← Back to branch summary

~louis/ubuntu/trusty/clamav/lp799623_fix_logrotate

« back to all changes in this revision

Viewing changes to libclamav/ole2_extract.c

  • Committer: Bazaar Package Importer
  • Author(s): Scott Kitterman
  • Date: 2010-03-12 11:30:04 UTC
  • mfrom: (0.41.1 upstream)
  • Revision ID: james.westby@ubuntu.com-20100312113004-b0fop4bkycszdd0z
Tags: 0.96~rc1+dfsg-0ubuntu1
https://launchpad.net/bugs/537636
* New upstream RC - FFE (LP: #537636):
  - Add OfficialDatabaseOnly option to clamav-base.postinst.in
  - Add LocalSocketGroup option to clamav-base.postinst.in
  - Add LocalSocketMode option to clamav-base.postinst.in
  - Add CrossFilesystems option to clamav-base.postinst.in
  - Add ClamukoScannerCount option to clamav-base.postinst.in
  - Add BytecodeSecurity opiton to clamav-base.postinst.in
  - Add DetectionStatsHostID option to clamav-freshclam.postinst.in
  - Add Bytecode option to clamav-freshclam.postinst.in
  - Add MilterSocketGroup option to clamav-milter.postinst.in
  - Add MilterSocketMode option to clamav-milter.postinst.in
  - Add ReportHostname option to clamav-milter.postinst.in
  - Bump libclamav SO version to 6.1.0 in libclamav6.install
  - Drop clamdmon from clamav.examples (no longer shipped by upstream)
  - Drop libclamav.a from libclamav-dev.install (not built by upstream)
  - Update SO version for lintian override for libclamav6
  - Add new Bytecode Testing Tool, usr/bin/clambc, to clamav.install
  - Add build-depends on python and python-setuptools for new test suite
  - Update debian/copyright for the embedded copy of llvm (using the system
    llvm is not currently feasible)

Show diffs side-by-side

added added

removed removed

Lines of Context:
libclamav/ole2_extract.c
36
36
#include <stdlib.h>
37
37
#include "clamav.h"
38
38
 
39
 
#if HAVE_MMAP
40
 
#if HAVE_SYS_MMAN_H
41
 
#include <sys/mman.h>
42
 
#else /* HAVE_SYS_MMAN_H */
43
 
#undef HAVE_MMAP
44
 
#endif
45
 
#endif
46
 
 
47
39
#include "cltypes.h"
48
40
#include "others.h"
49
41
#include "ole2_extract.h"
50
42
#include "scanners.h"
51
 
#include "mbox.h"
 
43
#include "fmap.h"
52
44
 
53
45
#define ole2_endian_convert_16(v) le16_to_host((uint16_t)(v))
54
46
#define ole2_endian_convert_32(v) le32_to_host((uint32_t)(v))
65
57
#pragma pack 1
66
58
#endif
67
59
 
68
 
#ifndef O_BINARY
69
 
#define O_BINARY        0
70
 
#endif
71
 
 
72
 
 
73
60
typedef struct ole2_header_tag
74
61
{
75
62
        unsigned char magic[8];         /* should be: 0xd0cf11e0a1b11ae1 */
99
86
           reading the header */
100
87
        int32_t sbat_root_start __attribute__ ((packed));
101
88
        uint32_t max_block_no;
102
 
        unsigned char *m_area;
103
89
        off_t m_length;
104
90
        bitset_t *bitset;
105
91
        struct uniq *U;
 
92
        fmap_t *map;
106
93
        int has_vba;
107
94
} ole2_header_t;
108
95
 
286
273
        return;
287
274
}
288
275
 
289
 
static int ole2_read_block(int fd, ole2_header_t *hdr, void *buff, unsigned int size, int32_t blockno)
 
276
static int ole2_read_block(ole2_header_t *hdr, void *buff, unsigned int size, int32_t blockno)
290
277
{
291
278
        off_t offset, offend;
 
