diff -Nru clamav-0.103.0+dfsg/clamav-milter/clamav-milter.c clamav-0.103.2+dfsg/clamav-milter/clamav-milter.c --- clamav-0.103.0+dfsg/clamav-milter/clamav-milter.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamav-milter/clamav-milter.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Author: aCaB @@ -122,7 +122,7 @@ printf("\n"); printf(" Clam AntiVirus: Milter Mail Scanner %s\n", get_version()); printf(" By The ClamAV Team: https://www.clamav.net/about.html#credits\n"); - printf(" (C) 2020 Cisco Systems, Inc.\n"); + printf(" (C) 2021 Cisco Systems, Inc.\n"); printf("\n"); printf(" %s [-c ]\n\n", argv[0]); printf("\n"); @@ -470,7 +470,7 @@ */ if (parentPid != getpid()){ //we have been daemonized daemonize_signal_parent(parentPid); - } + } #endif return smfi_main(); diff -Nru clamav-0.103.0+dfsg/clamav-milter/clamfi.c clamav-0.103.2+dfsg/clamav-milter/clamfi.c --- clamav-0.103.0+dfsg/clamav-milter/clamfi.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamav-milter/clamfi.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Author: aCaB diff -Nru clamav-0.103.0+dfsg/clamav-milter/clamfi.h clamav-0.103.2+dfsg/clamav-milter/clamfi.h --- clamav-0.103.0+dfsg/clamav-milter/clamfi.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamav-milter/clamfi.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Author: aCaB diff -Nru clamav-0.103.0+dfsg/clamav-milter/CMakeLists.txt clamav-0.103.2+dfsg/clamav-milter/CMakeLists.txt --- clamav-0.103.0+dfsg/clamav-milter/CMakeLists.txt 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamav-milter/CMakeLists.txt 2021-04-06 19:03:42.000000000 +0000 @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2020-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. cmake_minimum_required( VERSION 3.12...3.13 ) diff -Nru clamav-0.103.0+dfsg/clamav-milter/connpool.c clamav-0.103.2+dfsg/clamav-milter/connpool.c --- clamav-0.103.0+dfsg/clamav-milter/connpool.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamav-milter/connpool.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Author: aCaB diff -Nru clamav-0.103.0+dfsg/clamav-milter/connpool.h clamav-0.103.2+dfsg/clamav-milter/connpool.h --- clamav-0.103.0+dfsg/clamav-milter/connpool.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamav-milter/connpool.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Author: aCaB diff -Nru clamav-0.103.0+dfsg/clamav-milter/Makefile.am clamav-0.103.2+dfsg/clamav-milter/Makefile.am --- clamav-0.103.0+dfsg/clamav-milter/Makefile.am 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamav-milter/Makefile.am 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ # -# Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. # Copyright (C) 2007-2013 Sourcefire, Inc. # Copyright (C) 2003-2007 Tomasz Kojm # diff -Nru clamav-0.103.0+dfsg/clamav-milter/Makefile.in clamav-0.103.2+dfsg/clamav-milter/Makefile.in --- clamav-0.103.0+dfsg/clamav-milter/Makefile.in 2020-09-13 00:27:50.000000000 +0000 +++ clamav-0.103.2+dfsg/clamav-milter/Makefile.in 2021-04-06 19:04:43.000000000 +0000 @@ -15,7 +15,7 @@ @SET_MAKE@ # -# Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. # Copyright (C) 2007-2013 Sourcefire, Inc. # Copyright (C) 2003-2007 Tomasz Kojm # diff -Nru clamav-0.103.0+dfsg/clamav-milter/netcode.c clamav-0.103.2+dfsg/clamav-milter/netcode.c --- clamav-0.103.0+dfsg/clamav-milter/netcode.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamav-milter/netcode.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Author: aCaB diff -Nru clamav-0.103.0+dfsg/clamav-milter/netcode.h clamav-0.103.2+dfsg/clamav-milter/netcode.h --- clamav-0.103.0+dfsg/clamav-milter/netcode.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamav-milter/netcode.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Author: aCaB diff -Nru clamav-0.103.0+dfsg/clamav-milter/whitelist.c clamav-0.103.2+dfsg/clamav-milter/whitelist.c --- clamav-0.103.0+dfsg/clamav-milter/whitelist.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamav-milter/whitelist.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Author: aCaB diff -Nru clamav-0.103.0+dfsg/clamav-milter/whitelist.h clamav-0.103.2+dfsg/clamav-milter/whitelist.h --- clamav-0.103.0+dfsg/clamav-milter/whitelist.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamav-milter/whitelist.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Author: aCaB diff -Nru clamav-0.103.0+dfsg/clamav-types.h.in clamav-0.103.2+dfsg/clamav-types.h.in --- clamav-0.103.0+dfsg/clamav-types.h.in 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamav-types.h.in 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm, Micah Snyder diff -Nru clamav-0.103.0+dfsg/clamav-version.h.in clamav-0.103.2+dfsg/clamav-version.h.in --- clamav-0.103.0+dfsg/clamav-version.h.in 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamav-version.h.in 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2019-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Micah Snyder * diff -Nru clamav-0.103.0+dfsg/clambc/bcrun.c clamav-0.103.2+dfsg/clambc/bcrun.c --- clamav-0.103.0+dfsg/clambc/bcrun.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clambc/bcrun.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,7 +1,7 @@ /* * ClamAV bytecode handler tool. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Authors: Török Edvin @@ -52,7 +52,7 @@ printf("\n"); printf(" Clam AntiVirus: Bytecode Testing Tool %s\n", get_version()); printf(" By The ClamAV Team: https://www.clamav.net/about.html#credits\n"); - printf(" (C) 2020 Cisco Systems, Inc.\n"); + printf(" (C) 2021 Cisco Systems, Inc.\n"); printf("\n"); printf(" clambc [function] [param1 ...]\n"); printf("\n"); diff -Nru clamav-0.103.0+dfsg/clambc/CMakeLists.txt clamav-0.103.2+dfsg/clambc/CMakeLists.txt --- clamav-0.103.0+dfsg/clambc/CMakeLists.txt 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clambc/CMakeLists.txt 2021-04-06 19:03:42.000000000 +0000 @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2020-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. cmake_minimum_required( VERSION 3.12...3.13 ) diff -Nru clamav-0.103.0+dfsg/clamconf/clamconf.c clamav-0.103.2+dfsg/clamconf/clamconf.c --- clamav-0.103.0+dfsg/clamconf/clamconf.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamconf/clamconf.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Author: Tomasz Kojm @@ -207,7 +207,7 @@ printf("\n"); printf(" Clam AntiVirus: Configuration Tool %s\n", get_version()); printf(" By The ClamAV Team: https://www.clamav.net/about.html#credits\n"); - printf(" (C) 2020 Cisco Systems, Inc.\n"); + printf(" (C) 2021 Cisco Systems, Inc.\n"); printf("\n"); printf(" --help -h Show this help\n"); printf(" --version -V Show version\n"); diff -Nru clamav-0.103.0+dfsg/clamconf/CMakeLists.txt clamav-0.103.2+dfsg/clamconf/CMakeLists.txt --- clamav-0.103.0+dfsg/clamconf/CMakeLists.txt 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamconf/CMakeLists.txt 2021-04-06 19:03:42.000000000 +0000 @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2020-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. cmake_minimum_required( VERSION 3.12...3.13 ) diff -Nru clamav-0.103.0+dfsg/clamconf/Makefile.am clamav-0.103.2+dfsg/clamconf/Makefile.am --- clamav-0.103.0+dfsg/clamconf/Makefile.am 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamconf/Makefile.am 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ # -# Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. # Copyright (C) 2007-2013 Sourcefire, Inc. # Copyright (C) 2006-2007 Tomasz Kojm # diff -Nru clamav-0.103.0+dfsg/clamconf/Makefile.in clamav-0.103.2+dfsg/clamconf/Makefile.in --- clamav-0.103.0+dfsg/clamconf/Makefile.in 2020-09-13 00:27:50.000000000 +0000 +++ clamav-0.103.2+dfsg/clamconf/Makefile.in 2021-04-06 19:04:43.000000000 +0000 @@ -15,7 +15,7 @@ @SET_MAKE@ # -# Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. # Copyright (C) 2007-2013 Sourcefire, Inc. # Copyright (C) 2006-2007 Tomasz Kojm # diff -Nru clamav-0.103.0+dfsg/clamd/clamd.c clamav-0.103.2+dfsg/clamd/clamd.c --- clamav-0.103.0+dfsg/clamd/clamd.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamd/clamd.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm @@ -89,7 +89,7 @@ printf("\n"); printf(" Clam AntiVirus: Daemon %s\n", get_version()); printf(" By The ClamAV Team: https://www.clamav.net/about.html#credits\n"); - printf(" (C) 2020 Cisco Systems, Inc.\n"); + printf(" (C) 2021 Cisco Systems, Inc.\n"); printf("\n"); printf(" clamd [options]\n"); printf("\n"); @@ -778,7 +778,7 @@ #ifndef _WIN32 /*Since some of the logging is written to stderr, and some of it - * is written to a log file, close stdin, stderr, and stdout + * is written to a log file, close stdin, stderr, and stdout * now, since everything is initialized.*/ /*signal the parent process.*/ diff -Nru clamav-0.103.0+dfsg/clamd/clamd_others.c clamav-0.103.2+dfsg/clamd/clamd_others.c --- clamav-0.103.0+dfsg/clamd/clamd_others.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamd/clamd_others.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm, Trog, Török Edvin diff -Nru clamav-0.103.0+dfsg/clamd/clamd_others.h clamav-0.103.2+dfsg/clamd/clamd_others.h --- clamav-0.103.0+dfsg/clamd/clamd_others.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamd/clamd_others.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm, Trog, Török Edvin diff -Nru clamav-0.103.0+dfsg/clamd/CMakeLists.txt clamav-0.103.2+dfsg/clamd/CMakeLists.txt --- clamav-0.103.0+dfsg/clamd/CMakeLists.txt 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamd/CMakeLists.txt 2021-04-06 19:03:42.000000000 +0000 @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2020-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. cmake_minimum_required( VERSION 3.12...3.13 ) diff -Nru clamav-0.103.0+dfsg/clamd/localserver.c clamav-0.103.2+dfsg/clamd/localserver.c --- clamav-0.103.0+dfsg/clamd/localserver.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamd/localserver.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/clamd/localserver.h clamav-0.103.2+dfsg/clamd/localserver.h --- clamav-0.103.0+dfsg/clamd/localserver.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamd/localserver.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/clamd/Makefile.am clamav-0.103.2+dfsg/clamd/Makefile.am --- clamav-0.103.0+dfsg/clamd/Makefile.am 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamd/Makefile.am 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ # -# Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. # Copyright (C) 2007-2013 Sourcefire, Inc. # Copyright (C) 2002-2007 Tomasz Kojm # diff -Nru clamav-0.103.0+dfsg/clamd/Makefile.in clamav-0.103.2+dfsg/clamd/Makefile.in --- clamav-0.103.0+dfsg/clamd/Makefile.in 2020-09-13 00:27:50.000000000 +0000 +++ clamav-0.103.2+dfsg/clamd/Makefile.in 2021-04-06 19:04:43.000000000 +0000 @@ -15,7 +15,7 @@ @SET_MAKE@ # -# Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. # Copyright (C) 2007-2013 Sourcefire, Inc. # Copyright (C) 2002-2007 Tomasz Kojm # diff -Nru clamav-0.103.0+dfsg/clamd/scanner.c clamav-0.103.2+dfsg/clamd/scanner.c --- clamav-0.103.0+dfsg/clamd/scanner.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamd/scanner.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm, Török Edvin @@ -146,13 +146,13 @@ if (NULL != filename) { if (CL_SUCCESS != cli_realpath((const char *)filename, &real_filename)) { - conn_reply_errno(scandata->conn, msg, "real-path check failed:"); + conn_reply_errno(scandata->conn, msg, "Failed to determine real path:"); logg("^Failed to determine real path for: %s\n", filename); - scandata->errors++; - return CL_SUCCESS; + logg("*Quarantine of the file may fail if file path contains symlinks.