Stowage/clamav
2
0
Fork 0
mirror of https://github.com/Cisco-Talos/clamav.git synced 2025-10-19 10:23:17 +00:00
Code Issues Projects Releases Packages Wiki Activity

Fix many warnings

Browse source
This commit is contained in:
Micah Snyder 2023-04-07 19:51:04 -07:00 committed by Micah Snyder
parent 7d66717f44
commit 38386349c5
30 changed files with 154 additions and 74 deletions
Download patch file Download diff file Expand all files Collapse all files

4
clamav-milter/clamav-milter.c
View file

@ -178,8 +178,8 @@ int main(int argc, char **argv)
char myname[255]; char myname[255];
if (((opt = optget(opts, "ReportHostname"))->enabled && if (((opt = optget(opts, "ReportHostname"))->enabled &&
strncpy(myname, opt->strarg, sizeof(myname))) || strncpy(myname, opt->strarg, sizeof(myname) - 1)) ||
!gethostname(myname, sizeof(myname))) { !gethostname(myname, sizeof(myname) - 1)) {
myname[sizeof(myname) - 1] = '\0'; myname[sizeof(myname) - 1] = '\0';
snprintf(xvirushdr, sizeof(xvirushdr), "clamav-milter %s at %s", snprintf(xvirushdr, sizeof(xvirushdr), "clamav-milter %s at %s",

2
clamav-milter/clamfi.c
View file

@ -61,7 +61,7 @@ static sfsistat (*InfectedAction)(SMFICTX *ctx);
static char *rejectfmt = NULL; static char *rejectfmt = NULL;
int addxvirus = 0; /* 0 - don't add | 1 - replace | 2 - add */ int addxvirus = 0; /* 0 - don't add | 1 - replace | 2 - add */
char xvirushdr[255]; char xvirushdr[300];
char *viraction = NULL; char *viraction = NULL;
int multircpt = 1; int multircpt = 1;

2
clamav-milter/clamfi.h
View file

@ -27,7 +27,7 @@
extern uint64_t maxfilesize; extern uint64_t maxfilesize;
extern int addxvirus; extern int addxvirus;
extern char xvirushdr[255]; extern char xvirushdr[300];
extern int multircpt; extern int multircpt;
sfsistat clamfi_body(SMFICTX *ctx, unsigned char *bodyp, size_t len); sfsistat clamfi_body(SMFICTX *ctx, unsigned char *bodyp, size_t len);

1
clamonacc/client/client.c
View file

@ -406,7 +406,6 @@ cl_error_t onas_setup_client(struct onas_context **ctx)
{ {
const struct optstruct *opts; const struct optstruct *opts;
const struct optstruct *opt;
cl_error_t err; cl_error_t err;
int remote; int remote;

10
examples/ex_cl_cvdunpack.c
View file

@ -41,22 +41,12 @@
*/ */
int main(int argc, char **argv) int main(int argc, char **argv)
{ {
int fd;
cl_error_t ret; cl_error_t ret;
const char *filename; const char *filename;
const char *destination_directory; const char *destination_directory;
bool dont_verify = false; bool dont_verify = false;
char dest_buff[1024];
unsigned long int size = 0;
unsigned int sigs = 0;
long double mb;
const char *virname;
struct cl_engine *engine;
struct cl_scan_options options;
switch (argc) { switch (argc) {
case 2: case 2:
filename = argv[1]; filename = argv[1];

5
examples/ex_file_inspection_callback.c
View file

@ -94,6 +94,9 @@ cl_error_t post_callback(
const char *virname, const char *virname,
void *context) // Could be used to retrieve / store contextual information for app void *context) // Could be used to retrieve / store contextual information for app
{ {
(void)fd;
(void)context;
printf("result: %d\n", result); printf("result: %d\n", result);
printf("virname: %s\n", virname); printf("virname: %s\n", virname);
printf("\n\n"); printf("\n\n");
@ -120,7 +123,7 @@ int main(int argc, char **argv)
long double mb; long double mb;
const char *virname; const char *virname;
const char *filename; const char *filename;
struct cl_engine *engine; struct cl_engine *engine = NULL;
struct cl_scan_options options; struct cl_scan_options options;
char database_filepath[256]; char database_filepath[256];
bool created_database = false; bool created_database = false;

2
examples/ex_prescan_callback.c
View file

@ -76,7 +76,7 @@ int main(int argc, char **argv)
long double mb; long double mb;
const char *virname; const char *virname;
const char *filename; const char *filename;
struct cl_engine *engine; struct cl_engine *engine = NULL;
struct cl_scan_options options; struct cl_scan_options options;
if (argc != 2) { if (argc != 2) {

2
libclamav/bytecode_api.c
View file

@ -2315,7 +2315,7 @@ int32_t cli_bcapi_json_get_string(struct cli_bc_ctx *ctx, int8_t *str, int32_t s
return str_len; return str_len;
} else { } else {
/* limit on len+1 */ /* limit on len+1 */
strncpy((char *)str, jstr, len); memcpy((char *)str, jstr, len);
str[len] = '\0'; str[len] = '\0';
return len + 1; return len + 1;
} }