279
        void *pblock;
292
280
 
293
281
        if (blockno < 0) {
294
282
                return FALSE;
297
285
        /* other methods: (blockno+1) * 512 or (blockno * block_size) + 512; */
298
286
        offset = (blockno << hdr->log2_big_block_size) + MAX(512, 1 << hdr->log2_big_block_size); /* 512 is header size */
299
287
        
300
 
        if (hdr->m_area == NULL) {
301
 
                if (lseek(fd, offset, SEEK_SET) != offset) {
302
 
                        return FALSE;
303
 
                }
304
 
                if (cli_readn(fd, buff, size) != size) {
305
 
                        return FALSE;
306
 
                }
307
 
        } else {
308
 
                offend = offset + size;
309
 
                if ((offend <= 0) || (offend > hdr->m_length)) {
310
 
                        return FALSE;
311
 
                }
312
 
                memcpy(buff, hdr->m_area+offset, size);
313
 
        }
 
288
        offend = offset + size;
 
289
        if ((offend <= 0) || (offend > hdr->m_length)) {
 
290
            return FALSE;
 
291
        }
 
292
        if(!(pblock = fmap_need_off_once(hdr->map, offset, size))) {
 
293
            return FALSE;
 
294
        }
 
295
        memcpy(buff, pblock, size);
314
296
        return TRUE;
315
297
}
316
298
 
317
 
static int32_t ole2_get_next_bat_block(int fd, ole2_header_t *hdr, int32_t current_block)
 
299
static int32_t ole2_get_next_bat_block(ole2_header_t *hdr, int32_t current_block)
318
300
{
319
301
        int32_t bat_array_index;
320
302
        uint32_t bat[128];
328
310
                cli_dbgmsg("bat_array index error\n");
329
311
                return -10;
330
312
        }
331
 
        if (!ole2_read_block(fd, hdr, &bat, 512,
 
313
        if (!ole2_read_block(hdr, &bat, 512,
332
314
                        ole2_endian_convert_32(hdr->bat_array[bat_array_index]))) {
333
315
                return -1;
334
316
        }
335
317
        return ole2_endian_convert_32(bat[current_block-(bat_array_index * 128)]);
336
318
}
337
319
 
338
 
static int32_t ole2_get_next_xbat_block(int fd, ole2_header_t *hdr, int32_t current_block)
 
320
static int32_t ole2_get_next_xbat_block(ole2_header_t *hdr, int32_t current_block)
339
321
{
340
322
        int32_t xbat_index, xbat_block_index, bat_index, bat_blockno;
341
323
        uint32_t xbat[128], bat[128];
354
336
 
355
337
        bat_index = current_block % 128;
356
338
 
357
 
        if (!ole2_read_block(fd, hdr, &xbat, 512, hdr->xbat_start)) {
 
339
        if (!ole2_read_block(hdr, &xbat, 512, hdr->xbat_start)) {
358
340
                return -1;
359
341
        }
360
342
 
361
343
        /* Follow the chain of XBAT blocks */
362
344
        while (xbat_block_index > 0) {
363
 
                if (!ole2_read_block(fd, hdr, &xbat, 512,
 
345
                if (!ole2_read_block(hdr, &xbat, 512,
364
346
                                ole2_endian_convert_32(xbat[127]))) {
365
347
                        return -1;
366
348
                }
367
349
                xbat_block_index--;
368
350
        }
369
351
 
370
 
        if (!ole2_read_block(fd, hdr, &bat, 512, ole2_endian_convert_32(xbat[bat_blockno]))) {
 
352
        if (!ole2_read_block(hdr, &bat, 512, ole2_endian_convert_32(xbat[bat_blockno]))) {
371
353
                return -1;
372
354
        }
373
355
 
374
356
        return ole2_endian_convert_32(bat[bat_index]);
375
357
}
376
358
 
377
 
static int32_t ole2_get_next_block_number(int fd, ole2_header_t *hdr, int32_t current_block)
 
359
static int32_t ole2_get_next_block_number(ole2_header_t *hdr, int32_t current_block)
378
360
{
379
361
        if (current_block < 0) {
380
362
                return -1;
381
363
        }
382
364
 
383
365
        if ((current_block / 128) > 108) {
384
 
                return ole2_get_next_xbat_block(fd, hdr, current_block);
 