\n"); + } else { + free(filename); + filename = real_filename; } - free(filename); - filename = real_filename; } /* detect disconnected socket, @@ -364,7 +364,7 @@ return 0; } -int scanfd( +cl_error_t scanfd( const client_conn_t *conn, unsigned long int *scanned, const struct cl_engine *engine, @@ -373,13 +373,17 @@ int odesc, int stream) { - int ret, fd = conn->scanfd; + cl_error_t ret = -1; + int fd = conn->scanfd; const char *virname = NULL; STATBUF statbuf; struct cb_context context; char fdstr[32]; const char *reply_fdstr; + char *filepath = NULL; + char *log_filename = fdstr; + UNUSEDPARAM(odesc); if (stream) { @@ -396,41 +400,60 @@ } if (FSTAT(fd, &statbuf) == -1 || !S_ISREG(statbuf.st_mode)) { logg("%s: Not a regular file. ERROR\n", fdstr); - if (conn_reply(conn, reply_fdstr, "Not a regular file", "ERROR") == -1) - return CL_ETIMEOUT; - return -1; + if (conn_reply(conn, reply_fdstr, "Not a regular file", "ERROR") == -1) { + ret = CL_ETIMEOUT; + goto done; + } + ret = CL_BREAK; + goto done; + } + + /* Try and get the real filename, for logging purposes */ + if (!stream) { + if (CL_SUCCESS != cli_get_filepath_from_filedesc(fd, &filepath)) { + logg("*%s: Unable to determine the filepath given the file descriptor.\n", fdstr); + } else { + log_filename = filepath; + } } thrmgr_setactivetask(fdstr, NULL); context.filename = fdstr; context.virsize = 0; context.scandata = NULL; - ret = cl_scandesc_callback(fd, conn->filename, &virname, scanned, engine, options, &context); + ret = cl_scandesc_callback(fd, log_filename, &virname, scanned, engine, options, &context); thrmgr_setactivetask(NULL, NULL); if (thrmgr_group_need_terminate(conn->group)) { logg("*Client disconnected while scanjob was active\n"); - return ret == CL_ETIMEOUT ? ret : CL_BREAK; + ret = ret == CL_ETIMEOUT ? ret : CL_BREAK; + goto done; } if (ret == CL_VIRUS) { if (conn_reply_virus(conn, reply_fdstr, virname) == -1) ret = CL_ETIMEOUT; if (context.virsize && optget(opts, "ExtendedDetectionInfo")->enabled) - logg("%s: %s(%s:%llu) FOUND\n", fdstr, virname, context.virhash, context.virsize); + logg("%s: %s(%s:%llu) FOUND\n", log_filename, virname, context.virhash, context.virsize); else - logg("%s: %s FOUND\n", fdstr, virname); - virusaction(reply_fdstr, virname, opts); + logg("%s: %s FOUND\n", log_filename, virname); + virusaction(log_filename, virname, opts); } else if (ret != CL_CLEAN) { if (conn_reply(conn, reply_fdstr, cl_strerror(ret), "ERROR") == -1) ret = CL_ETIMEOUT; - logg("%s: %s ERROR\n", fdstr, cl_strerror(ret)); + logg("%s: %s ERROR\n", log_filename, cl_strerror(ret)); } else { if (conn_reply_single(conn, reply_fdstr, "OK") == CL_ETIMEOUT) ret = CL_ETIMEOUT; if (logok) - logg("%s: OK\n", fdstr); + logg("%s: OK\n", log_filename); + } + +done: + if (NULL != filepath) { + free(filepath); } + return ret; } diff -Nru clamav-0.103.0+dfsg/clamd/scanner.h clamav-0.103.2+dfsg/clamd/scanner.h --- clamav-0.103.0+dfsg/clamd/scanner.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamd/scanner.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm, Török Edvin @@ -65,7 +65,7 @@ struct scan_cb_data *scandata; }; -int scanfd(const client_conn_t *conn, unsigned long int *scanned, const struct cl_engine *engine, struct cl_scan_options *options, const struct optstruct *opts, int odesc, int stream); +cl_error_t scanfd(const client_conn_t *conn, unsigned long int *scanned, const struct cl_engine *engine, struct cl_scan_options *options, const struct optstruct *opts, int odesc, int stream); int scanstream(int odesc, unsigned long int *scanned, const struct cl_engine *engine, struct cl_scan_options *options, const struct optstruct *opts, char term); cl_error_t scan_callback(STATBUF *sb, char *filename, const char *msg, enum cli_ftw_reason reason, struct cli_ftw_cbdata *data); int scan_pathchk(const char *path, struct cli_ftw_cbdata *data); diff -Nru clamav-0.103.0+dfsg/clamd/server.h clamav-0.103.2+dfsg/clamd/server.h --- clamav-0.103.0+dfsg/clamd/server.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamd/server.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm, Trog, Török Edvin diff -Nru clamav-0.103.0+dfsg/clamd/server-th.c clamav-0.103.2+dfsg/clamd/server-th.c --- clamav-0.103.0+dfsg/clamd/server-th.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamd/server-th.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm, Trog, Török Edvin @@ -1203,6 +1203,11 @@ } } + if (optget(opts, "AlertBrokenMedia")->enabled) { + options.heuristic |= CL_SCAN_HEURISTIC_BROKEN_MEDIA; + logg("Media (Graphics) Format Validatation enabled\n"); + } + if (optget(opts, "ScanMail")->enabled) { logg("Mail files support enabled.\n"); options.parse |= CL_SCAN_PARSE_MAIL; diff -Nru clamav-0.103.0+dfsg/clamd/session.c clamav-0.103.2+dfsg/clamd/session.c --- clamav-0.103.0+dfsg/clamd/session.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamd/session.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm, Török Edvin diff -Nru clamav-0.103.0+dfsg/clamd/session.h clamav-0.103.2+dfsg/clamd/session.h --- clamav-0.103.0+dfsg/clamd/session.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamd/session.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm, Török Edvin diff -Nru clamav-0.103.0+dfsg/clamd/shared.h clamav-0.103.2+dfsg/clamd/shared.h --- clamav-0.103.0+dfsg/clamd/shared.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamd/shared.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/clamd/tcpserver.c clamav-0.103.2+dfsg/clamd/tcpserver.c --- clamav-0.103.0+dfsg/clamd/tcpserver.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamd/tcpserver.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm, Török Edvin diff -Nru clamav-0.103.0+dfsg/clamd/tcpserver.h clamav-0.103.2+dfsg/clamd/tcpserver.h --- clamav-0.103.0+dfsg/clamd/tcpserver.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamd/tcpserver.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/clamd/thrmgr.c clamav-0.103.2+dfsg/clamd/thrmgr.c --- clamav-0.103.0+dfsg/clamd/thrmgr.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamd/thrmgr.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Trog, Török Edvin diff -Nru clamav-0.103.0+dfsg/clamd/thrmgr.h clamav-0.103.2+dfsg/clamd/thrmgr.h --- clamav-0.103.0+dfsg/clamd/thrmgr.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamd/thrmgr.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm, Török Edvin diff -Nru clamav-0.103.0+dfsg/clamdscan/clamdscan.c clamav-0.103.2+dfsg/clamdscan/clamdscan.c --- clamav-0.103.0+dfsg/clamdscan/clamdscan.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamdscan/clamdscan.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm, aCaB @@ -225,7 +225,7 @@ mprintf("\n"); mprintf(" Clam AntiVirus: Daemon Client %s\n", get_version()); mprintf(" By The ClamAV Team: https://www.clamav.net/about.html#credits\n"); - mprintf(" (C) 2020 Cisco Systems, Inc.\n"); + mprintf(" (C) 2021 Cisco Systems, Inc.\n"); mprintf("\n"); mprintf(" clamdscan [options] [file/directory/-]\n"); mprintf("\n"); diff -Nru clamav-0.103.0+dfsg/clamdscan/client.c clamav-0.103.2+dfsg/clamdscan/client.c --- clamav-0.103.0+dfsg/clamdscan/client.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamdscan/client.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm, aCaB @@ -235,7 +235,17 @@ } if (i + 1 < attempts) { - logg("*PINGing again in %" PRIu64 " seconds\n", interval); + if (optget(opts, "wait")->enabled) { + if (interval == 1) + logg("*Could not connect, will try again in %lu second\n", interval); + else + logg("*Could not connect, will try again in %lu seconds\n", interval); + } else { + if (interval == 1) + logg("Could not connect, will PING again in %lu second\n", interval); + else + logg("Could not connect, will PING again in %lu seconds\n", interval); + } sleep(interval); } i++; @@ -243,7 +253,11 @@ /* timed out */ ret = 1; - logg("*PING timeout exceeded with no response from clamd\n"); + if (optget(opts, "wait")->enabled) { + logg("Wait timeout exceeded; Could not connect to clamd\n"); + } else { + logg("PING timeout exceeded; No response from clamd\n"); + } done: if (attempt_str) { diff -Nru clamav-0.103.0+dfsg/clamdscan/client.h clamav-0.103.2+dfsg/clamdscan/client.h --- clamav-0.103.0+dfsg/clamdscan/client.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamdscan/client.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm, aCaB diff -Nru clamav-0.103.0+dfsg/clamdscan/CMakeLists.txt clamav-0.103.2+dfsg/clamdscan/CMakeLists.txt --- clamav-0.103.0+dfsg/clamdscan/CMakeLists.txt 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamdscan/CMakeLists.txt 2021-04-06 19:03:42.000000000 +0000 @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2020-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. cmake_minimum_required( VERSION 3.12...3.13 ) diff -Nru clamav-0.103.0+dfsg/clamdscan/Makefile.am clamav-0.103.2+dfsg/clamdscan/Makefile.am --- clamav-0.103.0+dfsg/clamdscan/Makefile.am 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamdscan/Makefile.am 2021-04-06 19:03:42.000000000 +0000 @@ -1,4 +1,4 @@ -# Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. # Copyright (C) 2007-2013 Sourcefire, Inc. # Copyright (C) 2002-2007 Tomasz Kojm # diff -Nru clamav-0.103.0+dfsg/clamdscan/Makefile.in clamav-0.103.2+dfsg/clamdscan/Makefile.in --- clamav-0.103.0+dfsg/clamdscan/Makefile.in 2020-09-13 00:27:50.000000000 +0000 +++ clamav-0.103.2+dfsg/clamdscan/Makefile.in 2021-04-06 19:04:43.000000000 +0000 @@ -14,7 +14,7 @@ @SET_MAKE@ -# Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. # Copyright (C) 2007-2013 Sourcefire, Inc. # Copyright (C) 2002-2007 Tomasz Kojm # diff -Nru clamav-0.103.0+dfsg/clamdscan/proto.c clamav-0.103.2+dfsg/clamdscan/proto.c --- clamav-0.103.0+dfsg/clamdscan/proto.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamdscan/proto.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm, aCaB @@ -151,11 +151,13 @@ if (filename) { if ((fd = safe_open(filename, O_RDONLY | O_BINARY)) < 0) { - logg("~%s: Access denied. ERROR\n", filename); + logg("~%s: Failed to open file. ERROR\n", filename); return 0; } - } else + } else { + /* Read stream from STDIN */ fd = 0; + } if (sendln(sockd, "zINSTREAM", 10)) { close(fd); @@ -199,7 +201,7 @@ if (filename) { if ((fd = open(filename, O_RDONLY)) < 0) { - logg("~%s: Access denied. ERROR\n", filename); + logg("~%s: Failed to open file\n", filename); return 0; } } else @@ -429,6 +431,7 @@ if (reason != visit_directory_toplev) { if (CL_SUCCESS != cli_realpath((const char *)path, &real_filename)) { logg("*Failed to determine real filename of %s.\n", path); + logg("*Quarantine of the file may fail if file path contains symlinks.\n"); } else { path = real_filename; } @@ -613,6 +616,7 @@ if (reason != visit_directory_toplev) { if (CL_SUCCESS != cli_realpath((const char *)filename, &real_filename)) { logg("*Failed to determine real filename of %s.\n", filename); + logg("*Quarantine of the file may fail if file path contains symlinks.\n"); } else { free(filename); filename = real_filename; diff -Nru clamav-0.103.0+dfsg/clamdscan/proto.h clamav-0.103.2+dfsg/clamdscan/proto.h --- clamav-0.103.0+dfsg/clamdscan/proto.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamdscan/proto.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm, aCaB diff -Nru clamav-0.103.0+dfsg/clamdtop/clamdtop.c clamav-0.103.2+dfsg/clamdtop/clamdtop.c --- clamav-0.103.0+dfsg/clamdtop/clamdtop.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamdtop/clamdtop.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,7 +1,7 @@ /* * ClamdTOP * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Authors: Török Edvin @@ -1339,7 +1339,7 @@ printf("\n"); printf(" Clam AntiVirus: Monitoring Tool %s\n", get_version()); printf(" By The ClamAV Team: https://www.clamav.net/about.html#credits\n"); - printf(" (C) 2020 Cisco Systems, Inc.\n"); + printf(" (C) 2021 Cisco Systems, Inc.\n"); printf("\n"); printf(" clamdtop [-hVc] [host[:port] /path/to/clamd.socket ...]\n"); printf("\n"); diff -Nru clamav-0.103.0+dfsg/clamdtop/CMakeLists.txt clamav-0.103.2+dfsg/clamdtop/CMakeLists.txt --- clamav-0.103.0+dfsg/clamdtop/CMakeLists.txt 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamdtop/CMakeLists.txt 2021-04-06 19:03:42.000000000 +0000 @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2020-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. cmake_minimum_required( VERSION 3.12...3.13 ) diff -Nru clamav-0.103.0+dfsg/clamonacc/clamonacc.c clamav-0.103.2+dfsg/clamonacc/clamonacc.c --- clamav-0.103.0+dfsg/clamonacc/clamonacc.