Stowage/clamav
2
0
Fork 0
mirror of https://github.com/Cisco-Talos/clamav.git synced 2025-10-19 18:33:16 +00:00
Code Issues Projects Releases Packages Wiki Activity

Added .clang-format style rules, clam-format script to automate formatting of ClamAV code, and preparing select files so that clang-format does not alter carefully formatted sections.

Browse source
This commit is contained in:
Micah Snyder 2018-12-03 12:37:58 -05:00
parent 5ba88cab51
commit 38fe8b69a0
46 changed files with 957 additions and 678 deletions
Download patch file Download diff file Expand all files Collapse all files

117
.clang-format Normal file
View file

@ -0,0 +1,117 @@
---
Language: Cpp
AccessModifierOffset: -2
AlignAfterOpenBracket: Align
AlignConsecutiveAssignments: true
AlignConsecutiveDeclarations: false
AlignEscapedNewlines: Left
AlignOperands: true
AlignTrailingComments: true
AllowAllParametersOfDeclarationOnNextLine: true
AllowShortBlocksOnASingleLine: false
AllowShortCaseLabelsOnASingleLine: false
AllowShortFunctionsOnASingleLine: Empty
AllowShortIfStatementsOnASingleLine: true
AllowShortLoopsOnASingleLine: true
AlwaysBreakAfterDefinitionReturnType: None
AlwaysBreakAfterReturnType: None
AlwaysBreakBeforeMultilineStrings: false
AlwaysBreakTemplateDeclarations: MultiLine
BinPackArguments: true
BinPackParameters: true
BraceWrapping:
AfterClass: true
AfterControlStatement: false
AfterEnum: false
AfterFunction: true
AfterNamespace: true
AfterObjCDeclaration: false
AfterStruct: false
AfterUnion: false
AfterExternBlock: false
BeforeCatch: false
BeforeElse: false
IndentBraces: false
SplitEmptyFunction: true
SplitEmptyRecord: true
SplitEmptyNamespace: true
BreakBeforeBinaryOperators: None
BreakBeforeBraces: Linux
BreakBeforeInheritanceComma: false
BreakInheritanceList: BeforeColon
BreakBeforeTernaryOperators: true
BreakConstructorInitializersBeforeComma: false
BreakConstructorInitializers: BeforeColon
BreakAfterJavaFieldAnnotations: false
BreakStringLiterals: true
ColumnLimit: 0
CommentPragmas: '^ IWYU pragma:'
CompactNamespaces: false
ConstructorInitializerAllOnOneLineOrOnePerLine: false
ConstructorInitializerIndentWidth: 4
ContinuationIndentWidth: 4
Cpp11BracedListStyle: true
DerivePointerAlignment: true
DisableFormat: false
ExperimentalAutoDetectBinPacking: false
FixNamespaceComments: true
ForEachMacros:
- foreach
- Q_FOREACH
- BOOST_FOREACH
IncludeBlocks: Preserve
IncludeCategories:
- Regex: '^"(llvm|llvm-c|clang|clang-c)/'
Priority: 2
- Regex: '^(<|"(gtest|gmock|isl|json)/)'
Priority: 3
- Regex: '.*'
Priority: 1
IncludeIsMainRegex: '(Test)?$'
IndentCaseLabels: true
IndentPPDirectives: None
IndentWidth: 4
IndentWrappedFunctionNames: false
JavaScriptQuotes: Leave
JavaScriptWrapImports: true
KeepEmptyLinesAtTheStartOfBlocks: true
MacroBlockBegin: ''
MacroBlockEnd: ''
MaxEmptyLinesToKeep: 1
NamespaceIndentation: None
ObjCBinPackProtocolList: Auto
ObjCBlockIndentWidth: 2
ObjCSpaceAfterProperty: false
ObjCSpaceBeforeProtocolList: true
PenaltyBreakAssignment: 2
PenaltyBreakBeforeFirstCallParameter: 19
PenaltyBreakComment: 300
PenaltyBreakFirstLessLess: 120
PenaltyBreakString: 1000
PenaltyBreakTemplateDeclaration: 10
PenaltyExcessCharacter: 1000000
PenaltyReturnTypeOnItsOwnLine: 60
PointerAlignment: Right
ReflowComments: true
SortIncludes: false
SortUsingDeclarations: true
SpaceAfterCStyleCast: false
SpaceAfterTemplateKeyword: true
SpaceBeforeAssignmentOperators: true
SpaceBeforeCpp11BracedList: false
SpaceBeforeCtorInitializerColon: true
SpaceBeforeInheritanceColon: true
SpaceBeforeParens: ControlStatements
SpaceBeforeRangeBasedForLoopColon: true
SpaceInEmptyParentheses: false
SpacesBeforeTrailingComments: 1
SpacesInAngles: false
SpacesInContainerLiterals: true
SpacesInCStyleCastParentheses: false
SpacesInParentheses: false
SpacesInSquareBrackets: false
Standard: Cpp11
TabWidth: 8
UseTab: Never
...

73
clam-format Executable file
View file

@ -0,0 +1,73 @@
#!/bin/bash
clang-format -style='{ Language: Cpp, UseTab: Never, IndentWidth: 4, AlignTrailingComments: true, AlignConsecutiveAssignments: true, AlignAfterOpenBracket: true, AlignEscapedNewlines: Left, AlignOperands: true, AllowShortFunctionsOnASingleLine: Empty, AllowShortIfStatementsOnASingleLine: true, AllowShortLoopsOnASingleLine: true, BreakBeforeBraces: Linux, BreakBeforeTernaryOperators: true, ColumnLimit: 0, FixNamespaceComments: true, SortIncludes: false, MaxEmptyLinesToKeep: 1, SpaceBeforeParens: ControlStatements, IndentCaseLabels: true, DerivePointerAlignment: true }' -dump-config > .clang-format
clang-format -i -verbose clamav-milter/*.c
clang-format -i -verbose clamav-milter/*.h
clang-format -i -verbose clambc/*.c
clang-format -i -verbose clambc/*.h
clang-format -i -verbose clamconf/*.c
clang-format -i -verbose clamconf/*.h
clang-format -i -verbose clamd/*.c
clang-format -i -verbose clamd/*.h
clang-format -i -verbose clamdscan/*.c
clang-format -i -verbose clamdscan/*.h
clang-format -i -verbose clamdtop/*.c
clang-format -i -verbose clamdtop/*.h
clang-format -i -verbose clamscan/*.c
clang-format -i -verbose clamscan/*.h
clang-format -i -verbose clamsubmit/*.c
clang-format -i -verbose clamsubmit/*.h
clang-format -i -verbose examples/*.c
clang-format -i -verbose examples/*.h
clang-format -i -verbose examples/fileprop_analysis/*.c
clang-format -i -verbose examples/fileprop_analysis/old/*.c
clang-format -i -verbose freshclam/*.c
clang-format -i -verbose freshclam/*.h
clang-format -i -verbose libclamav/*.c
clang-format -i -verbose libclamav/*.h
clang-format -i -verbose libclamav/jsparse/*.c
clang-format -i -verbose libclamav/jsparse/*.h
clang-format -i -verbose libclamav/lzw/*.c
clang-format -i -verbose libclamav/lzw/*.h
clang-format -i -verbose libclamav/nsis/nulsft.*
clang-format -i -verbose libclamunrar_iface/*.c
clang-format -i -verbose libclamunrar_iface/*.h
clang-format -i -verbose libfreshclam/*.c
clang-format -i -verbose libfreshclam/*.h
clang-format -i -verbose shared/*.c
clang-format -i -verbose shared/*.h
clang-format -i -verbose sigtool/*.c
clang-format -i -verbose sigtool/*.h
clang-format -i -verbose unit_tests/*.c
clang-format -i -verbose unit_tests/*.h
clang-format -i -verbose win32/compat/*.c
clang-format -i -verbose win32/compat/*.h
clang-format -i -verbose win32/*.h
# Undo changes to specific files (whitelist)
git checkout clamd/fts.c
git checkout clamd/priv_fts.h
git checkout libclamav/iana_cctld.h
git checkout libclamav/bytecode_api_decl.c
git checkout libclamav/bytecode_api_impl.h
git checkout libclamav/bytecode_hooks.h
git checkout libclamav/rijndael.c
git checkout libclamav/rijndael.h
git checkout libclamav/yara_lexer.c
git checkout libclamav/yara_grammar.c
git checkout libclamav/yara_grammar.h
git checkout libclamav/yara_exec.c
git checkout libclamav/yara_exec.h
git checkout libclamav/yara_compiler.h
git checkout libclamav/yara_compiler.h
git checkout libclamav/yara_parser.h
git checkout libclamav/yara_hash.c
git checkout libclamav/yara_hash.h
git checkout libclamav/yara_arena.c
git checkout libclamav/yara_arena.h
git checkout libclamav/inffixed64.h
git checkout libclamav/inflate64.h
git checkout libclamav/inflate64.c
git checkout libclamav/inflate64_priv.h
git checkout shared/queue.h

2
clamav-milter/clamfi.c
View file

@ -446,7 +446,7 @@ sfsistat clamfi_eom(SMFICTX *ctx) {
} else if(pid > 0) {
int wret;
pthread_mutex_unlock(&virusaction_lock);
while((wret = waitpid(pid, &ret, 0)) == -1 && errno == EINTR);
while ((wret = waitpid(pid, &ret, 0)) == -1 && errno == EINTR) continue;
if(wret<0)
logg("!VirusEvent: waitpid() failed: %s\n", cli_strerror(errno, er, sizeof(er)));
else {

2
clamd/others.c
View file

@ -175,7 +175,7 @@ virusaction (const char *filename, const char *virname,
else if (pid > 0)
{ /* parent */
pthread_mutex_unlock (&virusaction_lock);
while (waitpid (pid, NULL, 0) == -1 && errno == EINTR);
while (waitpid (pid, NULL, 0) == -1 && errno == EINTR) continue;
}
else
{

2
clamdscan/proto.c
View file

@ -669,7 +669,7 @@ int parallel_client_scan(char *file, int scantype, int *infected, int *err, int
}
sendln(cdata.sockd, "zEND", 5);
while(cdata.ids && !dspresult(&cdata));
while (cdata.ids && !dspresult(&cdata)) continue;
closesocket(cdata.sockd);
*infected += cdata.infected;

2
clamscan/manager.c
View file

@ -860,7 +860,7 @@ int scanmanager(const struct optstruct *opts)
}
if((ret = cl_engine_compile(engine)) != 0) {
logg("!Database initialization error: %s\n", cl_strerror(ret));;
logg("!Database initialization error: %s\n", cl_strerror(ret));
cl_engine_free(engine);
return 2;

2
clamsubmit/clamsubmit.c
View file

@ -440,7 +440,7 @@ int main(int argc, char *argv[])
}
curl_easy_setopt(clam_curl, CURLOPT_COOKIE, str);
free(str);
curl_formadd(&post, &last, CURLFORM_COPYNAME, "utf8", CURLFORM_COPYCONTENTS, "\x27" "\x13", CURLFORM_END);
curl_formadd(&post, &last, CURLFORM_COPYNAME, "utf8", CURLFORM_COPYCONTENTS, "\x27\x13", CURLFORM_END);
curl_formadd(&post, &last, CURLFORM_COPYNAME, "authenticity_token", CURLFORM_COPYCONTENTS, authenticity_token, CURLFORM_END);
curl_formadd(&post, &last, CURLFORM_COPYNAME, "submissionID", CURLFORM_COPYCONTENTS, submissionID, CURLFORM_END);
curl_formadd(&post, &last, CURLFORM_COPYNAME, "type", CURLFORM_COPYCONTENTS, malware?"malware":"fp", CURLFORM_END);

2
examples/ex1.c
View file

@ -82,7 +82,7 @@ int main(int argc, char **argv)
/* build engine */
if((ret = cl_engine_compile(engine)) != CL_SUCCESS) {
printf("Database initialization error: %s\n", cl_strerror(ret));;
printf("Database initialization error: %s\n", cl_strerror(ret));
cl_engine_free(engine);
close(fd);
return 2;

10
freshclam/freshclam.c
View file

@ -187,7 +187,7 @@ static int
download (const struct optstruct *opts, const char *cfgfile)
{
time_t currtime;
int ret = 0, try = 1, maxattempts = 0;
int ret = 0, attempt = 1, maxattempts = 0;
const struct optstruct *opt;
time(&currtime);
@ -207,17 +207,17 @@ download (const struct optstruct *opts, const char *cfgfile)
{
while (opt)
{
ret = downloadmanager (opts, opt->strarg, try);
ret = downloadmanager (opts, opt->strarg, attempt);
#ifndef _WIN32
alarm (0);
#endif
if (ret == FCE_CONNECTION || ret == FCE_BADCVD
|| ret == FCE_FAILEDGET || ret == FCE_MIRRORNOTSYNC)
{
if (try < maxattempts)
if (attempt < maxattempts)
{
logg ("Trying again in 5 secs...\n");
try++;
attempt++;
sleep (5);
continue;
}
@ -229,7 +229,7 @@ download (const struct optstruct *opts, const char *cfgfile)
{
logg ("Update failed. Your network may be down or none of the mirrors listed in %s is working. Check https://www.clamav.net/documents/official-mirror-faq for possible reasons.\n", cfgfile);
}
try = 1;
attempt = 1;
}
}

2
freshclam/manager.c
View file

@ -1597,7 +1597,7 @@ test_database_wrap (const char *file, const char *newdb, int bytecode)
}
fclose (f);
while ((ret = waitpid (pid, &status, 0)) == -1 && errno == EINTR);
while ((ret = waitpid (pid, &status, 0)) == -1 && errno == EINTR) continue;
if (ret == -1 && errno != ECHILD)
logg ("^waitpid() failed: %s\n", strerror (errno));
cli_chomp (firstline);

6
freshclam/nonblock.c
View file

@ -48,9 +48,9 @@
#ifndef timercmp
#define timercmp(a, b, cmp) \
(((a)->tv_sec == (b)->tv_sec) ? \
((a)->tv_usec cmp (b)->tv_usec) : \
((a)->tv_sec cmp (b)->tv_sec))
(((a)->tv_sec == (b)->tv_sec) \
? ((a)->tv_usec cmp (b)->tv_usec) \
: ((a)->tv_sec cmp (b)->tv_sec))
#endif /* timercmp */
#ifndef timersub

4
libclamav/apm.c
View file

@ -204,7 +204,7 @@ int cli_scanapm(cli_ctx *ctx)
!strncmp((char*)apentry.type, "Apple_Driver_ATAPI", 32) ||
!strncmp((char*)apentry.type, "Apple_Patches", 32)) {
partsize = apentry.pBlockCount * 2048;;
partsize = apentry.pBlockCount * 2048;
}
}
@ -281,7 +281,7 @@ static int apm_prtn_intxn(cli_ctx *ctx, struct apm_partition_info *aptable, size
!strncmp((char*)apentry.type, "Apple_Driver_ATAPI", 32) ||
!strncmp((char*)apentry.type, "Apple_Patches", 32)) {
apentry.pBlockCount = apentry.pBlockCount * 4;;
apentry.pBlockCount = apentry.pBlockCount * 4;
}
}

2
libclamav/asn1.c
View file

@ -2170,7 +2170,7 @@ int asn1_load_mscat(fmap_t *map, struct cl_engine *engine) {
}
if(!engine->hm_fp) {
if(!(engine->hm_fp = mpool_calloc(engine->mempool, 1, sizeof(*db)))) {
tag.size = 1;;
tag.size = 1;
return 1;
}
#ifdef USE_MPOOL

2
libclamav/binhex.c
View file

@ -34,6 +34,7 @@
#include "binhex.h"
// clang-format off
static const uint8_t hqxtbl[] = {
/* 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f */
/* 00-0f */ 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
@ -45,6 +46,7 @@ static const uint8_t hqxtbl[] = {
/* 60-6f */ 0x30,0x31,0x32,0x33,0x34,0x35,0x36,0xff,0x37,0x38,0x39,0x3a,0x3b,0x3c,0xff,0xff,
/* 70-7f */ 0x3d,0x3e,0x3f,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff
};
// clang-format on
#define BH_FLUSH_SZ (BUFSIZ - 256)