366
                return ole2_get_next_xbat_block(hdr, current_block);
385
367
        } else {
386
 
                return ole2_get_next_bat_block(fd, hdr, current_block);
 
368
                return ole2_get_next_bat_block(hdr, current_block);
387
369
        }
388
370
}
389
371
 
390
 
static int32_t ole2_get_next_sbat_block(int fd, ole2_header_t *hdr, int32_t current_block)
 
372
static int32_t ole2_get_next_sbat_block(ole2_header_t *hdr, int32_t current_block)
391
373
{
392
374
        int32_t iter, current_bat_block;
393
375
        uint32_t sbat[128];
399
381
        current_bat_block = hdr->sbat_start;
400
382
        iter = current_block / 128;
401
383
        while (iter > 0) {
402
 
                current_bat_block = ole2_get_next_block_number(fd, hdr, current_bat_block);
 
384
                current_bat_block = ole2_get_next_block_number(hdr, current_bat_block);
403
385
                iter--;
404
386
        }
405
 
        if (!ole2_read_block(fd, hdr, &sbat, 512, current_bat_block)) {
 
387
        if (!ole2_read_block(hdr, &sbat, 512, current_bat_block)) {
406
388
                return -1;
407
389
        }
408
390
        return ole2_endian_convert_32(sbat[current_block % 128]);
409
391
}
410
392
 
411
393
/* Retrieve the block containing the data for the given sbat index */
412
 
static int32_t ole2_get_sbat_data_block(int fd, ole2_header_t *hdr, void *buff, int32_t sbat_index)
 
394
static int32_t ole2_get_sbat_data_block(ole2_header_t *hdr, void *buff, int32_t sbat_index)
413
395
{
414
396
        int32_t block_count, current_block;
415
397
 
425
407
        block_count = sbat_index / (1 << (hdr->log2_big_block_size - hdr->log2_small_block_size));
426
408
        current_block = hdr->sbat_root_start;
427
409
        while (block_count > 0) {
428
 
                current_block = ole2_get_next_block_number(fd, hdr, current_block);
 
410
                current_block = ole2_get_next_block_number(hdr, current_block);
429
411
                block_count--;
430
412
        }
431
413
        /* current_block now contains the block number of the sbat array
432
414
           containing the entry for the required small block */
433
415
 
434
 
        return(ole2_read_block(fd, hdr, buff, 1 << hdr->log2_big_block_size, current_block));
 
416
        return(ole2_read_block(hdr, buff, 1 << hdr->log2_big_block_size, current_block));
435
417
}
436
418
 
437
 
static int ole2_walk_property_tree(int fd, ole2_header_t *hdr, const char *dir, int32_t prop_index,
438
 
                                   int (*handler)(int fd, ole2_header_t *hdr, property_t *prop, const char *dir, cli_ctx *ctx),
 
419
static int ole2_walk_property_tree(ole2_header_t *hdr, const char *dir, int32_t prop_index,
 
420
                                   int (*handler)(ole2_header_t *hdr, property_t *prop, const char *dir, cli_ctx *ctx),
439
421
                                   unsigned int rec_level, unsigned int *file_count, cli_ctx *ctx, unsigned long *scansize)
440
422
{
441
423
        property_t prop_block[4];
460
442
 
461
443
        idx = prop_index / 4;
462
444
        for (i=0 ; i < idx ; i++) {
463
 
                current_block = ole2_get_next_block_number(fd, hdr, current_block);
 
445
                current_block = ole2_get_next_block_number(hdr, current_block);
464
446
                if (current_block < 0) {
465
447
                        return CL_SUCCESS;
466
448
                }
467
449
        }
468
450
        idx = prop_index % 4;
469
 
        if (!ole2_read_block(fd, hdr, prop_block, 512,
 
451
        if (!ole2_read_block(hdr, prop_block, 512,
470
452
                        current_block)) {
471
453
                return CL_SUCCESS;
472
454
        }       
507
489
                        }
508
490
                        hdr->sbat_root_start = prop_block[idx].start_block;
509
491
                        if (
510
 