38
libclamav/bytecode_vm.c
View file

@ -388,6 +388,8 @@ static always_inline struct stack_entry *pop_stack(struct stack *stack,
READ1(op1, BINOP(1)); \ READ1(op1, BINOP(1)); \
sop0 = op0; \ sop0 = op0; \
sop1 = op1; \ sop1 = op1; \
(void)sop0; \
(void)sop1; \
OP; \ OP; \
W0(inst->dest, res); \ W0(inst->dest, res); \
break; \ break; \
@ -399,6 +401,8 @@ static always_inline struct stack_entry *pop_stack(struct stack *stack,
READ8(op1, BINOP(1)); \ READ8(op1, BINOP(1)); \
sop0 = op0; \ sop0 = op0; \
sop1 = op1; \ sop1 = op1; \
(void)sop0; \
(void)sop1; \
OP; \ OP; \
W1(inst->dest, res); \ W1(inst->dest, res); \
break; \ break; \
@ -410,6 +414,8 @@ static always_inline struct stack_entry *pop_stack(struct stack *stack,
READ16(op1, BINOP(1)); \ READ16(op1, BINOP(1)); \
sop0 = op0; \ sop0 = op0; \
sop1 = op1; \ sop1 = op1; \
(void)sop0; \
(void)sop1; \
OP; \ OP; \
W2(inst->dest, res); \ W2(inst->dest, res); \
break; \ break; \
@ -421,6 +427,8 @@ static always_inline struct stack_entry *pop_stack(struct stack *stack,
READ32(op1, BINOP(1)); \ READ32(op1, BINOP(1)); \
sop0 = op0; \ sop0 = op0; \
sop1 = op1; \ sop1 = op1; \
(void)sop0; \
(void)sop1; \
OP; \ OP; \
W3(inst->dest, res); \ W3(inst->dest, res); \
break; \ break; \
@ -432,6 +440,8 @@ static always_inline struct stack_entry *pop_stack(struct stack *stack,
READ64(op1, BINOP(1)); \ READ64(op1, BINOP(1)); \
sop0 = op0; \ sop0 = op0; \
sop1 = op1; \ sop1 = op1; \
(void)sop0; \
(void)sop1; \
OP; \ OP; \
W4(inst->dest, res); \ W4(inst->dest, res); \
break; \ break; \
@ -534,6 +544,24 @@ static always_inline struct stack_entry *pop_stack(struct stack *stack,
break; \ break; \
} }
#define DEFINE_OP_BC_RET_VOID(OP, T) \
case OP: { \
operand_t ret; \
CHECK_GT(stack_depth, 0); \
stack_depth--; \
stack_entry = pop_stack(&stack, stack_entry, &func, &ret, &bb, \
&bb_inst); \
values = stack_entry ? stack_entry->values : ctx->values; \
CHECK_GT(func->numBytes, ret); \
if (!bb) { \
stop = CL_BREAK; \
continue; \
} \
stackid = ptr_register_stack(&ptrinfos, values, 0, func->numBytes) >> 32; \
inst = &bb->insts[bb_inst]; \
break; \
}
struct ptr_info { struct ptr_info {
uint8_t *base; uint8_t *base;
uint32_t size; uint32_t size;
@ -797,11 +825,11 @@ cl_error_t cli_vm_execute(const struct cli_bc *bc, struct cli_bc_ctx *ctx, const
DEFINE_OP_BC_RET_N(OP_BC_RET * 5 + 3, uint32_t, READ32, WRITE32); DEFINE_OP_BC_RET_N(OP_BC_RET * 5 + 3, uint32_t, READ32, WRITE32);
DEFINE_OP_BC_RET_N(OP_BC_RET * 5 + 4, uint64_t, READ64, WRITE64); DEFINE_OP_BC_RET_N(OP_BC_RET * 5 + 4, uint64_t, READ64, WRITE64);
DEFINE_OP_BC_RET_N(OP_BC_RET_VOID * 5, uint8_t, (void), (void)); DEFINE_OP_BC_RET_VOID(OP_BC_RET_VOID * 5, uint8_t);
DEFINE_OP_BC_RET_N(OP_BC_RET_VOID * 5 + 1, uint8_t, (void), (void)); DEFINE_OP_BC_RET_VOID(OP_BC_RET_VOID * 5 + 1, uint8_t);
DEFINE_OP_BC_RET_N(OP_BC_RET_VOID * 5 + 2, uint8_t, (void), (void)); DEFINE_OP_BC_RET_VOID(OP_BC_RET_VOID * 5 + 2, uint8_t);
DEFINE_OP_BC_RET_N(OP_BC_RET_VOID * 5 + 3, uint8_t, (void), (void)); DEFINE_OP_BC_RET_VOID(OP_BC_RET_VOID * 5 + 3, uint8_t);
DEFINE_OP_BC_RET_N(OP_BC_RET_VOID * 5 + 4, uint8_t, (void), (void)); DEFINE_OP_BC_RET_VOID(OP_BC_RET_VOID * 5 + 4, uint8_t);
DEFINE_ICMPOP(OP_BC_ICMP_EQ, res = (op0 == op1)); DEFINE_ICMPOP(OP_BC_ICMP_EQ, res = (op0 == op1));
DEFINE_ICMPOP(OP_BC_ICMP_NE, res = (op0 != op1)); DEFINE_ICMPOP(OP_BC_ICMP_NE, res = (op0 != op1));