3
libclamav/builtin_bytecodes.h
View file

@ -30,7 +30,8 @@
* fallback.
* Usually bytecode.cvd will contain this bytecode */
static const char* builtin_bc_startup = "ClamBCafhhbfkjmld|afefdfggifnf```aa```|biacflfafmfbfcfmb`cnbacacmbachcccmbgfbfcc`ccchcbfdf``bgcaap`clamcoincidencejb:4096\n"
static const char* builtin_bc_startup =
"ClamBCafhhbfkjmld|afefdfggifnf```aa```|biacflfafmfbfcfmb`cnbacacmbachcccmbgfbfcc`ccchcbfdf``bgcaap`clamcoincidencejb:4096\n"
"\n"
"Teddaaahdabahdacahdadahdaeahdafahdagahebfgebidebegebdgebgdebkdebcgebbgebageb`gebofebnfebmfebedeblfebkfebjfebadcbgab`bb`bb`bb`bb`bb`bb`bbifbifbifbifbifbifbifahahahahahahahahahebneebifaaaaaaaab`baabb`bb`baacb`bbadb`baacb`bboeb`baacb`bb`bb`baadb`bbadb`bb`baadb`bbadbadb`bdbadahdbkaahdbbcahdbibahdb`eahdbddahdbodahdbdaahdaiahdakahdamahdahahdbncahdbnbah\n"
"Ebjdaibcdbbf|bcaefnfgfifnfefoedfcfofnfffoelfeffgeflf``bbdbbf|bkaefnfgfifnfefoeffegnfcfdgifofnfaflfifdgigoelfeffgeflf``agbcf|baadfefbfeggfoe`gbgifnfdgoeegifnfdg``bcabcf|afdgefcgdgbc``afbdf|b`adfefbfeggfoe`gbgifnfdgoecgdgbg``bhdbef|b`agfefdgoeefnffgifbgofnfmfefnfdg``aabff|afdgefcgdgac``bidbgf|bdadfifcgafbflfefoebfigdgefcfofdfefoeifff``bjdbgf|aodfifcgafbflfefoejfifdgoeifff``\n"

13
libclamav/bytecode_api.h
View file

@ -80,25 +80,23 @@ enum BytecodeKind {
enum FunctionalityLevels {
FUNC_LEVEL_096 = 51, /* LibClamAV release 0.96.0: bytecode engine released */
FUNC_LEVEL_096_dev = 52,
FUNC_LEVEL_096_1 = 53, /* LibClamAV release 0.96.1: logical signature use of VI/macros
* requires this minimum functionality level */
FUNC_LEVEL_096_1 = 53, /* LibClamAV release 0.96.1: logical signature use of VI/macros requires this minimum functionality level */
FUNC_LEVEL_096_1_dev = 54,
FUNC_LEVEL_096_2 = 54, /* LibClamAV release 0.96.2: PDF Hooks require this minimum level */
FUNC_LEVEL_096_2_dev = 55,
FUNC_LEVEL_096_3 = 55, /* LibClamAV release 0.96.3: BC_PE_ALL bytecodes require this minimum level */
FUNC_LEVEL_096_4 = 56, /* LibClamAV release 0.96.4: minimum recommended engine version, older versions
* have quadratic load time */
FUNC_LEVEL_096_4 = 56, /* LibClamAV release 0.96.4: minimum recommended engine version, older versions have quadratic load time */
FUNC_LEVEL_096_5 = 58, /* LibClamAV release 0.96.5 */
FUNC_LEVEL_097 = 60, /* LibClamAV release 0.97.0: older bytecodes may incorrectly use 57 */
FUNC_LEVEL_097_1 = 61, /* LibClamAV release 0.97.1 */
FUNC_LEVEL_097_2 = 62, /* LibClamAV release 0.97.2 */
FUNC_LEVEL_097_3 = 63, /* LibClamAV release 0.97.3 */ /*last bcc changes as former team resigns*/
FUNC_LEVEL_097_3 = 63, /* LibClamAV release 0.97.3: last bcc changes as former team resigns*/
FUNC_LEVEL_097_4 = 64, /* LibClamAV release 0.97.4 */
FUNC_LEVEL_097_5 = 65, /* LibClamAV release 0.97.5 */
FUNC_LEVEL_097_6 = 67, /* LibClamAV release 0.97.6 */
FUNC_LEVEL_097_7 = 68, /* LibClamAV release 0.97.7 */
FUNC_LEVEL_097_8 = 69, /* LibClamAV release 0.97.8 */
FUNC_LEVEL_098_1 = 76, /* LibClamAV release 0.98.1 */ /*last syncing to clamav*/
FUNC_LEVEL_098_1 = 76, /* LibClamAV release 0.98.1: last syncing to clamav*/
FUNC_LEVEL_098_2 = 77, /* LibClamAV release 0.98.2 */
FUNC_LEVEL_098_3 = 77, /* LibClamAV release 0.98.3 */
FUNC_LEVEL_098_4 = 77, /* LibClamAV release 0.98.4 */
@ -209,6 +207,7 @@ enum bc_json_type {
\group_engine
* Scan option flag values for engine_scan_options(). *DEPRECATED*
*/
// clang-format off
#define CL_SCAN_RAW 0x0
#define CL_SCAN_ARCHIVE 0x1
#define CL_SCAN_MAIL 0x2
@ -242,7 +241,7 @@ enum bc_json_type {
//#define UNUSED 0x20000000
#define CL_SCAN_PERFORMANCE_INFO 0x40000000 /* Collect performance timings */
#define CL_SCAN_INTERNAL_COLLECT_SHA 0x80000000 /* Enables hash output in sha-collect builds - for internal use only */
// clang-format on
#ifdef __CLAMBC__

2
libclamav/bytecode_vm.c
View file

@ -706,12 +706,14 @@ int cli_vm_execute(const struct cli_bc *bc, struct cli_bc_ctx *ctx, const struct
DEFINE_BINOP(OP_BC_OR, res = op0 | op1);
DEFINE_BINOP(OP_BC_XOR, res = op0 ^ op1);
// clang-format off
DEFINE_SCASTOP(OP_BC_SEXT,
CHOOSE(READ1(sres, inst->u.cast.source); res = sres ? ~0 : 0,
READ8(sres, inst->u.cast.source); res=sres=SIGNEXT(sres, inst->u.cast.mask),
READ16(sres, inst->u.cast.source); res=sres=SIGNEXT(sres, inst->u.cast.mask),
READ32(sres, inst->u.cast.source); res=sres=SIGNEXT(sres, inst->u.cast.mask),
READ64(sres, inst->u.cast.source); res=sres=SIGNEXT(sres, inst->u.cast.mask)));
// clang-format on
DEFINE_CASTOP(OP_BC_ZEXT,
CHOOSE(READ1(res, inst->u.cast.source),
READ8(res, inst->u.cast.source),

13
libclamav/clamav.h
View file

@ -123,6 +123,7 @@ typedef enum cl_error_t {
} cl_error_t;
/* db options */
// clang-format off
#define CL_DB_PHISHING 0x2
#define CL_DB_PHISHING_URLS 0x8
#define CL_DB_PUA 0x10
@ -195,9 +196,9 @@ struct cl_scan_options {
#define CL_SCAN_DEV_COLLECT_PERFORMANCE_INFO 0x2 /* collect performance timings */
/* cl_countsigs options */
#define CL_COUNTSIGS_OFFICIAL 0x1
#define CL_COUNTSIGS_UNOFFICIAL 0x2
#define CL_COUNTSIGS_ALL (CL_COUNTSIGS_OFFICIAL | CL_COUNTSIGS_UNOFFICIAL)
#define CL_COUNTSIGS_OFFICIAL 0x1
#define CL_COUNTSIGS_UNOFFICIAL 0x2
#define CL_COUNTSIGS_ALL (CL_COUNTSIGS_OFFICIAL | CL_COUNTSIGS_UNOFFICIAL)
/* For the new engine_options bit field in the engine */
#define ENGINE_OPTIONS_NONE 0x0
@ -206,6 +207,7 @@ struct cl_scan_options {
#define ENGINE_OPTIONS_DISABLE_PE_STATS 0x4
#define ENGINE_OPTIONS_DISABLE_PE_CERTS 0x8
#define ENGINE_OPTIONS_PE_DUMPCERTS 0x10
// clang-format on
struct cl_engine;
struct cl_settings;
@ -269,7 +271,7 @@ extern struct cl_engine *cl_engine_new(void);
enum cl_engine_field {
CL_ENGINE_MAX_SCANSIZE, /* uint64_t */
CL_ENGINE_MAX_FILESIZE, /* uint64_t */
CL_ENGINE_MAX_RECURSION, /* uint32_t */
CL_ENGINE_MAX_RECURSION, /* uint32_t */
CL_ENGINE_MAX_FILES, /* uint32_t */
CL_ENGINE_MIN_CC_COUNT, /* uint32_t */
CL_ENGINE_MIN_SSN_COUNT, /* uint32_t */
@ -315,8 +317,7 @@ enum bytecode_mode {
CL_BYTECODE_MODE_AUTO=0, /* JIT if possible, fallback to interpreter */
CL_BYTECODE_MODE_JIT, /* force JIT */
CL_BYTECODE_MODE_INTERPRETER, /* force interpreter */
CL_BYTECODE_MODE_TEST, /* both JIT and interpreter, compare results,
all failures are fatal */
CL_BYTECODE_MODE_TEST, /* both JIT and interpreter, compare results, all failures are fatal */
CL_BYTECODE_MODE_OFF /* for query only, not settable */
};

150
libclamav/dconf.h
View file

@ -45,94 +45,96 @@ struct cli_dconf {
uint32_t pcre;
};
// clang-format off
/* PE flags */
#define PE_CONF_PARITE 0x1
#define PE_CONF_KRIZ 0x2
#define PE_CONF_MAGISTR 0x4
#define PE_CONF_POLIPOS 0x8
#define PE_CONF_MD5SECT 0x10
#define PE_CONF_UPX 0x20
#define PE_CONF_FSG 0x40
#define PE_CONF_SWIZZOR 0x80
#define PE_CONF_PETITE 0x100
#define PE_CONF_PESPIN 0x200
#define PE_CONF_YC 0x400
#define PE_CONF_WWPACK 0x800
#define PE_CONF_NSPACK 0x1000
#define PE_CONF_MEW 0x2000
#define PE_CONF_UPACK 0x4000
#define PE_CONF_ASPACK 0x8000
#define PE_CONF_CATALOG 0x10000
#define PE_CONF_CERTS 0x20000
#define PE_CONF_MATCHICON 0x40000
#define PE_CONF_IMPTBL 0x80000
#define PE_CONF_PARITE 0x1
#define PE_CONF_KRIZ 0x2
#define PE_CONF_MAGISTR 0x4
#define PE_CONF_POLIPOS 0x8
#define PE_CONF_MD5SECT 0x10
#define PE_CONF_UPX 0x20
#define PE_CONF_FSG 0x40
#define PE_CONF_SWIZZOR 0x80
#define PE_CONF_PETITE 0x100
#define PE_CONF_PESPIN 0x200
#define PE_CONF_YC 0x400
#define PE_CONF_WWPACK 0x800
#define PE_CONF_NSPACK 0x1000
#define PE_CONF_MEW 0x2000
#define PE_CONF_UPACK 0x4000
#define PE_CONF_ASPACK 0x8000
#define PE_CONF_CATALOG 0x10000
#define PE_CONF_CERTS 0x20000
#define PE_CONF_MATCHICON 0x40000
#define PE_CONF_IMPTBL 0x80000
/* Archive flags */
#define ARCH_CONF_RAR 0x1
#define ARCH_CONF_ZIP 0x2
#define ARCH_CONF_GZ 0x4
#define ARCH_CONF_BZ 0x8
#define ARCH_CONF_SZDD 0x10
#define ARCH_CONF_CAB 0x20
#define ARCH_CONF_CHM 0x40
#define ARCH_CONF_OLE2 0x80
#define ARCH_CONF_TAR 0x100
#define ARCH_CONF_BINHEX 0x200
#define ARCH_CONF_SIS 0x400
#define ARCH_CONF_NSIS 0x800
#define ARCH_CONF_ARJ 0x1000
#define ARCH_CONF_AUTOIT 0x2000
#define ARCH_CONF_CPIO 0x4000
#define ARCH_CONF_ISHIELD 0x8000
#define ARCH_CONF_7Z 0x10000
#define ARCH_CONF_ISO9660 0x20000
#define ARCH_CONF_DMG 0x40000
#define ARCH_CONF_XAR 0x80000
#define ARCH_CONF_HFSPLUS 0x100000
#define ARCH_CONF_XZ 0x200000
#define ARCH_CONF_PASSWD 0x400000
#define ARCH_CONF_MBR 0x800000
#define ARCH_CONF_GPT 0x1000000
#define ARCH_CONF_APM 0x2000000
#define ARCH_CONF_RAR 0x1
#define ARCH_CONF_ZIP 0x2
#define ARCH_CONF_GZ 0x4
#define ARCH_CONF_BZ 0x8
#define ARCH_CONF_SZDD 0x10
#define ARCH_CONF_CAB 0x20
#define ARCH_CONF_CHM 0x40
#define ARCH_CONF_OLE2 0x80
#define ARCH_CONF_TAR 0x100
#define ARCH_CONF_BINHEX 0x200
#define ARCH_CONF_SIS 0x400
#define ARCH_CONF_NSIS 0x800
#define ARCH_CONF_ARJ 0x1000
#define ARCH_CONF_AUTOIT 0x2000
#define ARCH_CONF_CPIO 0x4000
#define ARCH_CONF_ISHIELD 0x8000
#define ARCH_CONF_7Z 0x10000
#define ARCH_CONF_ISO9660 0x20000
#define ARCH_CONF_DMG 0x40000
#define ARCH_CONF_XAR 0x80000
#define ARCH_CONF_HFSPLUS 0x100000
#define ARCH_CONF_XZ 0x200000
#define ARCH_CONF_PASSWD 0x400000
#define ARCH_CONF_MBR 0x800000
#define ARCH_CONF_GPT 0x1000000
#define ARCH_CONF_APM 0x2000000
/* Document flags */
#define DOC_CONF_HTML 0x1
#define DOC_CONF_RTF 0x2
#define DOC_CONF_PDF 0x4
#define DOC_CONF_SCRIPT 0x8
#define DOC_CONF_HTML_SKIPRAW 0x10
#define DOC_CONF_JSNORM 0x20
#define DOC_CONF_SWF 0x40
#define DOC_CONF_MSXML 0x80
#define DOC_CONF_OOXML 0x100
#define DOC_CONF_HWP 0x200
#define DOC_CONF_HTML 0x1
#define DOC_CONF_RTF 0x2
#define DOC_CONF_PDF 0x4
#define DOC_CONF_SCRIPT 0x8
#define DOC_CONF_HTML_SKIPRAW 0x10
#define DOC_CONF_JSNORM 0x20
#define DOC_CONF_SWF 0x40
#define DOC_CONF_MSXML 0x80
#define DOC_CONF_OOXML 0x100
#define DOC_CONF_HWP 0x200
/* Mail flags */
#define MAIL_CONF_MBOX 0x1
#define MAIL_CONF_TNEF 0x2
#define MAIL_CONF_MBOX 0x1
#define MAIL_CONF_TNEF 0x2
/* Other flags */
#define OTHER_CONF_UUENC 0x1
#define OTHER_CONF_SCRENC 0x2
#define OTHER_CONF_RIFF 0x4
#define OTHER_CONF_JPEG 0x8
#define OTHER_CONF_CRYPTFF 0x10
#define OTHER_CONF_DLP 0x20
#define OTHER_CONF_MYDOOMLOG 0x40
#define OTHER_CONF_UUENC 0x1
#define OTHER_CONF_SCRENC 0x2
#define OTHER_CONF_RIFF 0x4
#define OTHER_CONF_JPEG 0x8
#define OTHER_CONF_CRYPTFF 0x10
#define OTHER_CONF_DLP 0x20
#define OTHER_CONF_MYDOOMLOG 0x40
#define OTHER_CONF_PREFILTERING 0x80
#define OTHER_CONF_PDFNAMEOBJ 0x100
#define OTHER_CONF_PRTNINTXN 0x200
#define OTHER_CONF_LZW 0x400
#define OTHER_CONF_PDFNAMEOBJ 0x100
#define OTHER_CONF_PRTNINTXN 0x200
#define OTHER_CONF_LZW 0x400
/* Phishing flags */
#define PHISHING_CONF_ENGINE 0x1
#define PHISHING_CONF_ENTCONV 0x2
#define PHISHING_CONF_ENGINE 0x1
#define PHISHING_CONF_ENTCONV 0x2
/* Bytecode flags */
#define BYTECODE_INTERPRETER 0x1
#define BYTECODE_JIT_X86 0x2
#define BYTECODE_JIT_PPC 0x4
#define BYTECODE_JIT_ARM 0x8
#define BYTECODE_JIT_X86 0x2
#define BYTECODE_JIT_PPC 0x4
#define BYTECODE_JIT_ARM 0x8
/* Stats/Intel flags */
#define DCONF_STATS_DISABLED 0x1
@ -143,6 +145,8 @@ struct cli_dconf {
#define PCRE_CONF_OPTIONS 0x2
#define PCRE_CONF_GLOBAL 0x4
// clang-format on
#define BYTECODE_ENGINE_MASK (BYTECODE_INTERPRETER | BYTECODE_JIT_X86 | BYTECODE_JIT_PPC | BYTECODE_JIT_ARM)
#ifdef USE_MPOOL