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamonacc/clamonacc.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2019-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Mickey Sola * @@ -165,6 +165,11 @@ logg("*Clamonacc: not setting up client\n"); goto done; break; + case CL_EWRITE: + logg("!Clamonacc: can't set up fd passing, configuration issue -- please ensure your system \ + is capable of fdpassing before specifying the fdpass option\n"); + ret = 2; + goto done; case CL_EARG: default: logg("!Clamonacc: can't setup client\n"); @@ -377,7 +382,7 @@ int16_t ping_result = onas_ping_clamd(&ctx); switch (ping_result) { case 0: - ret = (int)CL_BREAK; + ret = (int)CL_SUCCESS; break; case 1: ret = (int)CL_ETIMEOUT; @@ -414,7 +419,7 @@ mprintf("\n"); mprintf(" ClamAV: On Access Scanning Application and Client %s\n", get_version()); mprintf(" By The ClamAV Team: https://www.clamav.net/about.html#credits\n"); - mprintf(" (C) 2020 Cisco Systems, Inc.\n"); + mprintf(" (C) 2021 Cisco Systems, Inc.\n"); mprintf("\n"); mprintf(" clamonacc [options] [file/directory/-]\n"); mprintf("\n"); @@ -423,7 +428,7 @@ mprintf(" --verbose -v Be verbose\n"); mprintf(" --log=FILE -l FILE Save scanning output to FILE\n"); mprintf(" --foreground -F Output to foreground and do not daemonize\n"); - mprintf(" --watch-list=FILE -w FILE Watch directories from FILE\n"); + mprintf(" --watch-list=FILE -W FILE Watch directories from FILE\n"); mprintf(" --exclude-list=FILE -e FILE Exclude directories from FILE\n"); mprintf(" --ping -p A[:I] Ping clamd up to [A] times at optional interval [I] until it responds.\n"); mprintf(" --wait -w Wait up to 30 seconds for clamd to start. Optionally use alongside --ping to set attempts [A] and interval [I] to check clamd.\n"); diff -Nru clamav-0.103.0+dfsg/clamonacc/clamonacc.h clamav-0.103.2+dfsg/clamonacc/clamonacc.h --- clamav-0.103.0+dfsg/clamonacc/clamonacc.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamonacc/clamonacc.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Mickey Sola diff -Nru clamav-0.103.0+dfsg/clamonacc/client/client.c clamav-0.103.2+dfsg/clamonacc/client/client.c --- clamav-0.103.0+dfsg/clamonacc/client/client.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamonacc/client/client.c 2021-04-06 19:03:42.000000000 +0000 @@ -66,6 +66,7 @@ #include "communication.h" #include "client.h" #include "protocol.h" +#include "socket.h" #include "../clamonacc.h" @@ -132,7 +133,11 @@ curlcode = curl_easy_perform(curl); if (CURLE_OK != curlcode) { - logg("!ClamClient: could not connect to remote clam daemon, %s\n", curl_easy_strerror(curlcode)); + if (optget((*ctx)->opts, "ping")->enabled || optget((*ctx)->opts, "wait")->enabled) { + logg("~ClamClient: Initial connection failed, %s. Will try again...\n", curl_easy_strerror(curlcode)); + } else { + logg("!ClamClient: Could not connect to clamd, %s\n", curl_easy_strerror(curlcode)); + } *err = CL_EARG; return ret; } @@ -236,11 +241,13 @@ do { curlcode = curl_easy_perform(curl); if (CURLE_OK != curlcode) { - logg("*ClamClient: could not connect to clam daemon, %s\n", curl_easy_strerror(curlcode)); + logg("*ClamClient: could not connect to clamd, %s\n", curl_easy_strerror(curlcode)); } else if (CURLE_OK == onas_sendln(curl, "zPING", 5, timeout)) { if (!optget((*ctx)->opts, "wait")->enabled) { logg("PONG\n"); + } else { + logg("*ClamClient: Connected.\n"); } ret = 0; @@ -248,7 +255,17 @@ } if (i + 1 < attempts) { - logg("*PINGing again in %lu seconds\n", interval); + if (optget((*ctx)->opts, "wait")->enabled) { + if (interval == 1) + logg("*Will try again in %lu second\n", interval); + else + logg("*Will try again in %lu seconds\n", interval); + } else { + if (interval == 1) + logg("PINGing again in %lu second\n", interval); + else + logg("PINGing again in %lu seconds\n", interval); + } sleep(interval); } i++; @@ -256,7 +273,11 @@ /* timed out */ ret = 1; - logg("*PING timeout exceeded with no response from clamd\n"); + if (optget((*ctx)->opts, "wait")->enabled) { + logg("Wait timeout exceeded; Could not connect to clamd\n"); + } else { + logg("PING timeout exceeded; No response from clamd\n"); + } done: if (curl) { @@ -425,6 +446,9 @@ remote = (*ctx)->isremote | optget(opts, "stream")->enabled; #ifdef HAVE_FD_PASSING if (!remote && optget((*ctx)->clamdopts, "LocalSocket")->enabled && (optget(opts, "fdpass")->enabled)) { + if (onas_set_sock_only_once(*ctx) == CL_EWRITE) { + return CL_EWRITE; + } logg("*ClamClient: client setup to scan via fd passing\n"); (*ctx)->scantype = FILDES; (*ctx)->session = optget(opts, "multiscan")->enabled; @@ -458,7 +482,7 @@ cl_error_t err = CL_SUCCESS; int b_remote; int len; - struct RCVLN rcv; + struct onas_rcvln rcv; int64_t timeout; timeout = optget((*ctx)->clamdopts, "OnAccessCurlTimeout")->numarg; @@ -480,11 +504,11 @@ } } - onas_recvlninit(&rcv, curl); + onas_recvlninit(&rcv, curl, 0); curlcode = curl_easy_perform(curl); if (CURLE_OK != curlcode) { - logg("*ClamClient: could not connect to clam daemon, %s\n", curl_easy_strerror(curlcode)); + logg("*ClamClient: could not connect to clamd, %s\n", curl_easy_strerror(curlcode)); return 2; } @@ -526,6 +550,7 @@ CURLcode curlcode = CURLE_OK; int errors = 0; int ret; + static bool disconnected = false; *infected = 0; @@ -542,9 +567,16 @@ curlcode = curl_easy_perform(curl); if (CURLE_OK != curlcode) { - logg("!ClamClient: could not establish connection, %s\n", curl_easy_strerror(curlcode)); + if (!disconnected) { + logg("!ClamClient: Connection to clamd failed, %s.\n", curl_easy_strerror(curlcode)); + disconnected = true; + } return CL_ECREAT; } + if (disconnected) { + logg("~ClamClient: Connection to clamd re-established.\n"); + disconnected = false; + } if ((ret = onas_dsresult(curl, scantype, maxstream, fname, fd, timeout, &ret, err, ret_code)) >= 0) { *infected = ret; diff -Nru clamav-0.103.0+dfsg/clamonacc/client/client.h clamav-0.103.2+dfsg/clamonacc/client/client.h --- clamav-0.103.0+dfsg/clamonacc/client/client.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamonacc/client/client.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2015-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2015-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009 Sourcefire, Inc. * * Authors: Tomasz Kojm, aCaB diff -Nru clamav-0.103.0+dfsg/clamonacc/client/communication.c clamav-0.103.2+dfsg/clamonacc/client/communication.c --- clamav-0.103.0+dfsg/clamonacc/client/communication.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamonacc/client/communication.c 2021-04-06 19:03:42.000000000 +0000 @@ -38,6 +38,10 @@ #include #endif +// libclamav +#include "clamav.h" + +// shared #include "output.h" #include "communication.h" @@ -70,6 +74,7 @@ /* select() returns the number of signalled sockets or -1 */ ret = select((int)sockfd + 1, &infd, &outfd, &errfd, &tv); + return ret; } @@ -86,7 +91,9 @@ curlcode = curl_easy_getinfo(curl, CURLINFO_ACTIVESOCKET, &sockfd); #else /* Use deprecated CURLINFO_LASTSOCKET option */ - curlcode = curl_easy_getinfo(curl, CURLINFO_LASTSOCKET, &sockfd); + long long_sockfd; + curlcode = curl_easy_getinfo(curl, CURLINFO_LASTSOCKET, &long_sockfd); + sockfd = (curl_socket_t)long_sockfd; #endif if (CURLE_OK != curlcode) { @@ -98,15 +105,21 @@ do { curlcode = curl_easy_send(curl, line, len, &sent); - if (CURLE_AGAIN == curlcode && !onas_socket_wait(sockfd, 0, timeout)) { + if (CURLE_AGAIN == curlcode && onas_socket_wait(sockfd, 0, timeout) <= 0) { logg("!ClamCom: TIMEOUT while waiting on socket (send)\n"); return 1; } } while (CURLE_AGAIN == curlcode); - if (sent <= 0) { + if (sent == 0) { if (sent && errno == EINTR) { continue; + } else if (errno == EFAULT) { + /* Users have reported frequent "bad address" errors when files + are created & removed before the file can be sent to be + scanned. This isn't a critical error, so we'll log it in + verbose-mode only. */ + logg("*Can't send to clamd: %s\n", strerror(errno)); } else { logg("!Can't send to clamd: %s\n", strerror(errno)); } @@ -122,12 +135,13 @@ } /* Inits a RECVLN struct before it can be used in recvln() - see below */ -void onas_recvlninit(struct RCVLN *rcv_data, CURL *curl) +void onas_recvlninit(struct onas_rcvln *rcv_data, CURL *curl, int sockd) { rcv_data->curl = curl; rcv_data->curlcode = CURLE_OK; rcv_data->lnstart = rcv_data->curr = rcv_data->buf; rcv_data->retlen = 0; + rcv_data->sockd = sockd; } /* Receives a full (terminated with \0) line from a socket @@ -139,7 +153,7 @@ * - 0 if the connection is closed * - -1 on error */ -int onas_recvln(struct RCVLN *rcv_data, char **ret_bol, char **ret_eol, int64_t timeout) +int onas_recvln(struct onas_rcvln *rcv_data, char **ret_bol, char **ret_eol, int64_t timeout) { char *eol; int ret = 0; @@ -150,7 +164,9 @@ rcv_data->curlcode = curl_easy_getinfo(rcv_data->curl, CURLINFO_ACTIVESOCKET, &sockfd); #else /* Use deprecated CURLINFO_LASTSOCKET option */ - rcv_data->curlcode = curl_easy_getinfo(rcv_data->curl, CURLINFO_LASTSOCKET, &sockfd); + long long_sockfd; + rcv_data->curlcode = curl_easy_getinfo(rcv_data->curl, CURLINFO_LASTSOCKET, &long_sockfd); + sockfd = (curl_socket_t)long_sockfd; #endif if (CURLE_OK != rcv_data->curlcode) { @@ -164,7 +180,7 @@ rcv_data->curlcode = curl_easy_recv(rcv_data->curl, rcv_data->curr, sizeof(rcv_data->buf) - (rcv_data->curr - rcv_data->buf), &(rcv_data->retlen)); - if (CURLE_AGAIN == rcv_data->curlcode && !onas_socket_wait(sockfd, 1, timeout)) { + if (CURLE_AGAIN == rcv_data->curlcode && onas_socket_wait(sockfd, 1, timeout) <= 0) { logg("!ClamCom: TIMEOUT while waiting on socket (recv)\n"); return -1; } @@ -181,7 +197,7 @@ *rcv_data->curr = '\0'; if (strcmp(rcv_data->buf, "UNKNOWN COMMAND\n")) { - logg("!Communication error\n"); + logg("!Communication error, clamd received unknown command\n"); } else { logg("!Command rejected by clamd (wrong clamd version?)\n"); } @@ -228,5 +244,68 @@ rcv_data->curr = &rcv_data->lnstart[rcv_data->retlen]; rcv_data->retlen = 0; } + } +} + +/* Receives a full (terminated with \0) line from a socket + * Sets ret_bol to the begin of the received line, and optionally + * ret_eol to the end of line. + * Should be called repeatedly until all input is consumed + * Returns: + * - the length of the line (a positive number) on success + * - 0 if the connection is closed + * - -1 on error + */ +int onas_fd_recvln(struct onas_rcvln *rcv_data, char **ret_bol, char **ret_eol, int64_t timeout_ms) +{ + char *eol; + + UNUSEDPARAM(timeout_ms); + + while (1) { + if (!rcv_data->retlen) { + rcv_data->retlen = recv(rcv_data->sockd, rcv_data->curr, sizeof(rcv_data->buf) - (rcv_data->curr - rcv_data->buf), 0); + if (rcv_data->retlen <= 0) { + if (rcv_data->retlen && errno == EINTR) { + rcv_data->retlen = 0; + continue; + } + if (rcv_data->retlen || rcv_data->curr != rcv_data->buf) { + *rcv_data->curr = '\0'; + if (strcmp(rcv_data->buf, "UNKNOWN COMMAND\n")) + logg("!Communication error\n"); + else + logg("!Command rejected by clamd (wrong clamd version?)\n"); + return -1; + } + return 0; + } + } + if ((eol = memchr(rcv_data->curr, 0, rcv_data->retlen))) { + int ret = 0; + eol++; + rcv_data->retlen -= eol - rcv_data->curr; + *ret_bol = rcv_data->lnstart; + if (ret_eol) *ret_eol = eol; + ret = eol - rcv_data->lnstart; + if (rcv_data->retlen) + rcv_data->lnstart = rcv_data->curr = eol; + else + rcv_data->lnstart = rcv_data->curr = rcv_data->buf; + return ret; + } + rcv_data->retlen += rcv_data->curr - rcv_data->lnstart; + if (!eol && rcv_data->retlen == sizeof(rcv_data->buf)) { + logg("!Overlong reply from clamd\n"); + return -1; + } + if (!eol) { + if (rcv_data->buf != rcv_data->lnstart) { /* old memmove sux */ + memmove(rcv_data->buf, rcv_data->lnstart, rcv_data->retlen); + rcv_data->lnstart = rcv_data->buf; + } + rcv_data->curr = &rcv_data->lnstart[rcv_data->retlen]; + rcv_data->retlen = 0; + } } } diff -Nru clamav-0.103.0+dfsg/clamonacc/client/communication.h clamav-0.103.2+dfsg/clamonacc/client/communication.h --- clamav-0.103.0+dfsg/clamonacc/client/communication.