt pe section name was trunctated.\n", i);
}
if (!align) {
cli_writeint32(curpe + 8, sections[i].vsz);
cli_writeint32(curpe + 12, sections[i].rva);

4
libclamav/regex_list.c
View file

@ -206,7 +206,7 @@ cl_error_t regex_list_match(struct regex_matcher *matcher, char *real_url, const
return CL_EMEM;
}
strncpy(buffer, real_url, real_len);
strncpy(buffer, real_url, buffer_len);
buffer[real_len] = (!is_allow_list_lookup && hostOnly) ? '/' : ':';
/*
@ -215,7 +215,7 @@ cl_error_t regex_list_match(struct regex_matcher *matcher, char *real_url, const
*/
if (!hostOnly || is_allow_list_lookup) {
/* For all other PDB and WDB signatures concatenate Real:Displayed. */
strncpy(buffer + real_len + 1, display_url, display_len);
strncpy(buffer + real_len + 1, display_url, buffer_len - real_len);
}
buffer[buffer_len - 1] = '/';
buffer[buffer_len] = 0;

2
libclamav/rtf.c
View file

@ -156,7 +156,6 @@ static int compare_state(const struct rtf_state* a, const struct rtf_state* b)
static int push_state(struct stack* stack, struct rtf_state* state)
{
int toplevel;
size_t defelements;
stack->elements++;
if (compare_state(state, &base_state)) {
@ -175,7 +174,6 @@ static int push_state(struct stack* stack, struct rtf_state* state)
}
stack->states[stack->stack_cnt++] = *state;
toplevel = state->encounteredTopLevel;
defelements = state->default_elements;
*state = base_state;

2
libclamav/spin.c
View file

@ -72,8 +72,10 @@ static char exec86(uint8_t aelle, uint8_t cielle, char *curremu, int *retval)
switch (opcode) {
case 0xeb:
len++;
/* fall-through */
case 0x0a:
len++;
/* fall-through */
case 0x90:
case 0xf8:
case 0xf9:

9
libclamav/stats.c
View file

@ -572,12 +572,13 @@ char *clamav_stats_get_hostid(void *cbdata)
#else
char *clamav_stats_get_hostid(void *cbdata)
{
char *sysctls[] = {
"kern.hostuuid",
NULL};
size_t bufsz, i;
char *buf;
#if HAVE_SYSCTLBYNAME
char *sysctls[] = {"kern.hostuuid", NULL};
size_t bufsz, i;
#endif
UNUSEDPARAM(cbdata);
#if HAVE_SYSCTLBYNAME

4
libclamav/textnorm.c
View file

@ -96,6 +96,10 @@ size_t text_normalize_buffer(struct text_norm_state *state, const unsigned char
const unsigned char *out_end = state->out + state->out_len;
unsigned char *p = state->out + state->out_pos;
if (NULL == buf) {
return 0;
}
for (i = 0; i < buf_len && p < out_end; i++) {
unsigned char c = buf[i];
switch (char_action[c]) {

2
libclamav/unarj.c
View file

@ -972,7 +972,7 @@ done:
static cl_error_t arj_read_file_header(arj_metadata_t *metadata)
{
uint16_t header_size, count;
const char *filename, *comment;
const char *filename = NULL, *comment = NULL;
arj_file_hdr_t file_hdr;
struct text_norm_state fnstate, comstate;
unsigned char *fnnorm = NULL;

2
libclamav/wwunpack.c
View file

@ -150,9 +150,11 @@ cl_error_t wwunpack(uint8_t *exe, uint32_t exesz, uint8_t *wwsect, struct cli_ex
switch (bits) {
case 4: /* 10,11 */
backbytes++;
/* fall-through */
case 3: /* 8,9 */
BIT;
backbytes += bits;
/* fall-through */
case 0:
case 1:
case 2: /* 5,6,7 */

24
sigtool/sigtool.c
View file

@ -758,7 +758,7 @@ static int writeinfo(const char *dbname, const char *builder, const char *header
{
FILE *fh;
unsigned int i, bytes;
char file[32], *pt, dbfile[32];
char file[4096], *pt, dbfile[4096];
unsigned char digest[32], buffer[FILEBUFF];
void *ctx;
@ -863,7 +863,7 @@ static int build(const struct optstruct *opts)
STATBUF foo;
unsigned char buffer[FILEBUFF];
char *tarfile, header[513], smbuff[32], builder[33], *pt, olddb[512];
char patch[50], broken[57], dbname[32], dbfile[36];
char patch[50], broken[57], dbname[32], dbfile[4096];
const char *newcvd, *localdbdir = NULL;
struct cl_engine *engine;
FILE *cvd, *fh;
@ -2718,12 +2718,13 @@ static int decodehex(const char *hexsig)
int asterisk = 0;
unsigned int i, j, hexlen, dlen, parts = 0;
int mindist = 0, maxdist = 0, error = 0;
ssize_t bytes_written;
hexlen = strlen(hexsig);
if ((wild = strchr(hexsig, '/'))) {
/* ^offset:trigger-logic/regex/options$ */
char *trigger, *regex, *regex_end, *cflags;
size_t tlen = wild - hexsig, rlen, clen;
size_t tlen = wild - hexsig, rlen = 0, clen;
/* check for trigger */
if (!tlen) {
@ -2788,7 +2789,7 @@ static int decodehex(const char *hexsig)
/* print components of regex subsig */
mprintf(LOGG_INFO, " +-> TRIGGER: %s\n", trigger);
mprintf(LOGG_INFO, " +-> REGEX: %s\n", regex);
mprintf(LOGG_INFO, " +-> CFLAGS: %s\n", cflags);
mprintf(LOGG_INFO, " +-> CFLAGS: %s\n", cflags != NULL ? cflags : "null");
free(trigger);
free(regex);
@ -2844,7 +2845,10 @@ static int decodehex(const char *hexsig)
free(hexcpy);
return -1;
}
(void)write(1, decoded, dlen);
bytes_written = write(1, decoded, dlen);
if (bytes_written != dlen) {
mprintf(LOGG_WARNING, "Failed to print all decoded bytes\n");
}
free(decoded);
if (i == parts)
@ -2925,7 +2929,10 @@ static int decodehex(const char *hexsig)
free(pt);
return -1;
}
(void)write(1, decoded, dlen);
bytes_written = write(1, decoded, dlen);
if (bytes_written != dlen) {
mprintf(LOGG_WARNING, "Failed to print all decoded bytes\n");
}
free(decoded);
if (i < parts)
mprintf(LOGG_INFO, "{WILDCARD_ANY_STRING}");
@ -2937,7 +2944,10 @@ static int decodehex(const char *hexsig)
mprintf(LOGG_ERROR, "Decoding failed\n");
return -1;
}
(void)write(1, decoded, dlen);
bytes_written = write(1, decoded, dlen);
if (bytes_written != dlen) {
mprintf(LOGG_WARNING, "Failed to print all decoded bytes\n");
}
free(decoded);
}