6
libclamav/disasm.c
View file

@ -1316,9 +1316,11 @@ static const uint8_t *disasm_x86(const uint8_t *command, unsigned int len, struc
switch (x87_st[table][rm].args) { switch (x87_st[table][rm].args) {
case X87_S: case X87_S:
reversed = 1; reversed = 1;
/* fall-through */
case X87_R: case X87_R:
s->args[reversed ^ 1].access = ACCESS_REG; s->args[reversed ^ 1].access = ACCESS_REG;
s->args[reversed ^ 1].reg = X86_REG_ST0; s->args[reversed ^ 1].reg = X86_REG_ST0;
/* fall-through */
case X87_ONE: case X87_ONE:
s->args[reversed].access = ACCESS_REG; s->args[reversed].access = ACCESS_REG;
s->args[reversed].reg = X86_REG_ST0 + (rm & 7); s->args[reversed].reg = X86_REG_ST0 + (rm & 7);
@ -1453,6 +1455,7 @@ static const uint8_t *disasm_x86(const uint8_t *command, unsigned int len, struc
case ADDR_MRM_GEN_CR: case ADDR_MRM_GEN_CR:
case ADDR_MRM_GEN_DR: case ADDR_MRM_GEN_DR:
reversed = 1; reversed = 1;
/* fall-through */
case ADDR_MRM_GEN_EG: case ADDR_MRM_GEN_EG:
case ADDR_MRM_GEN_ES: case ADDR_MRM_GEN_ES:
@ -1500,8 +1503,10 @@ static const uint8_t *disasm_x86(const uint8_t *command, unsigned int len, struc
break; break;
case SIZE_WD: case SIZE_WD:
s->args[reversed].size += (s->opsize == 0); s->args[reversed].size += (s->opsize == 0);
/* fall-through */
case SIZE_WORD: case SIZE_WORD:
s->args[reversed].size++; s->args[reversed].size++;
/* fall-through */
case SIZE_BYTE: case SIZE_BYTE:
break; break;
default: default:
@ -1743,6 +1748,7 @@ const uint8_t *cli_disasm_one(const uint8_t *buff, unsigned int len,
break; break;
case ACCESS_REG: case ACCESS_REG:
w->arg[i][1] = s.args[i].reg; w->arg[i][1] = s.args[i].reg;
/* fall-through */
default: default:
cli_writeint32(&w->arg[i][2], s.args[i].arg.q); cli_writeint32(&w->arg[i][2], s.args[i].arg.q);
cli_writeint32(&w->arg[i][6], s.args[i].arg.q >> 32); cli_writeint32(&w->arg[i][6], s.args[i].arg.q >> 32);

25
libclamav/explode.c
View file

@ -198,8 +198,8 @@ int explode_init(struct xplstate *X, uint16_t flags)
} \ } \
} }
#define GETCODES(CASE, WHICH, HOWMANY) \ #define GETCODES(WHICH, HOWMANY) \
case CASE: { \ { \
if (!X->avail_in) return EXPLODE_EBUFF; \ if (!X->avail_in) return EXPLODE_EBUFF; \
if (!X->got) \ if (!X->got) \
need = *X->next_in; \ need = *X->next_in; \
@ -227,6 +227,7 @@ int explode_init(struct xplstate *X, uint16_t flags)
#define SETCASE(CASE) \ #define SETCASE(CASE) \
X->state = (CASE); \ X->state = (CASE); \
/* fall-through */ \
case (CASE): { /* FAKE */ \ case (CASE): { /* FAKE */ \
} }
@ -236,14 +237,19 @@ int explode(struct xplstate *X)
int temp = -1; int temp = -1;
switch (X->state) { switch (X->state) {
/* grab compressed coded literals, if present */ case GRABLITS: { /* grab compressed coded literals, if present */
GETCODES(GRABLITS, lit_tree, 256); GETCODES(lit_tree, 256);
/* grab compressed coded lens */ } /* fall-through */
GETCODES(GRABLENS, len_tree, 64);
/* grab compressed coded dists */
GETCODES(GRABDISTS, dist_tree, 64);
case EXPLODE: case GRABLENS: { /* grab compressed coded lens */
GETCODES(len_tree, 64);
} /* fall-through */
case GRABDISTS: { /* grab compressed coded dists */
GETCODES(dist_tree, 64);
} /* fall-through */
case EXPLODE: {
while (X->avail_in || X->bits) { while (X->avail_in || X->bits) {
GETBIT; /* can't fail */ GETBIT; /* can't fail */
if (val) { if (val) {
@ -315,6 +321,7 @@ int explode(struct xplstate *X)
} }
X->state = EXPLODE; X->state = EXPLODE;
} }
}
} }
return EXPLODE_EBUFF; return EXPLODE_EBUFF;
} }

2
libclamav/filtering.c
View file

@ -210,7 +210,7 @@ int filter_add_static(struct filter *m, const unsigned char *pattern, unsigned l
for (j = 0; (best < 100 && j < MAX_CHOICES) || (j < maxlen); j++) { for (j = 0; (best < 100 && j < MAX_CHOICES) || (j < maxlen); j++) {
uint32_t num = MAXSOPATLEN; uint32_t num = MAXSOPATLEN;
uint8_t k; uint8_t k;
if (j + 2 > len) if ((unsigned long)(j + 2) > len)
break; break;
for (k = j; k < len - 1 && (k - j < MAXSOPATLEN); k++) { for (k = j; k < len - 1 && (k - j < MAXSOPATLEN); k++) {
q = cli_readint16(&pattern[k]); q = cli_readint16(&pattern[k]);

4
libclamav/hwp.c
View file

@ -1525,7 +1525,7 @@ static inline cl_error_t parsehwp3_infoblk_1(cli_ctx *ctx, fmap_t *dmap, size_t
char field[HWP3_FIELD_LENGTH]; char field[HWP3_FIELD_LENGTH];
#endif #endif
#if HAVE_JSON #if HAVE_JSON
json_object *infoblk_1, *contents, *counter, *entry; json_object *infoblk_1, *contents = NULL, *counter, *entry = NULL;
#endif #endif
hwp3_debug("HWP3.x: Information Block @ offset %llu\n", infoloc); hwp3_debug("HWP3.x: Information Block @ offset %llu\n", infoloc);
@ -1757,7 +1757,7 @@ static cl_error_t hwp3_cb(void *cbdata, int fd, const char *filepath, cli_ctx *c
int i, p = 0, last = 0; int i, p = 0, last = 0;
uint16_t nstyles; uint16_t nstyles;
#if HAVE_JSON #if HAVE_JSON
json_object *fonts; json_object *fonts = NULL;
#endif #endif
UNUSEDPARAM(filepath); UNUSEDPARAM(filepath);

