67
76
((bb_size) > 0 && (sb_size) >= 0 && (size_t)(sb_size) <= (size_t)(bb_size) \
68
77
&& (sb) >= (bb) && ((sb) + (sb_size)) <= ((bb) + (bb_size)) && ((sb) + (sb_size)) >= (bb) && (sb) < ((bb) + (bb_size)))
70
#define CLI_MAX_ALLOCATION 184549376
79
#define CLI_MAX_ALLOCATION (182*1024*1024)
72
81
#ifdef HAVE_SYS_PARAM_H
73
82
#include <sys/param.h> /* for NAME_MAX */
91
100
#define NAME_MAX 256
103
typedef struct bitset_tag
105
unsigned char *bitset;
106
unsigned long length;
94
109
/* internal clamav context */
110
typedef struct cli_ctx_tag {
96
111
const char **virname;
112
unsigned int num_viruses; /* manages virname when CL_SCAN_ALLMATCHES == 1 */
113
unsigned int size_viruses; /* manages virname when CL_SCAN_ALLMATCHES == 1 */
97
114
unsigned long int *scanned;
98
115
const struct cli_matcher *root;
99
116
const struct cl_engine *engine;
102
119
unsigned int recursion;
103
120
unsigned int scannedfiles;
104
121
unsigned int found_possibly_unwanted;
122
unsigned int corrupted_input;
123
cli_file_t container_type; /* FIXME: to be made into a stack or array - see bb#1579 & bb#1293 */
124
size_t container_size;
125
unsigned char handlertype_hash[16];
105
126
struct cli_dconf *dconf;
128
bitset_t* hook_lsig_matches;
130
#ifdef HAVE__INTERNAL__SHA_COLLECT
131
char entry_filename[2048];
137
typedef struct {uint64_t v[2][4];} icon_groupset;
140
unsigned int group[2];
141
unsigned int color_avg[3];
142
unsigned int color_x[3];
143
unsigned int color_y[3];
144
unsigned int gray_avg[3];
145
unsigned int gray_x[3];
146
unsigned int gray_y[3];
147
unsigned int bright_avg[3];
148
unsigned int bright_x[3];
149
unsigned int bright_y[3];
150
unsigned int dark_avg[3];
151
unsigned int dark_x[3];
152
unsigned int dark_y[3];
153
unsigned int edge_avg[3];
154
unsigned int edge_x[3];
155
unsigned int edge_y[3];
156
unsigned int noedge_avg[3];
157
unsigned int noedge_x[3];
158
unsigned int noedge_y[3];
166
struct icon_matcher {
167
char **group_names[2];
168
unsigned int group_counts[2];
169
struct icomtr *icons[3];
170
unsigned int icon_counts[3];
178
struct cli_dbinfo *next;
108
181
struct cl_engine {
109
182
uint32_t refcount; /* reference counter */
137
210
/* Roots table */
138
211
struct cli_matcher **root;
140
/* B-M matcher for standard MD5 sigs */
141
struct cli_matcher *md5_hdb;
143
/* B-M matcher for MD5 sigs for PE sections */
144
struct cli_matcher *md5_mdb;
146
/* B-M matcher for whitelist db */
147
struct cli_matcher *md5_fp;
150
struct cli_meta_node *zip_mlist;
153
struct cli_meta_node *rar_mlist;
213
/* hash matcher for standard MD5 sigs */
214
struct cli_matcher *hm_hdb;
215
/* hash matcher for MD5 sigs for PE sections */
216
struct cli_matcher *hm_mdb;
217
/* hash matcher for whitelist db */
218
struct cli_matcher *hm_fp;
221
/* Container metadata */
155
224
/* Phishing .pdb and .wdb databases*/
156
225
struct regex_matcher *whitelist_matcher;
164
233
struct cli_ftype *ftypes;
166
235
/* Ignored signatures */
167
struct cli_ignored *ignored;
236
struct cli_matcher *ignored;
169
238
/* PUA categories (to be included or excluded) */
241
/* Icon reference storage */
242
struct icon_matcher *iconcheck;