                                (ret=ole2_walk_property_tree(fd, hdr, dir, prop_block[idx].prev, handler, rec_level+1, file_count, ctx, scansize))!=CL_SUCCESS
511
 
                                ||
512
 
                                (ret=ole2_walk_property_tree(fd, hdr, dir, prop_block[idx].next, handler, rec_level+1, file_count, ctx, scansize))!=CL_SUCCESS
513
 
                                ||
514
 
                                (ret=ole2_walk_property_tree(fd, hdr, dir,prop_block[idx].child, handler, rec_level+1, file_count, ctx, scansize))!=CL_SUCCESS
 
492
                                (ret=ole2_walk_property_tree(hdr, dir, prop_block[idx].prev, handler, rec_level+1, file_count, ctx, scansize))!=CL_SUCCESS
 
493
                                ||
 
494
                                (ret=ole2_walk_property_tree(hdr, dir, prop_block[idx].next, handler, rec_level+1, file_count, ctx, scansize))!=CL_SUCCESS
 
495
                                ||
 
496
                                (ret=ole2_walk_property_tree(hdr, dir,prop_block[idx].child, handler, rec_level+1, file_count, ctx, scansize))!=CL_SUCCESS
515
497
                        ) return ret;
516
498
                        break;
517
499
                case 2: /* File */
522
504
                        if (!ctx || !ctx->engine->maxfilesize || prop_block[idx].size <= ctx->engine->maxfilesize || prop_block[idx].size <= *scansize) {
523
505
                                (*file_count)++;
524
506
                                *scansize-=prop_block[idx].size;
525
 
                                if ((ret=handler(fd, hdr, &prop_block[idx], dir, ctx)) != CL_SUCCESS)
 
507
                                if ((ret=handler(hdr, &prop_block[idx], dir, ctx)) != CL_SUCCESS)
526
508
                                        return ret;
527
509
                        } else {
528
510
                                cli_dbgmsg("OLE2: filesize exceeded\n");
529
511
                        }
530
512
                        if (
531
 
                                (ret=ole2_walk_property_tree(fd, hdr, dir, prop_block[idx].prev, handler, rec_level, file_count, ctx, scansize))!=CL_SUCCESS
532
 
                                ||
533
 
                                (ret=ole2_walk_property_tree(fd, hdr, dir, prop_block[idx].next, handler, rec_level, file_count, ctx, scansize))!=CL_SUCCESS
534
 
                                ||
535
 
                                (ret=ole2_walk_property_tree(fd, hdr, dir, prop_block[idx].child, handler, rec_level, file_count, ctx, scansize))!=CL_SUCCESS
 
513
                                (ret=ole2_walk_property_tree(hdr, dir, prop_block[idx].prev, handler, rec_level, file_count, ctx, scansize))!=CL_SUCCESS
 
514
                                ||
 
515
                                (ret=ole2_walk_property_tree(hdr, dir, prop_block[idx].next, handler, rec_level, file_count, ctx, scansize))!=CL_SUCCESS
 
516
                                ||
 
517
                                (ret=ole2_walk_property_tree(hdr, dir, prop_block[idx].child, handler, rec_level, file_count, ctx, scansize))!=CL_SUCCESS
536
518
                        ) return ret;
537
519
                        break;
538
520
                case 1: /* Directory */
539
521
                        if (dir) {
540
522
                                dirname = (char *) cli_malloc(strlen(dir)+8);
541
523
                                if (!dirname) return CL_BREAK;
542
 
                                snprintf(dirname, strlen(dir)+8, "%s/%.6d", dir, prop_index);
 
524
                                snprintf(dirname, strlen(dir)+8, "%s"PATHSEP"%.6d", dir, prop_index);
543
525
                                if (mkdir(dirname, 0700) != 0) {
544
526
                                        free(dirname);
545
527
                                        return CL_BREAK;
547
529
                                cli_dbgmsg("OLE2 dir entry: %s\n",dirname);
548
530
                        } else dirname = NULL;
549
531
                        if (
550
 
                                (ret=ole2_walk_property_tree(fd, hdr, dir, prop_block[idx].prev, handler, rec_level+1, file_count, ctx, scansize))!=CL_SUCCESS
551
 
