mirror of
https://github.com/Cisco-Talos/clamav.git
synced 2025-10-19 18:33:16 +00:00
8e04c25fec
We have some special functions to wrap malloc, calloc, and realloc to make sure we don't allocate more than some limit, similar to the max-filesize and max-scansize limits. Our wrappers are really only needed when allocating memory for scans based on untrusted user input, where a scan file could have bytes that claim you need to allocate some ridiculous amount of memory. Right now they're named: - cli_malloc - cli_calloc - cli_realloc - cli_realloc2 ... and these names do not convey their purpose This commit renames them to: - cli_max_malloc - cli_max_calloc - cli_max_realloc - cli_max_realloc2 The realloc ones also have an additional feature in that they will not free your pointer if you try to realloc to 0 bytes. Freeing the memory is undefined by the C spec, and only done with some realloc implementations, so this stabilizes on the behavior of not doing that, which should prevent accidental double-free's. So for the case where you may want to realloc and do not need to have a maximum, this commit adds the following functions: - cli_safer_realloc - cli_safer_realloc2 These are used for the MPOOL_REALLOC and MPOOL_REALLOC2 macros when MPOOL is disabled (e.g. because mmap-support is not found), so as to match the behavior in the mpool_realloc/2 functions that do not make use of the allocation-limit.
162 lines
5.6 KiB
C
162 lines
5.6 KiB
C
/* $OpenBSD: regexec.c,v 1.14 2018/07/11 12:38:46 martijn Exp $ */
|
|
/*-
|
|
* Copyright (c) 1992, 1993, 1994 Henry Spencer.
|
|
* Copyright (c) 1992, 1993, 1994
|
|
* The Regents of the University of California. All rights reserved.
|
|
*
|
|
* This code is derived from software contributed to Berkeley by
|
|
* Henry Spencer.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
* 3. Neither the name of the University nor the names of its contributors
|
|
* may be used to endorse or promote products derived from this software
|
|
* without specific prior written permission.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
* SUCH DAMAGE.
|
|
*
|
|
* @(#)regexec.c 8.3 (Berkeley) 3/20/94
|
|
*/
|
|
|
|
/*
|
|
* the outer shell of regexec()
|
|
*
|
|
* This file includes engine.c *twice*, after muchos fiddling with the
|
|
* macros that code uses. This lets the same code operate on two different
|
|
* representations for state sets.
|
|
*/
|
|
#include <sys/types.h>
|
|
#include <stdio.h>
|
|
#include <stdlib.h>
|
|
#include <string.h>
|
|
#include <limits.h>
|
|
#include <ctype.h>
|
|
#include "others.h"
|
|
#include "regex.h"
|
|
|
|
#include "utils.h"
|
|
#include "regex2.h"
|
|
|
|
/* macros for manipulating states, small version */
|
|
#define states long
|
|
#define states1 long /* for later use in cli_regexec() decision */
|
|
#define CLEAR(v) ((v) = 0)
|
|
#define SET0(v, n) ((v) &= ~((unsigned long)1 << (n)))
|
|
#define SET1(v, n) ((v) |= (unsigned long)1 << (n))
|
|
#define ISSET(v, n) (((v) & ((unsigned long)1 << (n))) != 0)
|
|
#define ASSIGN(d, s) ((d) = (s))
|
|
#define EQ(a, b) ((a) == (b))
|
|
#define STATEVARS long dummy /* dummy version */
|
|
#define STATESETUP(m, n) /* nothing */
|
|
#define STATETEARDOWN(m) /* nothing */
|
|
