Commit graph

11246 commits

Author SHA1 Message Date
Val S.
d8b053865f
Set version to 1.4.3, FLEVEL to 213; Update NEWS.md 2025-06-13 12:01:58 -04:00
Val S.
fa3493199e
Merge pull request #21 from cisco-sbg/CLAM-2746-lzma-sdk-7z-xz-bugfix-1.4
Fix lzma-sdk xz bug (1.4.3)
2025-05-27 17:34:55 -04:00
Val Snyder
1741d2b911
Fix lzma-sdk xz bug
A use-after-free read is possible in the Xz decoder cleanup.

The fix is to set a pointer to NULL so it doesn't try to
dereference it and free a second time.

Fixes https://issues.oss-fuzz.com/issues/384549094

This fix is also present in lzma-sdk version 18.01.
Ref: https://github.com/welovegit/LZMA-SDK/blame/main/C/XzDec.c#L508
2025-05-22 18:49:13 -04:00
Val S.
bca003b028
Merge pull request #27 from cisco-sbg/CLAM-2752-pdf-overflow-1.4
Fix integer overflow in PDF parser (1.4.3)
2025-05-22 18:33:07 -04:00
John Humlick
7fe290b573
Fix integer overflow in PDF parser
The ascii85decode function calculates the amount of memory to reserve as
a function of (4 * bytes) + 1. Since the result is stored in a uint32_t,
we need to make sure that this calculation will not overflow. If we
detect that an overflow would occur, return CL_EFORMAT and do not
proceed.

Also check additional potential overflow conditions.
Other areas were identified that could potentially overflow.
This commit adds additional checks to prevent said overflows.

Thank you Greg Walkup at Sandia National Labs for reporting this issue.

CLAM-2752
CLAM-2757
CLAM-2759
2025-05-06 11:18:06 -04:00
Val S.
8c62d0a0e6
Merge pull request #25 from cisco-sbg/CLAM-2748-UDF-oob-read-extract-to-tempfile-1.4
Fix out of bounds read in UDF parser
2025-04-23 10:53:58 -04:00
Micah Snyder
4d6dc739be
CMake: Fix Windows build issue w/ conflicting libraries
At install, the CMake build may fail if it detects the same library
dependency in two locations. This happened for us with the following
error:

  CMake Error at libfreshclam/cmake_install.cmake:157 (file):
    file Multiple conflicting paths found for libcrypto-3-x64.dll:

      C:/Users/clamav_jenkins_svc.TALOS/clam_dependencies/x64/lib/libcrypto-3-x64.dll
      C:/WINDOWS/system32/libcrypto-3-x64.dll
      C:\WINDOWS\system32/libcrypto-3-x64.dll
  Call Stack (most recent call first):
    cmake_install.cmake:96 (include)

This happens when system provided DLL names match exactly with the ones
we provide. ClamAV woudld't prefer that DLL at load time, because it
looks in the EXE directory first. But it does confuse the `file()`
command used to locate build dependencies.

The fix in this commit uses a regex to exclude all libraries found under
C:\Windows
2025-04-18 13:25:26 -04:00
Val Snyder
9d72993eba
Fix out of bounds read in UDF parser
A pointer representing file identifiers and file entries may be added to
a list for later processing before validating the length of the data is
within the given volume descriptor size.

The fix moves the size check to occur before adding it to the list.

Issue reported by volticks, @movx64 on Twitter working with Trend Micro
Zero Day Initiative.
2025-04-18 13:25:21 -04:00
Micah Snyder
98882f5f01
Merge pull request #17 from cisco-sbg/CLAM-2696-ole2-decrypt-overread-1.4
Fix bounds check in OLE2 decryption (1.4.2)
2025-01-19 23:53:11 -05:00
Micah Snyder
1de7092d6f
Set version to 1.4.2, FLEVEL to 212; Update NEWS.md 2025-01-13 16:35:39 -05:00
Micah Snyder
537500d1e9
Rust: Update buggy vendored dependencies
According to the `cargo audi` command, the bytes and bytemuck
versions we were using were yanked.
I have updated them to the latest versions and confirmed it did
not affect the minimum supported rust version (MSRV).
2025-01-13 16:33:49 -05:00
Micah Snyder
935b2fe3a7
Fix bounds check in OLE2 decryption
The bounds check for the loop iterating an OLE2 block during decryption
may have an integer unerflow if the `leftover + bytesToWrite` is less
than 16. That results in a significant buffer over read and a segfault.

The fix is simply to do addition on the left side of the check instead
of subtraction on the right.