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamonacc/client/communication.h 2021-04-06 19:03:42.000000000 +0000 @@ -32,8 +32,9 @@ #include "misc.h" -struct RCVLN { +struct onas_rcvln { char buf[PATH_MAX + 1024]; + int sockd; CURL *curl; CURLcode curlcode; size_t retlen; @@ -42,7 +43,8 @@ }; int onas_sendln(CURL *curl, const void *line, size_t len, int64_t timeout_ms); -void onas_recvlninit(struct RCVLN *s, CURL *curl); -int onas_recvln(struct RCVLN *rcv_data, char **ret_bol, char **ret_eol, int64_t timeout_ms); +void onas_recvlninit(struct onas_rcvln *s, CURL *curl, int sockd); +int onas_recvln(struct onas_rcvln *rcv_data, char **ret_bol, char **ret_eol, int64_t timeout_ms); +int onas_fd_recvln(struct onas_rcvln *rcv_data, char **ret_bol, char **ret_eol, int64_t timeout_ms); #endif diff -Nru clamav-0.103.0+dfsg/clamonacc/client/protocol.c clamav-0.103.2+dfsg/clamonacc/client/protocol.c --- clamav-0.103.0+dfsg/clamonacc/client/protocol.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamonacc/client/protocol.c 2021-04-06 19:03:42.000000000 +0000 @@ -61,10 +61,12 @@ #include "actions.h" #include "output.h" #include "misc.h" +#include "clamdcom.h" #include "communication.h" #include "protocol.h" #include "client.h" +#include "socket.h" static const char *scancmd[] = {"CONTSCAN", "MULTISCAN", "INSTREAM", "FILDES", "ALLMATCHSCAN"}; @@ -74,90 +76,92 @@ { uint32_t buf[BUFSIZ / sizeof(uint32_t)]; uint64_t len; - uint64_t todo = maxstream; int ret = 1; int close_flag = 0; + STATBUF statbuf; + uint64_t bytesRead = 0; - if (0 == fd) { - if (filename) { + if (-1 == fd) { + if (NULL == filename) { + logg("!onas_send_stream: Invalid args, a filename or file descriptor must be provided.\n"); + return 0; + } else { if ((fd = safe_open(filename, O_RDONLY | O_BINARY)) < 0) { - logg("~%s: Access denied. ERROR\n", filename); + logg("*%s: Failed to open file. ERROR\n", filename); return 0; } //logg("DEBUG: >>>>> fd is %d\n", fd); close_flag = 1; - } else { - fd = 0; } } + if (FSTAT(fd, &statbuf)){ + logg("!onas_send_stream: Invalid args, bad file descriptor.\n"); + ret = -1; + goto strm_out; + } + + if (S_ISDIR(statbuf.st_mode)){ + ret = 0; + goto strm_out; + } + + if ((uint64_t) statbuf.st_size > maxstream){ + ret = 0; + goto strm_out; + } + if (onas_sendln(curl, "zINSTREAM", 10, timeout)) { ret = -1; goto strm_out; } - while ((len = read(fd, &buf[1], sizeof(buf) - sizeof(uint32_t))) > 0) { - if ((uint64_t)len > todo) len = todo; - buf[0] = htonl(len); - if (onas_sendln(curl, (const char *)buf, len + sizeof(uint32_t), timeout)) { + len = statbuf.st_size; + buf[0] = htonl(len); + if (onas_sendln(curl, (const char *) buf, sizeof(uint32_t), timeout)){ + ret = -1; + goto strm_out; + } + + while (bytesRead < len){ + ssize_t ret = read(fd, buf, sizeof(buf)); + if (ret < 0){ + logg("!Failed to read from %s.\n", filename ? filename : "FD"); ret = -1; goto strm_out; - } - todo -= len; - if (!todo) { - len = 0; + } else if (0 == ret){ break; } - } + bytesRead += ret; - if (len) { - logg("!Failed to read from %s.\n", filename ? filename : "STDIN"); - ret = 0; - goto strm_out; + if (onas_sendln(curl, (const char *) buf, ret, timeout)) { + ret = -1; + goto strm_out; + } } + *buf = 0; onas_sendln(curl, (const char *)buf, 4, timeout); strm_out: if (close_flag) { - //logg("DEBUG: >>>>> closed fd %d\n", fd); close(fd); } return ret; } #ifdef HAVE_FD_PASSING -/* Issues a FILDES command and pass a FD to clamd - * Returns >0 on success, 0 soft fail, -1 hard fail */ -static int onas_send_fdpass(CURL *curl, const char *filename, int fd, int64_t timeout) +static int onas_send_fdpass(int sockd, int fd) { - CURLcode result; + + char dummy[] = ""; struct iovec iov[1]; struct msghdr msg; struct cmsghdr *cmsg; unsigned char fdbuf[CMSG_SPACE(sizeof(int))]; - char dummy[] = ""; - int ret = 1; - int close_flag = 0; - - if (0 == fd) { - if (filename) { - if ((fd = open(filename, O_RDONLY)) < 0) { - logg("~%s: Access denied. ERROR\n", filename); - return 0; - } - close_flag = 1; - } else { - fd = 0; - } - } - - result = onas_sendln(curl, "zFILDES", 8, timeout); - if (result) { - logg("*ClamProto: error sending w/ curl, %s\n", curl_easy_strerror(result)); - ret = -1; - goto fd_out; + if (sendln(sockd, "zFILDES", 8)) { + return -1; } iov[0].iov_base = dummy; @@ -172,11 +176,48 @@ cmsg->cmsg_level = SOL_SOCKET; cmsg->cmsg_type = SCM_RIGHTS; *(int *)CMSG_DATA(cmsg) = fd; - if (onas_sendln(curl, &msg, 0, timeout) == -1) { + + if (sendmsg(sockd, &msg, 0) == -1) { logg("!FD send failed: %s\n", strerror(errno)); + return -1; + } + + return 1; +} + +/* Issues a FILDES command and pass a FD to clamd + * Returns >0 on success, 0 soft fail, -1 hard fail */ +static int onas_fdpass(const char *filename, int fd, int sockd) +{ + int ret = 1; + int close_flag = 0; + + if (-1 == fd) { + if (filename) { + if ((fd = open(filename, O_RDONLY)) < 0) { + logg("*%s: Failed to open file. ERROR\n", filename); + return 0; + } + close_flag = 1; + } else { + fd = -1; + } + } + + if (sockd == -1) { + logg("*ClamProto: error when getting socket descriptor\n"); ret = -1; goto fd_out; } + + ret = onas_send_fdpass(sockd, fd); + + if (ret < 0) { + logg("*ClamProto: error when fdpassing\n"); + ret = -1; + goto fd_out; + } + fd_out: if (close_flag) { close(fd); @@ -193,10 +234,19 @@ { int infected = 0, len = 0, beenthere = 0; char *bol, *eol; - struct RCVLN rcv; + struct onas_rcvln rcv; STATBUF sb; + int sockd = -1; + int (*recv_func)(struct onas_rcvln *, char **, char **, int64_t) = NULL; + + sockd = onas_get_sockd(); - onas_recvlninit(&rcv, curl); + onas_recvlninit(&rcv, curl, sockd); + if (rcv.sockd > 0) { + recv_func = &onas_fd_recvln; + } else { + recv_func = &onas_recvln; + } switch (scantype) { case MULTI: @@ -238,21 +288,27 @@ #ifdef HAVE_FD_PASSING case FILDES: /* NULL filename safe in send_fdpass() */ - len = onas_send_fdpass(curl, filename, fd, timeout); + len = onas_fdpass(filename, fd, sockd); break; #endif } if (len <= 0) { *printok = 0; - if (errors) + if (errors && len < 0) { + /* Ignore error if len == 0 to reduce verbosity from file open() + "errors" where the file has been deleted before we have a chance + to scan it. */ (*errors)++; + } infected = len; goto done; } - while ((len = onas_recvln(&rcv, &bol, &eol, timeout))) { + while ((len = (*recv_func)(&rcv, &bol, &eol, timeout))) { + if (len == -1) { + if (ret_code) { *ret_code = CL_EREAD; } @@ -326,20 +382,8 @@ *ret_code = CL_VIRUS; } - } else if (len > 49 && !memcmp(eol - 50, " lstat() failed: No such file or directory. ERROR", 49)) { - if (errors) { - (*errors)++; - } - *printok = 0; - - if (filename) { - (scantype >= STREAM) ? logg("*%s%s\n", filename, colon) : logg("*%s\n", bol); - } - - if (ret_code) { - *ret_code = CL_ESTAT; - } - } else if (len > 41 && !memcmp(eol - 42, " lstat() failed: Permission denied. ERROR", 41)) { + } else if ((len > 32 && !memcmp(eol - 33, "No such file or directory. ERROR", 32)) || + (len > 34 && !memcmp(eol - 35, "Can't open file or directory ERROR", 34))) { if (errors) { (*errors)++; } @@ -352,20 +396,22 @@ if (ret_code) { *ret_code = CL_ESTAT; } - } else if (len > 21 && !memcmp(eol - 22, " Access denied. ERROR", 21)) { + } else if ((len > 21 && !memcmp(eol - 22, " Access denied. ERROR", 21)) || + (len > 23 && !memcmp(eol - 24, "Can't access file ERROR", 23)) || + (len > 41 && !memcmp(eol - 42, " lstat() failed: Permission denied. ERROR", 41))) { if (errors) { (*errors)++; } *printok = 0; if (filename) { - (scantype >= STREAM) ? logg("*%s%s\n", filename, colon) : logg("*%s\n", bol); + (scantype >= STREAM) ? logg("~%s%s\n", filename, colon) : logg("~%s\n", bol); } if (ret_code) { *ret_code = CL_EACCES; } - } else if (!memcmp(eol - 7, " ERROR", 6)) { + } else if (len > 6 && !memcmp(eol - 7, " ERROR", 6)) { if (errors) { (*errors)++; } @@ -376,7 +422,7 @@ } if (ret_code) { - *ret_code = CL_ESTATE; + *ret_code = CL_ERROR; } } } @@ -410,5 +456,8 @@ } done: + if (sockd > 0) { + closesocket(sockd); + } return infected; } diff -Nru clamav-0.103.0+dfsg/clamonacc/client/socket.c clamav-0.103.2+dfsg/clamonacc/client/socket.c --- clamav-0.103.0+dfsg/clamonacc/client/socket.c 1970-01-01 00:00:00.000000000 +0000 +++ clamav-0.103.2+dfsg/clamonacc/client/socket.c 2021-04-06 19:03:42.000000000 +0000 @@ -0,0 +1,92 @@ +/* + * Copyright (C) 2020-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * + * Author: Mickey Sola + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301, USA. + */ + +#if HAVE_CONFIG_H +#include "clamav-config.h" +#endif + +#include +#include +#include + +#include "clamav.h" +#include "output.h" + +#include "optparser.h" +#include "../clamonacc.h" +#include "socket.h" +#include "platform.h" + +#ifdef HAVE_FD_PASSING +struct onas_sock_t onas_sock = {.written = 0}; +#endif + +/** + * One time socket setup for unix file descriptor passing + * + * @param ctx a point to the onas context struct + * @return CL_SUCCESS if writing to socket struct was succesful, CL_EWRITE if the socket has already been written to + */ +cl_error_t onas_set_sock_only_once(struct onas_context *ctx) +{ + + const struct optstruct *opt; + +#ifdef HAVE_FD_PASSING + if (onas_sock.written != 1) { + if (((opt = + optget(ctx->clamdopts, "LocalSocket")) + ->enabled) && + optget(ctx->opts, "fdpass")->enabled) { + memset((void *)&onas_sock, 0, sizeof(onas_sock)); + onas_sock.sock.sun_family = AF_UNIX; + strncpy(onas_sock.sock.sun_path, opt->strarg, sizeof(onas_sock.sock.sun_path)); + onas_sock.sock.sun_path[sizeof(onas_sock.sock.sun_path) - 1] = '\0'; + onas_sock.written = 1; + return CL_SUCCESS; + } + } +#endif + + return CL_EWRITE; +} + +/** + * Retrieves a working socket descriptor for unix fdpassing + * + * @return Returns socket desctriptor on success, -1 on failure + */ +int onas_get_sockd() +{ + +#ifdef HAVE_FD_PASSING + + int sockd; + if (onas_sock.written && (sockd = socket(AF_UNIX, SOCK_STREAM, 0)) >= 0) { + if (connect(sockd, (struct sockaddr *)&onas_sock.sock, sizeof(onas_sock.sock)) == 0) + return sockd; + else { + logg("!ClamSock: Could not connect to clamd on LocalSocket \n"); + closesocket(sockd); + } + } +#endif + return -1; +} diff -Nru clamav-0.103.0+dfsg/clamonacc/client/socket.h clamav-0.103.2+dfsg/clamonacc/client/socket.h --- clamav-0.103.0+dfsg/clamonacc/client/socket.h 1970-01-01 00:00:00.000000000 +0000 +++ clamav-0.103.2+dfsg/clamonacc/client/socket.h 2021-04-06 19:03:42.000000000 +0000 @@ -0,0 +1,34 @@ +/* + * Copyright (C) 2020-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * + * Author: Mickey Sola + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301, USA. + */ + +#include +#include + +#include "optparser.h" +#include "../clamonacc.h" + +struct onas_sock_t { + + int written; + struct sockaddr_un sock; +}; + +cl_error_t onas_set_sock_only_once(struct onas_context *ctx); +int onas_get_sockd(); diff -Nru clamav-0.103.0+dfsg/clamonacc/CMakeLists.txt clamav-0.103.2+dfsg/clamonacc/CMakeLists.txt --- clamav-0.103.0+dfsg/clamonacc/CMakeLists.txt 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamonacc/CMakeLists.txt 2021-04-06 19:03:42.000000000 +0000 @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2020-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. cmake_minimum_required( VERSION 3.12...3.13 ) @@ -16,6 +16,8 @@ client/communication.h client/protocol.c client/protocol.h + client/socket.c + client/socket.h fanotif/fanotif.c fanotif/fanotif.h inotif/inotif.c diff -Nru clamav-0.103.0+dfsg/clamonacc/fanotif/fanotif.c clamav-0.103.2+dfsg/clamonacc/fanotif/fanotif.c --- clamav-0.103.0+dfsg/clamonacc/fanotif/fanotif.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamonacc/fanotif/fanotif.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2019-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Mickey Sola * @@ -69,6 +69,9 @@ const struct optstruct *pt; uint64_t fan_mask = FAN_EVENT_ON_CHILD; + const struct optstruct *pt_tmpdir; + const char *clamd_tmpdir; + ddd_pid = 0; if (!ctx || !