                                ||
552
 
                                (ret=ole2_walk_property_tree(fd, hdr, dir,prop_block[idx].next, handler, rec_level+1, file_count, ctx, scansize))!=CL_SUCCESS
553
 
                                ||
554
 
                                (ret=ole2_walk_property_tree(fd, hdr, dirname, prop_block[idx].child, handler, rec_level+1, file_count, ctx, scansize))!=CL_SUCCESS
 
532
                                (ret=ole2_walk_property_tree(hdr, dir, prop_block[idx].prev, handler, rec_level+1, file_count, ctx, scansize))!=CL_SUCCESS
 
533
                                ||
 
534
                                (ret=ole2_walk_property_tree(hdr, dir,prop_block[idx].next, handler, rec_level+1, file_count, ctx, scansize))!=CL_SUCCESS
 
535
                                ||
 
536
                                (ret=ole2_walk_property_tree(hdr, dirname, prop_block[idx].child, handler, rec_level+1, file_count, ctx, scansize))!=CL_SUCCESS
555
537
                        ) {} 
556
538
                        if (dirname) free(dirname);
557
539
                        return ret;
563
545
        return CL_SUCCESS;
564
546
}
565
547
/* Write file Handler - write the contents of the entry to a file */
566
 
static int handler_writefile(int fd, ole2_header_t *hdr, property_t *prop, const char *dir, cli_ctx *ctx)
 
548
static int handler_writefile(ole2_header_t *hdr, property_t *prop, const char *dir, cli_ctx *ctx)
567
549
{
568
550
        unsigned char *buff;
569
551
        int32_t current_block, ofd, len, offset;
585
567
        name = get_property_name2(prop->name, prop->name_size);
586
568
        if (name) cnt = uniq_add(hdr->U, name, strlen(name), &hash);
587
569
        else cnt = uniq_add(hdr->U, NULL, 0, &hash);
588
 
        snprintf(newname, sizeof(newname), "%s/%s_%u", dir, hash, cnt);
 
570
        snprintf(newname, sizeof(newname), "%s"PATHSEP"%s_%u", dir, hash, cnt);
589
571
        newname[sizeof(newname)-1]='\0';
590
572
        cli_dbgmsg("OLE2 [handler_writefile]: Dumping '%s' to '%s'\n", name ? name : "<empty>", newname);
591
573
        if (name) free(name);
636
618
                }                       
637
619
                if (prop->size < (int64_t)hdr->sbat_cutoff) {
638
620
                        /* Small block file */
639
 
                        if (!ole2_get_sbat_data_block(fd, hdr, buff, current_block)) {
 
621
                        if (!ole2_get_sbat_data_block(hdr, buff, current_block)) {
640
622
                                cli_dbgmsg("OLE2 [handler_writefile]: ole2_get_sbat_data_block failed\n");
641
623
                                close(ofd);
642
624
                                free(buff);
654
636
                        }
655
637
 
656
638
                        len -= MIN(len,1 << hdr->log2_small_block_size);
657
 
                        current_block = ole2_get_next_sbat_block(fd, hdr, current_block);
 
639
                        current_block = ole2_get_next_sbat_block(hdr, current_block);
658
640
                } else {
659
641
                        /* Big block file */
660
 
                        if (!ole2_read_block(fd, hdr, buff, 1 << hdr->log2_big_block_size, current_block)) {
 
642
                        if (!ole2_read_block(hdr, buff, 1 << hdr->log2_big_block_size, current_block)) {
661
643
                                close(ofd);
662
644
                                free(buff);
663
645
                                cli_bitset_free(blk_bitset);
671
653
                                return CL_BREAK;
672
654
                        }
673
655
 
674
 
                        current_block = ole2_get_next_block_number(fd, hdr, current_block);
 
656
                        current_block = ole2_get_next_block_number(hdr, current_block);
675
657
                        len -= MIN(len,(1 << hdr->log2_big_block_size));
676
658
                }
677
659
        }
682
664
}
683
665
 
684
666
/* enum file Handler - checks for VBA presence */
685
 
static int handler_enum(int fd, ole2_header_t *hdr, property_t *prop, const char *dir, cli_ctx *ctx)
 