13
libclamav/inflate64.c
View file

@ -1,9 +1,9 @@
/* /*
* This file contains code from zlib library v.1.2.3 with modifications * This file contains code from zlib library v.1.2.3 with modifications
* by aCaB <acab@clamav.net> to allow decompression of deflate64 streams * by aCaB <acab@clamav.net> to allow decompression of deflate64 streams
* (aka zip method 9). The implementation is heavily inspired by InfoZip * (aka zip method 9). The implementation is heavily inspired by InfoZip
* and zlib's inf9back.c * and zlib's inf9back.c
* *
* Full copy of the original zlib license follows: * Full copy of the original zlib license follows:
*/ */
@ -439,11 +439,13 @@ int flush;
strm->adler = state->check = REVERSE(hold); strm->adler = state->check = REVERSE(hold);
INITBITS(); INITBITS();
state->mode = DICT; state->mode = DICT;
/* fall-through */
case DICT: case DICT:
RESTORE(); RESTORE();
return Z_NEED_DICT; return Z_NEED_DICT;
case TYPE: case TYPE:
if (flush == Z_BLOCK) goto inf_leave; if (flush == Z_BLOCK) goto inf_leave;
/* fall-through */
case TYPEDO: case TYPEDO:
if (state->last) { if (state->last) {
BYTEBITS(); BYTEBITS();
@ -487,6 +489,7 @@ int flush;
state->length)); state->length));
INITBITS(); INITBITS();
state->mode = COPY; state->mode = COPY;
/* fall-through */
case COPY: case COPY:
copy = state->length; copy = state->length;
if (copy) { if (copy) {
@ -611,6 +614,7 @@ int flush;
} }
Tracev((stderr, "inflate: codes ok\n")); Tracev((stderr, "inflate: codes ok\n"));
state->mode = LEN; state->mode = LEN;
/* fall-through */
case LEN: case LEN:
/* if (have >= 6 && left >= 258) { /* if (have >= 6 && left >= 258) {
RESTORE(); RESTORE();
@ -654,6 +658,7 @@ int flush;
} }
state->extra = (unsigned)(this.op) & 31; state->extra = (unsigned)(this.op) & 31;
state->mode = LENEXT; state->mode = LENEXT;
/* fall-through */
case LENEXT: case LENEXT:
if (state->extra) { if (state->extra) {
NEEDBITS(state->extra); NEEDBITS(state->extra);
@ -662,6 +667,7 @@ int flush;
} }
Tracevv((stderr, "inflate: length %u\n", state->length)); Tracevv((stderr, "inflate: length %u\n", state->length));
state->mode = DIST; state->mode = DIST;
/* fall-through */
case DIST: case DIST:
for (;;) { for (;;) {
this = state->distcode[BITS(state->distbits)]; this = state->distcode[BITS(state->distbits)];
@ -687,6 +693,7 @@ int flush;
state->offset = (unsigned)this.val; state->offset = (unsigned)this.val;
state->extra = (unsigned)(this.op) & 15; state->extra = (unsigned)(this.op) & 15;
state->mode = DISTEXT; state->mode = DISTEXT;
/* fall-through */
case DISTEXT: case DISTEXT:
if (state->extra) { if (state->extra) {
NEEDBITS(state->extra); NEEDBITS(state->extra);
@ -705,6 +712,7 @@ int flush;
} }
Tracevv((stderr, "inflate: distance %u\n", state->offset)); Tracevv((stderr, "inflate: distance %u\n", state->offset));
state->mode = MATCH; state->mode = MATCH;
/* fall-through */
case MATCH: case MATCH:
if (left == 0) goto inf_leave; if (left == 0) goto inf_leave;
copy = out - left; copy = out - left;
@ -755,6 +763,7 @@ int flush;
Tracev((stderr, "inflate: check matches trailer\n")); Tracev((stderr, "inflate: check matches trailer\n"));
} }
state->mode = DONE; state->mode = DONE;
/* fall-through */
case DONE: case DONE:
ret = Z_STREAM_END; ret = Z_STREAM_END;
goto inf_leave; goto inf_leave;

2
libclamav/jpeg.c
View file

@ -314,7 +314,7 @@ cl_error_t cli_parsejpeg(cli_ctx *ctx)
cl_error_t status = CL_SUCCESS; cl_error_t status = CL_SUCCESS;
fmap_t *map = NULL; fmap_t *map = NULL;
jpeg_marker_t marker, prev_marker, prev_segment = JPEG_MARKER_NOT_A_MARKER_0x00; jpeg_marker_t marker = JPEG_MARKER_NOT_A_MARKER_0x00, prev_marker, prev_segment = JPEG_MARKER_NOT_A_MARKER_0x00;
uint8_t buff[50]; /* 50 should be sufficient for now */ uint8_t buff[50]; /* 50 should be sufficient for now */
uint16_t len_u16; uint16_t len_u16;
unsigned int offset = 0, i, len, segment = 0; unsigned int offset = 0, i, len, segment = 0;

2
libclamav/libmspack.c
View file

@ -290,7 +290,7 @@ static void mspack_fmap_message(struct mspack_file *file, const char *fmt, ...)
memset(buff, 0, BUFSIZ); memset(buff, 0, BUFSIZ);
/* Add the prefix */ /* Add the prefix */
strncpy(buff, "LibClamAV debug: ", len); memcpy(buff, "LibClamAV debug: ", len);
va_start(args, fmt); va_start(args, fmt);
vsnprintf(buff + len, sizeof(buff) - len - 2, fmt, args); vsnprintf(buff + len, sizeof(buff) - len - 2, fmt, args);