*ctx) { @@ -90,6 +93,13 @@ (*ctx)->fan_mask |= FAN_ACCESS | FAN_OPEN; } + pt_tmpdir = optget((*ctx)->clamdopts, "TemporaryDirectory"); + if (pt_tmpdir->enabled) { + clamd_tmpdir = pt_tmpdir->strarg; + } else { + clamd_tmpdir = cli_gettmpdir(); + } + if ((pt = optget((*ctx)->clamdopts, "OnAccessMountPath"))->enabled) { while (pt) { if (fanotify_mark(onas_fan_fd, FAN_MARK_ADD | FAN_MARK_MOUNT, (*ctx)->fan_mask, (*ctx)->fan_fd, pt->strarg) != 0) { @@ -106,6 +116,14 @@ } else { if ((pt = optget((*ctx)->clamdopts, "OnAccessIncludePath"))->enabled) { while (pt) { + if (0 == strcmp(clamd_tmpdir, pt->strarg)) { + logg("!ClamFanotif: Not watching path '%s'\n", pt->strarg); + logg("!ClamFanotif: ClamOnAcc should not watch the directory clamd is using for temp files\n"); + logg("!ClamFanotif: Consider setting TemporaryDirectory in clamd.conf to a different directory.\n"); + pt = (struct optstruct *)pt->nextarg; + continue; + } + if (fanotify_mark(onas_fan_fd, FAN_MARK_ADD, (*ctx)->fan_mask, (*ctx)->fan_fd, pt->strarg) != 0) { logg("!ClamFanotif: can't include path '%s'\n", pt->strarg); return CL_EARG; diff -Nru clamav-0.103.0+dfsg/clamonacc/fanotif/fanotif.h clamav-0.103.2+dfsg/clamonacc/fanotif/fanotif.h --- clamav-0.103.0+dfsg/clamonacc/fanotif/fanotif.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamonacc/fanotif/fanotif.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2019-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Mickey Sola * diff -Nru clamav-0.103.0+dfsg/clamonacc/inotif/hash.c clamav-0.103.2+dfsg/clamonacc/inotif/hash.c --- clamav-0.103.0+dfsg/clamonacc/inotif/hash.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamonacc/inotif/hash.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2015-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2015-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Mickey Sola * @@ -536,7 +536,7 @@ /** * @brief Function to remove a listnode based on dirname. */ -int onas_rm_listnode(struct onas_lnode *head, const char *dirname) +cl_error_t onas_rm_listnode(struct onas_lnode *head, const char *dirname) { if (!dirname || !head) return CL_ENULLARG; @@ -544,19 +544,21 @@ size_t n = strlen(dirname); while ((curr = curr->next)) { - if (!strncmp(curr->dirname, dirname, n)) { - struct onas_lnode *tmp = curr->prev; - tmp->next = curr->next; - tmp = curr->next; - tmp->prev = curr->prev; - + if (NULL == curr->dirname) { + logg("*ClamHash: node's directory name is NULL!\n"); + return CL_ERROR; + } else if (!strncmp(curr->dirname, dirname, n)) { + if (curr->next != NULL) + curr->next->prev = curr->prev; + if (curr->prev != NULL) + curr->prev->next = curr->next; onas_free_listnode(curr); return CL_SUCCESS; } } - return -1; + return CL_ERROR; } /*** Dealing with parent/child relationships in the table. ***/ @@ -632,7 +634,9 @@ hnode = elem->data; - if ((ret = onas_rm_listnode(hnode->childhead, &(childpath[idx])))) return CL_EARG; + if (CL_SUCCESS != (ret = onas_rm_listnode(hnode->childhead, &(childpath[idx])))) { + return CL_EARG; + } return CL_SUCCESS; } diff -Nru clamav-0.103.0+dfsg/clamonacc/inotif/hash.h clamav-0.103.2+dfsg/clamonacc/inotif/hash.h --- clamav-0.103.0+dfsg/clamonacc/inotif/hash.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamonacc/inotif/hash.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2015-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2015-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Mickey Sola * @@ -104,7 +104,7 @@ void onas_free_listnode(struct onas_lnode *lnode); int onas_add_listnode(struct onas_lnode *tail, struct onas_lnode *node); -int onas_rm_listnode(struct onas_lnode *head, const char *dirname); +cl_error_t onas_rm_listnode(struct onas_lnode *head, const char *dirname); void onas_free_dirlist(struct onas_lnode *head); diff -Nru clamav-0.103.0+dfsg/clamonacc/inotif/inotif.c clamav-0.103.2+dfsg/clamonacc/inotif/inotif.c --- clamav-0.103.0+dfsg/clamonacc/inotif/inotif.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamonacc/inotif/inotif.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2019-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Mickey Sola * @@ -72,6 +72,7 @@ static void onas_ddd_handle_in_moved_to(struct onas_context *ctx, const char *path, const char *child_path, const struct inotify_event *event, int wd, uint64_t in_mask); static void onas_ddd_handle_in_create(struct onas_context *ctx, const char *path, const char *child_path, const struct inotify_event *event, int wd, uint64_t in_mask); +static void onas_ddd_handle_in_close_write(struct onas_context *ctx, const char *child_path); static void onas_ddd_handle_in_moved_from(struct onas_context *ctx, const char *path, const char *child_path, const struct inotify_event *event, int wd); static void onas_ddd_handle_in_delete(struct onas_context *ctx, const char *path, const char *child_path, const struct inotify_event *event, int wd); static void onas_ddd_handle_extra_scanning(struct onas_context *ctx, const char *pathname, int extra_options); @@ -361,7 +362,9 @@ struct onas_context *ctx = (struct onas_context *)arg; sigset_t sigset; const struct optstruct *pt; - uint64_t in_mask = IN_ONLYDIR | IN_MOVE | IN_DELETE | IN_CREATE; + const struct optstruct *pt_tmpdir; + const char *clamd_tmpdir; + uint64_t in_mask = IN_ONLYDIR | IN_MOVE | IN_DELETE | IN_CREATE | IN_CLOSE_WRITE; fd_set rfds; char buf[4096]; ssize_t bread; @@ -409,15 +412,31 @@ return NULL; } + pt_tmpdir = optget(ctx->clamdopts, "TemporaryDirectory"); + if (pt_tmpdir->enabled) { + clamd_tmpdir = pt_tmpdir->strarg; + } else { + clamd_tmpdir = cli_gettmpdir(); + } + if ((pt = optget(ctx->clamdopts, "OnAccessIncludePath"))->enabled) { while (pt) { if (!strcmp(pt->strarg, "/")) { - logg("!ClamInotif: not including path '%s' while DDD is enabled\n", pt->strarg); - logg("!ClamInotif: please use the OnAccessMountPath option to watch '%s'\n", pt->strarg); + logg("!ClamInotif: Not watching path '%s' while DDD is enabled\n", pt->strarg); + logg("!ClamInotif: Please use the OnAccessMountPath option to watch '%s'\n", pt->strarg); pt = (struct optstruct *)pt->nextarg; continue; } + + if (0 == strcmp(clamd_tmpdir, pt->strarg)) { + logg("!ClamInotif: Not watching path '%s'\n", pt->strarg); + logg("!ClamInotif: ClamOnAcc should not watch the directory clamd is using for temp files\n"); + logg("!ClamInotif: Consider setting TemporaryDirectory in clamd.conf to a different directory.\n"); + pt = (struct optstruct *)pt->nextarg; + continue; + } + if (onas_ht_get(ddd_ht, pt->strarg, strlen(pt->strarg), NULL) != CL_SUCCESS) { if (onas_ht_add_hierarchy(ddd_ht, pt->strarg)) { logg("!ClamInotif: can't include '%s'\n", pt->strarg); @@ -445,6 +464,21 @@ idx = 0; while (NULL != include_list[idx]) { if (onas_ht_get(ddd_ht, include_list[idx], strlen(include_list[idx]), NULL) != CL_SUCCESS) { + if (!strcmp(include_list[idx], "/")) { + logg("!ClamInotif: Not watching path '%s' while DDD is enabled\n", include_list[idx]); + logg("!ClamInotif: Please use the OnAccessMountPath option to watch '%s'\n", include_list[idx]); + pt = (struct optstruct *)pt->nextarg; + continue; + } + + if (0 == strcmp(clamd_tmpdir, include_list[idx])) { + logg("!ClamInotif: Not watching path '%s'\n", include_list[idx]); + logg("!ClamInotif: ClamOnAcc should not watch the directory clamd is using for temp files\n"); + logg("!ClamInotif: Consider setting TemporaryDirectory in clamd.conf to a different directory.\n"); + pt = (struct optstruct *)pt->nextarg; + continue; + } + if (onas_ht_add_hierarchy(ddd_ht, include_list[idx])) { logg("!ClamInotif: can't include '%s'\n", include_list[idx]); return NULL; @@ -499,6 +533,14 @@ } } + /* Also remove the clamd temp directory, in case its parent directory was watched */ + logg("*Excluding temp directory: %s\n", clamd_tmpdir); + if (onas_ht_rm_hierarchy(ddd_ht, clamd_tmpdir, strlen(clamd_tmpdir), 0)) { + logg("*ClamInotif: NVM, didn't actually need to exclude '%s'\n", clamd_tmpdir); + } else { + logg("ClamInotif: excluding '%s' (and all sub-directories)\n", clamd_tmpdir); + } + /* Watch provided paths recursively */ if ((pt = optget(ctx->clamdopts, "OnAccessIncludePath"))->enabled) { while (pt) { @@ -618,6 +660,9 @@ } else if (event->mask & IN_CREATE) { onas_ddd_handle_in_create(ctx, path, child_path, event, wd, in_mask); + } else if (event->mask & IN_CLOSE_WRITE) { + onas_ddd_handle_in_close_write(ctx, child_path); + } else if (event->mask & IN_MOVED_TO) { onas_ddd_handle_in_moved_to(ctx, path, child_path, event, wd, in_mask); } @@ -667,26 +712,29 @@ const char *path, const char *child_path, const struct inotify_event *event, int wd, uint64_t in_mask) { + if (!(event->mask & IN_ISDIR)){ + return; + } + + if (optget(ctx->clamdopts, "OnAccessExtraScanning")->enabled) { + logg("*ClamInotif: CREATE - adding %s to %s with wd:%d\n", child_path, path, wd); + onas_ddd_handle_extra_scanning(ctx, child_path, ONAS_SCTH_B_DIR); + } + + onas_ht_add_hierarchy(ddd_ht, child_path); + onas_ddd_watch(child_path, ctx->fan_fd, ctx->fan_mask, onas_in_fd, in_mask); + + return; +} + +static void onas_ddd_handle_in_close_write(struct onas_context *ctx, const char *child_path) +{ struct stat s; if (optget(ctx->clamdopts, "OnAccessExtraScanning")->enabled) { if (stat(child_path, &s) == 0 && S_ISREG(s.st_mode)) { onas_ddd_handle_extra_scanning(ctx, child_path, ONAS_SCTH_B_FILE); - - } else if (event->mask & IN_ISDIR) { - logg("*ClamInotif: CREATE - adding %s to %s with wd:%d\n", child_path, path, wd); - onas_ddd_handle_extra_scanning(ctx, child_path, ONAS_SCTH_B_DIR); - - onas_ht_add_hierarchy(ddd_ht, child_path); - onas_ddd_watch(child_path, ctx->fan_fd, ctx->fan_mask, onas_in_fd, in_mask); } - } else { - if (stat(child_path, &s) == 0 && S_ISREG(s.st_mode)) return; - if (!(event->mask & IN_ISDIR)) return; - - logg("*ClamInotif: MOVED_TO - adding %s to %s with wd:%d\n", child_path, path, wd); - onas_ht_add_hierarchy(ddd_ht, child_path); - onas_ddd_watch(child_path, ctx->fan_fd, ctx->fan_mask, onas_in_fd, in_mask); } return; @@ -750,8 +798,10 @@ return; } -static void onas_ddd_exit(__attribute__((unused)) void *arg) +static void onas_ddd_exit(void *arg) { + UNUSEDPARAM(arg); + logg("*ClamInotif: onas_ddd_exit()\n"); if (onas_in_fd) { diff -Nru clamav-0.103.0+dfsg/clamonacc/inotif/inotif.h clamav-0.103.2+dfsg/clamonacc/inotif/inotif.h --- clamav-0.103.0+dfsg/clamonacc/inotif/inotif.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamonacc/inotif/inotif.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2015-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2015-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Mickey Sola * diff -Nru clamav-0.103.0+dfsg/clamonacc/Makefile.am clamav-0.103.2+dfsg/clamonacc/Makefile.am --- clamav-0.103.0+dfsg/clamonacc/Makefile.am 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamonacc/Makefile.am 2021-04-06 19:03:42.000000000 +0000 @@ -29,6 +29,8 @@ client/protocol.h \ client/communication.c \ client/communication.h \ + client/socket.c \ + client/socket.h \ inotif/inotif.c \ inotif/inotif.h \ fanotif/fanotif.c \ diff -Nru clamav-0.103.0+dfsg/clamonacc/Makefile.in clamav-0.103.2+dfsg/clamonacc/Makefile.in --- clamav-0.103.0+dfsg/clamonacc/Makefile.in 2020-09-13 00:27:50.000000000 +0000 +++ clamav-0.103.2+dfsg/clamonacc/Makefile.in 2021-04-06 19:04:43.000000000 +0000 @@ -205,20 +205,22 @@ PROGRAMS = $(sbin_PROGRAMS) am__clamonacc_SOURCES_DIST = clamonacc.c clamonacc.h client/client.c \ client/client.h client/protocol.c client/protocol.h \ - client/communication.c client/communication.h inotif/inotif.c \ - inotif/inotif.h fanotif/fanotif.c fanotif/fanotif.h \ - inotif/hash.c inotif/hash.h misc/utils.c misc/utils.h \ - misc/priv_fts.h scan/thread.c scan/thread.h scan/onas_queue.c \ + client/communication.c client/communication.h client/socket.c \ + client/socket.h inotif/inotif.c inotif/inotif.h \ + fanotif/fanotif.c fanotif/fanotif.h inotif/hash.c \ + inotif/hash.h misc/utils.c misc/utils.h misc/priv_fts.h \ + scan/thread.c scan/thread.h scan/onas_queue.c \ scan/onas_queue.h c-thread-pool/thpool.c \ c-thread-pool/thpool.h ./misc/fts.c am__dirstamp = $(am__leading_dot)dirstamp @SYSTEM_LFS_FTS_FALSE@am__objects_1 = ./misc/fts.$(OBJEXT) am_clamonacc_OBJECTS = clamonacc.$(OBJEXT) client/client.$(OBJEXT) \ client/protocol.$(OBJEXT) client/communication.$(OBJEXT) \ - inotif/inotif.$(OBJEXT) fanotif/fanotif.$(OBJEXT) \ - inotif/hash.$(OBJEXT) misc/utils.$(OBJEXT) \ - scan/thread.$(OBJEXT) scan/onas_queue.