667
static int handler_enum(ole2_header_t *hdr, property_t *prop, const char *dir, cli_ctx *ctx)
686
668
{
687
669
  char *name;
688
670
  
698
680
}
699
681
 
700
682
 
701
 
static int handler_otf(int fd, ole2_header_t *hdr, property_t *prop, const char *dir, cli_ctx *ctx)
 
683
static int handler_otf(ole2_header_t *hdr, property_t *prop, const char *dir, cli_ctx *ctx)
702
684
{
703
685
  char *tempfile;
704
686
  unsigned char *buff;
763
745
    }                   
764
746
    if (prop->size < (int64_t)hdr->sbat_cutoff) {
765
747
      /* Small block file */
766
 
      if (!ole2_get_sbat_data_block(fd, hdr, buff, current_block)) {
 
748
      if (!ole2_get_sbat_data_block(hdr, buff, current_block)) {
767
749
        cli_dbgmsg("ole2_get_sbat_data_block failed\n");
768
750
        break;
769
751
      }
782
764
      }
783
765
 
784
766
      len -= MIN(len,1 << hdr->log2_small_block_size);
785
 
      current_block = ole2_get_next_sbat_block(fd, hdr, current_block);
 
767
      current_block = ole2_get_next_sbat_block(hdr, current_block);
786
768
    } else {
787
769
      /* Big block file */
788
 
      if (!ole2_read_block(fd, hdr, buff, 1 << hdr->log2_big_block_size, current_block)) {
 
770
      if (!ole2_read_block(hdr, buff, 1 << hdr->log2_big_block_size, current_block)) {
789
771
        break;
790
772
      }
791
773
      if (cli_writen(ofd, buff, MIN(len,(1 << hdr->log2_big_block_size))) !=
801
783
        return CL_EWRITE;
802
784
      }
803
785
 
804
 
      current_block = ole2_get_next_block_number(fd, hdr, current_block);
 
786
      current_block = ole2_get_next_block_number(hdr, current_block);
805
787
      len -= MIN(len,(1 << hdr->log2_big_block_size));
806
788
    }
807
789
  }
884
866
}
885
867
#endif
886
868
 
887
 
int cli_ole2_extract(int fd, const char *dirname, cli_ctx *ctx, struct uniq **vba)
 
869
int cli_ole2_extract(const char *dirname, cli_ctx *ctx, struct uniq **vba)
888
870
{
889
871
        ole2_header_t hdr;
890
872
        int hdr_size, ret=CL_CLEAN;
891
 
        struct stat statbuf;
892
873
        unsigned int file_count=0;
893
874
        unsigned long scansize, scansize2;
 
875
        void *phdr;
894
876
 
895
877
        cli_dbgmsg("in cli_ole2_extract()\n");
896
878
 
905
887
        
906
888
        /* size of header - size of other values in struct */
907
889
        hdr_size = sizeof(struct ole2_header_tag) - sizeof(int32_t) - sizeof(uint32_t) -
908
 
                        sizeof(unsigned char *) - sizeof(off_t) - sizeof(bitset_t *) -
909
 
                        sizeof(struct uniq *) - sizeof(int);
910
 
 
911
 
        hdr.m_area = NULL;
912
 
 
913
 
        if (fstat(fd, &statbuf) == 0) {
914
 
                if (statbuf.st_size < hdr_size) {
915
 
                        return CL_CLEAN;
916
 
                }
917
 
#ifdef HAVE_MMAP
918
 
                hdr.m_length = statbuf.st_size;
919
 
                hdr.m_area = (unsigned char *) mmap(NULL, hdr.m_length, PROT_READ, MAP_PRIVATE, fd, 0);
920
 
                if (hdr.m_area == MAP_FAILED) {
921
 
                        hdr.m_area = NULL;
922
 
                } else {
923
 
                        cli_dbgmsg("mmap'ed file\n");
924
 
                        memcpy(&hdr, hdr.m_area, hdr_size);
925
 
                }
926
 
#endif
927
 
        }
928
 
 
929
 
        if (hdr.m_area == NULL) {
930
 
                hdr.bitset = NULL;
931
 
#if defined(HAVE_ATTRIB_PACKED) || defined(HAVE_PRAGMA_PACK) || defined(HAVE_PRAGMA_PACK_HPPA)
932
 
                if (cli_readn(fd, &hdr, hdr_size) != hdr_size) {
933
 
                        goto abort;
934
 
                }
935
 
#else
936
 
                if (!ole2_read_header(fd, &hdr)) {
937
 
                        goto abort;
938
 
                }
939
 
#endif
940
 
        }
941
 
        
 
