← Back to branch summary

~ubuntu-branches/ubuntu/dapper/clamav/dapper-updates

« back to all changes in this revision

Viewing changes to libclamav/pdf.c

  • Committer: Bazaar Package Importer
  • Author(s): Michael Tautschnig, Michael Tautschnig
  • Date: 2009-11-02 10:24:35 UTC
  • mfrom: (0.11.5 squeeze)
  • mto: (12.1.9 dapper-security)
  • mto: This revision was merged to the branch mainline in revision 22.
  • Revision ID: james.westby@ubuntu.com-20091102102435-yzkn3jdvo4gank3q
Tags: 0.95.3+dfsg-1
http://bugs.debian.org/537629
http://bugs.debian.org/534443
http://bugs.debian.org/553333
[ Michael Tautschnig ]
* New upstream version
* Should fix clamd segfault on startup (closes: #537629)
* Updated info in clamd.conf man page (closes: #534443)
* Proper socket ownership setup, no chgrp in make_dir (closes: #553333)

Show diffs side-by-side

added added

removed removed

Lines of Context:
libclamav/pdf.c
57
57
#include "mbox.h"
58
58
#include "pdf.h"
59
59
#include "scanners.h"
 
60
#include "str.h"
60
61
 
61
62
#ifndef O_BINARY
62
63
#define O_BINARY        0
72
73
static  int     ascii85decode(const char *buf, off_t len, unsigned char *output);
73
74
static  const   char    *pdf_nextlinestart(const char *ptr, size_t len);
74
75
static  const   char    *pdf_nextobject(const char *ptr, size_t len);
75
 
static  const   char    *cli_pmemstr(const char *haystack, size_t hs, const char *needle, size_t ns);
76
76
 
77
77
/*
78
78
 * TODO: handle embedded URLs if (options&CL_SCAN_MAILURL)
90
90
        int printed_predictor_message, printed_embedded_font_message, rc;
91
91
        unsigned int files;
92
92
        struct stat statb;
 
93
        int opt_failed = 0;
93
94
 
94
95
        cli_dbgmsg("in cli_pdf(%s)\n", dir);
95
96
 
148
149
         * q points to the end of the trailer section
149
150
         */
150
151
        trailerlength = (long)(q - trailerstart);
151
 
        if(cli_pmemstr(trailerstart, trailerlength, "Encrypt", 7)) {
 
152
        if(cli_memstr(trailerstart, trailerlength, "Encrypt", 7)) {
152
153
                /*
153
154
                 * This tends to mean that the file is, in effect, read-only
154
155
                 * http://www.cs.cmu.edu/~dst/Adobe/Gallery/anon21jul01-pdf-encryption.txt
241
242
 
242
243
                bytesleft -= (off_t)((q - p) + 3);
243
244
                objstart = p = &q[3];
244
 
                objend = cli_pmemstr(p, bytesleft, "endobj", 6);
 
245
                objend = cli_memstr(p, bytesleft, "endobj", 6);
245
246
                if(objend == NULL) {
246
247
                        cli_dbgmsg("cli_pdf: No matching endobj\n");
247
248
                        break;
251
252
                objlen = (unsigned long)(objend - objstart);
252
253
 
253
254
                /* Is this object a stream? */
254
 
                streamstart = cli_pmemstr(objstart, objlen, "stream", 6);
 
255
                streamstart = cli_memstr(objstart, objlen, "stream", 6);
255
256
                if(streamstart == NULL)
256
257
                        continue;
257
258
 
277
278
                                         */
278
279
                                        if((bytesleft > 11) && strncmp(q, " 0 R", 4) == 0) {
279
280
                                                const char *r, *nq;
280
 
                                                int opt_failed = 0;
281
281
                                                size_t len;
282
282
                                                char b[14];
283
283
 
289
289
                                                length = (unsigned long)strlen(b);
290
290
                                                /* optimization: assume objects
291
291
                                                 * are sequential */
292
 