50
libclamav/default.h
View file

@ -22,35 +22,39 @@
#ifndef __DEFAULT_H
#define __DEFAULT_H
#define CLI_DEFAULT_AC_MINDEPTH 2
#define CLI_DEFAULT_AC_MAXDEPTH 3
#define CLI_DEFAULT_AC_TRACKLEN 8
// clang-format off
#define CLI_DEFAULT_LSIG_BUFSIZE 32768
#define CLI_DEFAULT_DBIO_BUFSIZE CLI_DEFAULT_LSIG_BUFSIZE + 1
#define CLI_DEFAULT_AC_MINDEPTH 2
#define CLI_DEFAULT_AC_MAXDEPTH 3
#define CLI_DEFAULT_AC_TRACKLEN 8
#define CLI_DEFAULT_BM_OFFMODE_FSIZE 262144
#define CLI_DEFAULT_LSIG_BUFSIZE 32768
#define CLI_DEFAULT_DBIO_BUFSIZE CLI_DEFAULT_LSIG_BUFSIZE + 1
#define CLI_DEFAULT_MAXSCANSIZE 104857600
#define CLI_DEFAULT_MAXFILESIZE 26214400
#define CLI_DEFAULT_MAXRECLEVEL 16
#define CLI_DEFAULT_MAXFILES 10000
#define CLI_DEFAULT_MIN_CC_COUNT 3
#define CLI_DEFAULT_MIN_SSN_COUNT 3
#define CLI_DEFAULT_BM_OFFMODE_FSIZE 262144
#define CLI_DEFAULT_MAXEMBEDDEDPE 10485760
#define CLI_DEFAULT_MAXHTMLNORMALIZE 10485760
#define CLI_DEFAULT_MAXHTMLNOTAGS 2097152
#define CLI_DEFAULT_MAXSCRIPTNORMALIZE 5242880
#define CLI_DEFAULT_MAXZIPTYPERCG 1048576
#define CLI_DEFAULT_MAXICONSPE 100
#define CLI_DEFAULT_MAXRECHWP3 16
#define CLI_DEFAULT_MAXSCANSIZE 104857600
#define CLI_DEFAULT_MAXFILESIZE 26214400
#define CLI_DEFAULT_MAXRECLEVEL 16
#define CLI_DEFAULT_MAXFILES 10000
#define CLI_DEFAULT_MIN_CC_COUNT 3
#define CLI_DEFAULT_MIN_SSN_COUNT 3
#define CLI_DEFAULT_MAXPARTITIONS 50
#define CLI_DEFAULT_MAXEMBEDDEDPE 10485760
#define CLI_DEFAULT_MAXHTMLNORMALIZE 10485760
#define CLI_DEFAULT_MAXHTMLNOTAGS 2097152
#define CLI_DEFAULT_MAXSCRIPTNORMALIZE 5242880
#define CLI_DEFAULT_MAXZIPTYPERCG 1048576
#define CLI_DEFAULT_MAXICONSPE 100
#define CLI_DEFAULT_MAXRECHWP3 16
#define CLI_DEFAULT_MAXPARTITIONS 50
/* TODO - set better defaults */
#define CLI_DEFAULT_PCRE_MATCH_LIMIT 100000
#define CLI_DEFAULT_PCRE_RECMATCH_LIMIT 2000
#define CLI_DEFAULT_PCRE_MAX_FILESIZE 26214400
#define CLI_DEFAULT_PCRE_MATCH_LIMIT 100000
#define CLI_DEFAULT_PCRE_RECMATCH_LIMIT 2000
#define CLI_DEFAULT_PCRE_MAX_FILESIZE 26214400
// clang-format on
#endif

3
libclamav/disasm.c
View file

@ -34,6 +34,8 @@
#include "disasm.h"
#include "clamav.h"
// clang-format off
enum ADDRS {
ADDR_REG_EAX,
ADDR_REG_ECX,
@ -1176,6 +1178,7 @@ static const struct OPCODES x86ops[2][256] = {{
}};
// clang-format on
static const char *dis_size[] = {"byte", "word", "dword", "fword", "qword", "tword", "acab"};

157
libclamav/filetypes.c
View file

@ -50,87 +50,89 @@
#define UNZIP_PRIVATE
#include "unzip.h"
// clang-format off
static const struct ftmap_s {
const char *name;
cli_file_t code;
} ftmap[] = {
{ "CL_TYPE_TEXT_ASCII", CL_TYPE_TEXT_ASCII },
{ "CL_TYPE_TEXT_UTF8", CL_TYPE_TEXT_UTF8 },
{ "CL_TYPE_TEXT_UTF16LE", CL_TYPE_TEXT_UTF16LE },
{ "CL_TYPE_TEXT_UTF16BE", CL_TYPE_TEXT_UTF16BE },
{ "CL_TYPE_BINARY_DATA", CL_TYPE_BINARY_DATA },
{ "CL_TYPE_IGNORED", CL_TYPE_IGNORED },
{ "CL_TYPE_ANY", CL_TYPE_ANY },
{ "CL_TYPE_MSEXE", CL_TYPE_MSEXE },
{ "CL_TYPE_ELF", CL_TYPE_ELF },
{ "CL_TYPE_MACHO", CL_TYPE_MACHO },
{ "CL_TYPE_MACHO_UNIBIN", CL_TYPE_MACHO_UNIBIN },
{ "CL_TYPE_POSIX_TAR", CL_TYPE_POSIX_TAR },
{ "CL_TYPE_OLD_TAR", CL_TYPE_OLD_TAR },
{ "CL_TYPE_CPIO_OLD", CL_TYPE_CPIO_OLD },
{ "CL_TYPE_CPIO_ODC", CL_TYPE_CPIO_ODC },
{ "CL_TYPE_CPIO_NEWC", CL_TYPE_CPIO_NEWC },
{ "CL_TYPE_CPIO_CRC", CL_TYPE_CPIO_CRC },
{ "CL_TYPE_GZ", CL_TYPE_GZ },
{ "CL_TYPE_ZIP", CL_TYPE_ZIP },
{ "CL_TYPE_BZ", CL_TYPE_BZ },
{ "CL_TYPE_RAR", CL_TYPE_RAR },
{ "CL_TYPE_ARJ", CL_TYPE_ARJ },
{ "CL_TYPE_MSSZDD", CL_TYPE_MSSZDD },
{ "CL_TYPE_MSOLE2", CL_TYPE_MSOLE2 },
{ "CL_TYPE_MSCAB", CL_TYPE_MSCAB },
{ "CL_TYPE_MSCHM", CL_TYPE_MSCHM },
{ "CL_TYPE_SIS", CL_TYPE_SIS },
{ "CL_TYPE_SCRENC", CL_TYPE_SCRENC },
{ "CL_TYPE_GRAPHICS", CL_TYPE_GRAPHICS },
{ "CL_TYPE_RIFF", CL_TYPE_RIFF },
{ "CL_TYPE_BINHEX", CL_TYPE_BINHEX },
{ "CL_TYPE_TNEF", CL_TYPE_TNEF },
{ "CL_TYPE_CRYPTFF", CL_TYPE_CRYPTFF },
{ "CL_TYPE_PDF", CL_TYPE_PDF },
{ "CL_TYPE_UUENCODED", CL_TYPE_UUENCODED },
{ "CL_TYPE_HTML_UTF16", CL_TYPE_HTML_UTF16 },
{ "CL_TYPE_SCRIPT", CL_TYPE_SCRIPT },
{ "CL_TYPE_RTF", CL_TYPE_RTF },
{ "CL_TYPE_HTML", CL_TYPE_HTML },
{ "CL_TYPE_MAIL", CL_TYPE_MAIL },
{ "CL_TYPE_SFX", CL_TYPE_SFX },
{ "CL_TYPE_ZIPSFX", CL_TYPE_ZIPSFX },
{ "CL_TYPE_RARSFX", CL_TYPE_RARSFX },
{ "CL_TYPE_CABSFX", CL_TYPE_CABSFX },
{ "CL_TYPE_ARJSFX", CL_TYPE_ARJSFX },
{ "CL_TYPE_NULSFT", CL_TYPE_NULSFT },
{ "CL_TYPE_AUTOIT", CL_TYPE_AUTOIT },
{ "CL_TYPE_ISHIELD_MSI", CL_TYPE_ISHIELD_MSI },
{ "CL_TYPE_7Z", CL_TYPE_7Z },
{ "CL_TYPE_7ZSFX", CL_TYPE_7ZSFX },
{ "CL_TYPE_SWF", CL_TYPE_SWF },
{ "CL_TYPE_ISO9660", CL_TYPE_ISO9660 },
{ "CL_TYPE_JAVA", CL_TYPE_JAVA },
{ "CL_TYPE_DMG", CL_TYPE_DMG },
{ "CL_TYPE_MBR", CL_TYPE_MBR },
{ "CL_TYPE_GPT", CL_TYPE_GPT },
{ "CL_TYPE_APM", CL_TYPE_APM },
{ "CL_TYPE_XAR", CL_TYPE_XAR },
{ "CL_TYPE_PART_ANY", CL_TYPE_PART_ANY },
{ "CL_TYPE_PART_HFSPLUS", CL_TYPE_PART_HFSPLUS },
{ "CL_TYPE_XZ", CL_TYPE_XZ },
{ "CL_TYPE_OOXML_WORD", CL_TYPE_OOXML_WORD },
{ "CL_TYPE_OOXML_PPT", CL_TYPE_OOXML_PPT },
{ "CL_TYPE_OOXML_XL", CL_TYPE_OOXML_XL },
{ "CL_TYPE_INTERNAL", CL_TYPE_INTERNAL },
{ "CL_TYPE_XDP", CL_TYPE_XDP },
{ "CL_TYPE_XML_WORD", CL_TYPE_XML_WORD },
{ "CL_TYPE_XML_XL", CL_TYPE_XML_XL },
{ "CL_TYPE_HWP3", CL_TYPE_HWP3 },
{ "CL_TYPE_XML_HWP", CL_TYPE_XML_HWP },
{ "CL_TYPE_HWPOLE2", CL_TYPE_HWPOLE2 },
{ "CL_TYPE_OOXML_HWP", CL_TYPE_OOXML_HWP },
{ "CL_TYPE_PS", CL_TYPE_PS },
{ "CL_TYPE_MHTML", CL_TYPE_MHTML },
{ "CL_TYPE_LNK", CL_TYPE_LNK },
{ NULL, CL_TYPE_IGNORED }
{ "CL_TYPE_TEXT_ASCII", CL_TYPE_TEXT_ASCII },
{ "CL_TYPE_TEXT_UTF8", CL_TYPE_TEXT_UTF8 },
{ "CL_TYPE_TEXT_UTF16LE", CL_TYPE_TEXT_UTF16LE },
{ "CL_TYPE_TEXT_UTF16BE", CL_TYPE_TEXT_UTF16BE },
{ "CL_TYPE_BINARY_DATA", CL_TYPE_BINARY_DATA },
{ "CL_TYPE_IGNORED", CL_TYPE_IGNORED },
{ "CL_TYPE_ANY", CL_TYPE_ANY },
{ "CL_TYPE_MSEXE", CL_TYPE_MSEXE },
{ "CL_TYPE_ELF", CL_TYPE_ELF },
{ "CL_TYPE_MACHO", CL_TYPE_MACHO },
{ "CL_TYPE_MACHO_UNIBIN", CL_TYPE_MACHO_UNIBIN },
{ "CL_TYPE_POSIX_TAR", CL_TYPE_POSIX_TAR },
{ "CL_TYPE_OLD_TAR", CL_TYPE_OLD_TAR },
{ "CL_TYPE_CPIO_OLD", CL_TYPE_CPIO_OLD },
{ "CL_TYPE_CPIO_ODC", CL_TYPE_CPIO_ODC },
{ "CL_TYPE_CPIO_NEWC", CL_TYPE_CPIO_NEWC },
{ "CL_TYPE_CPIO_CRC", CL_TYPE_CPIO_CRC },
{ "CL_TYPE_GZ", CL_TYPE_GZ },
{ "CL_TYPE_ZIP", CL_TYPE_ZIP },
{ "CL_TYPE_BZ", CL_TYPE_BZ },
{ "CL_TYPE_RAR", CL_TYPE_RAR },
{ "CL_TYPE_ARJ", CL_TYPE_ARJ },
{ "CL_TYPE_MSSZDD", CL_TYPE_MSSZDD },
{ "CL_TYPE_MSOLE2", CL_TYPE_MSOLE2 },
{ "CL_TYPE_MSCAB", CL_TYPE_MSCAB },
{ "CL_TYPE_MSCHM", CL_TYPE_MSCHM },
{ "CL_TYPE_SIS", CL_TYPE_SIS },
{ "CL_TYPE_SCRENC", CL_TYPE_SCRENC },
{ "CL_TYPE_GRAPHICS", CL_TYPE_GRAPHICS },
{ "CL_TYPE_RIFF", CL_TYPE_RIFF },
{ "CL_TYPE_BINHEX", CL_TYPE_BINHEX },
{ "CL_TYPE_TNEF", CL_TYPE_TNEF },
{ "CL_TYPE_CRYPTFF", CL_TYPE_CRYPTFF },
{ "CL_TYPE_PDF", CL_TYPE_PDF },
{ "CL_TYPE_UUENCODED", CL_TYPE_UUENCODED },
{ "CL_TYPE_HTML_UTF16", CL_TYPE_HTML_UTF16 },
{ "CL_TYPE_SCRIPT", CL_TYPE_SCRIPT },
{ "CL_TYPE_RTF", CL_TYPE_RTF },
{ "CL_TYPE_HTML", CL_TYPE_HTML },
{ "CL_TYPE_MAIL", CL_TYPE_MAIL },
{ "CL_TYPE_SFX", CL_TYPE_SFX },
{ "CL_TYPE_ZIPSFX", CL_TYPE_ZIPSFX },
{ "CL_TYPE_RARSFX", CL_TYPE_RARSFX },
{ "CL_TYPE_CABSFX", CL_TYPE_CABSFX },
{ "CL_TYPE_ARJSFX", CL_TYPE_ARJSFX },
{ "CL_TYPE_NULSFT", CL_TYPE_NULSFT },
{ "CL_TYPE_AUTOIT", CL_TYPE_AUTOIT },
{ "CL_TYPE_ISHIELD_MSI", CL_TYPE_ISHIELD_MSI },
{ "CL_TYPE_7Z", CL_TYPE_7Z },
{ "CL_TYPE_7ZSFX", CL_TYPE_7ZSFX },
{ "CL_TYPE_SWF", CL_TYPE_SWF },
{ "CL_TYPE_ISO9660", CL_TYPE_ISO9660 },
{ "CL_TYPE_JAVA", CL_TYPE_JAVA },
{ "CL_TYPE_DMG", CL_TYPE_DMG },
{ "CL_TYPE_MBR", CL_TYPE_MBR },
{ "CL_TYPE_GPT", CL_TYPE_GPT },
{ "CL_TYPE_APM", CL_TYPE_APM },
{ "CL_TYPE_XAR", CL_TYPE_XAR },
{ "CL_TYPE_PART_ANY", CL_TYPE_PART_ANY },
{ "CL_TYPE_PART_HFSPLUS", CL_TYPE_PART_HFSPLUS },
{ "CL_TYPE_XZ", CL_TYPE_XZ },
{ "CL_TYPE_OOXML_WORD", CL_TYPE_OOXML_WORD },
{ "CL_TYPE_OOXML_PPT", CL_TYPE_OOXML_PPT },
{ "CL_TYPE_OOXML_XL", CL_TYPE_OOXML_XL },
{ "CL_TYPE_INTERNAL", CL_TYPE_INTERNAL },
{ "CL_TYPE_XDP", CL_TYPE_XDP },
{ "CL_TYPE_XML_WORD", CL_TYPE_XML_WORD },
{ "CL_TYPE_XML_XL", CL_TYPE_XML_XL },
{ "CL_TYPE_HWP3", CL_TYPE_HWP3 },
{ "CL_TYPE_XML_HWP", CL_TYPE_XML_HWP },
{ "CL_TYPE_HWPOLE2", CL_TYPE_HWPOLE2 },
{ "CL_TYPE_OOXML_HWP", CL_TYPE_OOXML_HWP },
{ "CL_TYPE_PS", CL_TYPE_PS },
{ "CL_TYPE_MHTML", CL_TYPE_MHTML },
{ "CL_TYPE_LNK", CL_TYPE_LNK },
{ NULL, CL_TYPE_IGNORED }
};
// clang-format on
cli_file_t cli_partitiontype(const unsigned char *buf, size_t buflen, const struct cl_engine *engine);
@ -217,6 +219,7 @@ cli_file_t cli_filetype(const unsigned char *buf, size_t buflen, const struct cl
int is_tar(const unsigned char *buf, unsigned int nbytes);
/* organize by length, cannot exceed SIZEOF_LH */
// clang-format off
const struct ooxml_ftcodes {
const char *entry;
size_t len;
@ -240,6 +243,8 @@ const struct ooxml_ftcodes {
{ "META-INF/container.xml", 22, CL_TYPE_ZIP }, /* HWP */
{ NULL, 0, CL_TYPE_ANY }
};
// clang-format on
/* set to biggest ooxml_detect len */
#define OOXML_DETECT_MAXLEN 22