890
                        sizeof(off_t) - sizeof(bitset_t *) -
 
891
                        sizeof(struct uniq *) - sizeof(int) - sizeof(fmap_t *);
 
892
 
 
893
        if((*ctx->fmap)->len < hdr_size) {
 
894
            return CL_CLEAN;
 
895
        }
 
896
        hdr.map = *ctx->fmap;
 
897
        hdr.m_length = hdr.map->len;
 
898
        phdr = fmap_need_off_once(hdr.map, 0, hdr_size);
 
899
        if(phdr) {
 
900
            memcpy(&hdr, phdr, hdr_size);
 
901
        } else {
 
902
            cli_dbgmsg("cli_ole2_extract: failed to read header\n");
 
903
            goto abort;
 
904
        }
 
905
 
942
906
        hdr.minor_version = ole2_endian_convert_16(hdr.minor_version);
943
907
        hdr.dll_version = ole2_endian_convert_16(hdr.dll_version);
944
908
        hdr.byte_order = ole2_endian_convert_16(hdr.byte_order);
980
944
        }
981
945
 
982
946
        /* 8 SBAT blocks per file block */
983
 
        hdr.max_block_no = (statbuf.st_size - MAX(512, 1 << hdr.log2_big_block_size)) / (1 << hdr.log2_small_block_size);
 
947
        hdr.max_block_no = (hdr.map->len - MAX(512, 1 << hdr.log2_big_block_size)) / (1 << hdr.log2_small_block_size);
984
948
 
985
949
        print_ole2_header(&hdr);
986
950
        cli_dbgmsg("Max block number: %lu\n", (unsigned long int) hdr.max_block_no);
987
951
 
988
952
        /* PASS 1 : Count files and check for VBA */
989
953
        hdr.has_vba = 0;
990
 
        ret = ole2_walk_property_tree(fd, &hdr, NULL, 0, handler_enum, 0, &file_count, ctx, &scansize);
 
954
        ret = ole2_walk_property_tree(&hdr, NULL, 0, handler_enum, 0, &file_count, ctx, &scansize);
991
955
        cli_bitset_free(hdr.bitset);
992
956
        hdr.bitset = NULL;
993
957
        if (!file_count || !(hdr.bitset = cli_bitset_init()))
1003
967
            goto abort;
1004
968
          }
1005
969
          file_count = 0;
1006
 
          ole2_walk_property_tree(fd, &hdr, dirname, 0, handler_writefile, 0, &file_count, ctx, &scansize2);
 
970
          ole2_walk_property_tree(&hdr, dirname, 0, handler_writefile, 0, &file_count, ctx, &scansize2);
1007
971
          ret = CL_CLEAN;
1008
972
          *vba = hdr.U;
1009
973
        } else {
1011
975
          /* PASS 2/B : OTF scan */
1012
976
          file_count = 0;
1013
977
          if(ctx)
1014
 
            ret = ole2_walk_property_tree(fd, &hdr, NULL, 0, handler_otf, 0, &file_count, ctx, &scansize2);
 
978
            ret = ole2_walk_property_tree(&hdr, NULL, 0, handler_otf, 0, &file_count, ctx, &scansize2);
1015
979
        }
1016
980
 
1017
981
abort:
1018
 
#ifdef HAVE_MMAP
1019
 
        if (hdr.m_area != NULL) {
1020
 
                munmap(hdr.m_area, hdr.m_length);
1021
 
        }
1022
 
#endif
1023
982
        if(hdr.bitset)
1024
983
            cli_bitset_free(hdr.bitset);
1025
984