                                                nq = q;
293
 
                                                len = buf + size - q;
 
292
                                                if(!opt_failed) {
 
293
                                                    nq = q;
 
294
                                                    len = buf + size - q;
 
295
                                                } else {
 
296
                                                    nq = buf;
 
297
                                                    len = q - buf;
 
298
                                                }
294
299
                                                do {
295
 
                                                        r = cli_pmemstr(nq, len, b, length);
 
300
                                                        r = cli_memstr(nq, len, b, length);
296
301
                                                        if (r > nq) {
297
302
                                                                const char x = *(r-1);
298
303
                                                                if (x == '\n' || x=='\r') {
301
306
                                                                }
302
307
                                                        }
303
308
                                                        if (r) {
304
 
                                                                len -= r+1-nq;
305
 
                                                                nq = r + 1;
 
309
                                                                len -= r + length - nq;
 
310
                                                                nq = r + length;
306
311
                                                        } else if (!opt_failed) {
307
312
                                                                /* we failed optimized match,
308
313
                                                                 * try matching from the beginning
384
389
                        break;
385
390
                len -= (int)(q - streamstart);
386
391
                streamstart = q;
387
 
                streamend = cli_pmemstr(streamstart, len, "endstream\n", 10);
 
392
                streamend = cli_memstr(streamstart, len, "endstream\n", 10);
388
393
                if(streamend == NULL) {
389
 
                        streamend = cli_pmemstr(streamstart, len, "endstream\r", 10);
 
394
                        streamend = cli_memstr(streamstart, len, "endstream\r", 10);
390
395
                        if(streamend == NULL) {
391
396
                                cli_dbgmsg("cli_pdf: No endstream\n");
392
397
                                break;
534
539
                                                rc = CL_EUNLINK;
535
540
                                                break;
536
541
                                        }
 
542
                                        if(cli_updatelimits(ctx, real_streamlen) != CL_SUCCESS) {
 
543
                                                rc = CL_CLEAN;
 
544
                                                break;
 
545
                                        }
537
546
                                        continue;
538
547
                                } else
539
548
                                        tableInsert(md5table, md5str, 1);
716
725
        int quintet = 0;
717
726
        int ret = 0;
718
727
 
719
 
        if(cli_pmemstr(buf, len, "~>", 2) == NULL)
 
728
        if(cli_memstr(buf, len, "~>", 2) == NULL)
720
729
                cli_dbgmsg("cli_pdf: ascii85decode: no EOF marker found\n");
721
730
 
722
731
        ptr = buf;
845
854
        return NULL;
846
855
}
847
856
 
848
 
/*
849
 
 * like cli_memstr - but returns the location of the match
850
 
 * FIXME: need a case insensitive version
851
 
 */
852
 
static const char *
853
 
cli_pmemstr(const char *haystack, size_t hs, const char *needle, size_t ns)
854
 
{
855
 
        const char *pt, *hay;
856
 
        size_t n;
857
 
 
858
 
        if(haystack == needle)
859
 
                return haystack;
860
 
 
861
 
        if(hs < ns)
862
 
                return NULL;
863
 
 
864
 
        if(memcmp(haystack, needle, ns) == 0)
865
 
                return haystack;
866
 
 
867
 
        pt = hay = haystack;
868
 
        n = hs;
869
 
 
870
 
        while((pt = memchr(hay, needle[0], n)) != NULL) {
871
 
                n -= (size_t)(pt - hay);
872
 
                if(n < ns)
873
 
                        break;
874
 
 
875
 
                if(memcmp(pt, needle, ns) == 0)
876
 
                        return pt;
877
 
 
878
 
                if(hay == pt) {
879
 
                        n--;
880
 
                        hay++;
881
 
                } else
882
 
                        hay = pt;
883
 
        }
884
 
 
885
 
        return NULL;
886
 
}
887
857
#else   /*!HAVE_MMAP*/
888
858
 
889
859
#include "clamav.h"