2
libclamav/gpt.c
View file

@ -401,7 +401,7 @@ static int gpt_validate_header(cli_ctx *ctx, struct gpt_header hdr, size_t secto
hdr.tableStartLBA = le64_to_host(hdr.tableStartLBA);
hdr.tableNumEntries = le32_to_host(hdr.tableNumEntries);
hdr.tableEntrySize = le32_to_host(hdr.tableEntrySize);
hdr.tableCRC32 = le32_to_host(hdr.tableCRC32);;
hdr.tableCRC32 = le32_to_host(hdr.tableCRC32);
ptable_start = hdr.tableStartLBA * sectorsize;
ptable_len = hdr.tableNumEntries * hdr.tableEntrySize;

2
libclamav/htmlnorm.c
View file

@ -100,6 +100,7 @@ struct tag_contents {
unsigned char contents[MAX_TAG_CONTENTS_LENGTH + 1];
};
// clang-format off
static const int base64_chars[256] = {
-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
@ -118,6 +119,7 @@ static const int base64_chars[256] = {
-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
};
// clang-format on
int table_order[] = {
00, 02, 01, 00, 02, 01, 02, 01, 01, 02, 01, 02, 00, 01, 02, 01,

16
libclamav/hwp.c
View file

@ -1065,7 +1065,7 @@ static inline int parsehwp3_paragraph(cli_ctx *ctx, fmap_t *map, int p, int leve
hwp3_debug("HWP3.x: Paragraph[%d, %d]: box cell paragraph list starts @ %llu\n", level, p, (long long unsigned)offset);
for (i = 0; i < ncells; i++) {
l = 0;
while (!l && ((ret = parsehwp3_paragraph(ctx, map, sp++, level+1, &offset, &l)) == CL_SUCCESS));
while (!l && ((ret = parsehwp3_paragraph(ctx, map, sp++, level+1, &offset, &l)) == CL_SUCCESS)) continue;
if (ret != CL_SUCCESS)
return ret;
}
@ -1073,7 +1073,7 @@ static inline int parsehwp3_paragraph(cli_ctx *ctx, fmap_t *map, int p, int leve
/* box caption paragraph list */
hwp3_debug("HWP3.x: Paragraph[%d, %d]: box cell caption paragraph list starts @ %llu\n", level, p, (long long unsigned)offset);
l = 0;
while (!l && ((ret = parsehwp3_paragraph(ctx, map, sp++, level+1, &offset, &l)) == CL_SUCCESS));
while (!l && ((ret = parsehwp3_paragraph(ctx, map, sp++, level+1, &offset, &l)) == CL_SUCCESS)) continue;
if (ret != CL_SUCCESS)
return ret;
break;
@ -1110,7 +1110,7 @@ static inline int parsehwp3_paragraph(cli_ctx *ctx, fmap_t *map, int p, int leve
/* caption paragraph list */
hwp3_debug("HWP3.x: Paragraph[%d, %d]: drawing caption paragraph list starts @ %llu\n", level, p, (long long unsigned)offset);
l = 0;
while (!l && ((ret = parsehwp3_paragraph(ctx, map, sp++, level+1, &offset, &l)) == CL_SUCCESS));
while (!l && ((ret = parsehwp3_paragraph(ctx, map, sp++, level+1, &offset, &l)) == CL_SUCCESS)) continue;
if (ret != CL_SUCCESS)
return ret;
break;
@ -1155,7 +1155,7 @@ static inline int parsehwp3_paragraph(cli_ctx *ctx, fmap_t *map, int p, int leve
/* hidden description paragraph list */
hwp3_debug("HWP3.x: Paragraph[%d, %d]: hidden description paragraph list starts @ %llu\n", level, p, (long long unsigned)offset);
l = 0;
while (!l && ((ret = parsehwp3_paragraph(ctx, map, sp++, level+1, &offset, &l)) == CL_SUCCESS));
while (!l && ((ret = parsehwp3_paragraph(ctx, map, sp++, level+1, &offset, &l)) == CL_SUCCESS)) continue;
if (ret != CL_SUCCESS)
return ret;
break;
@ -1197,7 +1197,7 @@ static inline int parsehwp3_paragraph(cli_ctx *ctx, fmap_t *map, int p, int leve
/* content paragraph list */
hwp3_debug("HWP3.x: Paragraph[%d, %d]: header/footer paragraph list starts @ %llu\n", level, p, (long long unsigned)offset);
l = 0;
while (!l && ((ret = parsehwp3_paragraph(ctx, map, sp++, level+1, &offset, &l)) == CL_SUCCESS));
while (!l && ((ret = parsehwp3_paragraph(ctx, map, sp++, level+1, &offset, &l)) == CL_SUCCESS)) continue;
if (ret != CL_SUCCESS)
return ret;
break;
@ -1225,7 +1225,7 @@ static inline int parsehwp3_paragraph(cli_ctx *ctx, fmap_t *map, int p, int leve
/* content paragraph list */
hwp3_debug("HWP3.x: Paragraph[%d, %d]: footnote/endnote paragraph list starts @ %llu\n", level, p, (long long unsigned)offset);
l = 0;
while (!l && ((ret = parsehwp3_paragraph(ctx, map, sp++, level+1, &offset, &l)) == CL_SUCCESS));
while (!l && ((ret = parsehwp3_paragraph(ctx, map, sp++, level+1, &offset, &l)) == CL_SUCCESS)) continue;
if (ret != CL_SUCCESS)
return ret;
break;
@ -1840,7 +1840,7 @@ static int hwp3_cb(void *cbdata, int fd, const char* filepath, cli_ctx *ctx)
last = 0;
/* Paragraphs - variable */
/* Paragraphs - are terminated with 0x0d00[13(CR) as hchar], empty paragraph marks end of section and do NOT end with 0x0d00 */
while (!last && ((ret = parsehwp3_paragraph(ctx, map, p++, 0, &offset, &last)) == CL_SUCCESS));
while (!last && ((ret = parsehwp3_paragraph(ctx, map, p++, 0, &offset, &last)) == CL_SUCCESS)) continue;
/* return is never a virus */
if (ret != CL_SUCCESS) {
if (dmap)
@ -1854,7 +1854,7 @@ static int hwp3_cb(void *cbdata, int fd, const char* filepath, cli_ctx *ctx)
last = 0;
/* 'additional information block #1's - attachments and media */
while (!last && ((ret = parsehwp3_infoblk_1(ctx, map, &offset, &last)) == CL_SUCCESS));
while (!last && ((ret = parsehwp3_infoblk_1(ctx, map, &offset, &last)) == CL_SUCCESS)) continue;
/* scan the uncompressed stream - both compressed and uncompressed cases [ALLMATCH] */
if ((ret == CL_SUCCESS) || ((SCAN_ALLMATCHES) && (ret == CL_VIRUS))) {

2
libclamav/hwp.h
View file

@ -24,6 +24,7 @@
#include "others.h"
// clang-format off
#define HWP5_COMPRESSED 0x1
#define HWP5_PASSWORD 0x2
#define HWP5_DISTRIBUTABLE 0x4
@ -36,6 +37,7 @@
#define HWP5_CERT_EXTRA 0x200
#define HWP5_CERT_DRM 0x400
#define HWP5_CCL 0x800
// clang-format on
typedef struct hwp5_header {
uint8_t signature[32];

4
libclamav/matcher-ac.c
View file

@ -47,6 +47,8 @@
#include "mpool.h"
// clang-format off
#define AC_SPECIAL_ALT_CHAR 1
#define AC_SPECIAL_ALT_STR_FIXED 2
#define AC_SPECIAL_ALT_STR 3
@ -86,6 +88,8 @@ static char boundary[256] = {
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
};
// clang-format on
static inline int insert_list(struct cli_matcher *root, struct cli_ac_patt *pattern, struct cli_ac_node *pt)
{
struct cli_ac_list *ph, *new, *ph_prev, *ph_add_after;

57
libclamav/matcher.h
View file

@ -45,26 +45,29 @@ struct cli_target_info {
#include "fmap.h"
#include "mpool.h"
#define CLI_MATCH_METADATA 0xff00
#define CLI_MATCH_WILDCARD 0x0f00
#define CLI_MATCH_CHAR 0x0000
#define CLI_MATCH_NOCASE 0x1000
#define CLI_MATCH_IGNORE 0x0100
#define CLI_MATCH_SPECIAL 0x0200
#define CLI_MATCH_NIBBLE_HIGH 0x0300
#define CLI_MATCH_NIBBLE_LOW 0x0400
// clang-format off
#define CLI_MATCH_METADATA 0xff00
#define CLI_MATCH_WILDCARD 0x0f00
#define CLI_MATCH_CHAR 0x0000
#define CLI_MATCH_NOCASE 0x1000
#define CLI_MATCH_IGNORE 0x0100
#define CLI_MATCH_SPECIAL 0x0200
#define CLI_MATCH_NIBBLE_HIGH 0x0300
#define CLI_MATCH_NIBBLE_LOW 0x0400
#define CLI_TDB_UINT 0
#define CLI_TDB_RANGE 1
#define CLI_TDB_STR 2
#define CLI_TDB_RANGE2 3
#define CLI_TDB_FTYPE 4
#define CLI_TDB_FTYPE_EXPR 5
struct cli_lsig_tdb {
#define CLI_TDB_UINT 0
#define CLI_TDB_RANGE 1
#define CLI_TDB_STR 2
#define CLI_TDB_RANGE2 3
#define CLI_TDB_FTYPE 4
#define CLI_TDB_FTYPE_EXPR 5
uint32_t *val, *range;
char *str;
uint32_t cnt[3];
uint32_t subsigs;
uint32_t *val, *range;
char *str;
uint32_t cnt[3];
uint32_t subsigs;
const uint32_t *target;
const uint32_t *engine, *nos, *ep, *filesize;
@ -72,15 +75,17 @@ struct cli_lsig_tdb {
const uint32_t *intermediates;
/*
const uint32_t *sectoff, *sectrva, *sectvsz, *sectraw, *sectrsz,
*secturva, *sectuvsz, *secturaw, *sectursz;
*secturva, *sectuvsz, *secturaw, *sectursz;
*/
const char *icongrp1, *icongrp2;
uint32_t *macro_ptids;
const char *icongrp1, *icongrp2;
uint32_t *macro_ptids;
#ifdef USE_MPOOL
mpool_t *mempool;
mpool_t *mempool;
#endif
};
// clang-format on
#define CLI_LSIG_FLAG_PRIVATE 0x01
struct cli_bc;
@ -174,6 +179,8 @@ struct cli_mtarget {
uint8_t target_count; /* must be synced with non-zero values in the target array */
};
// clang-format off
#define CLI_MTARGETS 15
static const struct cli_mtarget cli_mtargets[CLI_MTARGETS] = {
{ {0, 0}, "GENERIC", 0, 0, 1, 1 },
@ -194,7 +201,7 @@ static const struct cli_mtarget cli_mtargets[CLI_MTARGETS] = {
};
#define CLI_OFF_ANY 0xffffffff
#define CLI_OFF_NONE 0xfffffffe
#define CLI_OFF_NONE 0xfffffffe
#define CLI_OFF_ABSOLUTE 1
#define CLI_OFF_EOF_MINUS 2
#define CLI_OFF_EP_PLUS 3
@ -203,7 +210,9 @@ static const struct cli_mtarget cli_mtargets[CLI_MTARGETS] = {
#define CLI_OFF_SX_PLUS 6
#define CLI_OFF_VERSION 7
#define CLI_OFF_MACRO 8
#define CLI_OFF_SE 9
#define CLI_OFF_SE 9
// clang-format on
int cli_scanbuff(const unsigned char *buffer, uint32_t length, uint32_t offset, cli_ctx *ctx, cli_file_t ftype, struct cli_ac_data **acdata);

10
libclamav/mbox.c
View file

@ -168,12 +168,12 @@ typedef enum {
* more than one machine you must make sure that .../partial is on a shared
* network filesystem
*/
/*#define NEW_WORLD*/
/*#define SCAN_UNENCODED_BOUNCES *//*
* Slows things down a lot and only catches unencoded copies
* of EICAR within bounces, which don't matter
*/
/*
* Slows things down a lot and only catches unencoded copies
* of EICAR within bounces, which don't matter
*/
//#define SCAN_UNENCODED_BOUNCES
typedef struct mbox_ctx {
const char *dir;

3
libclamav/message.c
View file

@ -2386,8 +2386,7 @@ rfc2231(const char *in)
*out++ = '=';
while(*ptr++ != '=')
;
while (*ptr++ != '=') continue;
/*
* We don't do anything with the language and character set, just skip

