← Back to branch summary

~ubuntu-branches/ubuntu/raring/clamav/raring

« back to all changes in this revision

Viewing changes to libclamav/untar.c

  • Committer: Bazaar Package Importer
  • Author(s): Stephen Gran
  • Date: 2008-09-05 17:25:34 UTC
  • mfrom: (0.35.1 lenny)
  • Revision ID: james.westby@ubuntu.com-20080905172534-yi3f8fkye1o7u1r3
http://bugs.debian.org/497662
http://bugs.debian.org/497773
http://bugs.debian.org/496276
http://bugs.debian.org/491760
* New upstream version (closes: #497662, #497773)
  - lots of new options for clamd.conf
  - fixes CVEs CVE-2008-3912, CVE-2008-3913, CVE-2008-3914, and
    CVE-2008-1389
* No longer supports --unzip option, so typo is gone (closes: #496276)
* Translations:
  - sv (thanks Martin Bagge <brother@bsnet.se>) (closes: #491760)

Show diffs side-by-side

added added

removed removed

Lines of Context:
libclamav/untar.c
89
89
                        char magic[7], name[101], osize[13];
90
90
 
91
91
                        if(fout>=0) {
92
 
                                int ret;
93
92
                                lseek(fout, 0, SEEK_SET);
94
93
                                ret = cli_magic_scandesc(fout, ctx);
95
94
                                close(fout);
96
95
                                if (!cli_leavetemps_flag)
97
 
                                        unlink(fullname);
 
96
                                        if (cli_unlink(fullname)) return CL_EIO;
98
97
                                if (ret==CL_VIRUS)
99
98
                                        return CL_VIRUS;
100
99
                                fout = -1;
110
109
                                strncpy(magic, block+257, 5);
111
110
                                magic[5] = '\0';
112
111
                                if(strcmp(magic, "ustar") != 0) {
113
 
                                        cli_dbgmsg("Incorrect magic string '%s' in tar header\n", magic);
 
112
                                        cli_dbgmsg("cli_untar: Incorrect magic string '%s' in tar header\n", magic);
114
113
                                        return CL_EFORMAT;
115
114
                                }
116
115
                        }
119
118
 
120
119
                        switch(type) {
121
120
                                default:
122
 
                                        cli_warnmsg("cli_untar: unknown type flag %c\n", type);
 
121
                                        cli_dbgmsg("cli_untar: unknown type flag %c\n", type);
123
122
                                case '0':       /* plain file */
124
123
                                case '\0':      /* plain file */
125
124
                                case '7':       /* contiguous file */
163
162
                        osize[12] = '\0';
164
163
                        size = octal(osize);
165
164
                        if(size < 0) {
166
 
                                cli_errmsg("Invalid size in tar header\n");
167
 
                                if(fout>=0)
168
 
                                        close(fout);
169
 
                                return CL_CLEAN;
170
 
                        }
171
 
                        cli_dbgmsg("cli_untar: size = %d\n", size);
172
 
                        if((ret=cli_checklimits("cli_untar", ctx, size, 0, 0))!=CL_CLEAN) {
 
165
                                cli_dbgmsg("cli_untar: Invalid size in tar header\n");
173
166
                                skipEntry++;
 
167
                        } else {
 
168
                                cli_dbgmsg("cli_untar: size = %d\n", size);
 
169
                                if((ret=cli_checklimits("cli_untar", ctx, size, 0, 0))!=CL_CLEAN)
 
170
                                        skipEntry++;
174
171
                        }
175
172
 
176
173
                        if(skipEntry) {
188
185
                        fout = open(fullname, O_RDWR|O_CREAT|O_EXCL|O_TRUNC|O_BINARY, 0600);
189
186
 
190
187
                        if(fout < 0) {
191
 
                                cli_errmsg("Can't create temporary file %s: %s\n", fullname, strerror(errno));
 
188
                                cli_errmsg("cli_untar: Can't create temporary file %s: %s\n", fullname, strerror(errno));
192
189
                                return CL_ETMPFILE;
193
190
                        }
194
191
                        
211
208
                        in_block = 0;
212
209
        }       
213
210
        if(fout>=0) {
214
 
                int ret;
215
211
                lseek(fout, 0, SEEK_SET);
216
212
                ret = cli_magic_scandesc(fout, ctx);
217
213
                close(fout);
218
214
                if (!cli_leavetemps_flag)
219
 
                        unlink(fullname);
 
215
                        if (cli_unlink(fullname)) return CL_EIO;
220
216
                if (ret==CL_VIRUS)
221
217
                        return CL_VIRUS;
222
218
        }