$(OBJEXT) \ - c-thread-pool/thpool.$(OBJEXT) $(am__objects_1) + client/socket.$(OBJEXT) inotif/inotif.$(OBJEXT) \ + fanotif/fanotif.$(OBJEXT) inotif/hash.$(OBJEXT) \ + misc/utils.$(OBJEXT) scan/thread.$(OBJEXT) \ + scan/onas_queue.$(OBJEXT) c-thread-pool/thpool.$(OBJEXT) \ + $(am__objects_1) clamonacc_OBJECTS = $(am_clamonacc_OBJECTS) clamonacc_LDADD = $(LDADD) AM_V_lt = $(am__v_lt_@AM_V@) @@ -579,10 +581,11 @@ xmlconfig = @xmlconfig@ clamonacc_SOURCES = clamonacc.c clamonacc.h client/client.c \ client/client.h client/protocol.c client/protocol.h \ - client/communication.c client/communication.h inotif/inotif.c \ - inotif/inotif.h fanotif/fanotif.c fanotif/fanotif.h \ - inotif/hash.c inotif/hash.h misc/utils.c misc/utils.h \ - misc/priv_fts.h scan/thread.c scan/thread.h scan/onas_queue.c \ + client/communication.c client/communication.h client/socket.c \ + client/socket.h inotif/inotif.c inotif/inotif.h \ + fanotif/fanotif.c fanotif/fanotif.h inotif/hash.c \ + inotif/hash.h misc/utils.c misc/utils.h misc/priv_fts.h \ + scan/thread.c scan/thread.h scan/onas_queue.c \ scan/onas_queue.h c-thread-pool/thpool.c \ c-thread-pool/thpool.h $(am__append_1) AM_CFLAGS = @WERR_CFLAGS@ @@ -702,6 +705,8 @@ client/$(DEPDIR)/$(am__dirstamp) client/communication.$(OBJEXT): client/$(am__dirstamp) \ client/$(DEPDIR)/$(am__dirstamp) +client/socket.$(OBJEXT): client/$(am__dirstamp) \ + client/$(DEPDIR)/$(am__dirstamp) inotif/$(am__dirstamp): @$(MKDIR_P) inotif @: > inotif/$(am__dirstamp) @@ -772,6 +777,7 @@ @AMDEP_TRUE@@am__include@ @am__quote@client/$(DEPDIR)/client.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@client/$(DEPDIR)/communication.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@client/$(DEPDIR)/protocol.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@client/$(DEPDIR)/socket.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@fanotif/$(DEPDIR)/fanotif.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@inotif/$(DEPDIR)/hash.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@inotif/$(DEPDIR)/inotif.Po@am__quote@ diff -Nru clamav-0.103.0+dfsg/clamonacc/misc/utils.c clamav-0.103.2+dfsg/clamonacc/misc/utils.c --- clamav-0.103.0+dfsg/clamonacc/misc/utils.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamonacc/misc/utils.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2019-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Mickey Sola * @@ -139,7 +139,7 @@ logg("*ClamMisc: permission denied to stat /proc/%d to exclude UIDs... perhaps SELinux denial?\n", pid); } else if (errno == ENOENT) { /* TODO: should this be configurable? */ - logg("ClamMisc: $/proc/%d vanished before UIDs could be excluded; scanning anyway\n", pid); + logg("*ClamMisc: $/proc/%d vanished before UIDs could be excluded; scanning anyway\n", pid); } return CHK_CLEAN; diff -Nru clamav-0.103.0+dfsg/clamonacc/misc/utils.h clamav-0.103.2+dfsg/clamonacc/misc/utils.h --- clamav-0.103.0+dfsg/clamonacc/misc/utils.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamonacc/misc/utils.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2019-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Mickey Sola * diff -Nru clamav-0.103.0+dfsg/clamonacc/scan/onas_queue.c clamav-0.103.2+dfsg/clamonacc/scan/onas_queue.c --- clamav-0.103.0+dfsg/clamonacc/scan/onas_queue.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamonacc/scan/onas_queue.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2019-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Mickey Sola * @@ -282,8 +282,9 @@ return CL_SUCCESS; } -static void onas_scan_queue_exit(__attribute__((unused)) void *arg) +static void onas_scan_queue_exit(void *arg) { + UNUSEDPARAM(arg); logg("*ClamScanQueue: onas_scan_queue_exit()\n"); diff -Nru clamav-0.103.0+dfsg/clamonacc/scan/onas_queue.h clamav-0.103.2+dfsg/clamonacc/scan/onas_queue.h --- clamav-0.103.0+dfsg/clamonacc/scan/onas_queue.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamonacc/scan/onas_queue.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2019-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Mickey Sola * diff -Nru clamav-0.103.0+dfsg/clamonacc/scan/thread.c clamav-0.103.2+dfsg/clamonacc/scan/thread.c --- clamav-0.103.0+dfsg/clamonacc/scan/thread.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamonacc/scan/thread.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2015-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2015-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Mickey Sola * @@ -72,17 +72,19 @@ switch (*ret_code) { case CL_EACCES: case CL_ESTAT: - - logg("*ClamMisc: internal issue (daemon could not access directory/file %s)\n", fname); + logg("*ClamMisc: Scan issue; Daemon could not find or access: %s)\n", fname); break; /* TODO: handle other errors */ case CL_EPARSE: + logg("~ClamMisc: Internal issue; Failed to parse reply from daemon: %s)\n", fname); + break; case CL_EREAD: case CL_EWRITE: case CL_EMEM: case CL_ENULLARG: + case CL_ERROR: default: - logg("~ClamMisc: internal issue (client failed to scan)\n"); + logg("~ClamMisc: Unexpected issue; Daemon failed to scan: %s\n", fname); } if (retry_on_error) { logg("*ClamMisc: reattempting scan ... \n"); @@ -111,7 +113,7 @@ { int ret = 0; - int fd = 0; + int fd = -1; #if defined(HAVE_SYS_FANOTIFY_H) uint8_t b_fanotify; diff -Nru clamav-0.103.0+dfsg/clamonacc/scan/thread.h clamav-0.103.2+dfsg/clamonacc/scan/thread.h --- clamav-0.103.0+dfsg/clamonacc/scan/thread.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamonacc/scan/thread.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2015-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2015-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Mickey Sola * diff -Nru clamav-0.103.0+dfsg/clamscan/clamscan.c clamav-0.103.2+dfsg/clamscan/clamscan.c --- clamav-0.103.0+dfsg/clamscan/clamscan.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamscan/clamscan.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm @@ -78,7 +78,7 @@ exit(2); #if !defined(_WIN32) - if(!setlocale(LC_CTYPE, "")) { + if (!setlocale(LC_CTYPE, "")) { mprintf("^Failed to set locale\n"); } #if !defined(C_BEOS) @@ -232,7 +232,7 @@ mprintf("\n"); mprintf(" Clam AntiVirus: Scanner %s\n", get_version()); printf(" By The ClamAV Team: https://www.clamav.net/about.html#credits\n"); - printf(" (C) 2020 Cisco Systems, Inc.\n"); + printf(" (C) 2021 Cisco Systems, Inc.\n"); mprintf("\n"); mprintf(" clamscan [options] [file/directory/-]\n"); mprintf("\n"); @@ -299,6 +299,7 @@ mprintf(" --scan-hwp3[=yes(*)/no] Scan HWP3 files\n"); mprintf(" --scan-archive[=yes(*)/no] Scan archive files (supported by libclamav)\n"); mprintf(" --alert-broken[=yes/no(*)] Alert on broken executable files (PE & ELF)\n"); + mprintf(" --alert-broken-media[=yes/no(*)] Alert on broken graphics files (JPEG, TIFF, PNG, GIF)\n"); mprintf(" --alert-encrypted[=yes/no(*)] Alert on encrypted archives and documents\n"); mprintf(" --alert-encrypted-archive[=yes/no(*)] Alert on encrypted archives\n"); mprintf(" --alert-encrypted-doc[=yes/no(*)] Alert on encrypted documents\n"); diff -Nru clamav-0.103.0+dfsg/clamscan/CMakeLists.txt clamav-0.103.2+dfsg/clamscan/CMakeLists.txt --- clamav-0.103.0+dfsg/clamscan/CMakeLists.txt 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamscan/CMakeLists.txt 2021-04-06 19:03:42.000000000 +0000 @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2020-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. cmake_minimum_required( VERSION 3.12...3.13 ) diff -Nru clamav-0.103.0+dfsg/clamscan/global.h clamav-0.103.2+dfsg/clamscan/global.h --- clamav-0.103.0+dfsg/clamscan/global.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamscan/global.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/clamscan/Makefile.am clamav-0.103.2+dfsg/clamscan/Makefile.am --- clamav-0.103.0+dfsg/clamscan/Makefile.am 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamscan/Makefile.am 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ # -# Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. # Copyright (C) 2007-2013 Sourcefire, Inc. # Copyright (C) 2002-2007 Tomasz Kojm # diff -Nru clamav-0.103.0+dfsg/clamscan/Makefile.in clamav-0.103.2+dfsg/clamscan/Makefile.in --- clamav-0.103.0+dfsg/clamscan/Makefile.in 2020-09-13 00:27:51.000000000 +0000 +++ clamav-0.103.2+dfsg/clamscan/Makefile.in 2021-04-06 19:04:43.000000000 +0000 @@ -15,7 +15,7 @@ @SET_MAKE@ # -# Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. # Copyright (C) 2007-2013 Sourcefire, Inc. # Copyright (C) 2002-2007 Tomasz Kojm # diff -Nru clamav-0.103.0+dfsg/clamscan/manager.c clamav-0.103.2+dfsg/clamscan/manager.c --- clamav-0.103.0+dfsg/clamscan/manager.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamscan/manager.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm @@ -66,7 +66,6 @@ #include "manager.h" #include "global.h" - #ifdef C_LINUX dev_t procdev; #endif @@ -309,10 +308,11 @@ ret = cli_realpath((const char *)filename, &real_filename); if (CL_SUCCESS != ret) { - logg("Failed to determine real filename of %s.\n", filename); - goto done; + logg("*Failed to determine real filename of %s.\n", filename); + logg("*Quarantine of the file may fail if file path contains symlinks.\n"); + } else { + filename = real_filename; } - filename = real_filename; if ((opt = optget(opts, "exclude"))->enabled) { while (opt) { @@ -1070,6 +1070,10 @@ options.heuristic |= CL_SCAN_HEURISTIC_BROKEN; } + if (optget(opts, "alert-broken-media")->enabled) { + options.heuristic |= CL_SCAN_HEURISTIC_BROKEN_MEDIA; + } + /* TODO: Remove deprecated option in a future feature release */ if ((optget(opts, "block-encrypted")->enabled) || (optget(opts, "alert-encrypted")->enabled)) { diff -Nru clamav-0.103.0+dfsg/clamscan/manager.h clamav-0.103.2+dfsg/clamscan/manager.h --- clamav-0.103.0+dfsg/clamscan/manager.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamscan/manager.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/clamsubmit/clamsubmit.c clamav-0.103.2+dfsg/clamsubmit/clamsubmit.c --- clamav-0.103.0+dfsg/clamsubmit/clamsubmit.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamsubmit/clamsubmit.c 2021-04-06 19:03:42.000000000 +0000 @@ -48,7 +48,7 @@ printf("\n"); printf(" Clam AntiVirus: Malware and False Positive Reporting Tool %s\n", get_version()); printf(" By The ClamAV Team: https://www.clamav.net/about.html#credits\n"); - printf(" (C) 2020 Cisco Systems, Inc.\n"); + printf(" (C) 2021 Cisco Systems, Inc.\n"); printf("\n"); printf(" %s -hHinpVvd?