12
libclamav/msdoc.c
View file

@ -58,7 +58,7 @@ ole2_convert_utf(summary_ctx_t *sctx, char *begin, size_t sz, const char *encodi
char *buf, *p1, *p2;
off_t offset;
size_t inlen, outlen, nonrev, sz2;
int i, try;
int i, attempt;
iconv_t cd;
#endif
/* applies in the both case */
@ -131,9 +131,9 @@ ole2_convert_utf(summary_ctx_t *sctx, char *begin, size_t sz, const char *encodi
}
else {
offset = 0;
for (try = 1; try <= 3; ++try) {
for (attempt = 1; attempt <= 3; ++attempt) {
/* charset to UTF-8 should never exceed sz*6 */
sz2 = (try*2) * sz;
sz2 = (attempt*2) * sz;
/* use cli_realloc, reuse the buffer that has already been translated */
outbuf = (char *)cli_realloc(outbuf, sz2+1);
if (!outbuf) {
@ -166,9 +166,9 @@ ole2_convert_utf(summary_ctx_t *sctx, char *begin, size_t sz, const char *encodi
//cli_dbgmsg("%u %s\n", inlen, outbuf);
offset = sz2 - outlen;
if (try < 3)
if (attempt < 3)
cli_dbgmsg("ole2_convert_utf: outbuf is too small, resizing %llu -> %llu\n",
(long long unsigned)((try*2) * sz), (long long unsigned)(((try+1)*2) * sz));
(long long unsigned)((attempt*2) * sz), (long long unsigned)(((attempt+1)*2) * sz));
}
if (errno == E2BIG && nonrev == (size_t)-1) {
@ -955,7 +955,7 @@ int cli_ole2_summary_json(cli_ctx *ctx, int fd, int mode)
if (sumstub.byte_order != 0xfffe) {
cli_dbgmsg("ole2_summary_json: byteorder 0x%x is invalid\n", sumstub.byte_order);
sctx.flags |= OLE2_SUMMARY_ERROR_INVALID_ENTRY;
return cli_ole2_summary_json_cleanup(&sctx, CL_EFORMAT);;
return cli_ole2_summary_json_cleanup(&sctx, CL_EFORMAT);
}
sumstub.version = sum16_endian_convert(sumstub.version); /*unused*/
sumstub.system = sum32_endian_convert(sumstub.system); /*unused*/

47
libclamav/msxml.c
View file

@ -47,33 +47,34 @@
#define MSXML_READBUFF SCANBUFF
// clang-format off
static const struct key_entry msxml_keys[] = {
{ "worddocument", "WordDocument", MSXML_JSON_ROOT | MSXML_JSON_ATTRIB },
{ "workbook", "Workbook", MSXML_JSON_ROOT | MSXML_JSON_ATTRIB },
{ "bindata", "BinaryData", MSXML_SCAN_B64 | MSXML_JSON_COUNT | MSXML_JSON_ROOT },
{ "documentproperties", "DocumentProperties", MSXML_JSON_ROOT },
{ "author", "Author", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "lastauthor", "LastAuthor", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "revision", "Revision", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "totaltime", "TotalTime", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "created", "Created", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "lastsaved", "LastSaved", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "pages", "Pages", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "words", "Words", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "characters", "Characters", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "lines", "Lines", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "paragraph", "Paragraph", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "characterswithspaces", "CharactersWithSpaces", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "version", "Version", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "allowpng", "AllowPNG", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "fonts", "Fonts", MSXML_IGNORE_ELEM },
{ "styles", "Styles", MSXML_IGNORE_ELEM }
{ "worddocument", "WordDocument", MSXML_JSON_ROOT | MSXML_JSON_ATTRIB },
{ "workbook", "Workbook", MSXML_JSON_ROOT | MSXML_JSON_ATTRIB },
{ "bindata", "BinaryData", MSXML_SCAN_B64 | MSXML_JSON_COUNT | MSXML_JSON_ROOT },
{ "documentproperties", "DocumentProperties", MSXML_JSON_ROOT },
{ "author", "Author", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "lastauthor", "LastAuthor", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "revision", "Revision", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "totaltime", "TotalTime", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "created", "Created", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "lastsaved", "LastSaved", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "pages", "Pages", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "words", "Words", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "characters", "Characters", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "lines", "Lines", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "paragraph", "Paragraph", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "characterswithspaces", "CharactersWithSpaces", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "version", "Version", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "allowpng", "AllowPNG", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "fonts", "Fonts", MSXML_IGNORE_ELEM },
{ "styles", "Styles", MSXML_IGNORE_ELEM }
};
static size_t num_msxml_keys = sizeof(msxml_keys) / sizeof(struct key_entry);
// clang-format on
static inline size_t msxml_read_cb_new_window(struct msxml_cbdata *cbdata)
{
const unsigned char *new_window = NULL;

114
libclamav/ooxml.c
View file

@ -43,57 +43,72 @@
#if HAVE_LIBXML2 && HAVE_JSON
// clang-format off
/*** OOXML MSDOC ***/
static const struct key_entry ooxml_keys[] = {
{ "coreproperties", "CoreProperties", MSXML_JSON_ROOT | MSXML_JSON_ATTRIB },
{ "title", "Title", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "subject", "Subject", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "creator", "Author", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "keywords", "Keywords", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "comments", "Comments", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "description", "Description", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "lastmodifiedby", "LastAuthor", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "revision", "Revision", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "created", "Created", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "modified", "Modified", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "category", "Category", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "contentstatus", "ContentStatus", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "properties", "ExtendedProperties", MSXML_JSON_ROOT | MSXML_JSON_ATTRIB },
{ "application", "Application", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "appversion", "AppVersion", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "characters", "Characters", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "coreproperties", "CoreProperties", MSXML_JSON_ROOT | MSXML_JSON_ATTRIB },
{ "title", "Title", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "subject", "Subject", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "creator", "Author", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "keywords", "Keywords", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "comments", "Comments", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "description", "Description", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "lastmodifiedby", "LastAuthor", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "revision", "Revision", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "created", "Created", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "modified", "Modified", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "category", "Category", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "contentstatus", "ContentStatus", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "properties", "ExtendedProperties", MSXML_JSON_ROOT | MSXML_JSON_ATTRIB },
{ "application", "Application", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "appversion", "AppVersion", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "characters", "Characters", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "characterswithspaces", "CharactersWithSpaces", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "company", "Company", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "digsig", "DigSig", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "docsecurity", "DocSecurity", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
//{ "headingpairs", "HeadingPairs", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "hiddenslides", "HiddenSlides", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "hlinks", "HLinks", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "hyperlinkbase", "HyperlinkBase", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "hyperlinkschanged", "HyperlinksChanged", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "lines", "Lines", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "linksuptodate", "LinksUpToDate", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "manager", "Manager", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "mmclips", "MultimediaClips", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "notes", "Notes", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "pages", "Pages", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "paragraphs", "Paragraphs", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "presentationformat", "PresentationFormat", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
//{ "properties", "Properties", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "scalecrop", "ScaleCrop", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "shareddoc", "SharedDocs", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "slides", "Slides", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "template", "Template", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
//{ "titleofparts", "TitleOfParts", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "totaltime", "TotalTime", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "words", "Words", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "company", "Company", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "digsig", "DigSig", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "docsecurity", "DocSecurity", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
//{ "headingpairs", "HeadingPairs", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "hiddenslides", "HiddenSlides", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "hlinks", "HLinks", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "hyperlinkbase", "HyperlinkBase", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "hyperlinkschanged", "HyperlinksChanged", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "lines", "Lines", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "linksuptodate", "LinksUpToDate", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "manager", "Manager", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "mmclips", "MultimediaClips", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "notes", "Notes", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "pages", "Pages", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "paragraphs", "Paragraphs", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "presentationformat", "PresentationFormat", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
//{ "properties", "Properties", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "scalecrop", "ScaleCrop", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "shareddoc", "SharedDocs", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "slides", "Slides", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "template", "Template", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
//{ "titleofparts", "TitleOfParts", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "totaltime", "TotalTime", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "words", "Words", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
/* Should NOT Exist */
{ "bindata", "BinaryData", MSXML_SCAN_B64 | MSXML_JSON_COUNT | MSXML_JSON_ROOT }
{ "bindata", "BinaryData", MSXML_SCAN_B64 | MSXML_JSON_COUNT | MSXML_JSON_ROOT }
};
static size_t num_ooxml_keys = sizeof(ooxml_keys) / sizeof(struct key_entry);
/*** OOXML HWP ***/
static const struct key_entry ooxml_hwp_keys[] = {
{ "hcfversion", "HCFVersion", MSXML_JSON_ROOT | MSXML_JSON_ATTRIB },
{ "package", "Properties", MSXML_JSON_ROOT | MSXML_JSON_ATTRIB },
{ "metadata", "Metadata", MSXML_JSON_WRKPTR | MSXML_JSON_ATTRIB },
{ "title", "Title", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "language", "Language", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "meta", "MetaFields", MSXML_JSON_WRKPTR | MSXML_JSON_ATTRIB | MSXML_JSON_VALUE | MSXML_JSON_COUNT | MSXML_JSON_MULTI },
{ "item", "Contents", MSXML_JSON_WRKPTR | MSXML_JSON_ATTRIB | MSXML_JSON_COUNT | MSXML_JSON_MULTI }
};
static size_t num_ooxml_hwp_keys = sizeof(ooxml_hwp_keys) / sizeof(struct key_entry);
// clang-format on
static int ooxml_updatelimits(int fd, cli_ctx *ctx)
{
STATBUF sb;
@ -339,19 +354,6 @@ static int ooxml_content_cb(int fd, const char* filepath, cli_ctx *ctx)
return ret;
}
/*** OOXML HWP ***/
static const struct key_entry ooxml_hwp_keys[] = {
{ "hcfversion", "HCFVersion", MSXML_JSON_ROOT | MSXML_JSON_ATTRIB },
{ "package", "Properties", MSXML_JSON_ROOT | MSXML_JSON_ATTRIB },
{ "metadata", "Metadata", MSXML_JSON_WRKPTR | MSXML_JSON_ATTRIB },
{ "title", "Title", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "language", "Language", MSXML_JSON_WRKPTR | MSXML_JSON_VALUE },
{ "meta", "MetaFields", MSXML_JSON_WRKPTR | MSXML_JSON_ATTRIB | MSXML_JSON_VALUE | MSXML_JSON_COUNT | MSXML_JSON_MULTI },
{ "item", "Contents", MSXML_JSON_WRKPTR | MSXML_JSON_ATTRIB | MSXML_JSON_COUNT | MSXML_JSON_MULTI }
};
static size_t num_ooxml_hwp_keys = sizeof(ooxml_hwp_keys) / sizeof(struct key_entry);
static int ooxml_hwp_cb(int fd, const char* filepath, cli_ctx *ctx)
{
int ret = CL_SUCCESS;

3
libclamav/pdfdecode.c
View file

@ -71,8 +71,7 @@
struct pdf_token {
uint32_t flags; /* tracking flags */
uint32_t success; /* successfully decoded filters */
uint32_t length; /* length of current content */ /* TODO: transition to size_t */
uint32_t length; /* length of current content; TODO: transition to size_t */
uint8_t *content; /* content stream */
};

2
libclamav/pe_icons.c
View file

@ -250,6 +250,7 @@ static const int gaussk[]={1,2,1};
static const int gkernsz = (sizeof(gaussk) / sizeof(gaussk[0]));
#ifndef USE_FLOATS
// clang-format off
static const uint32_t rtable[256][3] = {
{0x00000000,0x00000000,0x00000000}, {0x00033475,0x0001a70c,0x00002675},
{0x000668e9,0x00034e18,0x00004ceb}, {0x00099d5e,0x0004f525,0x00007360},
@ -642,6 +643,7 @@ static const int gkernsz = (sizeof(gaussk) / sizeof(gaussk[0]));
{0x119089da,0x07069d8a,0x5c81c488}, {0x11b93635,0x0716e27b,0x5d57faec},
{0x11e2194b,0x07273d51,0x5e2f5196}, {0x120b3333,0x0737ae14,0x5f07c8f3},
};
// clang-format on
#endif
#ifdef USE_FLOATS

47
libclamav/readdb.c
View file

@ -1381,35 +1381,38 @@ struct lsig_attrib {
/* TODO: rework this */
static int lsigattribs(char *attribs, struct cli_lsig_tdb *tdb)
{
struct lsig_attrib attrtab[] = {
// clang-format off
#define ATTRIB_TOKENS 10
#define EXPR_TOKEN_MAX 16
{ "Target", CLI_TDB_UINT, (void **) &tdb->target },
{ "Engine", CLI_TDB_RANGE, (void **) &tdb->engine },
struct lsig_attrib attrtab[] = {
{ "Target", CLI_TDB_UINT, (void **) &tdb->target },
{ "Engine", CLI_TDB_RANGE, (void **) &tdb->engine },
{ "FileSize", CLI_TDB_RANGE, (void **) &tdb->filesize },
{ "EntryPoint", CLI_TDB_RANGE, (void **) &tdb->ep },
{ "NumberOfSections", CLI_TDB_RANGE, (void **) &tdb->nos },
{ "FileSize", CLI_TDB_RANGE, (void **) &tdb->filesize },
{ "EntryPoint", CLI_TDB_RANGE, (void **) &tdb->ep },
{ "NumberOfSections", CLI_TDB_RANGE, (void **) &tdb->nos },
{ "IconGroup1", CLI_TDB_STR, (void **) &tdb->icongrp1 },
{ "IconGroup2", CLI_TDB_STR, (void **) &tdb->icongrp2 },
{ "IconGroup1", CLI_TDB_STR, (void **) &tdb->icongrp1 },
{ "IconGroup2", CLI_TDB_STR, (void **) &tdb->icongrp2 },
{ "Container", CLI_TDB_FTYPE, (void **) &tdb->container },
{ "HandlerType", CLI_TDB_FTYPE, (void **) &tdb->handlertype },
{ "Intermediates", CLI_TDB_FTYPE_EXPR, (void **) &tdb->intermediates },
{ "Container", CLI_TDB_FTYPE, (void **) &tdb->container },
{ "HandlerType", CLI_TDB_FTYPE, (void **) &tdb->handlertype },
{ "Intermediates", CLI_TDB_FTYPE_EXPR, (void **) &tdb->intermediates },
/*
{ "SectOff", CLI_TDB_RANGE2, (void **) &tdb->sectoff },
{ "SectRVA", CLI_TDB_RANGE2, (void **) &tdb->sectrva },
{ "SectVSZ", CLI_TDB_RANGE2, (void **) &tdb->sectvsz },
{ "SectRAW", CLI_TDB_RANGE2, (void **) &tdb->sectraw },
{ "SectRSZ", CLI_TDB_RANGE2, (void **) &tdb->sectrsz },
{ "SectURVA", CLI_TDB_RANGE2, (void **) &tdb->secturva },
{ "SectUVSZ", CLI_TDB_RANGE2, (void **) &tdb->sectuvsz },
{ "SectURAW", CLI_TDB_RANGE2, (void **) &tdb->secturaw },
{ "SectURSZ", CLI_TDB_RANGE2, (void **) &tdb->sectursz },
{ "SectOff", CLI_TDB_RANGE2, (void **) &tdb->sectoff },
{ "SectRVA", CLI_TDB_RANGE2, (void **) &tdb->sectrva },
{ "SectVSZ", CLI_TDB_RANGE2, (void **) &tdb->sectvsz },
{ "SectRAW", CLI_TDB_RANGE2, (void **) &tdb->sectraw },
{ "SectRSZ", CLI_TDB_RANGE2, (void **) &tdb->sectrsz },
{ "SectURVA", CLI_TDB_RANGE2, (void **) &tdb->secturva },
{ "SectUVSZ", CLI_TDB_RANGE2, (void **) &tdb->sectuvsz },
{ "SectURAW", CLI_TDB_RANGE2, (void **) &tdb->secturaw },
{ "SectURSZ", CLI_TDB_RANGE2, (void **) &tdb->sectursz },
*/
{ NULL, 0, NULL, }
{ NULL, 0, NULL, }
};
// clang-format on
struct lsig_attrib *apt;
char *tokens[ATTRIB_TOKENS], *pt, *pt2;
unsigned int v1, v2, v3, i, j, tokens_count, have_newext = 0;
@ -4304,7 +4307,7 @@ int cli_load(const char *filename, struct cl_engine *engine, unsigned int *signo
if(dbio && dbio->chkonly) {
while(cli_dbgets(buff, FILEBUFF, NULL, dbio));
while (cli_dbgets(buff, FILEBUFF, NULL, dbio)) continue;
return CL_SUCCESS;
}