3
libclamav/mew.c
View file

@ -340,7 +340,7 @@ int mew_lzma(char *orgsource, const char *buf, uint32_t size_sum, uint32_t vma,
uint32_t new_eax, new_edx, temp; uint32_t new_eax, new_edx, temp;
int i, mainloop; int i, mainloop;
char var1, var30; char var1;
const char *source = buf; const char *source = buf;
char *dest, *new_ebx; char *dest, *new_ebx;
const char *new_ecx, *var0C_ecxcopy; const char *new_ecx, *var0C_ecxcopy;
@ -621,7 +621,6 @@ int mew_lzma(char *orgsource, const char *buf, uint32_t size_sum, uint32_t vma,
t = *(var18 + new_eax); t = *(var18 + new_eax);
new_eax = (new_eax & 0xffffff00) | t; new_eax = (new_eax & 0xffffff00) | t;
var30 = t;
if (lzma_48635C(t, &new_ecx, &var40, &new_eax, orgsource, size_sum) == 0xffffffff) if (lzma_48635C(t, &new_ecx, &var40, &new_eax, orgsource, size_sum) == 0xffffffff)
return -1; return -1;
var20 = 0; var20 = 0;

18
libclamav/nsis/infblock.c
View file

@ -1,12 +1,12 @@
/* /*
* This file is a part of the zlib compression module for NSIS. * This file is a part of the zlib compression module for NSIS.
* *
* Copyright and license information can be found below. * Copyright and license information can be found below.
* Modifications Copyright (C) 1999-2007 Nullsoft and Contributors * Modifications Copyright (C) 1999-2007 Nullsoft and Contributors
* *
* The original zlib source code is available at * The original zlib source code is available at
* http://www.zlib.net/ * http://www.zlib.net/
* *
* This software is provided 'as-is', without any express or implied * This software is provided 'as-is', without any express or implied
* warranty. * warranty.
*/ */
@ -382,7 +382,7 @@ int ZEXPORT nsis_inflate(nsis_z_streamp z)
{ {
int _k; /* temporary variable */ int _k; /* temporary variable */
uInt f = 0; /* number of hufts used in fixed_mem */ uInt f = 0; /* number of hufts used in fixed_mem */
/* literal table */ /* literal table */
for (_k = 0; _k < 288; _k++) for (_k = 0; _k < 288; _k++)
{ {
@ -574,11 +574,14 @@ int ZEXPORT nsis_inflate(nsis_z_streamp z)
#define f (_state.f) #define f (_state.f)
/* waiting for "i:"=input, "o:"=output, "x:"=nothing */ /* waiting for "i:"=input, "o:"=output, "x:"=nothing */
/* fall-through */
case CODES_START: /* x: set up for LEN */ case CODES_START: /* x: set up for LEN */
c->sub.code.need = c->lbits; c->sub.code.need = c->lbits;
c->sub.code.tree = c->ltree; c->sub.code.tree = c->ltree;
s->mode = CODES_LEN; s->mode = CODES_LEN;
/* fall-through */
case CODES_LEN: /* i: get length/literal/eob next */ case CODES_LEN: /* i: get length/literal/eob next */
t = c->sub.code.need; t = c->sub.code.need;
NEEDBITS(t) NEEDBITS(t)
@ -618,6 +621,8 @@ int ZEXPORT nsis_inflate(nsis_z_streamp z)
c->sub.code.need = c->dbits; c->sub.code.need = c->dbits;
c->sub.code.tree = c->dtree; c->sub.code.tree = c->dtree;
s->mode = CODES_DIST; s->mode = CODES_DIST;
/* fall-through */
case CODES_DIST: /* i: get distance next */ case CODES_DIST: /* i: get distance next */
t = c->sub.code.need; t = c->sub.code.need;
NEEDBITS(t) NEEDBITS(t)
@ -644,6 +649,8 @@ int ZEXPORT nsis_inflate(nsis_z_streamp z)
c->sub.copy.dist += (uInt)b & (uInt)inflate_mask[t]; c->sub.copy.dist += (uInt)b & (uInt)inflate_mask[t];
DUMPBITS(t) DUMPBITS(t)
s->mode = CODES_COPY; s->mode = CODES_COPY;
/* fall-through */
case CODES_COPY: /* o: copying bytes in window, waiting for space */ case CODES_COPY: /* o: copying bytes in window, waiting for space */
f = (uInt)(q - s->window) < c->sub.copy.dist ? f = (uInt)(q - s->window) < c->sub.copy.dist ?
s->end - (c->sub.copy.dist - (q - s->window)) : s->end - (c->sub.copy.dist - (q - s->window)) :
@ -665,7 +672,7 @@ int ZEXPORT nsis_inflate(nsis_z_streamp z)
s->mode = CODES_START; s->mode = CODES_START;
break; break;
case CODES_WASH: /* o: got eob, possibly more output */ case CODES_WASH: /* o: got eob, possibly more output */
if (k > 7) /* return unused byte, if any */ if (k > 7)
{ {
k -= 8; k -= 8;
n++; n++;
@ -676,6 +683,7 @@ int ZEXPORT nsis_inflate(nsis_z_streamp z)
#undef j #undef j
#undef e #undef e
#undef f #undef f
/* fall-through */
case DRY: case DRY:
FLUSH FLUSH