Fixes https://issues.oss-fuzz.com/issues/372544101
2024-10-23 12:55:42 -04:00
Micah Snyder
0542087228
Merge pull request #8 from cisco-sbg/CLAM-2638-CLAM-2627-CLAM-2634-1.4.1-changes-with-CVE-fixes
Clam 2638 clam 2627 clam 2634 1.4.1 changes with CVE fixes
2024-09-02 20:51:37 -04:00
Micah Snyder
d898fb4cd7
News: updates prior to 1.4.1 2024-09-02 12:00:29 -04:00
Micah Snyder
30752dacad
Tests: remove unused Python modules from freshclam tests
The 'cgi' module is deprecrated and will be removed in Python 3.13.
We weren't using it anyways.

Fixes: https://github.com/Cisco-Talos/clamav/issues/1327
2024-09-01 14:56:41 -04:00
Micah Snyder
a7dd1ec28b
Fix possible out of bounds read in PDF parser
The `find_length()` function in the PDF parser incorrectly assumes that
objects found are located in the main PDF file map, and fails to take
into account whether the objects were in fact found in extracted PDF
object streams. The resulting pointer is then invalid and may be an out
of bounds read.

This issue was found by OSS-Fuzz.

This fix checks if the object is from an object stream, and then
calculates the pointer based on the start of the object stream instead
of based on the start of the PDF.

I've also added extra checks to verify the calculated pointer and object
size are within the stream (or PDF file map). I'm not entirely sure this
is necessary, but better safe than sorry.

Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69617
2024-08-31 14:15:39 -04:00
Micah Snyder
4ba48b170c
Disable following symlinks when opening log files
The log module used by clamd and freshclam may follow symlinks.
This is a potential security concern since the log may be owned by
the unprivileged service but may be opened by the service running as
root on startup.

For Windows, we'll define O_NOFOLLOW so the code works, though the issue
does not affect Windows.

Issue reported by Detlef.
2024-08-31 14:15:39 -04:00
Micah Snyder
fd0931ff18
Bump version to 1.4.1 and FLEVEL to 211 2024-08-31 14:15:34 -04:00
Micah Snyder
cad552d115
Merge pull request #1280 from micahsnyder/CLAM-2559-1.4.0-release-prep
Remove the -rc suffix for 1.4.0 release
2024-07-29 13:44:58 -07:00
Micah Snyder
9d25f803d1
Merge pull request #1316 from micahsnyder/increase-modulename-length
tests: Fix issue when path to unrar module is very long
2024-07-29 13:44:18 -07:00
Micah Snyder
e131ad8bd5
Merge pull request #1263 from micahsnyder/lzh-delharc-crc-check-fix
LZH: check CRC after reading file data
2024-07-29 08:10:54 -07:00
Micah Snyder
1da18af0f7
LZH: check CRC after reading file data
The checksum should be verified after reading file data, not before.
2024-07-26 14:50:25 -04:00
Micah Snyder
0d4075ec6c
Merge pull request #1318 from Artoria2e5/patch-1
INSTALL.md: change LLVM description
2024-07-26 09:22:14 -07:00
Mingye Wang
333ac26af5
INSTALL.md: change LLVM description
Somehow the changes from #692 did not come with a doc update. The cap at version 13 is given from #574. I did not try to build it with LLVM 14, so I don't know whether it truly doesn't compile or simply fails due to the CMake thing.
2024-07-26 16:11:09 +08:00
Micah Snyder
55a526d310
Merge pull request #1317 from znley/main
Bump rust libc from 0.2.154 to 0.2.155
2024-07-25 10:33:25 -07:00
znley
8aa8524661
Bump rust libc from 0.2.154 to 0.2.155
rust libc 0.2.154 has been yanked.
https://crates.io/crates/libc/0.2.154
2024-07-25 12:53:41 -04:00
Micah Snyder
287d8d830f
tests: Fix issue when path to unrar module is very long
If the LD_LIBRARY_PATH for libclamunrar_iface longer than 128 chars,
it may be truncated and fail to load the RAR module.
2024-07-24 11:39:17 -04:00
Micah Snyder
565142d469
News: final updates prior to 1.4.0 2024-07-23 18:52:14 -04:00
Micah Snyder
37bcf93345
Undo libclamav SOVERSION change; Only bump revision
Resolves https://github.com/Cisco-Talos/clamav/issues/1296
2024-07-23 18:33:22 -04:00
Micah Snyder
09e828bc63
Remove the -rc suffix for 1.4.0 release 2024-07-23 18:33:19 -04:00
Micah Snyder
6c0d644a3e
Merge pull request #1309 from userwiths/issue-1174-FailIfCvdOlderThan-error-on-whitelist
fix: Allow `clamd` to start normally when a whitelist is present.
2024-07-23 14:07:22 -07:00
Stiliyan Tonev (Bark)
9a7b186aec
fix: Issue with --fail-if-cvd-older-than and non-CVD database files
Clamscan and ClamD will throw an error if you use the
'--fail-if-cvd-older-than=DAYS' / 'FailIfCvdOlderThan' option and
try to load any plaintext signature files.
That is, it throws an error when encountering plain signature files like
`.ign2`, `.ldb`, `.hdb`, etc.
This feature should only verify CVD / CLD files.