2
libclamav/sf_base64decode.c
View file

@ -27,6 +27,7 @@
#include "sf_base64decode.h"
// clang-format off
uint8_t sf_decode64tab[256] = {
100,100,100,100,100,100,100,100,100,100,100,100,100,100,100,100,
100,100,100,100,100,100,100,100,100,100,100,100,100,100,100,100,
@ -44,6 +45,7 @@ uint8_t sf_decode64tab[256] = {
100,100,100,100,100,100,100,100,100,100,100,100,100,100,100,100,
100,100,100,100,100,100,100,100,100,100,100,100,100,100,100,100,
100,100,100,100,100,100,100,100,100,100,100,100,100,100,100,100};
// clang-format on
/* base64decode assumes the input data terminates with '=' and/or at the end of the input buffer
* at inbuf_size. If extra characters exist within inbuf before inbuf_size is reached, it will

6
libclamav/str.c
View file

@ -45,6 +45,8 @@
#include "jsparse/textbuf.h"
#include "platform.h"
// clang-format off
static const int hex_chars[256] = {
-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
@ -64,6 +66,8 @@ static const int hex_chars[256] = {
-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
};
// clang-format on
static inline int cli_hex2int(const char c)
{
return hex_chars[(const unsigned char)c];
@ -442,7 +446,7 @@ char *cli_strrcpy(char *dest, const char *source) /* by NJH */
return NULL;
}
while((*dest++ = *source++));
while((*dest++ = *source++)) continue;
return --dest;
}

340
libclamav/swf.h
View file

@ -39,186 +39,190 @@ int cli_scanswf(cli_ctx *ctx);
typedef enum
{
TAG_END = 0,
TAG_SHOWFRAME = 1,
TAG_DEFINESHAPE = 2,
TAG_FREECHARACTER = 3,
TAG_PLACEOBJECT = 4,
TAG_REMOVEOBJECT = 5,
TAG_DEFINEBITS = 6,
TAG_DEFINEBUTTON = 7,
TAG_JPEGTABLES = 8,
TAG_SETBACKGROUNDCOLOR = 9,
TAG_DEFINEFONT = 10,
TAG_DEFINETEXT = 11,
TAG_DOACTION = 12,
TAG_DEFINEFONTINFO = 13,
TAG_DEFINESOUND = 14,
TAG_STARTSOUND = 15,
TAG_STOPSOUND = 16,
TAG_DEFINEBUTTONSOUND = 17,
TAG_SOUNDSTREAMHEAD = 18,
TAG_SOUNDSTREAMBLOCK = 19,
TAG_DEFINEBITSLOSSLESS = 20,
TAG_DEFINEBITSJPEG2 = 21,
TAG_DEFINESHAPE2 = 22,
TAG_DEFINEBUTTONCXFORM = 23,
TAG_PROTECT = 24,
TAG_PATHSAREPOSTSCRIPT = 25,
TAG_PLACEOBJECT2 = 26,
TAG_REMOVEOBJECT2 = 28,
TAG_SYNCFRAME = 29,
TAG_FREEALL = 31,
TAG_DEFINESHAPE3 = 32,
TAG_DEFINETEXT2 = 33,
TAG_DEFINEBUTTON2 = 34,
TAG_DEFINEBITSJPEG3 = 35,
TAG_DEFINEBITSLOSSLESS2 = 36,
TAG_DEFINEEDITTEXT = 37,
TAG_DEFINEVIDEO = 38,
TAG_DEFINEMOVIECLIP = 39,
TAG_NAMECHARACTER = 40,
TAG_SERIALNUMBER = 41,
TAG_DEFINETEXTFORMAT = 42,
TAG_FRAMELABEL = 43,
TAG_SOUNDSTREAMHEAD2 = 45,
TAG_DEFINEMORPHSHAPE = 46,
TAG_GENFRAME = 47,
TAG_DEFINEFONT2 = 48,
TAG_GENCOMMAND = 49,
TAG_DEFINECOMMANDOBJ = 50,
TAG_CHARACTERSET = 51,
TAG_FONTREF = 52,
TAG_EXPORTASSETS = 56,
TAG_IMPORTASSETS = 57,
TAG_ENABLEDEBUGGER = 58,
TAG_INITMOVIECLIP = 59,
TAG_DEFINEVIDEOSTREAM = 60,
TAG_VIDEOFRAME = 61,
TAG_DEFINEFONTINFO2 = 62,
TAG_DEBUGID = 63,
TAG_ENABLEDEBUGGER2 = 64,
TAG_SCRIPTLIMITS = 65,
TAG_SETTABINDEX = 66,
TAG_DEFINESHAPE4 = 67,
TAG_FILEATTRIBUTES = 69,
TAG_PLACEOBJECT3 = 70,
TAG_IMPORTASSETS2 = 71,
TAG_DEFINEFONTINFO3 = 73,
TAG_DEFINETEXTINFO = 74,
TAG_DEFINEFONT3 = 75,
TAG_AVM2DECL = 76,
TAG_METADATA = 77,
TAG_SLICE9 = 78,
TAG_AVM2ACTION = 82,
TAG_DEFINESHAPE5 = 83,
TAG_DEFINEMORPHSHAPE2 = 84,
TAG_DEFINESFLABELDATA = 86,
TAG_DEFINEBINARYDATA = 87,
TAG_DEFINEFONTNAME = 88,
TAG_STARTSOUND2 = 89,
TAG_DEFINEBITSJPEG4 = 90,
TAG_DEFINEFONT4 = 91,
TAG_ENABLETELEMETRY = 93,
TAG_DEFINEBITSPTR = 1023,
TAG_UNKNOWN = 9999
TAG_END = 0,
TAG_SHOWFRAME = 1,
TAG_DEFINESHAPE = 2,
TAG_FREECHARACTER = 3,
TAG_PLACEOBJECT = 4,
TAG_REMOVEOBJECT = 5,
TAG_DEFINEBITS = 6,
TAG_DEFINEBUTTON = 7,
TAG_JPEGTABLES = 8,
TAG_SETBACKGROUNDCOLOR = 9,
TAG_DEFINEFONT = 10,
TAG_DEFINETEXT = 11,
TAG_DOACTION = 12,
TAG_DEFINEFONTINFO = 13,
TAG_DEFINESOUND = 14,
TAG_STARTSOUND = 15,
TAG_STOPSOUND = 16,
TAG_DEFINEBUTTONSOUND = 17,
TAG_SOUNDSTREAMHEAD = 18,
TAG_SOUNDSTREAMBLOCK = 19,
TAG_DEFINEBITSLOSSLESS = 20,
TAG_DEFINEBITSJPEG2 = 21,
TAG_DEFINESHAPE2 = 22,
TAG_DEFINEBUTTONCXFORM = 23,
TAG_PROTECT = 24,
TAG_PATHSAREPOSTSCRIPT = 25,
TAG_PLACEOBJECT2 = 26,
TAG_REMOVEOBJECT2 = 28,
TAG_SYNCFRAME = 29,
TAG_FREEALL = 31,
TAG_DEFINESHAPE3 = 32,
TAG_DEFINETEXT2 = 33,
TAG_DEFINEBUTTON2 = 34,
TAG_DEFINEBITSJPEG3 = 35,
TAG_DEFINEBITSLOSSLESS2 = 36,
TAG_DEFINEEDITTEXT = 37,
TAG_DEFINEVIDEO = 38,
TAG_DEFINEMOVIECLIP = 39,
TAG_NAMECHARACTER = 40,
TAG_SERIALNUMBER = 41,
TAG_DEFINETEXTFORMAT = 42,
TAG_FRAMELABEL = 43,
TAG_SOUNDSTREAMHEAD2 = 45,
TAG_DEFINEMORPHSHAPE = 46,
TAG_GENFRAME = 47,
TAG_DEFINEFONT2 = 48,
TAG_GENCOMMAND = 49,
TAG_DEFINECOMMANDOBJ = 50,
TAG_CHARACTERSET = 51,
TAG_FONTREF = 52,
TAG_EXPORTASSETS = 56,
TAG_IMPORTASSETS = 57,
TAG_ENABLEDEBUGGER = 58,
TAG_INITMOVIECLIP = 59,
TAG_DEFINEVIDEOSTREAM = 60,
TAG_VIDEOFRAME = 61,
TAG_DEFINEFONTINFO2 = 62,
TAG_DEBUGID = 63,
TAG_ENABLEDEBUGGER2 = 64,
TAG_SCRIPTLIMITS = 65,
TAG_SETTABINDEX = 66,
TAG_DEFINESHAPE4 = 67,
TAG_FILEATTRIBUTES = 69,
TAG_PLACEOBJECT3 = 70,
TAG_IMPORTASSETS2 = 71,
TAG_DEFINEFONTINFO3 = 73,
TAG_DEFINETEXTINFO = 74,
TAG_DEFINEFONT3 = 75,
TAG_AVM2DECL = 76,
TAG_METADATA = 77,
TAG_SLICE9 = 78,
TAG_AVM2ACTION = 82,
TAG_DEFINESHAPE5 = 83,
TAG_DEFINEMORPHSHAPE2 = 84,
TAG_DEFINESFLABELDATA = 86,
TAG_DEFINEBINARYDATA = 87,
TAG_DEFINEFONTNAME = 88,
TAG_STARTSOUND2 = 89,
TAG_DEFINEBITSJPEG4 = 90,
TAG_DEFINEFONT4 = 91,
TAG_ENABLETELEMETRY = 93,
TAG_DEFINEBITSPTR = 1023,
TAG_UNKNOWN = 9999
} tag_id;
// clang-format off
static const struct tag_names_s {
const char *name;
tag_id id;
} tag_names[] = {
{ "TAG_END", TAG_END },
{ "TAG_SHOWFRAME", TAG_SHOWFRAME },
{ "TAG_DEFINESHAPE", TAG_DEFINESHAPE },
{ "TAG_FREECHARACTER", TAG_FREECHARACTER },
{ "TAG_PLACEOBJECT", TAG_PLACEOBJECT },
{ "TAG_REMOVEOBJECT", TAG_REMOVEOBJECT },
{ "TAG_DEFINEBITS", TAG_DEFINEBITS },
{ "TAG_DEFINEBUTTON", TAG_DEFINEBUTTON },
{ "TAG_JPEGTABLES", TAG_JPEGTABLES },
{ "TAG_SETBACKGROUNDCOLOR", TAG_SETBACKGROUNDCOLOR },
{ "TAG_DEFINEFONT", TAG_DEFINEFONT },
{ "TAG_DEFINETEXT", TAG_DEFINETEXT },
{ "TAG_DOACTION", TAG_DOACTION },
{ "TAG_DEFINEFONTINFO", TAG_DEFINEFONTINFO },
{ "TAG_DEFINESOUND", TAG_DEFINESOUND },
{ "TAG_STARTSOUND", TAG_STARTSOUND },
{ "TAG_STOPSOUND", TAG_STOPSOUND },
{ "TAG_DEFINEBUTTONSOUND", TAG_DEFINEBUTTONSOUND },
{ "TAG_SOUNDSTREAMHEAD", TAG_SOUNDSTREAMHEAD },
{ "TAG_SOUNDSTREAMBLOCK", TAG_SOUNDSTREAMBLOCK },
{ "TAG_DEFINEBITSLOSSLESS", TAG_DEFINEBITSLOSSLESS },
{ "TAG_DEFINEBITSJPEG2", TAG_DEFINEBITSJPEG2 },
{ "TAG_DEFINESHAPE2", TAG_DEFINESHAPE2 },
{ "TAG_DEFINEBUTTONCXFORM", TAG_DEFINEBUTTONCXFORM },
{ "TAG_PROTECT", TAG_PROTECT },
{ "TAG_PATHSAREPOSTSCRIPT", TAG_PATHSAREPOSTSCRIPT },
{ "TAG_PLACEOBJECT2", TAG_PLACEOBJECT2 },
{ "TAG_REMOVEOBJECT2", TAG_REMOVEOBJECT2 },
{ "TAG_SYNCFRAME", TAG_SYNCFRAME },
{ "TAG_FREEALL", TAG_FREEALL },
{ "TAG_DEFINESHAPE3", TAG_DEFINESHAPE3 },
{ "TAG_DEFINETEXT2", TAG_DEFINETEXT2 },
{ "TAG_DEFINEBUTTON2", TAG_DEFINEBUTTON2 },
{ "TAG_DEFINEBITSJPEG3", TAG_DEFINEBITSJPEG3 },
{ "TAG_DEFINEBITSLOSSLESS2", TAG_DEFINEBITSLOSSLESS2 },
{ "TAG_DEFINEEDITTEXT", TAG_DEFINEEDITTEXT },
{ "TAG_DEFINEVIDEO", TAG_DEFINEVIDEO },
{ "TAG_DEFINEMOVIECLIP", TAG_DEFINEMOVIECLIP },
{ "TAG_NAMECHARACTER", TAG_NAMECHARACTER },
{ "TAG_SERIALNUMBER", TAG_SERIALNUMBER },
{ "TAG_DEFINETEXTFORMAT", TAG_DEFINETEXTFORMAT },
{ "TAG_FRAMELABEL", TAG_FRAMELABEL },
{ "TAG_SOUNDSTREAMHEAD2", TAG_SOUNDSTREAMHEAD2 },
{ "TAG_DEFINEMORPHSHAPE", TAG_DEFINEMORPHSHAPE },
{ "TAG_GENFRAME", TAG_GENFRAME },
{ "TAG_DEFINEFONT2", TAG_DEFINEFONT2 },
{ "TAG_GENCOMMAND", TAG_GENCOMMAND },
{ "TAG_DEFINECOMMANDOBJ", TAG_DEFINECOMMANDOBJ },
{ "TAG_CHARACTERSET", TAG_CHARACTERSET },
{ "TAG_FONTREF", TAG_FONTREF },
{ "TAG_EXPORTASSETS", TAG_EXPORTASSETS },
{ "TAG_IMPORTASSETS", TAG_IMPORTASSETS },
{ "TAG_ENABLEDEBUGGER", TAG_ENABLEDEBUGGER },
{ "TAG_INITMOVIECLIP", TAG_INITMOVIECLIP },
{ "TAG_DEFINEVIDEOSTREAM", TAG_DEFINEVIDEOSTREAM },
{ "TAG_VIDEOFRAME", TAG_VIDEOFRAME },
{ "TAG_DEFINEFONTINFO2", TAG_DEFINEFONTINFO2 },
{ "TAG_DEBUGID", TAG_DEBUGID },
{ "TAG_ENABLEDEBUGGER2", TAG_ENABLEDEBUGGER2 },
{ "TAG_SCRIPTLIMITS", TAG_SCRIPTLIMITS },
{ "TAG_SETTABINDEX", TAG_SETTABINDEX },
{ "TAG_DEFINESHAPE4", TAG_DEFINESHAPE4 },
{ "TAG_FILEATTRIBUTES", TAG_FILEATTRIBUTES },
{ "TAG_PLACEOBJECT3", TAG_PLACEOBJECT3 },
{ "TAG_IMPORTASSETS2", TAG_IMPORTASSETS2 },
{ "TAG_DEFINEFONTINFO3", TAG_DEFINEFONTINFO3 },
{ "TAG_DEFINETEXTINFO", TAG_DEFINETEXTINFO },
{ "TAG_DEFINEFONT3", TAG_DEFINEFONT3 },
{ "TAG_AVM2DECL", TAG_AVM2DECL },
{ "TAG_METADATA", TAG_METADATA },
{ "TAG_SLICE9", TAG_SLICE9 },
{ "TAG_AVM2ACTION", TAG_AVM2ACTION },
{ "TAG_DEFINESHAPE5", TAG_DEFINESHAPE5 },
{ "TAG_DEFINEMORPHSHAPE2", TAG_DEFINEMORPHSHAPE2 },
{ "TAG_DEFINESFLABELDATA", TAG_DEFINESFLABELDATA },
{ "TAG_DEFINEBINARYDATA", TAG_DEFINEBINARYDATA },
{ "TAG_DEFINEFONTNAME", TAG_DEFINEFONTNAME },
{ "TAG_STARTSOUND2", TAG_STARTSOUND2 },
{ "TAG_DEFINEBITSJPEG4", TAG_DEFINEBITSJPEG4 },
{ "TAG_DEFINEFONT4", TAG_DEFINEFONT4 },
{ "TAG_ENABLETELEMETRY", TAG_ENABLETELEMETRY },
{ "TAG_DEFINEBITSPTR", TAG_DEFINEBITSPTR },
{ NULL, TAG_UNKNOWN },
{ "TAG_END", TAG_END },
{ "TAG_SHOWFRAME", TAG_SHOWFRAME },
{ "TAG_DEFINESHAPE", TAG_DEFINESHAPE },
{ "TAG_FREECHARACTER", TAG_FREECHARACTER },
{ "TAG_PLACEOBJECT", TAG_PLACEOBJECT },
{ "TAG_REMOVEOBJECT", TAG_REMOVEOBJECT },
{ "TAG_DEFINEBITS", TAG_DEFINEBITS },
{ "TAG_DEFINEBUTTON", TAG_DEFINEBUTTON },
{ "TAG_JPEGTABLES", TAG_JPEGTABLES },
{ "TAG_SETBACKGROUNDCOLOR", TAG_SETBACKGROUNDCOLOR },
{ "TAG_DEFINEFONT", TAG_DEFINEFONT },
{ "TAG_DEFINETEXT", TAG_DEFINETEXT },
{ "TAG_DOACTION", TAG_DOACTION },
{ "TAG_DEFINEFONTINFO", TAG_DEFINEFONTINFO },
{ "TAG_DEFINESOUND", TAG_DEFINESOUND },
{ "TAG_STARTSOUND", TAG_STARTSOUND },
{ "TAG_STOPSOUND", TAG_STOPSOUND },
{ "TAG_DEFINEBUTTONSOUND", TAG_DEFINEBUTTONSOUND },
{ "TAG_SOUNDSTREAMHEAD", TAG_SOUNDSTREAMHEAD },
{ "TAG_SOUNDSTREAMBLOCK", TAG_SOUNDSTREAMBLOCK },
{ "TAG_DEFINEBITSLOSSLESS", TAG_DEFINEBITSLOSSLESS },
{ "TAG_DEFINEBITSJPEG2", TAG_DEFINEBITSJPEG2 },
{ "TAG_DEFINESHAPE2", TAG_DEFINESHAPE2 },
{ "TAG_DEFINEBUTTONCXFORM", TAG_DEFINEBUTTONCXFORM },
{ "TAG_PROTECT", TAG_PROTECT },
{ "TAG_PATHSAREPOSTSCRIPT", TAG_PATHSAREPOSTSCRIPT },
{ "TAG_PLACEOBJECT2", TAG_PLACEOBJECT2 },
{ "TAG_REMOVEOBJECT2", TAG_REMOVEOBJECT2 },
{ "TAG_SYNCFRAME", TAG_SYNCFRAME },
{ "TAG_FREEALL", TAG_FREEALL },
{ "TAG_DEFINESHAPE3", TAG_DEFINESHAPE3 },
{ "TAG_DEFINETEXT2", TAG_DEFINETEXT2 },
{ "TAG_DEFINEBUTTON2", TAG_DEFINEBUTTON2 },
{ "TAG_DEFINEBITSJPEG3", TAG_DEFINEBITSJPEG3 },
{ "TAG_DEFINEBITSLOSSLESS2", TAG_DEFINEBITSLOSSLESS2},
{ "TAG_DEFINEEDITTEXT", TAG_DEFINEEDITTEXT },
{ "TAG_DEFINEVIDEO", TAG_DEFINEVIDEO },
{ "TAG_DEFINEMOVIECLIP", TAG_DEFINEMOVIECLIP },
{ "TAG_NAMECHARACTER", TAG_NAMECHARACTER },
{ "TAG_SERIALNUMBER", TAG_SERIALNUMBER },
{ "TAG_DEFINETEXTFORMAT", TAG_DEFINETEXTFORMAT },
{ "TAG_FRAMELABEL", TAG_FRAMELABEL },
{ "TAG_SOUNDSTREAMHEAD2", TAG_SOUNDSTREAMHEAD2 },
{ "TAG_DEFINEMORPHSHAPE", TAG_DEFINEMORPHSHAPE },
{ "TAG_GENFRAME", TAG_GENFRAME },
{ "TAG_DEFINEFONT2", TAG_DEFINEFONT2 },
{ "TAG_GENCOMMAND", TAG_GENCOMMAND },
{ "TAG_DEFINECOMMANDOBJ", TAG_DEFINECOMMANDOBJ },
{ "TAG_CHARACTERSET", TAG_CHARACTERSET },
{ "TAG_FONTREF", TAG_FONTREF },
{ "TAG_EXPORTASSETS", TAG_EXPORTASSETS },
{ "TAG_IMPORTASSETS", TAG_IMPORTASSETS },
{ "TAG_ENABLEDEBUGGER", TAG_ENABLEDEBUGGER },
{ "TAG_INITMOVIECLIP", TAG_INITMOVIECLIP },
{ "TAG_DEFINEVIDEOSTREAM", TAG_DEFINEVIDEOSTREAM },
{ "TAG_VIDEOFRAME", TAG_VIDEOFRAME },
{ "TAG_DEFINEFONTINFO2", TAG_DEFINEFONTINFO2 },
{ "TAG_DEBUGID", TAG_DEBUGID },
{ "TAG_ENABLEDEBUGGER2", TAG_ENABLEDEBUGGER2 },
{ "TAG_SCRIPTLIMITS", TAG_SCRIPTLIMITS },
{ "TAG_SETTABINDEX", TAG_SETTABINDEX },
{ "TAG_DEFINESHAPE4", TAG_DEFINESHAPE4 },
{ "TAG_FILEATTRIBUTES", TAG_FILEATTRIBUTES },
{ "TAG_PLACEOBJECT3", TAG_PLACEOBJECT3 },
{ "TAG_IMPORTASSETS2", TAG_IMPORTASSETS2 },
{ "TAG_DEFINEFONTINFO3", TAG_DEFINEFONTINFO3 },
{ "TAG_DEFINETEXTINFO", TAG_DEFINETEXTINFO },
{ "TAG_DEFINEFONT3", TAG_DEFINEFONT3 },
{ "TAG_AVM2DECL", TAG_AVM2DECL },
{ "TAG_METADATA", TAG_METADATA },
{ "TAG_SLICE9", TAG_SLICE9 },
{ "TAG_AVM2ACTION", TAG_AVM2ACTION },
{ "TAG_DEFINESHAPE5", TAG_DEFINESHAPE5 },
{ "TAG_DEFINEMORPHSHAPE2", TAG_DEFINEMORPHSHAPE2 },
{ "TAG_DEFINESFLABELDATA", TAG_DEFINESFLABELDATA },
{ "TAG_DEFINEBINARYDATA", TAG_DEFINEBINARYDATA },
{ "TAG_DEFINEFONTNAME", TAG_DEFINEFONTNAME },
{ "TAG_STARTSOUND2", TAG_STARTSOUND2 },
{ "TAG_DEFINEBITSJPEG4", TAG_DEFINEBITSJPEG4 },
{ "TAG_DEFINEFONT4", TAG_DEFINEFONT4 },
{ "TAG_ENABLETELEMETRY", TAG_ENABLETELEMETRY },
{ "TAG_DEFINEBITSPTR", TAG_DEFINEBITSPTR },
{ NULL, TAG_UNKNOWN },
};
// clang-format on
// clang-format off
#define SWF_ATTR_USENETWORK 0x01
#define SWF_ATTR_RELATIVEURLS 0x02
#define SWF_ATTR_SUPPRESSCROSSDOMAINCACHE 0x04
#define SWF_ATTR_ACTIONSCRIPT3 0x08
#define SWF_ATTR_HASMETADATA 0x10
#define SWF_ATTR_USEDIRECTBLIT 0x20
#define SWF_ATTR_USEGPU 0x40
#define SWF_ATTR_USEDIRECTBLIT 0x20
#define SWF_ATTR_USEGPU 0x40
// clang-format on
#endif