12
libclamav/pe.c
View file

@ -3440,7 +3440,7 @@ int cli_scanpe(cli_ctx *ctx)
) || ) ||
( /* upack 1.1/1.2, based on 2 samples */ ( /* upack 1.1/1.2, based on 2 samples */
epbuff[0] == '\xbe' && cli_readint32(epbuff + 1) - EC32(peinfo->pe_opt.opt32.ImageBase) < peinfo->min && /* mov esi */ epbuff[0] == '\xbe' && cli_readint32(epbuff + 1) - EC32(peinfo->pe_opt.opt32.ImageBase) < peinfo->min && /* mov esi */
cli_readint32(epbuff + 1) > EC32(peinfo->pe_opt.opt32.ImageBase) && cli_readint32(epbuff + 1) > (int32_t)EC32(peinfo->pe_opt.opt32.ImageBase) &&
epbuff[5] == '\xad' && epbuff[6] == '\x8b' && epbuff[7] == '\xf8' /* loads; mov edi, eax */ epbuff[5] == '\xad' && epbuff[6] == '\x8b' && epbuff[7] == '\xf8' /* loads; mov edi, eax */
)))) { )))) {
uint32_t vma, off; uint32_t vma, off;
@ -4508,7 +4508,7 @@ cl_error_t cli_peheader(fmap_t *map, struct cli_exe_info *peinfo, uint32_t opts,
uint32_t stored_opt_hdr_size; uint32_t stored_opt_hdr_size;
struct pe_image_file_hdr *file_hdr; struct pe_image_file_hdr *file_hdr;
struct pe_image_optional_hdr32 *opt32; struct pe_image_optional_hdr32 *opt32;
struct pe_image_optional_hdr64 *opt64; struct pe_image_optional_hdr64 *opt64 = NULL;
struct pe_image_section_hdr *section_hdrs = NULL; struct pe_image_section_hdr *section_hdrs = NULL;
size_t i, j, section_pe_idx; size_t i, j, section_pe_idx;
unsigned int err; unsigned int err;
@ -4811,7 +4811,7 @@ cl_error_t cli_peheader(fmap_t *map, struct cli_exe_info *peinfo, uint32_t opts,
goto done; goto done;
} }
if (fmap_readn(map, (void *)(((size_t) & (peinfo->pe_opt.opt64)) + sizeof(struct pe_image_optional_hdr32)), at, OPT_HDR_SIZE_DIFF) != OPT_HDR_SIZE_DIFF) { if (fmap_readn(map, (void *)((size_t)&peinfo->pe_opt.opt64 + sizeof(struct pe_image_optional_hdr32)), at, OPT_HDR_SIZE_DIFF) != OPT_HDR_SIZE_DIFF) {
cli_dbgmsg("cli_peheader: Can't read additional optional file header bytes\n"); cli_dbgmsg("cli_peheader: Can't read additional optional file header bytes\n");
ret = CL_EFORMAT; ret = CL_EFORMAT;
goto done; goto done;
@ -4932,10 +4932,10 @@ cl_error_t cli_peheader(fmap_t *map, struct cli_exe_info *peinfo, uint32_t opts,
#endif #endif
} }
salign = (peinfo->is_pe32plus) ? EC32(opt64->SectionAlignment) : EC32(opt32->SectionAlignment); salign = (peinfo->is_pe32plus && opt64 != NULL) ? EC32(opt64->SectionAlignment) : EC32(opt32->SectionAlignment);
falign = (peinfo->is_pe32plus) ? EC32(opt64->FileAlignment) : EC32(opt32->FileAlignment); falign = (peinfo->is_pe32plus && opt64 != NULL) ? EC32(opt64->FileAlignment) : EC32(opt32->FileAlignment);
switch (peinfo->is_pe32plus ? EC16(opt64->Subsystem) : EC16(opt32->Subsystem)) { switch ((peinfo->is_pe32plus && opt64 != NULL) ? EC16(opt64->Subsystem) : EC16(opt32->Subsystem)) {
case 0: case 0:
subsystem = "Unknown"; subsystem = "Unknown";
break; break;

2
libclamav/phishcheck.c
View file

@ -264,7 +264,7 @@ static int string_assign_concatenated(struct string* dest, const char* prefix, c
cli_errmsg("Phishcheck: Unable to allocate memory for string_assign_concatenated\n"); cli_errmsg("Phishcheck: Unable to allocate memory for string_assign_concatenated\n");
return CL_EMEM; return CL_EMEM;
} }
strncpy(ret, prefix, prefix_len); strncpy(ret, prefix, prefix_len + end - begin + 1);
strncpy(ret + prefix_len, begin, end - begin); strncpy(ret + prefix_len, begin, end - begin);
ret[prefix_len + end - begin] = '\0'; ret[prefix_len + end - begin] = '\0';
string_free(dest); string_free(dest);

15
libclamav/readdb.c
View file

@ -1193,6 +1193,7 @@ static int cli_chkpua(const char *signame, const char *pua_cats, unsigned int op
{ {
char cat[32], *cat_pt, *pt1, *pt2, *endsig; char cat[32], *cat_pt, *pt1, *pt2, *endsig;
const char *sig; const char *sig;
size_t catlen;
int ret; int ret;
cli_dbgmsg("cli_chkpua: Checking signature [%s]\n", signame); cli_dbgmsg("cli_chkpua: Checking signature [%s]\n", signame);
@ -1219,9 +1220,15 @@ static int cli_chkpua(const char *signame, const char *pua_cats, unsigned int op
} }
endsig = strrchr(sig, '.'); endsig = strrchr(sig, '.');
strncpy(cat, sig, strlen(sig) - strlen(endsig) + 1);
cat[strlen(sig) - strlen(endsig) + 1] = 0; catlen = MIN(sizeof(cat), strlen(sig) - strlen(endsig));
cat_pt = strstr(cat, pua_cats);
memcpy(cat, sig, catlen + 1);
// Add null terminator.
cat[catlen + 1] = '\0';
cat_pt = strstr(cat, pua_cats);
cli_dbgmsg("cli_chkpua: cat=[%s]\n", cat); cli_dbgmsg("cli_chkpua: cat=[%s]\n", cat);
cli_dbgmsg("cli_chkpua: sig=[%s]\n", sig); cli_dbgmsg("cli_chkpua: sig=[%s]\n", sig);
if (options & CL_DB_PUA_INCLUDE) if (options & CL_DB_PUA_INCLUDE)
@ -2736,7 +2743,7 @@ static int cli_loadign(FILE *fs, struct cl_engine *engine, unsigned int options,
int pad = 3 - len; int pad = 3 - len;
/* patch-up for Boyer-Moore minimum length of 3: pad with spaces */ /* patch-up for Boyer-Moore minimum length of 3: pad with spaces */
if (signame != buffer) { if (signame != buffer) {
strncpy(buffer, signame, len); memcpy(buffer, signame, len);
signame = buffer; signame = buffer;
} }
buffer[3] = '\0'; buffer[3] = '\0';