244
/* Negative cache storage */
247
/* Database information from .info files */
248
struct cli_dbinfo *dbinfo;
172
250
/* Used for memory pools */
173
251
mpool_t *mempool;
254
clcb_pre_scan cb_pre_scan;
255
clcb_post_scan cb_post_scan;
256
clcb_sigload cb_sigload;
257
void *cb_sigload_ctx;
260
/* Used for bytecode */
261
struct cli_all_bc bcs;
262
unsigned *hooks[_BC_LAST_HOOK - _BC_START_HOOKS];
263
unsigned hooks_cnt[_BC_LAST_HOOK - _BC_START_HOOKS];
264
unsigned hook_lsig_ids;
265
enum bytecode_security bytecode_security;
266
uint32_t bytecode_timeout;
267
enum bytecode_mode bytecode_mode;
176
270
struct cl_settings {
189
283
uint32_t maxfiles;
190
284
uint32_t min_cc_count;
191
285
uint32_t min_ssn_count;
286
enum bytecode_security bytecode_security;
287
uint32_t bytecode_timeout;
288
enum bytecode_mode bytecode_mode;
292
clcb_pre_scan cb_pre_scan;
293
clcb_post_scan cb_post_scan;
294
clcb_sigload cb_sigload;
295
void *cb_sigload_ctx;
195
300
extern int (*cli_unrar_open)(int fd, const char *dirname, unrar_state_t *state);
209
314
#define DETECT_ENCRYPTED (ctx->options & CL_SCAN_BLOCKENCRYPTED)
210
315
/* #define BLOCKMAX (ctx->options & CL_SCAN_BLOCKMAX) */
211
316
#define DETECT_BROKEN (ctx->options & CL_SCAN_BLOCKBROKEN)
317
#define BLOCK_MACROS (ctx->options & CL_SCAN_BLOCKMACROS)
212
318
#define SCAN_STRUCTURED (ctx->options & CL_SCAN_STRUCTURED)
319
#define SCAN_ALL (ctx->options & CL_SCAN_ALLMATCHES)
214
321
/* based on macros from A. Melnikoff */
215
322
#define cbswap16(v) (((v & 0xff) << 8) | (((v) >> 8) & 0xff))
347
} __attribute__((packed));
240
349
union unaligned_32 {
241
350
uint32_t una_u32;
243
352
} __attribute__((packed));
245
354
union unaligned_16 {
247
357
} __attribute__((packed));
359
struct unaligned_ptr {
361
} __attribute__((packed));
249
363
#ifdef HAVE_PRAGMA_PACK
252
366
#ifdef HAVE_PRAGMA_PACK_HPPA
370
#if WORDS_BIGENDIAN == 0
255
372
/* Little endian */
256
373
#define le16_to_host(v) (v)
257
374
#define le32_to_host(v) (v)
418
void cli_append_virus(cli_ctx *ctx, const char *virname);
419
const char *cli_get_last_virus(const cli_ctx *ctx);
420
const char *cli_get_last_virus_str(const cli_ctx *ctx);
301
422
/* used by: spin, yc (C) aCaB */
302
#define CLI_ROL(a,b) a = ( a << (b % (sizeof(a)<<3) )) | (a >> ( (sizeof(a)<<3) - (b % (sizeof(a)<<3 )) ) )
303
#define CLI_ROR(a,b) a = ( a >> (b % (sizeof(a)<<3) )) | (a << ( (sizeof(a)<<3) - (b % (sizeof(a)<<3 )) ) )
423
#define __SHIFTBITS(a) (sizeof(a)<<3)
424
#define __SHIFTMASK(a) (__SHIFTBITS(a)-1)
425
#define CLI_ROL(a,b) a = ( a << ((b) & __SHIFTMASK(a)) ) | ( a >> ((__SHIFTBITS(a) - (b)) & __SHIFTMASK(a)) )
426
#define CLI_ROR(a,b) a = ( a >> ((b) & __SHIFTMASK(a)) ) | ( a << ((__SHIFTBITS(a) - (b)) & __SHIFTMASK(a)) )
305
428
/* Implementation independent sign-extended signed right shift */
311
434
#define CLI_SAR(n,s) n = CLI_SRS(n,s)
322
#define MIN(a, b) (((a) < (b)) ? (a) : (b))
325
#define MAX(a,b) (((a) > (b)) ? (a) : (b))
328
typedef struct bitset_tag
330
unsigned char *bitset;
331
unsigned long length;
335
437
void cli_warnmsg(const char *str, ...) __attribute__((format(printf, 1, 2)));
343