48
libclamav/textdet.c
View file

@ -54,27 +54,29 @@
#define I 2 /* character appears in ISO-8859 text */
#define X 3 /* character appears in non-ISO extended ASCII (Mac, IBM PC) */
// clang-format off
static char text_chars[256] = {
/* BEL BS HT LF FF CR */
F, F, F, F, F, F, F, T, T, T, T, F, T, T, F, F, /* 0x0X */
/* ESC */
F, F, F, F, F, F, F, F, F, F, F, T, F, F, F, F, /* 0x1X */
T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, /* 0x2X */
T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, /* 0x3X */
T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, /* 0x4X */
T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, /* 0x5X */
T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, /* 0x6X */
T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, F, /* 0x7X */
/* NEL */
X, X, X, X, X, T, X, X, X, X, X, X, X, X, X, X, /* 0x8X */
X, X, X, X, X, X, X, X, X, X, X, X, X, X, X, X, /* 0x9X */
I, I, I, I, I, I, I, I, I, I, I, I, I, I, I, I, /* 0xaX */
I, I, I, I, I, I, I, I, I, I, I, I, I, I, I, I, /* 0xbX */
I, I, I, I, I, I, I, I, I, I, I, I, I, I, I, I, /* 0xcX */
I, I, I, I, I, I, I, I, I, I, I, I, I, I, I, I, /* 0xdX */
I, I, I, I, I, I, I, I, I, I, I, I, I, I, I, I, /* 0xeX */
I, I, I, I, I, I, I, I, I, I, I, I, I, I, I, I /* 0xfX */
/* BEL BS HT LF FF CR */
F, F, F, F, F, F, F, T, T, T, T, F, T, T, F, F, /* 0x0X */
/* ESC */
F, F, F, F, F, F, F, F, F, F, F, T, F, F, F, F, /* 0x1X */
T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, /* 0x2X */
T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, /* 0x3X */
T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, /* 0x4X */
T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, /* 0x5X */
T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, /* 0x6X */
T, T, T, T, T, T, T, T, T, T, T, T, T, T, T, F, /* 0x7X */
/* NEL */
X, X, X, X, X, T, X, X, X, X, X, X, X, X, X, X, /* 0x8X */
X, X, X, X, X, X, X, X, X, X, X, X, X, X, X, X, /* 0x9X */
I, I, I, I, I, I, I, I, I, I, I, I, I, I, I, I, /* 0xaX */
I, I, I, I, I, I, I, I, I, I, I, I, I, I, I, I, /* 0xbX */
I, I, I, I, I, I, I, I, I, I, I, I, I, I, I, I, /* 0xcX */
I, I, I, I, I, I, I, I, I, I, I, I, I, I, I, I, /* 0xdX */
I, I, I, I, I, I, I, I, I, I, I, I, I, I, I, I, /* 0xeX */
I, I, I, I, I, I, I, I, I, I, I, I, I, I, I, I /* 0xfX */
};
// clang-format on
static int td_isascii(const unsigned char *buf, unsigned int len)
{
@ -87,11 +89,11 @@ static int td_isascii(const unsigned char *buf, unsigned int len)
// not been validated to correctly handle multibyte UTF8.
// /* Check for the Byte-Order-Mark for UTF-8 */
// if ((len >= 3) &&
// (buf[0] == 0xEF) &&
// (buf[1] == 0xBB) &&
// (buf[2] == 0xBF))
// (buf[0] == 0xEF) &&
// (buf[1] == 0xBB) &&
// (buf[2] == 0xBF))
// {
// return 0;
// return 0;
// }
/* Validate that the data all falls within the bounds of

59
libclamav/unzip.h
View file

@ -50,7 +50,7 @@ int unzip_search_add(struct zip_requests *, const char *, size_t);
int unzip_search(cli_ctx *, fmap_t *, struct zip_requests *);
int unzip_search_single(cli_ctx *, const char *, size_t, uint32_t *);
// clang-format off
#ifdef UNZIP_PRIVATE
#define F_ENCR (1<<0)
#define F_ALGO1 (1<<1)
@ -68,6 +68,7 @@ int unzip_search_single(cli_ctx *, const char *, size_t, uint32_t *);
#define F_MSKED (1<<13)
#define F_RSVD3 (1<<14)
#define F_RSVD4 (1<<15)
// clang-format on
enum ALGO {
ALG_STORED,
@ -110,17 +111,19 @@ enum ALGO {
/* char extra[elen] */
/* } __attribute__((packed)); */
#define LH_magic ((uint32_t)cli_readint32((uint8_t *)(lh)+0))
#define LH_version ((uint16_t)cli_readint16((uint8_t *)(lh)+4))
#define LH_flags ((uint16_t)cli_readint16((uint8_t *)(lh)+6))
#define LH_method ((uint16_t)cli_readint16((uint8_t *)(lh)+8))
#define LH_mtime ((uint32_t)cli_readint32((uint8_t *)(lh)+10))
#define LH_crc32 ((uint32_t)cli_readint32((uint8_t *)(lh)+14))
#define LH_csize ((uint32_t)cli_readint32((uint8_t *)(lh)+18))
#define LH_usize ((uint32_t)cli_readint32((uint8_t *)(lh)+22))
#define LH_flen ((uint16_t)cli_readint16((uint8_t *)(lh)+26))
#define LH_elen ((uint16_t)cli_readint16((uint8_t *)(lh)+28))
// clang-format off
#define LH_magic ((uint32_t)cli_readint32((uint8_t *)(lh)+0))
#define LH_version ((uint16_t)cli_readint16((uint8_t *)(lh)+4))
#define LH_flags ((uint16_t)cli_readint16((uint8_t *)(lh)+6))
#define LH_method ((uint16_t)cli_readint16((uint8_t *)(lh)+8))
#define LH_mtime ((uint32_t)cli_readint32((uint8_t *)(lh)+10))
#define LH_crc32 ((uint32_t)cli_readint32((uint8_t *)(lh)+14))
#define LH_csize ((uint32_t)cli_readint32((uint8_t *)(lh)+18))
#define LH_usize ((uint32_t)cli_readint32((uint8_t *)(lh)+22))
#define LH_flen ((uint16_t)cli_readint16((uint8_t *)(lh)+26))
#define LH_elen ((uint16_t)cli_readint16((uint8_t *)(lh)+28))
#define SIZEOF_LH 30
// clang-format on
/* struct CH { */
/* uint32_t magic; */
@ -144,23 +147,25 @@ enum ALGO {
/* char comment[clen] */
/* } __attribute__((packed)); */
#define CH_magic ((uint32_t)cli_readint32((uint8_t *)(ch)+0))
#define CH_vermade ((uint16_t)cli_readint16((uint8_t *)(ch)+4))
#define CH_verneed ((uint16_t)cli_readint16((uint8_t *)(ch)+6))
#define CH_flags ((uint16_t)cli_readint16((uint8_t *)(ch)+8))
#define CH_method ((uint16_t)cli_readint16((uint8_t *)(ch)+10))
#define CH_mtime ((uint32_t)cli_readint32((uint8_t *)(ch)+12))
#define CH_crc32 ((uint32_t)cli_readint32((uint8_t *)(ch)+16))
#define CH_csize ((uint32_t)cli_readint32((uint8_t *)(ch)+20))
#define CH_usize ((uint32_t)cli_readint32((uint8_t *)(ch)+24))
#define CH_flen ((uint16_t)cli_readint16((uint8_t *)(ch)+28))
#define CH_elen ((uint16_t)cli_readint16((uint8_t *)(ch)+30))
#define CH_clen ((uint16_t)cli_readint16((uint8_t *)(ch)+32))
#define CH_dsk ((uint16_t)cli_readint16((uint8_t *)(ch)+34))
#define CH_iattrib ((uint16_t)cli_readint16((uint8_t *)(ch)+36))
#define CH_eattrib ((uint32_t)cli_readint32((uint8_t *)(ch)+38))
#define CH_off ((uint32_t)cli_readint32((uint8_t *)(ch)+42))
// clang-format off
#define CH_magic ((uint32_t)cli_readint32((uint8_t *)(ch)+0))
#define CH_vermade ((uint16_t)cli_readint16((uint8_t *)(ch)+4))
#define CH_verneed ((uint16_t)cli_readint16((uint8_t *)(ch)+6))
#define CH_flags ((uint16_t)cli_readint16((uint8_t *)(ch)+8))
#define CH_method ((uint16_t)cli_readint16((uint8_t *)(ch)+10))
#define CH_mtime ((uint32_t)cli_readint32((uint8_t *)(ch)+12))
#define CH_crc32 ((uint32_t)cli_readint32((uint8_t *)(ch)+16))
#define CH_csize ((uint32_t)cli_readint32((uint8_t *)(ch)+20))
#define CH_usize ((uint32_t)cli_readint32((uint8_t *)(ch)+24))
#define CH_flen ((uint16_t)cli_readint16((uint8_t *)(ch)+28))
#define CH_elen ((uint16_t)cli_readint16((uint8_t *)(ch)+30))
#define CH_clen ((uint16_t)cli_readint16((uint8_t *)(ch)+32))
#define CH_dsk ((uint16_t)cli_readint16((uint8_t *)(ch)+34))
#define CH_iattrib ((uint16_t)cli_readint16((uint8_t *)(ch)+36))
#define CH_eattrib ((uint32_t)cli_readint32((uint8_t *)(ch)+38))
#define CH_off ((uint32_t)cli_readint32((uint8_t *)(ch)+42))
#define SIZEOF_CH 46
// clang-format on
#define SIZEOF_EH 12
#endif /* UNZIP_PRIVATE */