9
libclamav/rebuildpe.c
View file

@ -174,7 +174,14 @@ int cli_rebuildpe_align(char *buffer, struct cli_exe_section *sections, int sect
} }
for (i = 0; i < sects; i++) { for (i = 0; i < sects; i++) {
snprintf(curpe, 8, ".clam%.2d", i + 1); int snprintf_ret;
snprintf_ret = snprintf(curpe, 8, ".clam%.2d", i + 1);
if (snprintf_ret < 0) {
// More sections than expect -- the section number in the name was trunctated. Whatever. Don't really care.
// The act of checking for an error stops GCC from warning about possible truncation at compile time.
// See: https://stackoverflow.com/questions/51534284/how-to-circumvent-format-truncation-warning-in-gcc
cli_dbgmsg("More sections than expect (%d). The section number in the rebuilt pe section name was trunctated.\n", i);
}
if (!align) { if (!align) {
cli_writeint32(curpe + 8, sections[i].vsz); cli_writeint32(curpe + 8, sections[i].vsz);
cli_writeint32(curpe + 12, sections[i].rva); cli_writeint32(curpe + 12, sections[i].rva);

4
libclamav/regex_list.c
View file

@ -206,7 +206,7 @@ cl_error_t regex_list_match(struct regex_matcher *matcher, char *real_url, const
return CL_EMEM; return CL_EMEM;
} }
strncpy(buffer, real_url, real_len); strncpy(buffer, real_url, buffer_len);
buffer[real_len] = (!is_allow_list_lookup && hostOnly) ? '/' : ':'; buffer[real_len] = (!is_allow_list_lookup && hostOnly) ? '/' : ':';
/* /*
@ -215,7 +215,7 @@ cl_error_t regex_list_match(struct regex_matcher *matcher, char *real_url, const
*/ */
if (!hostOnly || is_allow_list_lookup) { if (!hostOnly || is_allow_list_lookup) {
/* For all other PDB and WDB signatures concatenate Real:Displayed. */ /* For all other PDB and WDB signatures concatenate Real:Displayed. */
strncpy(buffer + real_len + 1, display_url, display_len); strncpy(buffer + real_len + 1, display_url, buffer_len - real_len);
} }
buffer[buffer_len - 1] = '/'; buffer[buffer_len - 1] = '/';
buffer[buffer_len] = 0; buffer[buffer_len] = 0;

2
libclamav/rtf.c
View file

@ -156,7 +156,6 @@ static int compare_state(const struct rtf_state* a, const struct rtf_state* b)
static int push_state(struct stack* stack, struct rtf_state* state) static int push_state(struct stack* stack, struct rtf_state* state)
{ {
int toplevel; int toplevel;
size_t defelements;
stack->elements++; stack->elements++;
if (compare_state(state, &base_state)) { if (compare_state(state, &base_state)) {
@ -175,7 +174,6 @@ static int push_state(struct stack* stack, struct rtf_state* state)
} }
stack->states[stack->stack_cnt++] = *state; stack->states[stack->stack_cnt++] = *state;
toplevel = state->encounteredTopLevel; toplevel = state->encounteredTopLevel;
defelements = state->default_elements;
*state = base_state; *state = base_state;

2
libclamav/spin.c
View file

@ -72,8 +72,10 @@ static char exec86(uint8_t aelle, uint8_t cielle, char *curremu, int *retval)
switch (opcode) { switch (opcode) {
case 0xeb: case 0xeb:
len++; len++;
/* fall-through */
case 0x0a: case 0x0a:
len++; len++;
/* fall-through */
case 0x90: case 0x90:
case 0xf8: case 0xf8:
case 0xf9: case 0xf9:

9
libclamav/stats.c
View file

@ -572,12 +572,13 @@ char *clamav_stats_get_hostid(void *cbdata)
#else #else
char *clamav_stats_get_hostid(void *cbdata) char *clamav_stats_get_hostid(void *cbdata)
{ {
char *sysctls[] = {
"kern.hostuuid",
NULL};
size_t bufsz, i;
char *buf; char *buf;
#if HAVE_SYSCTLBYNAME
char *sysctls[] = {"kern.hostuuid", NULL};
size_t bufsz, i;
#endif
UNUSEDPARAM(cbdata); UNUSEDPARAM(cbdata);
#if HAVE_SYSCTLBYNAME #if HAVE_SYSCTLBYNAME

4
libclamav/textnorm.c
View file

@ -96,6 +96,10 @@ size_t text_normalize_buffer(struct text_norm_state *state, const unsigned char
const unsigned char *out_end = state->out + state->out_len; const unsigned char *out_end = state->out + state->out_len;
unsigned char *p = state->out + state->out_pos; unsigned char *p = state->out + state->out_pos;
if (NULL == buf) {
return 0;
}
for (i = 0; i < buf_len && p < out_end; i++) { for (i = 0; i < buf_len && p < out_end; i++) {
unsigned char c = buf[i]; unsigned char c = buf[i];
switch (char_action[c]) { switch (char_action[c]) {