445
void cli_errmsg(const char *str, ...);
449
void cli_infomsg(const cli_ctx* ctx, const char *fmt, ...) __attribute__((format(printf, 2, 3)));
451
void cli_infomsg(const cli_ctx* ctx, const char *fmt, ...);
454
void cli_logg_setup(const cli_ctx* ctx);
455
void cli_logg_unsetup(void);
346
457
/* tell compiler about branches that are very rarely taken,
347
458
* such as debug paths, and error paths */
348
459
#if (__GNUC__ >= 4) || (__GNUC__ == 3 && __GNUC_MINOR__ >= 2)
349
460
#define UNLIKELY(cond) __builtin_expect(!!(cond), 0)
461
#define LIKELY(cond) __builtin_expect(!!(cond), 1)
351
463
#define UNLIKELY(cond) (cond)
464
#define LIKELY(cond) (cond)
468
#define always_inline inline __attribute__((always_inline))
469
#define never_inline __attribute__((noinline))
472
#define always_inline inline
475
#if defined (__GNUC__) && ((__GNUC__ > 4) || (__GNUC__ == 4 && __GNUC_MINOR__ >= 3))
476
#define __hot__ __attribute__((hot))
354
481
#define cli_dbgmsg (!UNLIKELY(cli_debug_flag)) ? (void)0 : cli_dbgmsg_internal
359
486
void cli_dbgmsg_internal(const char *str, ...);
489
#ifdef HAVE_CLI_GETPAGESIZE
490
#undef HAVE_CLI_GETPAGESIZE
494
static inline int cli_getpagesize(void) {
497
return si.dwPageSize;
362
500
#if HAVE_SYSCONF_SC_PAGESIZE
363
501
static inline int cli_getpagesize(void) { return sysconf(_SC_PAGESIZE); }
364
502
#define HAVE_CLI_GETPAGESIZE 1
366
504
#if HAVE_GETPAGESIZE
367
505
static inline int cli_getpagesize(void) { return getpagesize(); }
368
506
#define HAVE_CLI_GETPAGESIZE 1
370
#define HAVE_CLI_GETPAGESIZE 0
507
#endif /* HAVE_GETPAGESIZE */
508
#endif /* HAVE_SYSCONF_SC_PAGESIZE */
373
511
void *cli_malloc(size_t nmemb);
374
512
void *cli_calloc(size_t nmemb, size_t size);
376
514
void *cli_realloc2(void *ptr, size_t size);
377
515
char *cli_strdup(const char *s);
378
516
int cli_rmdirs(const char *dirname);
379
unsigned char *cli_md5digest(int desc);
380
char *cli_md5stream(FILE *fs, unsigned char *digcpy);
381
char *cli_md5file(const char *filename);
517
char *cli_hashstream(FILE *fs, unsigned char *digcpy, int type);
518
char *cli_hashfile(const char *filename, int type);
382
519
int cli_unlink(const char *pathname);
383
520
int cli_readn(int fd, void *buff, unsigned int count);
384
521
int cli_writen(int fd, const void *buff, unsigned int count);
522
const char *cli_gettmpdir(void);
385
523
char *cli_gentemp(const char *dir);
386
524
int cli_gentempfd(const char *dir, char **name, int *fd);
387
525
unsigned int cli_rndnum(unsigned int max);
388
526
int cli_filecopy(const char *src, const char *dest);
527
int cli_dumpscan(int fd, off_t offset, size_t size, cli_ctx *ctx);
389
528
bitset_t *cli_bitset_init(void);
390
529
void cli_bitset_free(bitset_t *bs);
391
530
int cli_bitset_set(bitset_t *bs, unsigned long bit_offset);
395
534
int cli_updatelimits(cli_ctx *, unsigned long);
396
535
unsigned long cli_getsizelimit(cli_ctx *, unsigned long);
397
536
int cli_matchregex(const char *str, const char *regex);
537
void cli_qsort(void *a, size_t n, size_t es, int (*cmp)(const void *, const void *));
399
539
/* symlink behaviour */
400
540
#define CLI_FTW_FOLLOW_FILE_SYMLINK 0x01