From 850db69e9efea68ceb80af9c8b10dda8b593a0bb Mon Sep 17 00:00:00 2001 From: aCaB Date: Fri, 8 Feb 2008 01:57:50 +0000 Subject: [PATCH] update limits git-svn-id: file:///var/lib/svn/clamav-devel/branches/newlimits@3594 77e5149b-7576-45b1-b177-96237e5ba77b --- libclamav/chmunpack.h | 5 ++++- libclamav/ole2_extract.c | 2 +- libclamav/others.c | 23 +++++------------------ libclamav/pe.c | 7 +++---- libclamav/scanners.c | 5 +++-- libclamav/spin.c | 1 + 6 files changed, 17 insertions(+), 26 deletions(-) diff --git a/libclamav/chmunpack.h b/libclamav/chmunpack.h index aa44e01b9..0abe9cdde 100644 --- a/libclamav/chmunpack.h +++ b/libclamav/chmunpack.h @@ -113,5 +113,8 @@ typedef struct chm_metadata_tag { } chm_metadata_t; int chm_unpack(int fd, const char *dirname); - +int cli_chm_open(int fd, const char *dirname, chm_metadata_t *metadata); +void cli_chm_close(chm_metadata_t *metadata); +int cli_chm_extract_file(int fd, char *dirname, chm_metadata_t *metadata); +int cli_chm_prepare_file(int fd, char *dirname, chm_metadata_t *metadata); #endif diff --git a/libclamav/ole2_extract.c b/libclamav/ole2_extract.c index 67cac1dca..3932a44bf 100644 --- a/libclamav/ole2_extract.c +++ b/libclamav/ole2_extract.c @@ -475,7 +475,7 @@ static void ole2_walk_property_tree(int fd, ole2_header_t *hdr, const char *dir, if ((prop_index < 0) || (prop_index > hdr->max_block_no) || (rec_level > 100) || (*file_count > 100000)) { return; } - + /* FIXMELIMITS */ if (limits && limits->maxfiles && (*file_count > limits->maxfiles)) { cli_dbgmsg("OLE2: File limit reached (max: %d)\n", limits->maxfiles); return; diff --git a/libclamav/others.c b/libclamav/others.c index f86e1998c..86f274271 100644 --- a/libclamav/others.c +++ b/libclamav/others.c @@ -196,16 +196,6 @@ const char *cl_strerror(int clerror) } } -unsigned long cli_getsizelimit(cli_ctx *ctx, unsigned long needed) { - if(!ctx || ! ctx->limits) - return needed; - if(needed > ctx->limits->maxfilesize) - needed = ctx->limits->maxfilesize; - if(needed > ctx->limits->maxscansize-ctx->scansize) - needed = ctx->limits->maxscansize-ctx->scansize; - return needed; -} - int cli_checklimits(const char *who, cli_ctx *ctx, unsigned long need1, unsigned long need2, unsigned long need3) { int ret = CL_SUCCESS; unsigned long needed; @@ -221,7 +211,7 @@ int cli_checklimits(const char *who, cli_ctx *ctx, unsigned long need1, unsigned /* if the remaining scansize is too small... */ if(ctx->limits->maxscansize-ctx->scansizelimits->maxscansize, ctx->scansize, needed); + cli_dbgmsg("%s: scansize exceeded (initial: %lu, remaining: %lu, needed: %lu)\n", who, ctx->limits->maxscansize, ctx->scansize, needed); ret = CL_EMAXSIZE; } } @@ -229,7 +219,7 @@ int cli_checklimits(const char *who, cli_ctx *ctx, unsigned long need1, unsigned /* if we have per-file size limits, and we are overlimit... */ if(needed && ctx->limits->maxfilesize && ctx->limits->maxfilesizelimits->maxfilesize, needed); + cli_dbgmsg("%s: filesize exceeded (allowed: %lu, needed: %lu)\n", who, ctx->limits->maxfilesize, needed); ret = CL_EMAXSIZE; } @@ -241,17 +231,14 @@ int cli_checklimits(const char *who, cli_ctx *ctx, unsigned long need1, unsigned } int cli_updatelimits(cli_ctx *ctx, unsigned long needed) { - /* FIXMELIMITS: - * we enter here via magicscan only - * magiscan callers should check for !CL_CLEAN instead of CL_VIRUS - */ + int ret=cli_checklimits("cli_updatelimits", ctx, needed, 0, 0); + if (ret != CL_CLEAN) return ret; ctx->scannedfiles++; ctx->scansize+=needed; if(ctx->scansize > ctx->limits->maxscansize) ctx->scansize = ctx->limits->maxscansize; - - return cli_checklimits("updatelimits", ctx, needed, 0, 0); + return CL_CLEAN; } unsigned char *cli_md5digest(int desc) diff --git a/libclamav/pe.c b/libclamav/pe.c index 9350fbb01..01bef606a 100644 --- a/libclamav/pe.c +++ b/libclamav/pe.c @@ -82,10 +82,9 @@ #define PESALIGN(o,a) (((a))?(((o)/(a)+((o)%(a)!=0))*(a)):(o)) #define CLI_UNPSIZELIMITS(NAME,CHK) \ -if(ctx->limits && ctx->limits->maxfilesize && (CHK) > ctx->limits->maxfilesize) { \ - cli_dbgmsg(NAME": Sizes exceeded (%lu > %lu)\n", (unsigned long)(CHK), (unsigned long)ctx->limits->maxfilesize); \ - free(exe_sections); \ - return CL_CLEAN; \ +if(cli_checklimits(NAME, ctx, (CHK), 0, 0)!=CL_CLEAN) { \ + free(exe_sections); \ + return CL_CLEAN; \ } #define CLI_UNPTEMP(NAME,FREEME) \ diff --git a/libclamav/scanners.c b/libclamav/scanners.c index ded040b9a..ce8a5334b 100644 --- a/libclamav/scanners.c +++ b/libclamav/scanners.c @@ -286,7 +286,6 @@ static int cli_scanarj(int desc, cli_ctx *ctx, off_t sfx_offset, uint32_t *sfx_c int ret = CL_CLEAN, rc; arj_metadata_t metadata; char *dir; - unsigned int file_count = 1; cli_dbgmsg("in cli_scanarj()\n"); @@ -1094,7 +1093,6 @@ static int cli_scanmschm(int desc, cli_ctx *ctx) int ret = CL_CLEAN, rc; chm_metadata_t metadata; char *dir; - unsigned int file_count = 1; cli_dbgmsg("in cli_scanmschm()\n"); @@ -1631,6 +1629,9 @@ int cli_magic_scandesc(int desc, cli_ctx *ctx) return ret; } + if(cli_updatelimits(ctx, sb.st_size)!=CL_CLEAN) + return CL_CLEAN; + if((SCAN_MAIL || SCAN_ARCHIVE) && ctx->limits && ctx->limits->maxreclevel && ctx->recursion > ctx->limits->maxreclevel) { cli_dbgmsg("Archive recursion limit exceeded (level = %u).\n", ctx->recursion); return CL_CLEAN; diff --git a/libclamav/spin.c b/libclamav/spin.c index 6a4a57caf..e7aff5eca 100644 --- a/libclamav/spin.c +++ b/libclamav/spin.c @@ -372,6 +372,7 @@ int unspin(char *src, int ssize, struct cli_exe_section *sections, int sectcnt, bitmap = cli_readint32(ep+0x3061); bitman = bitmap; + /* FIXMELIMITS */ if(ctx->limits && ctx->limits->maxfilesize) { unsigned long int filesize = 0;