← Back to branch summary

~yolanda.robla/ubuntu/saucy/clamav/dep-8-tests

« back to all changes in this revision

Viewing changes to libclamav/vba_extract.c

  • Committer: Bazaar Package Importer
  • Author(s): Stephen Gran
  • Date: 2008-09-05 17:25:34 UTC
  • mfrom: (0.35.1 lenny)
  • Revision ID: james.westby@ubuntu.com-20080905172534-yi3f8fkye1o7u1r3
http://bugs.debian.org/497662
http://bugs.debian.org/497773
http://bugs.debian.org/496276
http://bugs.debian.org/491760
* New upstream version (closes: #497662, #497773)
  - lots of new options for clamd.conf
  - fixes CVEs CVE-2008-3912, CVE-2008-3913, CVE-2008-3914, and
    CVE-2008-1389
* No longer supports --unzip option, so typo is gone (closes: #496276)
* Translations:
  - sv (thanks Martin Bagge <brother@bsnet.se>) (closes: #491760)

Show diffs side-by-side

added added

removed removed

Lines of Context:
libclamav/vba_extract.c
251
251
        unsigned char *buf;
252
252
        const unsigned char vba56_signature[] = { 0xcc, 0x61 };
253
253
        uint16_t record_count, buflen, ffff, byte_count;
254
 
        uint32_t offset, sig, hash, colls;
 
254
        uint32_t offset;
255
255
        int i, j, fd, big_endian = FALSE;
256
256
        vba_project_t *vba_project;
257
 
        const vba_version_t *v;
258
257
        struct vba56_header v56h;
259
258
        off_t seekback;
260
 
        char fullname[1024];
 
259
        char fullname[1024], *hash;
261
260
 
262
261
        cli_dbgmsg("in cli_vba_readdir()\n");
263
262
 
270
269
        
271
270
        if (!uniq_get(U, "_vba_project", 12, &hash))
272
271
                return NULL;
273
 
        snprintf(fullname, sizeof(fullname), "%s/%u_%u", dir, hash, which);
 
272
        snprintf(fullname, sizeof(fullname), "%s/%s_%u", dir, hash, which);
274
273
        fullname[sizeof(fullname)-1] = '\0';
275
274
        fd = open(fullname, O_RDONLY|O_BINARY);
276
275
 
288
287
 
289
288
        i = vba_read_project_strings(fd, TRUE);
290
289
        seekback = lseek(fd, 0, SEEK_CUR);
291
 
        if (lseek(fd, sizeof(struct vba56_header), SEEK_SET) == -1)
 
290
        if (lseek(fd, sizeof(struct vba56_header), SEEK_SET) == -1) {
 
291
                close(fd);
292
292
                return NULL;
 
293
        }
293
294
        j = vba_read_project_strings(fd, FALSE);
294
295
        if(!i && !j) {
295
296
                close(fd);
388
389
                ptr = get_unicode_name((const char *)buf, length, big_endian);
389
390
                if(ptr == NULL) break;
390
391
                if (!(vba_project->colls[i]=uniq_get(U, ptr, strlen(ptr), &hash))) {
391
 
                        cli_dbgmsg("vba_readdir: cannot find project %s (%u)\n", ptr, hash);
 
392
                        cli_dbgmsg("vba_readdir: cannot find project %s (%s)\n", ptr, hash);
392
393
                        break;
393
394
                }
394
 
                cli_dbgmsg("vba_readdir: project name: %s (%u)\n", ptr, hash);
 
395
                cli_dbgmsg("vba_readdir: project name: %s (%s)\n", ptr, hash);
395
396
                free(ptr);
396
397
                vba_project->name[i] = hash;
397
398
                if(!read_uint16(fd, &length, big_endian))
603
604
        ret = cli_magic_scandesc(ofd, ctx);
604
605
        close(ofd);
605
606
        if(!cli_leavetemps_flag)
606
 
          unlink(fullname);
 
607
          if (cli_unlink(fullname))
 
608
            ret = CL_EIO;
607
609
        free(fullname);
608
610
        return ret;
609
611
}
675
677
 
676
678
        if(cli_readn(fd, inbuff, stream.avail_in) != (int)stream.avail_in) {
677
679
                close(ofd);
678
 
                unlink(fullname);
 
680
                cli_unlink(fullname);
679
681
                return FALSE;
680
682
        }
681
683
        length -= stream.avail_in;
682
684
 
683
685
        if(inflateInit(&stream) != Z_OK) {
684
686
                close(ofd);
685
 
                unlink(fullname);
 
687
                cli_unlink(fullname);
686
688
                cli_warnmsg("ppt_unlzw: inflateInit failed\n");
687
689
                return FALSE;
688
690
        }
710
712
                }
711
713
        } while(inflate(&stream, Z_NO_FLUSH) == Z_OK);
712
714
 
713
 
        if (cli_writen(ofd, outbuff, PPT_LZW_BUFFSIZE-stream.avail_out) != (int)PPT_LZW_BUFFSIZE-stream.avail_out) {
 
715
        if (cli_writen(ofd, outbuff, PPT_LZW_BUFFSIZE-stream.avail_out) != (int)(PPT_LZW_BUFFSIZE-stream.avail_out)) {
714
716
                close(ofd);
715
717
                inflateEnd(&stream);
716
718
                return FALSE;
1038
1040
        macro_info_t macro_info;
1039
1041
        vba_project_t *vba_project;
1040
1042
        mso_fib_t fib;
1041
 
        uint32_t hash, hashcnt;
1042
 
        char fullname[1024];
1043
 
 
1044
1043
 
1045
1044
        if (!word_read_fib(fd, &fib))
1046
1045
                return NULL;
1239
1238
        if(ret == NULL)
1240
1239
                return NULL;
1241
1240
 
1242
 
        ret->name = (uint32_t *)cli_malloc(sizeof(uint32_t) * record_count);
 
1241
        ret->name = (char **)cli_malloc(sizeof(char *) * record_count);
1243
1242
        ret->colls = (uint32_t *)cli_malloc(sizeof(uint32_t) * record_count);
1244
1243
        ret->dir = cli_strdup(dir);
1245
1244
        ret->offset = (uint32_t *)cli_malloc (sizeof(uint32_t) * record_count);