The feature (and bug) was introduced in ClamAV 1.1.0, here:
e4fe6654c1

With this change, the `cl_cvdgetage` checks will skip any file that is
not a CVD or CLD.

Fixes: https://github.com/Cisco-Talos/clamav/issues/1174
2024-07-23 16:01:07 -04:00
Micah Snyder
2a5241ab6d
Merge pull request #1301 from liushuyu/respect-build-flags
cmake/FindRust.cmake: inherit RUSTFLAGS from the environment
2024-07-23 09:53:20 -07:00
liushuyu
bef8451ad2
cmake/FindRust.cmake: inherit RUSTFLAGS from the environment 2024-07-23 10:05:40 +08:00
Micah Snyder
8f914a0105
Merge pull request #1294 from sebastianas/lib_version
Add a dependency for the version map.
2024-07-22 10:53:23 -07:00
Micah Snyder
60ade09054
Merge pull request #1305 from micahsnyder/CLAM-2636-expiring-crb-and-Y2K38
Fix unit test caused by expiring signing certificate
2024-07-22 10:47:57 -07:00
Micah Snyder
d11590f7a4
Fix unit test caused by expiring signing certificate
The clamscan test "assorted_test.py::TC::test_pe_cert_trust" is about to
fail because the "test.exe" test file was signed with a cert set to
expire after only 2 years, and it has been 23 months.

While attempting to generate a new one that will last 73000 days (200
years), I discovered that any signing certificate set to expire after
2038 will fail the trust-check because the `ca.not_after` variable is
maxed out `time_t` incapable of expressing a higher number.
To fix this, I've upgraded the variables to `uint64_t`.

I also had to replace a bunch of generated signatures to match the new
"test.exe".

Finally, I noticed that "ca.not_before" was being set to the token[8]
instead of token[9], which presumably mean the "NotBefore" field for
Trusted and Revoked Certificates was non-functional, as it was treating
the "CertSign" boolean as the "NotBefore" value.

Fixes: https://github.com/Cisco-Talos/clamav/issues/1300
2024-07-22 13:25:52 -04:00
Sebastian Andrzej Siewior
34d4d0ed83
Add a dependency for the version map.
Add a dependcy  on that version map so that it is re-run once it
changes.

Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
2024-07-22 10:28:03 -04:00
Micah Snyder
652d5f6cd3
Merge pull request #1293 from sebastianas/unaligned
cli_check_mydoom_log: Avoid unaligned access.
2024-07-22 07:26:37 -07:00
Sebastian Andrzej Siewior
5ea4640cc9
cli_check_mydoom_log: Avoid unaligned access.
fmap_need_off_once() may return an unaligned pointer. This in return
leads to an unaligned access during the load of the uint32_t variables
loading to failures on architectures not supporting unaligned access.

This was reported to the Debian BTS as #1073128.

[bigeasy: Commit message, reworked the patch a bit].

Link: https://bugs.debian.org/1073128
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
2024-07-22 10:12:22 -04:00
Micah Snyder
15ba6198fc
Merge pull request #1307 from liushuyu/fix-ci
CI: Fix recent CI failures
2024-07-22 06:42:51 -07:00
liushuyu
af39b28b26
CI: update various GitHub Actions imports in cmake.yml 2024-07-22 09:17:31 -04:00
liushuyu
f65b95edeb
cmake/FindRust.cmake: strip MSVC linker flags ...
... from native libraries array. Otherwise Ninja will get very confused.
2024-07-22 09:17:31 -04:00
liushuyu
acdacd4fef
clamonacc/inotif/inotif.c: format code 2024-07-22 09:17:31 -04:00
liushuyu
7ebabe5548
CI: Upgrade GitHub Actions imports in clang-format.yml 2024-07-22 09:17:28 -04:00
Micah Snyder
06a9bb1feb
Merge pull request #1273 from ragusaa/CLAM-2629-OssFuzz
Adding additional alz error checking.
2024-07-19 09:44:32 -07:00
Andy Ragusa
16fadc2eab
Added check for empty data 2024-07-08 17:23:32 -04:00
Andy Ragusa
87e4a34207
Added error checking for null/empty strings to prevent bad reads 2024-07-08 17:23:26 -04:00
Micah Snyder
1d30588181
Merge pull request #1284 from Cisco-Talos/micahsnyder-news-typo
NEWS.md: Fix copy/paste typo
2024-06-26 09:40:48 -07:00
Micah Snyder
4eb26b6ff8
Merge pull request #1272 from micahsnyder/CLAM-2615-git-pipeline-migration
Jenkins: separate build pipeline and package test pipeline
2024-06-25 13:54:02 -07:00