Now you can call it both from a normal lsig triggered BC, and from a PE hook BC.
The normal lsig triggered BC has exe_info (but not PE info) which allows it to
invoke the icon matcher API.
Also putting ICONGROUP1 into the ldb trigger of the bytecode works.
This bytecode will be run in interpreter mode on startup:
it can disable the JIT, or disable all further bytecodes.
There will be a builtin copy of it that is loaded if
no BC_STARTUP bytecodes were loaded (like filetypes_int.h and daily.ftm).
Only one BC_STARTUP bytecode is accepted, so as soon as bytecode.cvd will
contain one, it won't be overridable!
This bytecode will replace all the JIT checks (CPU, selinux, pax) etc.,
and allows to disable the JIT on just specific OS/arch/compiler/etc.
combinations. There are too many combinations to have a dconf flag for each.
Also fix the bytecode dconf so that the individual JIT_* flags actually work
(previously we could disable the entire JIT, or none at all).
Also introduce preliminary support for bytecode test mode (we already have
auto, jit and interpreter mode, introducing another mode here is easiest).
The test mode doesn't actually compare the outputs yet, but it does fail if
the JIT is disabled / falls back to interpreter.
Detect PaX and fallback to intepreter if needed (bb #2092).
Recent PaX versions deny the RWX mapping, but older versions silently change it
to RW, which causes the program to die as soon as it tries to execute JITed
code.
Add selfcheck on startup (bb #2092).
This will run a very simple bytecode on startup in both JIT and interpreter
mode. The bytecode only calls 1 libclamav API and returns.
pthread_cancel is broken on Mac OS X (it only works if the thread
you want to kill calls pthread_testcancel, which is never the situation
when you need async cancelation).
Anyway async cancelation is risky, it may leave bc_ctx in an inconsistent state.
So rather than doing using pthread_cancel (or pthread_kill+siglongjmp)
just insert the timeout checks into the JITed code directly.
These are inserted in each loop, if the loop's tripcount is unknown, or
higher than a threshold. They are also inserted after a certain amount
of APIcalls are made (even in absence of loops).
Note that 'loop' in this sense is not LLVM's notion of a natural loop,
it is simply a BB which is reachable both directly and via a backedge.
For example this doesn't contain natural loops but contains backedges (and a
potential infinite loop):
int foo(int a)
{
int x=4;
if (a == 42)
goto head2;
head:
x++;
head2:
if (a >= 2) {
x += 3;
goto head;
} else if (a >= 0) {
x += 9;
goto head;
}
return x;
}
* master: (182 commits)
libclamav/qsort.c: fix CMP1 macro (bb#1769)
handle floating chars
libclamav/readdb.c: make sure static sigs with floating chars go into AC
sigtool: --decode-sigs: handle alternatives
sigtool: --decode-sigs: handle .ldb sigs
inflateinit spam
sigtool: --decode-sigs: handle .ndb sigs
fix sig printing
Set limit to 255 so that warning is shown if maxthreads*maxrec would exceed it.
Enable more than 256 FD support on Solaris (bb #1764).
fix memleaks
sigtool: --decode-sigs; decode .db entries (bb#1246)
fsk sxs, gimme back my dll hell!
Fix Solaris build: cli_hex2ui has to be added to libclamav.map
Don't error on unused functions.
sigtool: basic sig decoding
sigtool/sigtool.c: handle .ign2 files (bb#1625)
libclamav/qsort.c: don't call med3 when using internal cmp
win32: fix globbing
unify DUPMAX def
...
Conflicts:
.gitignore
Makefile.am
configure
libclamav/Makefile.in
libclamav/clamav.h
libclamav/disasm.c
libclamav/libclamav.map
libclamav/matcher.c
libclamav/others.c
libclamav/pe.c
libclamav/pe.h
libclamav/readdb.c