6
libclamav/xar.h
View file

@ -50,13 +50,15 @@ struct xar_header {
uint32_t chksum_alg; /* 0 = none */
};
#define XAR_HEADER_MAGIC 0x78617221
#define XAR_HEADER_VERSION 0
// clang-format off
#define XAR_HEADER_MAGIC 0x78617221
#define XAR_HEADER_VERSION 0
#define XAR_CKSUM_NONE 0
#define XAR_CKSUM_SHA1 1
#define XAR_CKSUM_MD5 2
#define XAR_CKSUM_OTHER 3
// clang-format on
#ifdef HAVE_PRAGMA_PACK
#pragma pack()

190
libclamav/yara_clam.h
View file

@ -19,8 +19,9 @@
* Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
/* Most of this file was derived from yara 2.1.0 libyara/yara.h and
other YARA header files. Following is the YARA copyright. */
/* Most of this file was derived from Yara 2.1.0 libyara/yara.h and
* other YARA header files. Following is the YARA copyright. */
/*
Copyright (c) 2007-2013. The YARA Authors. All Rights Reserved.
@ -45,7 +46,11 @@ limitations under the License.
#include "others.h"
#include "str.h"
/* From libyara/include/yara/types.h */
// clang-format off
/*
* From libyara/include/yara/types.h
*/
#define DECLARE_REFERENCE(type, name) \
union { type name; int64_t name##_; }
@ -54,7 +59,6 @@ limitations under the License.
#define META_TYPE_STRING 2
#define META_TYPE_BOOLEAN 3
#define STRING_GFLAGS_REFERENCED 0x01
#define STRING_GFLAGS_HEXADECIMAL 0x02
#define STRING_GFLAGS_NO_CASE 0x04
@ -163,44 +167,44 @@ limitations under the License.
typedef struct _YR_OBJECT
{
OBJECT_COMMON_FIELDS
OBJECT_COMMON_FIELDS
} YR_OBJECT;
typedef struct _YR_OBJECT_INTEGER
{
OBJECT_COMMON_FIELDS
int64_t value;
OBJECT_COMMON_FIELDS
int64_t value;
} YR_OBJECT_INTEGER;
typedef struct _YR_OBJECT_STRING
{
OBJECT_COMMON_FIELDS
char* value;
OBJECT_COMMON_FIELDS
char* value;
} YR_OBJECT_STRING;
typedef struct _YR_OBJECT_ARRAY
{
OBJECT_COMMON_FIELDS
struct _YR_ARRAY_ITEMS* items;
OBJECT_COMMON_FIELDS
struct _YR_ARRAY_ITEMS* items;
} YR_OBJECT_ARRAY;
typedef struct _YR_SCAN_CONTEXT
{
uint64_t file_size;
uint64_t entry_point;
uint64_t file_size;
uint64_t entry_point;
int flags;
void* user_data;
int flags;
void* user_data;
//YR_MEMORY_BLOCK* mem_block;
YR_HASH_TABLE* objects_table;
//YR_CALLBACK_FUNC callback;
fmap_t * fmap;
//YR_MEMORY_BLOCK* mem_block;
YR_HASH_TABLE* objects_table;
//YR_CALLBACK_FUNC callback;
fmap_t * fmap;
} YR_SCAN_CONTEXT;
struct _YR_OBJECT_FUNCTION;
@ -212,23 +216,25 @@ typedef int (*YR_MODULE_FUNC)(
typedef struct _YR_OBJECT_FUNCTION
{
OBJECT_COMMON_FIELDS
OBJECT_COMMON_FIELDS
const char* arguments_fmt;
const char* arguments_fmt;
YR_OBJECT* return_obj;
YR_MODULE_FUNC code;
YR_OBJECT* return_obj;
YR_MODULE_FUNC code;
} YR_OBJECT_FUNCTION;
typedef struct _YR_ARRAY_ITEMS
{
int count;
YR_OBJECT* objects[1];
int count;
YR_OBJECT* objects[1];
} YR_ARRAY_ITEMS;
/* From libyara/include/yara/sizedstr.h */
/*
* From libyara/include/yara/sizedstr.h
*/
#define SIZED_STRING_FLAGS_NO_CASE 1
#define SIZED_STRING_FLAGS_DOT_ALL 2
@ -241,7 +247,9 @@ typedef struct _SIZED_STRING
} SIZED_STRING;
/* From libyara/include/yara/error.h */
/*
* From libyara/include/yara/error.h
*/
#ifndef ERROR_SUCCESS
#define ERROR_SUCCESS 0
#endif
@ -287,21 +295,23 @@ typedef struct _SIZED_STRING
#define ERROR_WRONG_NUMBER_OF_ARGUMENTS 40
#define FAIL_ON_ERROR(x) { \
int result = (x); \
if (result != ERROR_SUCCESS) \
return result; \
int result = (x); \
if (result != ERROR_SUCCESS) \
return result; \
}
#define FAIL_ON_COMPILER_ERROR(x) { \
compiler->last_result = (x); \
if (compiler->last_result != ERROR_SUCCESS) { \
if (compiler->last_result == ERROR_INSUFICIENT_MEMORY) \
yyfatal(yyscanner, "YARA fatal error: terminating rule parse\n"); \
return compiler->last_result; \
} \
compiler->last_result = (x); \
if (compiler->last_result != ERROR_SUCCESS) { \
if (compiler->last_result == ERROR_INSUFICIENT_MEMORY) \
yyfatal(yyscanner, "YARA fatal error: terminating rule parse\n"); \
return compiler->last_result; \
} \
}
/* From libyara/include/yara/re.h */
/*
* From libyara/include/yara/re.h
*/
#define RE_FLAGS_FAST_HEX_REGEXP 0x02
#define RE_FLAGS_BACKWARDS 0x04
#define RE_FLAGS_EXHAUSTIVE 0x08
@ -309,96 +319,100 @@ typedef struct _SIZED_STRING
#define RE_FLAGS_NO_CASE 0x20
#define RE_FLAGS_SCAN 0x40
#define RE_FLAGS_DOT_ALL 0x80
#define RE_FLAGS_NOT_AT_START 0x100
#define RE_FLAGS_NOT_AT_START 0x100
typedef struct _YR_META
{
int32_t type;
int32_t integer;
int32_t type;
int32_t integer;
DECLARE_REFERENCE(char*, identifier);
DECLARE_REFERENCE(char*, string);
DECLARE_REFERENCE(char*, identifier);
DECLARE_REFERENCE(char*, string);
} YR_META;
#if REAL_YARA
typedef struct _YR_STRING
{
int32_t g_flags;
int32_t length;
int32_t g_flags;
int32_t length;
DECLARE_REFERENCE(char*, identifier);
DECLARE_REFERENCE(uint8_t*, string);
DECLARE_REFERENCE(struct _YR_STRING*, chained_to);
DECLARE_REFERENCE(char*, identifier);
DECLARE_REFERENCE(uint8_t*, string);
DECLARE_REFERENCE(struct _YR_STRING*, chained_to);
int32_t chain_gap_min;
int32_t chain_gap_max;
int32_t chain_gap_min;
int32_t chain_gap_max;
// YR_MATCHES matches[MAX_THREADS];
// YR_MATCHES unconfirmed_matches[MAX_THREADS];
// YR_MATCHES matches[MAX_THREADS];
// YR_MATCHES unconfirmed_matches[MAX_THREADS];
} YR_STRING;
#endif
typedef struct _YR_EXTERNAL_VARIABLE
{
int32_t type;
int64_t integer;
int32_t type;
int64_t integer;
DECLARE_REFERENCE(char*, identifier);
DECLARE_REFERENCE(char*, string);
DECLARE_REFERENCE(char*, identifier);
DECLARE_REFERENCE(char*, string);
} YR_EXTERNAL_VARIABLE;
typedef struct _YR_NAMESPACE
{
DECLARE_REFERENCE(char*, name);
DECLARE_REFERENCE(char*, name);
} YR_NAMESPACE;
/* From libyara/include/yara/exec.h */
/*
* From libyara/include/yara/exec.h
*/
typedef struct RE RE;
typedef struct RE_NODE RE_NODE;
struct RE_NODE
{
int type;
int type;
union {
int value;
int count;
int start;
};
union {
int value;
int count;
int start;
};
union {
int mask;
int end;
};
union {
int mask;
int end;
};
int greedy;
int greedy;
uint8_t* class_vector;
uint8_t* class_vector;
RE_NODE* left;
RE_NODE* right;
RE_NODE* left;
RE_NODE* right;
void* forward_code;
void* backward_code;
void* forward_code;
void* backward_code;
};
struct RE {
uint32_t flags;
RE_NODE* root_node;
uint32_t flags;
RE_NODE* root_node;
const char* error_message;
int error_code;
const char* error_message;
int error_code;
};
/* From libyara/include/yara/limits.h */
/*
* From libyara/include/yara/limits.h
*/
#define MAX_COMPILER_ERROR_EXTRA_INFO 256
#define MAX_LOOP_NESTING 4
#define MAX_FUNCTION_ARGS 128
@ -406,10 +420,12 @@ struct RE {
#define LEX_BUF_SIZE 1024
#define MAX_INCLUDE_DEPTH 16
#ifndef MAX_PATH
#define MAX_PATH 1024
#define MAX_PATH 1024
#endif
/* From libyara/include/yara/object.h */
/*
* From libyara/include/yara/object.h
*/
#define OBJECT_TYPE_INTEGER 1
#define OBJECT_TYPE_STRING 2
#define OBJECT_TYPE_STRUCTURE 3
@ -417,7 +433,9 @@ struct RE {
#define OBJECT_TYPE_FUNCTION 5
#define OBJECT_TYPE_REGEXP 6
/* From libyara/include/yara/utils.h */
/*
* From libyara/include/yara/utils.h
*/
#define UINT64_TO_PTR(type, x) ((type)(size_t) x)
#define PTR_TO_UINT64(x) ((uint64_t) (size_t) x)
@ -431,7 +449,9 @@ struct RE {
#define RULE_OFFSETS 32
#endif
/* YARA to ClamAV function mappings */
/*
* YARA to ClamAV function mappings
*/
#define yr_strdup cli_strdup
#define yr_malloc cli_malloc
#define yr_realloc cli_realloc
@ -443,7 +463,9 @@ struct RE {
#define strlcpy cli_strlcpy
#define strlcat cli_strlcat
/* YARA-defined structure replacements for ClamAV */
/*
* YARA-defined structure replacements for ClamAV
*/
struct _yc_rule {
STAILQ_ENTRY(_yc_rule) link;
STAILQ_HEAD(sq, _yc_string) strings;
@ -469,5 +491,7 @@ typedef struct _yc_string {
typedef yc_rule YR_RULE;
typedef yc_string YR_STRING;
// clang-format on
#endif

6
libclamav/yara_parser.c
View file

@ -59,9 +59,9 @@ limitations under the License.
#include "others.h"
#endif
#define todigit(x) ((x) >='A'&& (x) <='F')? \
((uint8_t) (x - 'A' + 10)) : \
((uint8_t) (x - '0'))
#define todigit(x) ((x) >='A'&& (x) <='F') \
? ((uint8_t) (x - 'A' + 10)) \
: ((uint8_t) (x - '0'))
int yr_parser_emit(

8
libfreshclam/libfreshclam.c
View file

@ -69,7 +69,7 @@ char updtmpdir[512], dbdir[512];
static int
download (const struct optstruct *opts, const char *cfgfile)
{
int ret = 0, try = 1, maxattempts = 0;
int ret = 0, attempt = 1, maxattempts = 0;
const struct optstruct *opt;
@ -86,17 +86,17 @@ download (const struct optstruct *opts, const char *cfgfile)
{
while (opt)
{
ret = downloadmanager (opts, opt->strarg, try);
ret = downloadmanager (opts, opt->strarg, attempt);
#ifndef _WIN32
alarm (0);
#endif
if (ret == FCE_CONNECTION || ret == FCE_BADCVD
|| ret == FCE_FAILEDGET || ret == FCE_MIRRORNOTSYNC)
{
if (try < maxattempts)
if (attempt < maxattempts)
{
logg ("Trying again in 5 secs...\n");
try++;
attempt++;
sleep (5);
continue;
}

30
shared/optparser.h
View file

@ -23,21 +23,23 @@
#define __OPTPARSER_H
/* don't share bits! */
#define OPT_CLAMD 1
#define OPT_FRESHCLAM 2
#define OPT_MILTER 4
#define OPT_CLAMSCAN 8
#define OPT_CLAMDSCAN 16
#define OPT_SIGTOOL 32
#define OPT_CLAMCONF 64
#define OPT_CLAMDTOP 128
#define OPT_CLAMBC 256
#define OPT_DEPRECATED 512
// clang-format off
#define OPT_CLAMD 1
#define OPT_FRESHCLAM 2
#define OPT_MILTER 4
#define OPT_CLAMSCAN 8
#define OPT_CLAMDSCAN 16
#define OPT_SIGTOOL 32
#define OPT_CLAMCONF 64
#define OPT_CLAMDTOP 128
#define OPT_CLAMBC 256
#define OPT_DEPRECATED 512
#define CLOPT_TYPE_STRING 1 /* quoted/regular string */
#define CLOPT_TYPE_NUMBER 2 /* raw number */
#define CLOPT_TYPE_SIZE 3 /* number possibly followed by modifiers (M/m or K/k) */
#define CLOPT_TYPE_BOOL 4 /* boolean */
#define CLOPT_TYPE_STRING 1 /* quoted/regular string */
#define CLOPT_TYPE_NUMBER 2 /* raw number */
#define CLOPT_TYPE_SIZE 3 /* number possibly followed by modifiers (M/m or K/k) */
#define CLOPT_TYPE_BOOL 4 /* boolean */
// clang-format on
struct optstruct {
char *name;