#define SETUP(v) ((v) = 0)
|
|
#define onestate long
|
|
#define INIT(o, n) ((o) = (unsigned long)1 << (n))
|
|
#define INC(o) ((o) <<= 1)
|
|
#define ISSTATEIN(v, o) (((v) & (o)) != 0)
|
|
/* some abbreviations; note that some of these know variable names! */
|
|
/* do "if I'm here, I can also be there" etc without branches */
|
|
#define FWD(dst, src, n) ((dst) |= ((unsigned long)(src)&(here)) << (n))
|
|
#define BACK(dst, src, n) ((dst) |= ((unsigned long)(src)&(here)) >> (n))
|
|
#define ISSETBACK(v, n) (((v) & ((unsigned long)here >> (n))) != 0)
|
|
/* function names */
|
|
#define SNAMES /* engine.c looks after details */
|
|
|
|
#include "engine.c"
|
|
|
|
/* now undo things */
|
|
#undef states
|
|
#undef CLEAR
|
|
#undef SET0
|
|
#undef SET1
|
|
#undef ISSET
|
|
#undef ASSIGN
|
|
#undef EQ
|
|
#undef STATEVARS
|
|
#undef STATESETUP
|
|
#undef STATETEARDOWN
|
|
#undef SETUP
|
|
#undef onestate
|
|
#undef INIT
|
|
#undef INC
|
|
#undef ISSTATEIN
|
|
#undef FWD
|
|
#undef BACK
|
|
#undef ISSETBACK
|
|
#undef SNAMES
|
|
|
|
/* macros for manipulating states, large version */
|
|
#define states char *
|
|
#define CLEAR(v) memset(v, 0, m->g->nstates)
|
|
#define SET0(v, n) ((v)[n] = 0)
|
|
#define SET1(v, n) ((v)[n] = 1)
|
|
#define ISSET(v, n) ((v)[n])
|
|
#define ASSIGN(d, s) memcpy(d, s, m->g->nstates)
|
|
#define EQ(a, b) (memcmp(a, b, m->g->nstates) == 0)
|
|
#define STATEVARS long vn; char *space
|
|
#define STATESETUP(m, nv) { (m)->space = cli_max_malloc((nv)*(m)->g->nstates); \
|
|
if ((m)->space == NULL) return(REG_ESPACE); \
|
|
(m)->vn = 0; }
|
|
#define STATETEARDOWN(m) { free((m)->space); }
|
|
#define SETUP(v) ((v) = &m->space[m->vn++ * m->g->nstates])
|
|
#define onestate long
|
|
#define INIT(o, n) ((o) = (n))
|
|
#define INC(o) ((o)++)
|
|
#define ISSTATEIN(v, o) ((v)[o])
|
|
/* some abbreviations; note that some of these know variable names! */
|
|
/* do "if I'm here, I can also be there" etc without branches */
|
|
#define FWD(dst, src, n) ((dst)[here+(n)] |= (src)[here])
|
|
#define BACK(dst, src, n) ((dst)[here-(n)] |= (src)[here])
|
|
#define ISSETBACK(v, n) ((v)[here - (n)])
|
|
/* function names */
|
|
#define LNAMES /* flag */
|
|
|
|
#include "engine.c"
|
|
|
|
/*
|
|
- regexec - interface for matching
|
|
*
|
|
* We put this here so we can exploit knowledge of the state representation
|
|
* when choosing which matcher to call. Also, by this point the matchers
|
|
* have been prototyped.
|
|
*/
|
|
int /* 0 success, REG_NOMATCH failure */
|
|
cli_regexec(const regex_t *preg, const char *string, size_t nmatch,
|
|
regmatch_t pmatch[], int eflags)
|
|
{
|
|
struct re_guts *g = preg->re_g;
|
|
|
|
#ifdef REDEBUG
|
|
# define GOODFLAGS(f) (f)
|
|
#else
|
|
# define GOODFLAGS(f) ((f)&(REG_NOTBOL|REG_NOTEOL|REG_STARTEND))
|
|
#endif
|
|
|
|
if (preg->re_magic != MAGIC1 || g->magic != MAGIC2)
|
|
return(REG_BADPAT);
|
|
assert(!(g->iflags®EX_BAD));
|
|
if (g->iflags®EX_BAD) /* backstop for no-debug case */
|
|
return(REG_BADPAT);
|
|
eflags = GOODFLAGS(eflags);
|
|
|
|
if ((unsigned long)g->nstates <= CHAR_BIT*sizeof(states1) && !(eflags®_LARGE))
|
|
return(smatcher(g, string, nmatch, pmatch, eflags));
|
|
else
|
|
return(lmatcher(g, string, nmatch, pmatch, eflags));
|
|
}
|