2
libclamav/unarj.c
View file

@ -972,7 +972,7 @@ done:
static cl_error_t arj_read_file_header(arj_metadata_t *metadata) static cl_error_t arj_read_file_header(arj_metadata_t *metadata)
{ {
uint16_t header_size, count; uint16_t header_size, count;
const char *filename, *comment; const char *filename = NULL, *comment = NULL;
arj_file_hdr_t file_hdr; arj_file_hdr_t file_hdr;
struct text_norm_state fnstate, comstate; struct text_norm_state fnstate, comstate;
unsigned char *fnnorm = NULL; unsigned char *fnnorm = NULL;

2
libclamav/wwunpack.c
View file

@ -150,9 +150,11 @@ cl_error_t wwunpack(uint8_t *exe, uint32_t exesz, uint8_t *wwsect, struct cli_ex
switch (bits) { switch (bits) {
case 4: /* 10,11 */ case 4: /* 10,11 */
backbytes++; backbytes++;
/* fall-through */
case 3: /* 8,9 */ case 3: /* 8,9 */
BIT; BIT;
backbytes += bits; backbytes += bits;
/* fall-through */
case 0: case 0:
case 1: case 1:
case 2: /* 5,6,7 */ case 2: /* 5,6,7 */

24
sigtool/sigtool.c
View file

@ -758,7 +758,7 @@ static int writeinfo(const char *dbname, const char *builder, const char *header
{ {
FILE *fh; FILE *fh;
unsigned int i, bytes; unsigned int i, bytes;
char file[32], *pt, dbfile[32]; char file[4096], *pt, dbfile[4096];
unsigned char digest[32], buffer[FILEBUFF]; unsigned char digest[32], buffer[FILEBUFF];
void *ctx; void *ctx;
@ -863,7 +863,7 @@ static int build(const struct optstruct *opts)
STATBUF foo; STATBUF foo;
unsigned char buffer[FILEBUFF]; unsigned char buffer[FILEBUFF];
char *tarfile, header[513], smbuff[32], builder[33], *pt, olddb[512]; char *tarfile, header[513], smbuff[32], builder[33], *pt, olddb[512];
char patch[50], broken[57], dbname[32], dbfile[36]; char patch[50], broken[57], dbname[32], dbfile[4096];
const char *newcvd, *localdbdir = NULL; const char *newcvd, *localdbdir = NULL;
struct cl_engine *engine; struct cl_engine *engine;
FILE *cvd, *fh; FILE *cvd, *fh;
@ -2718,12 +2718,13 @@ static int decodehex(const char *hexsig)
int asterisk = 0; int asterisk = 0;
unsigned int i, j, hexlen, dlen, parts = 0; unsigned int i, j, hexlen, dlen, parts = 0;
int mindist = 0, maxdist = 0, error = 0; int mindist = 0, maxdist = 0, error = 0;
ssize_t bytes_written;
hexlen = strlen(hexsig); hexlen = strlen(hexsig);
if ((wild = strchr(hexsig, '/'))) { if ((wild = strchr(hexsig, '/'))) {
/* ^offset:trigger-logic/regex/options$ */ /* ^offset:trigger-logic/regex/options$ */
char *trigger, *regex, *regex_end, *cflags; char *trigger, *regex, *regex_end, *cflags;
size_t tlen = wild - hexsig, rlen, clen; size_t tlen = wild - hexsig, rlen = 0, clen;
/* check for trigger */ /* check for trigger */
if (!tlen) { if (!tlen) {
@ -2788,7 +2789,7 @@ static int decodehex(const char *hexsig)
/* print components of regex subsig */ /* print components of regex subsig */
mprintf(LOGG_INFO, " +-> TRIGGER: %s\n", trigger); mprintf(LOGG_INFO, " +-> TRIGGER: %s\n", trigger);
mprintf(LOGG_INFO, " +-> REGEX: %s\n", regex); mprintf(LOGG_INFO, " +-> REGEX: %s\n", regex);
mprintf(LOGG_INFO, " +-> CFLAGS: %s\n", cflags); mprintf(LOGG_INFO, " +-> CFLAGS: %s\n", cflags != NULL ? cflags : "null");
free(trigger); free(trigger);
free(regex); free(regex);
@ -2844,7 +2845,10 @@ static int decodehex(const char *hexsig)
free(hexcpy); free(hexcpy);
return -1; return -1;
} }
(void)write(1, decoded, dlen); bytes_written = write(1, decoded, dlen);
if (bytes_written != dlen) {
mprintf(LOGG_WARNING, "Failed to print all decoded bytes\n");
}
free(decoded); free(decoded);
if (i == parts) if (i == parts)
@ -2925,7 +2929,10 @@ static int decodehex(const char *hexsig)
free(pt); free(pt);
return -1; return -1;
} }
(void)write(1, decoded, dlen); bytes_written = write(1, decoded, dlen);
if (bytes_written != dlen) {
mprintf(LOGG_WARNING, "Failed to print all decoded bytes\n");
}
free(decoded); free(decoded);
if (i < parts) if (i < parts)
mprintf(LOGG_INFO, "{WILDCARD_ANY_STRING}"); mprintf(LOGG_INFO, "{WILDCARD_ANY_STRING}");
@ -2937,7 +2944,10 @@ static int decodehex(const char *hexsig)
mprintf(LOGG_ERROR, "Decoding failed\n"); mprintf(LOGG_ERROR, "Decoding failed\n");
return -1; return -1;
} }
(void)write(1, decoded, dlen); bytes_written = write(1, decoded, dlen);
if (bytes_written != dlen) {
mprintf(LOGG_WARNING, "Failed to print all decoded bytes\n");
}
free(decoded); free(decoded);
} }