\n", name); printf("\n"); diff -Nru clamav-0.103.0+dfsg/clamsubmit/CMakeLists.txt clamav-0.103.2+dfsg/clamsubmit/CMakeLists.txt --- clamav-0.103.0+dfsg/clamsubmit/CMakeLists.txt 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/clamsubmit/CMakeLists.txt 2021-04-06 19:03:42.000000000 +0000 @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2020-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. cmake_minimum_required( VERSION 3.12...3.13 ) diff -Nru clamav-0.103.0+dfsg/cmake/CheckFmapFeatures.cmake clamav-0.103.2+dfsg/cmake/CheckFmapFeatures.cmake --- clamav-0.103.0+dfsg/cmake/CheckFmapFeatures.cmake 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/cmake/CheckFmapFeatures.cmake 2021-04-06 19:03:42.000000000 +0000 @@ -124,9 +124,7 @@ check_c_source_compiles( " #include - #if HAVE_UNISTD_H #include - #endif int main(void) { int x = sysconf(_SC_PAGESIZE); diff -Nru clamav-0.103.0+dfsg/CMakeLists.txt clamav-0.103.2+dfsg/CMakeLists.txt --- clamav-0.103.0+dfsg/CMakeLists.txt 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/CMakeLists.txt 2021-04-06 19:03:42.000000000 +0000 @@ -1,4 +1,4 @@ -# Copyright (C) 2019-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2019-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. cmake_minimum_required( VERSION 3.12...3.13 ) set(CMAKE_C_STANDARD 90) @@ -15,7 +15,7 @@ set(VERSION_SUFFIX "") project( ClamAV - VERSION "0.103.0" + VERSION "0.103.2" DESCRIPTION "ClamAV open source email, web, and end-point anti-virus toolkit." ) set(CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake" ${CMAKE_MODULE_PATH}) diff -Nru clamav-0.103.0+dfsg/configure clamav-0.103.2+dfsg/configure --- clamav-0.103.0+dfsg/configure 2020-09-13 00:27:48.000000000 +0000 +++ clamav-0.103.2+dfsg/configure 2021-04-06 19:04:41.000000000 +0000 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for ClamAV 0.103.0. +# Generated by GNU Autoconf 2.69 for ClamAV 0.103.2. # # Report bugs to . # @@ -592,8 +592,8 @@ # Identity of this package. PACKAGE_NAME='ClamAV' PACKAGE_TARNAME='clamav' -PACKAGE_VERSION='0.103.0' -PACKAGE_STRING='ClamAV 0.103.0' +PACKAGE_VERSION='0.103.2' +PACKAGE_STRING='ClamAV 0.103.2' PACKAGE_BUGREPORT='https://bugzilla.clamav.net/' PACKAGE_URL='https://www.clamav.net/' @@ -1606,7 +1606,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures ClamAV 0.103.0 to adapt to many kinds of systems. +\`configure' configures ClamAV 0.103.2 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1687,7 +1687,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of ClamAV 0.103.0:";; + short | recursive ) echo "Configuration of ClamAV 0.103.2:";; esac cat <<\_ACEOF --enable-dependency-tracking @@ -1922,7 +1922,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -ClamAV configure 0.103.0 +ClamAV configure 0.103.2 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2550,7 +2550,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by ClamAV $as_me 0.103.0, which was +It was created by ClamAV $as_me 0.103.2, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -4308,7 +4308,7 @@ # Define the identity of the package. PACKAGE='clamav' - VERSION='0.103.0' + VERSION='0.103.2' # Some tools Automake needs. @@ -6036,7 +6036,7 @@ $as_echo "#define PACKAGE PACKAGE_NAME" >>confdefs.h -VERSION="0.103.0" +VERSION="0.103.2" major=`echo $PACKAGE_VERSION |cut -d. -f1 | sed -e "s/^0-9//g"` minor=`echo $PACKAGE_VERSION |cut -d. -f2 | sed -e "s/^0-9//g"` @@ -31896,7 +31896,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by ClamAV $as_me 0.103.0, which was +This file was extended by ClamAV $as_me 0.103.2, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -31963,7 +31963,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -ClamAV config.status 0.103.0 +ClamAV config.status 0.103.2 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" @@ -34813,7 +34813,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by ClamAV $as_me 0.103.0, which was +This file was extended by ClamAV $as_me 0.103.2, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -34880,7 +34880,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -ClamAV config.status 0.103.0 +ClamAV config.status 0.103.2 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -Nru clamav-0.103.0+dfsg/configure.ac clamav-0.103.2+dfsg/configure.ac --- clamav-0.103.0+dfsg/configure.ac 2020-10-22 18:07:47.000000000 +0000 +++ clamav-0.103.2+dfsg/configure.ac 2021-04-12 18:43:41.000000000 +0000 @@ -1,4 +1,4 @@ -dnl Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +dnl Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. dnl Copyright (C) 2007-2013 Sourcefire, Inc. dnl Copyright (C) 2002-2007 Tomasz Kojm dnl socklen_t check (c) Alexander V. Lukyanov @@ -22,7 +22,7 @@ dnl For a release change [devel] to the real version [0.xy] dnl also change VERSION below -AC_INIT([ClamAV], [0.103.0], [https://bugzilla.clamav.net/], [clamav], [https://www.clamav.net/]) +AC_INIT([ClamAV], [0.103.2], [https://bugzilla.clamav.net/], [clamav], [https://www.clamav.net/]) dnl put configure auxiliary into config AC_CONFIG_AUX_DIR([config]) @@ -147,7 +147,7 @@ dnl Clamonacc loading m4_include([m4/reorganization/clamonacc.m4]) -dnl Freshclam dependencies +dnl FreshClam dependencies m4_include([m4/reorganization/libs/curl.m4]) m4_include([m4/reorganization/substitutions.m4]) m4_include([m4/reorganization/strni.m4]) @@ -400,4 +400,4 @@ ****** fdpassing with clamonacc will be disabled on your system. ****** for more information on ClamAV's on-access scanner, please read our documentation: https://www.clamav.net/documents/on-access-scanning#on-access-scanning ])]) -fi \ No newline at end of file +fi diff -Nru clamav-0.103.0+dfsg/database/Makefile.am clamav-0.103.2+dfsg/database/Makefile.am --- clamav-0.103.0+dfsg/database/Makefile.am 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/database/Makefile.am 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ # -# Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. # Copyright (C) 2007-2013 Sourcefire, Inc. # Copyright (C) 2002-2007 Tomasz Kojm # Fixes by Arkadiusz Miskiewicz @@ -40,4 +40,3 @@ if test -f $(DESTDIR)$(DBINST)/daily.cvd; then chown ${CLAMAVUSER} $(DESTDIR)$(DBINST)/daily.cvd; fi;\ if test -f $(DESTDIR)$(DBINST)/daily.cvd; then chgrp ${CLAMAVGROUP} $(DESTDIR)$(DBINST)/daily.cvd; fi;\ fi - diff -Nru clamav-0.103.0+dfsg/database/Makefile.in clamav-0.103.2+dfsg/database/Makefile.in --- clamav-0.103.0+dfsg/database/Makefile.in 2020-09-13 00:27:51.000000000 +0000 +++ clamav-0.103.2+dfsg/database/Makefile.in 2021-04-06 19:04:43.000000000 +0000 @@ -15,7 +15,7 @@ @SET_MAKE@ # -# Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. # Copyright (C) 2007-2013 Sourcefire, Inc. # Copyright (C) 2002-2007 Tomasz Kojm # Fixes by Arkadiusz Miskiewicz diff -Nru clamav-0.103.0+dfsg/debian/changelog clamav-0.103.2+dfsg/debian/changelog --- clamav-0.103.0+dfsg/debian/changelog 2021-02-21 15:00:07.000000000 +0000 +++ clamav-0.103.2+dfsg/debian/changelog 2021-04-12 19:31:08.000000000 +0000 @@ -1,3 +1,14 @@ +clamav (0.103.2+dfsg-1) unstable; urgency=medium + + * Import 0.103.2 + - CVE-2021-1252 (Fix for Excel XLM parser infinite loop.) + - CVE-2021-1404 (Fix for PDF parser buffer over-read; possible crash.) + - CVE-2021-1405 (Fix for mail parser NULL-dereference crash.) + - Update symbol file. + (Closes: #986622). + + -- Sebastian Andrzej Siewior Mon, 12 Apr 2021 21:31:08 +0200 + clamav (0.103.0+dfsg-3.1) unstable; urgency=medium * Non-maintainer upload. diff -Nru clamav-0.103.0+dfsg/debian/clamav-daemon.postinst.in clamav-0.103.2+dfsg/debian/clamav-daemon.postinst.in --- clamav-0.103.0+dfsg/debian/clamav-daemon.postinst.in 2020-11-01 19:07:16.000000000 +0000 +++ clamav-0.103.2+dfsg/debian/clamav-daemon.postinst.in 2021-04-12 19:10:56.000000000 +0000 @@ -379,6 +379,7 @@ [ -n "$ConcurrentDatabaseReload" ] && echo "ConcurrentDatabaseReload $ConcurrentDatabaseReload" >> $DEBCONFFILE [ -n "$StructuredCCOnly" ] && echo "StructuredCCOnly $StructuredCCOnly" >> $DEBCONFFILE [ -n "$BytecodeUnsigned" ] && echo "BytecodeUnsigned $BytecodeUnsigned" >> $DEBCONFFILE + [ -n "$AlertBrokenMedia" ] && echo "AlertBrokenMedia $AlertBrokenMedia" >> $DEBCONFFILE # Finish the configuration file update, by applying changes to the real configuration file. ucf_cleanup "$CLAMAVCONF" diff -Nru clamav-0.103.0+dfsg/debian/.git-dpm clamav-0.103.2+dfsg/debian/.git-dpm --- clamav-0.103.0+dfsg/debian/.git-dpm 2020-11-01 19:07:17.000000000 +0000 +++ clamav-0.103.2+dfsg/debian/.git-dpm 2021-04-12 18:51:20.000000000 +0000 @@ -1,8 +1,8 @@ # see git-dpm(1) from git-dpm package -8cc00e2788269dfbe22306042e92196061ce8fe6 -8cc00e2788269dfbe22306042e92196061ce8fe6 -6c63e835696472981550805b54552df8e33f69f0 -6c63e835696472981550805b54552df8e33f69f0 -clamav_0.103.0+dfsg.orig.tar.xz -e01c7d30ef6613727deaed2e64254d1d65560968 -5097544 +e3fe85c3a7fd4c273b1fe61b871ab9d935bca417 +e3fe85c3a7fd4c273b1fe61b871ab9d935bca417 +21b35cadc5ce6e45c2700201681499bc45eb5419 +21b35cadc5ce6e45c2700201681499bc45eb5419 +clamav_0.103.2+dfsg.orig.tar.xz +461ec3a7b45851e31a1cd9a4458473f9b4dc2677 +5123788 diff -Nru clamav-0.103.0+dfsg/debian/libclamav9.symbols clamav-0.103.2+dfsg/debian/libclamav9.symbols --- clamav-0.103.0+dfsg/debian/libclamav9.symbols 2020-11-01 19:07:16.000000000 +0000 +++ clamav-0.103.2+dfsg/debian/libclamav9.symbols 2021-04-12 19:14:58.000000000 +0000 @@ -1,20 +1,20 @@ libclamav.so.9 libclamav9 #MINVER# * Build-Depends-Package: libclamav-dev - CLAMAV_PRIVATE@CLAMAV_PRIVATE 0.103.0 + CLAMAV_PRIVATE@CLAMAV_PRIVATE 0.103.2 CLAMAV_PUBLIC@CLAMAV_PUBLIC 0.101.0 - __cli_strcasestr@CLAMAV_PRIVATE 0.103.0 - __cli_strndup@CLAMAV_PRIVATE 0.103.0 - __cli_strnlen@CLAMAV_PRIVATE 0.103.0 - __cli_strnstr@CLAMAV_PRIVATE 0.103.0 - base64Flush@CLAMAV_PRIVATE 0.103.0 - blobAddData@CLAMAV_PRIVATE 0.103.0 - blobCreate@CLAMAV_PRIVATE 0.103.0 - blobDestroy@CLAMAV_PRIVATE 0.103.0 - cl_ASN1_GetTimeT@CLAMAV_PRIVATE 0.103.0 + __cli_strcasestr@CLAMAV_PRIVATE 0.103.2 + __cli_strndup@CLAMAV_PRIVATE 0.103.2 + __cli_strnlen@CLAMAV_PRIVATE 0.103.2 + __cli_strnstr@CLAMAV_PRIVATE 0.103.2 + base64Flush@CLAMAV_PRIVATE 0.103.2 + blobAddData@CLAMAV_PRIVATE 0.103.2 + blobCreate@CLAMAV_PRIVATE 0.103.2 + blobDestroy@CLAMAV_PRIVATE 0.103.2 + cl_ASN1_GetTimeT@CLAMAV_PRIVATE 0.103.2 cl_always_gen_section_hash@CLAMAV_PUBLIC 0.101.0 - cl_base64_decode@CLAMAV_PRIVATE 0.103.0 - cl_base64_encode@CLAMAV_PRIVATE 0.103.0 - cl_cleanup_crypto@CLAMAV_PRIVATE 0.103.0 + cl_base64_decode@CLAMAV_PRIVATE 0.103.2 + cl_base64_encode@CLAMAV_PRIVATE 0.103.2 + cl_cleanup_crypto@CLAMAV_PRIVATE 0.103.2 cl_countsigs@CLAMAV_PUBLIC 0.101.0 cl_cvdfree@CLAMAV_PUBLIC 0.101.0 cl_cvdhead@CLAMAV_PUBLIC 0.101.0 @@ -54,19 +54,19 @@ cl_fmap_close@CLAMAV_PUBLIC 0.101.0 cl_fmap_open_handle@CLAMAV_PUBLIC 0.101.0 cl_fmap_open_memory@CLAMAV_PUBLIC 0.101.0 - cl_get_pkey_file@CLAMAV_PRIVATE 0.103.0 - cl_get_x509_from_mem@CLAMAV_PRIVATE 0.103.0 - cl_hash_data@CLAMAV_PRIVATE 0.103.0 + cl_get_pkey_file@CLAMAV_PRIVATE 0.103.2 + cl_get_x509_from_mem@CLAMAV_PRIVATE 0.103.2 + cl_hash_data@CLAMAV_PRIVATE 0.103.2 cl_hash_destroy@CLAMAV_PUBLIC 0.101.0 - cl_hash_file_fd@CLAMAV_PRIVATE 0.103.0 - cl_hash_file_fd_ctx@CLAMAV_PRIVATE 0.103.0 - cl_hash_file_fp@CLAMAV_PRIVATE 0.103.0 + cl_hash_file_fd@CLAMAV_PRIVATE 0.103.2 + cl_hash_file_fd_ctx@CLAMAV_PRIVATE 0.103.2 + cl_hash_file_fp@CLAMAV_PRIVATE 0.103.2 cl_hash_init@CLAMAV_PUBLIC 0.101.0 cl_init@CLAMAV_PUBLIC 0.101.0 - cl_initialize_crypto@CLAMAV_PRIVATE 0.103.0 + cl_initialize_crypto@CLAMAV_PRIVATE 0.103.2 cl_load@CLAMAV_PUBLIC 0.101.0 - cl_load_cert@CLAMAV_PRIVATE 0.103.0 - cl_load_crl@CLAMAV_PRIVATE 0.103.0 + cl_load_cert@CLAMAV_PRIVATE 0.103.2 + cl_load_crl@CLAMAV_PRIVATE 0.103.2 cl_retdbdir@CLAMAV_PUBLIC 0.101.0 cl_retflevel@CLAMAV_PUBLIC 0.103.0 cl_retver@CLAMAV_PUBLIC 0.101.0 @@ -76,192 +76,195 @@ cl_scanfile_callback@CLAMAV_PUBLIC 0.101.0 cl_scanmap_callback@CLAMAV_PUBLIC 0.101.0 cl_set_clcb_msg@CLAMAV_PUBLIC 0.101.0 - cl_sha1@CLAMAV_PRIVATE 0.103.0 - cl_sha256@CLAMAV_PRIVATE 0.103.0 - cl_sign_data@CLAMAV_PRIVATE 0.103.0 - cl_sign_data_keyfile@CLAMAV_PRIVATE 0.103.0 - cl_sign_file_fd@CLAMAV_PRIVATE 0.103.0 - cl_sign_file_fp@CLAMAV_PRIVATE 0.103.0 + cl_sha1@CLAMAV_PRIVATE 0.103.2 + cl_sha256@CLAMAV_PRIVATE 0.103.2 + cl_sign_data@CLAMAV_PRIVATE 0.103.2 + cl_sign_data_keyfile@CLAMAV_PRIVATE 0.103.2 + cl_sign_file_fd@CLAMAV_PRIVATE 0.103.2 + cl_sign_file_fp@CLAMAV_PRIVATE 0.103.2 cl_statchkdir@CLAMAV_PUBLIC 0.101.0 cl_statfree@CLAMAV_PUBLIC 0.101.0 cl_statinidir@CLAMAV_PUBLIC 0.101.0 cl_strerror@CLAMAV_PUBLIC 0.101.0 cl_update_hash@CLAMAV_PUBLIC 0.101.0 - cl_validate_certificate_chain@CLAMAV_PRIVATE 0.103.0 - cl_validate_certificate_chain_ts_dir@CLAMAV_PRIVATE 0.103.0 - cl_verify_signature@CLAMAV_PRIVATE 0.103.0 - cl_verify_signature_fd@CLAMAV_PRIVATE 0.103.0 - cl_verify_signature_fd_x509@CLAMAV_PRIVATE 0.103.0 - cl_verify_signature_fd_x509_keyfile@CLAMAV_PRIVATE 0.103.0 - cl_verify_signature_hash@CLAMAV_PRIVATE 0.103.0 - cl_verify_signature_hash_x509@CLAMAV_PRIVATE 0.103.0 - cl_verify_signature_hash_x509_keyfile@CLAMAV_PRIVATE 0.103.0 - cl_verify_signature_x509@CLAMAV_PRIVATE 0.103.0 - cl_verify_signature_x509_keyfile@CLAMAV_PRIVATE 0.103.0 - cli_ac_buildtrie@CLAMAV_PRIVATE 0.103.0 - cli_ac_chklsig@CLAMAV_PRIVATE 0.103.0 - cli_ac_free@CLAMAV_PRIVATE 0.103.0 - cli_ac_freedata@CLAMAV_PRIVATE 0.103.0 - cli_ac_init@CLAMAV_PRIVATE 0.103.0 - cli_ac_initdata@CLAMAV_PRIVATE 0.103.0 - cli_ac_scanbuff@CLAMAV_PRIVATE 0.103.0 - cli_basename@CLAMAV_PRIVATE 0.103.0 - cli_bm_free@CLAMAV_PRIVATE 0.103.0 - cli_bm_init@CLAMAV_PRIVATE 0.103.0 - cli_bm_scanbuff@CLAMAV_PRIVATE 0.103.0 - cli_build_regex_list@CLAMAV_PRIVATE 0.103.0 - cli_bytecode_context_alloc@CLAMAV_PRIVATE 0.103.0 - cli_bytecode_context_clear@CLAMAV_PRIVATE 0.103.0 - cli_bytecode_context_destroy@CLAMAV_PRIVATE 0.103.0 - cli_bytecode_context_getresult_int@CLAMAV_PRIVATE 0.103.0 - cli_bytecode_context_set_trace@CLAMAV_PRIVATE 0.103.0 - cli_bytecode_context_setfile@CLAMAV_PRIVATE 0.103.0 - cli_bytecode_context_setfuncid@CLAMAV_PRIVATE 0.103.0 - cli_bytecode_context_setparam_int@CLAMAV_PRIVATE 0.103.0 - cli_bytecode_context_setparam_ptr@CLAMAV_PRIVATE 0.103.0 - cli_bytecode_debug@CLAMAV_PRIVATE 0.103.0 - cli_bytecode_debug_printsrc@CLAMAV_PRIVATE 0.103.0 - cli_bytecode_describe@CLAMAV_PRIVATE 0.103.0 - cli_bytecode_destroy@CLAMAV_PRIVATE 0.103.0 - cli_bytecode_done@CLAMAV_PRIVATE 0.103.0 - cli_bytecode_init@CLAMAV_PRIVATE 0.103.0 - cli_bytecode_load@CLAMAV_PRIVATE 0.103.0 - cli_bytecode_prepare2@CLAMAV_PRIVATE 0.103.0 - cli_bytecode_printversion@CLAMAV_PRIVATE 0.103.0 - cli_bytecode_run@CLAMAV_PRIVATE 0.103.0 - cli_bytefunc_describe@CLAMAV_PRIVATE 0.103.0 - cli_byteinst_describe@CLAMAV_PRIVATE 0.103.0 - cli_bytetype_describe@CLAMAV_PRIVATE 0.103.0 - cli_bytevalue_describe@CLAMAV_PRIVATE 0.103.0 - cli_calloc@CLAMAV_PRIVATE 0.103.0 - cli_check_auth_header@CLAMAV_PRIVATE 0.103.0 - cli_chomp@CLAMAV_PRIVATE 0.103.0 - cli_codepage_to_utf8@CLAMAV_PRIVATE 0.103.0 - cli_ctime@CLAMAV_PRIVATE 0.103.0 - cli_cvdunpack@CLAMAV_PRIVATE 0.103.0 - cli_dbgmsg_internal@CLAMAV_PRIVATE 0.103.0 - cli_dconf_init@CLAMAV_PRIVATE 0.103.0 - cli_debug_flag@CLAMAV_PRIVATE 0.103.0 - cli_detect_environment@CLAMAV_PRIVATE 0.103.0 - cli_disasm_one@CLAMAV_PRIVATE 0.103.0 - cli_errmsg@CLAMAV_PRIVATE 0.103.0 - cli_filecopy@CLAMAV_PRIVATE 0.103.0 - cli_free_vba_project@CLAMAV_PRIVATE 0.103.0 - cli_ftw@CLAMAV_PRIVATE 0.103.0 - cli_genhash_pe@CLAMAV_PRIVATE 0.103.0 - cli_gentemp@CLAMAV_PRIVATE 0.103.0 - cli_gentemp_with_prefix@CLAMAV_PRIVATE 0.103.0 - cli_gentempfd@CLAMAV_PRIVATE 0.103.0 - cli_gettmpdir@CLAMAV_PRIVATE 0.103.0 - cli_hashfile@CLAMAV_PRIVATE 0.103.0 - cli_hashset_destroy@CLAMAV_PRIVATE 0.103.0 - cli_hashstream@CLAMAV_PRIVATE 0.103.0 - cli_hex2str@CLAMAV_PRIVATE 0.103.0 - cli_hex2ui@CLAMAV_PRIVATE 0.103.0 - cli_initroots@CLAMAV_PRIVATE 0.103.0 - cli_isnumber@CLAMAV_PRIVATE 0.103.0 - cli_js_destroy@CLAMAV_PRIVATE 0.103.0 - cli_js_init@CLAMAV_PRIVATE 0.103.0 - cli_js_output@CLAMAV_PRIVATE 0.103.0 - cli_js_parse_done@CLAMAV_PRIVATE 0.103.0 - cli_js_process_buffer@CLAMAV_PRIVATE 0.103.0 - cli_ldbtokenize@CLAMAV_PRIVATE 0.103.0 - cli_malloc@CLAMAV_PRIVATE 0.103.0 - cli_memstr@CLAMAV_PRIVATE 0.103.0 - cli_ole2_extract@CLAMAV_PRIVATE 0.103.0 - cli_parse_add@CLAMAV_PRIVATE 0.103.0 - cli_pcre_build@CLAMAV_PRIVATE 0.103.0 - cli_pcre_freeoff@CLAMAV_PRIVATE 0.103.0 - cli_pcre_init@CLAMAV_PRIVATE 0.103.0 - cli_pcre_perf_events_destroy@CLAMAV_PRIVATE 0.103.0 - cli_pcre_perf_print@CLAMAV_PRIVATE 0.103.0 - cli_pcre_recaloff@CLAMAV_PRIVATE 0.103.0 - cli_pcre_scanbuf@CLAMAV_PRIVATE 0.103.0 - cli_ppt_vba_read@CLAMAV_PRIVATE 0.103.0 - cli_printcxxver@CLAMAV_PRIVATE 0.103.0 - cli_readn@CLAMAV_PRIVATE 0.103.0 - cli_realloc@CLAMAV_PRIVATE 0.103.0 - cli_realpath@CLAMAV_PRIVATE 0.103.0 - cli_regcomp@CLAMAV_PRIVATE 0.103.0 - cli_regex2suffix@CLAMAV_PRIVATE 0.103.0 - cli_regexec@CLAMAV_PRIVATE 0.103.0 - cli_regfree@CLAMAV_PRIVATE 0.103.0 - cli_rmdirs@CLAMAV_PRIVATE 0.103.0 - cli_rndnum@CLAMAV_PRIVATE 0.103.0 - cli_sanitize_filepath@CLAMAV_PRIVATE 0.103.0 - cli_scan_buff@CLAMAV_PRIVATE 0.103.0 - cli_scan_fmap@CLAMAV_PRIVATE 0.103.0 - cli_sigopts_handler@CLAMAV_PRIVATE 0.103.0 - cli_sigperf_events_destroy@CLAMAV_PRIVATE 0.103.0 - cli_sigperf_print@CLAMAV_PRIVATE 0.103.0 - cli_str2hex@CLAMAV_PRIVATE 0.103.0 - cli_strbcasestr@CLAMAV_PRIVATE 0.103.0 - cli_strdup@CLAMAV_PRIVATE 0.103.0 - cli_strerror@CLAMAV_PRIVATE 0.103.0 - cli_strlcat@CLAMAV_PRIVATE 0.103.0 - cli_strlcpy@CLAMAV_PRIVATE 0.103.0 - cli_strntoul@CLAMAV_PRIVATE 0.103.0 - cli_strrcpy@CLAMAV_PRIVATE 0.103.0 - cli_strtok@CLAMAV_PRIVATE 0.103.0 - cli_strtokbuf@CLAMAV_PRIVATE 0.103.0 - cli_strtokenize@CLAMAV_PRIVATE 0.103.0 - cli_textbuffer_append_normalize@CLAMAV_PRIVATE 0.103.0 - cli_unescape@CLAMAV_PRIVATE 0.103.0 - cli_unlink@CLAMAV_PRIVATE 0.103.0 - cli_url_canon@CLAMAV_PRIVATE 0.103.0 - cli_utf16_to_utf8@CLAMAV_PRIVATE 0.103.0 - cli_utf16toascii@CLAMAV_PRIVATE 0.103.0 - cli_vba_inflate@CLAMAV_PRIVATE 0.103.0 - cli_vba_readdir@CLAMAV_PRIVATE 0.103.0 - cli_versig2@CLAMAV_PRIVATE 0.103.0 - cli_versig@CLAMAV_PRIVATE 0.103.0 - cli_warnmsg@CLAMAV_PRIVATE 0.103.0 - cli_wm_decrypt_macro@CLAMAV_PRIVATE 0.103.0 - cli_wm_readdir@CLAMAV_PRIVATE 0.103.0 - cli_writen@CLAMAV_PRIVATE 0.103.0 - decodeLine@CLAMAV_PRIVATE 0.103.0 - disasmbuf@CLAMAV_PRIVATE 0.103.0 - fmap@CLAMAV_PRIVATE 0.103.0 - get_fpu_endian@CLAMAV_PRIVATE 0.103.0 - have_clamjit@CLAMAV_PRIVATE 0.103.0 - have_rar@CLAMAV_PRIVATE 0.103.0 - html_normalise_map@CLAMAV_PRIVATE 0.103.0 - html_normalise_mem@CLAMAV_PRIVATE 0.103.0 - html_screnc_decode@CLAMAV_PRIVATE 0.103.0 - html_tag_arg_free@CLAMAV_PRIVATE 0.103.0 - init_domainlist@CLAMAV_PRIVATE 0.103.0 - init_regex_list@CLAMAV_PRIVATE 0.103.0 - init_whitelist@CLAMAV_PRIVATE 0.103.0 - is_regex_ok@CLAMAV_PRIVATE 0.103.0 - load_regex_matcher@CLAMAV_PRIVATE 0.103.0 + cl_validate_certificate_chain@CLAMAV_PRIVATE 0.103.2 + cl_validate_certificate_chain_ts_dir@CLAMAV_PRIVATE 0.103.2 + cl_verify_signature@CLAMAV_PRIVATE 0.103.2 + cl_verify_signature_fd@CLAMAV_PRIVATE 0.103.2 + cl_verify_signature_fd_x509@CLAMAV_PRIVATE 0.103.2 + cl_verify_signature_fd_x509_keyfile@CLAMAV_PRIVATE 0.103.2 + cl_verify_signature_hash@CLAMAV_PRIVATE 0.103.2 + cl_verify_signature_hash_x509@CLAMAV_PRIVATE 0.103.2 + cl_verify_signature_hash_x509_keyfile@CLAMAV_PRIVATE 0.103.2 + cl_verify_signature_x509@CLAMAV_PRIVATE 0.103.2 + cl_verify_signature_x509_keyfile@CLAMAV_PRIVATE 0.103.2 + cli_ac_buildtrie@CLAMAV_PRIVATE 0.103.2 + cli_ac_chklsig@CLAMAV_PRIVATE 0.103.2 + cli_ac_free@CLAMAV_PRIVATE 0.103.2 + cli_ac_freedata@CLAMAV_PRIVATE 0.103.2 + cli_ac_init@CLAMAV_PRIVATE 0.103.2 + cli_ac_initdata@CLAMAV_PRIVATE 0.103.2 + cli_ac_scanbuff@CLAMAV_PRIVATE 0.103.2 + cli_basename@CLAMAV_PRIVATE 0.103.2 + cli_bm_free@CLAMAV_PRIVATE 0.103.2 + cli_bm_init@CLAMAV_PRIVATE 0.103.2 + cli_bm_scanbuff@CLAMAV_PRIVATE 0.103.2 + cli_build_regex_list@CLAMAV_PRIVATE 0.103.2 + cli_bytecode_context_alloc@CLAMAV_PRIVATE 0.103.2 + cli_bytecode_context_clear@CLAMAV_PRIVATE 0.103.2 + cli_bytecode_context_destroy@CLAMAV_PRIVATE 0.103.2 + cli_bytecode_context_getresult_int@CLAMAV_PRIVATE 0.103.2 + cli_bytecode_context_set_trace@CLAMAV_PRIVATE 0.103.2 + cli_bytecode_context_setfile@CLAMAV_PRIVATE 0.103.2 + cli_bytecode_context_setfuncid@CLAMAV_PRIVATE 0.103.2 + cli_bytecode_context_setparam_int@CLAMAV_PRIVATE 0.103.2 + cli_bytecode_context_setparam_ptr@CLAMAV_PRIVATE 0.103.2 + cli_bytecode_debug@CLAMAV_PRIVATE 0.103.2 + cli_bytecode_debug_printsrc@CLAMAV_PRIVATE 0.103.2 + cli_bytecode_describe@CLAMAV_PRIVATE 0.103.2 + cli_bytecode_destroy@CLAMAV_PRIVATE 0.103.2 + cli_bytecode_done@CLAMAV_PRIVATE 0.103.2 + cli_bytecode_init@CLAMAV_PRIVATE 0.103.2 + cli_bytecode_load@CLAMAV_PRIVATE 0.103.2 + cli_bytecode_prepare2@CLAMAV_PRIVATE 0.103.2 + cli_bytecode_printversion@CLAMAV_PRIVATE 0.103.2 + cli_bytecode_run@CLAMAV_PRIVATE 0.103.2 + cli_bytefunc_describe@CLAMAV_PRIVATE 0.103.2 + cli_byteinst_describe@CLAMAV_PRIVATE 0.103.2 + cli_bytetype_describe@CLAMAV_PRIVATE 0.103.2 + cli_bytevalue_describe@CLAMAV_PRIVATE 0.103.2 + cli_calloc@CLAMAV_PRIVATE 0.103.2 + cli_check_auth_header@CLAMAV_PRIVATE 0.103.2 + cli_chomp@CLAMAV_PRIVATE 0.103.2 + cli_codepage_to_utf8@CLAMAV_PRIVATE 0.103.2 + cli_ctime@CLAMAV_PRIVATE 0.103.2 + cli_cvdunpack@CLAMAV_PRIVATE 0.103.2 + cli_dbgmsg_internal@CLAMAV_PRIVATE 0.103.2 + cli_dconf_init@CLAMAV_PRIVATE 0.103.2 + cli_debug_flag@CLAMAV_PRIVATE 0.103.2 + cli_detect_environment@CLAMAV_PRIVATE 0.103.2 + cli_disasm_one@CLAMAV_PRIVATE 0.103.2 + cli_errmsg@CLAMAV_PRIVATE 0.103.2 + cli_filecopy@CLAMAV_PRIVATE 0.103.2 + cli_free_vba_project@CLAMAV_PRIVATE 0.103.2 + cli_ftw@CLAMAV_PRIVATE 0.103.2 + cli_genhash_pe@CLAMAV_PRIVATE 0.103.2 + cli_gentemp@CLAMAV_PRIVATE 0.103.2 + cli_gentemp_with_prefix@CLAMAV_PRIVATE 0.103.2 + cli_gentempfd@CLAMAV_PRIVATE 0.103.2 + cli_get_filepath_from_filedesc@CLAMAV_PRIVATE 0.103.2 + cli_gettmpdir@CLAMAV_PRIVATE 0.103.2 + cli_hashfile@CLAMAV_PRIVATE 0.103.2 + cli_hashset_destroy@CLAMAV_PRIVATE 0.103.2 + cli_hashstream@CLAMAV_PRIVATE 0.103.2 + cli_hex2str@CLAMAV_PRIVATE 0.103.2 + cli_hex2ui@CLAMAV_PRIVATE 0.103.2 + cli_initroots@CLAMAV_PRIVATE 0.103.2 + cli_isnumber@CLAMAV_PRIVATE 0.103.2 + cli_js_destroy@CLAMAV_PRIVATE 0.103.2 + cli_js_init@CLAMAV_PRIVATE 0.103.2 + cli_js_output@CLAMAV_PRIVATE 0.103.2 + cli_js_parse_done@CLAMAV_PRIVATE 0.103.2 + cli_js_process_buffer@CLAMAV_PRIVATE 0.103.2 + cli_ldbtokenize@CLAMAV_PRIVATE 0.103.2 + cli_malloc@CLAMAV_PRIVATE 0.103.2 + cli_memstr@CLAMAV_PRIVATE 0.103.2 + cli_ole2_extract@CLAMAV_PRIVATE 0.103.2 + cli_parse_add@CLAMAV_PRIVATE 0.103.2 + cli_pcre_build@CLAMAV_PRIVATE 0.103.2 + cli_pcre_freeoff@CLAMAV_PRIVATE 0.103.2 + cli_pcre_init@CLAMAV_PRIVATE 0.103.2 + cli_pcre_perf_events_destroy@CLAMAV_PRIVATE 0.103.2 + cli_pcre_perf_print@CLAMAV_PRIVATE 0.103.2 + cli_pcre_recaloff@CLAMAV_PRIVATE 0.103.2 + cli_pcre_scanbuf@CLAMAV_PRIVATE 0.103.2 + cli_ppt_vba_read@CLAMAV_PRIVATE 0.103.2 + cli_printcxxver@CLAMAV_PRIVATE 0.103.2 + cli_readn@CLAMAV_PRIVATE 0.103.2 + cli_realloc@CLAMAV_PRIVATE 0.103.2 + cli_realpath@CLAMAV_PRIVATE 0.103.2 + cli_regcomp@CLAMAV_PRIVATE 0.103.2 + cli_regex2suffix@CLAMAV_PRIVATE 0.103.2 + cli_regexec@CLAMAV_PRIVATE 0.103.2 + cli_regfree@CLAMAV_PRIVATE 0.103.2 + cli_rmdirs@CLAMAV_PRIVATE 0.103.2 + cli_rndnum@CLAMAV_PRIVATE 0.103.2 + cli_sanitize_filepath@CLAMAV_PRIVATE 0.103.2 + cli_scan_buff@CLAMAV_PRIVATE 0.103.2 + cli_scan_fmap@CLAMAV_PRIVATE 0.103.2 + cli_sigopts_handler@CLAMAV_PRIVATE 0.103.2 + cli_sigperf_events_destroy@CLAMAV_PRIVATE 0.103.2 + cli_sigperf_print@CLAMAV_PRIVATE 0.103.2 + cli_str2hex@CLAMAV_PRIVATE 0.103.2 + cli_strbcasestr@CLAMAV_PRIVATE 0.103.2 + cli_strdup@CLAMAV_PRIVATE 0.103.2 + cli_strerror@CLAMAV_PRIVATE 0.103.2 + cli_strlcat@CLAMAV_PRIVATE 0.103.2 + cli_strlcpy@CLAMAV_PRIVATE 0.103.2 + cli_strntoul@CLAMAV_PRIVATE 0.103.2 + cli_strrcpy@CLAMAV_PRIVATE 0.103.2 + cli_strtok@CLAMAV_PRIVATE 0.103.2 + cli_strtokbuf@CLAMAV_PRIVATE 0.103.2 + cli_strtokenize@CLAMAV_PRIVATE 0.103.2 + cli_textbuffer_append_normalize@CLAMAV_PRIVATE 0.103.2 + cli_unescape@CLAMAV_PRIVATE 0.103.2 + cli_unlink@CLAMAV_PRIVATE 0.103.2 + cli_url_canon@CLAMAV_PRIVATE 0.103.2 + cli_utf16_to_utf8@CLAMAV_PRIVATE 0.103.2 + cli_utf16toascii@CLAMAV_PRIVATE 0.103.2 + cli_vba_inflate@CLAMAV_PRIVATE 0.103.2 + cli_vba_readdir@CLAMAV_PRIVATE 0.103.2 + cli_versig2@CLAMAV_PRIVATE 0.103.2 + cli_versig@CLAMAV_PRIVATE 0.103.2 + cli_warnmsg@CLAMAV_PRIVATE 0.103.2 + cli_wm_decrypt_macro@CLAMAV_PRIVATE 0.103.2 + cli_wm_readdir@CLAMAV_PRIVATE 0.103.2 + cli_writen@CLAMAV_PRIVATE 0.103.2 + decodeLine@CLAMAV_PRIVATE 0.103.2 + disasmbuf@CLAMAV_PRIVATE 0.103.2 + fmap@CLAMAV_PRIVATE 0.103.2 + fmap_duplicate@CLAMAV_PRIVATE 0.103.2 + free_duplicate_fmap@CLAMAV_PRIVATE 0.103.2 + get_fpu_endian@CLAMAV_PRIVATE 0.103.2 + have_clamjit@CLAMAV_PRIVATE 0.103.2 + have_rar@CLAMAV_PRIVATE 0.103.2 + html_normalise_map@CLAMAV_PRIVATE 0.103.2 + html_normalise_mem@CLAMAV_PRIVATE 0.103.2 + html_screnc_decode@CLAMAV_PRIVATE 0.103.2 + html_tag_arg_free@CLAMAV_PRIVATE 0.103.2 + init_domainlist@CLAMAV_PRIVATE 0.103.2 + init_regex_list@CLAMAV_PRIVATE 0.103.2 + init_whitelist@CLAMAV_PRIVATE 0.103.2 + is_regex_ok@CLAMAV_PRIVATE 0.103.2 + load_regex_matcher@CLAMAV_PRIVATE 0.103.2 lsig_sub_matched@CLAMAV_PUBLIC 0.101.0 - messageCreate@CLAMAV_PRIVATE 0.103.0 - messageDestroy@CLAMAV_PRIVATE 0.103.0 - mpool_calloc@CLAMAV_PRIVATE 0.103.0 - mpool_create@CLAMAV_PRIVATE 0.103.0 - mpool_destroy@CLAMAV_PRIVATE 0.103.0 - mpool_free@CLAMAV_PRIVATE 0.103.0 - mpool_getstats@CLAMAV_PRIVATE 0.103.0 - phishingScan@CLAMAV_PRIVATE 0.103.0 - phishing_done@CLAMAV_PRIVATE 0.103.0 - phishing_init@CLAMAV_PRIVATE 0.103.0 - regex_list_add_pattern@CLAMAV_PRIVATE 0.103.0 - regex_list_done@CLAMAV_PRIVATE 0.103.0 - regex_list_match@CLAMAV_PRIVATE 0.103.0 - tableCreate@CLAMAV_PRIVATE 0.103.0 - tableDestroy@CLAMAV_PRIVATE 0.103.0 - tableFind@CLAMAV_PRIVATE 0.103.0 - tableInsert@CLAMAV_PRIVATE 0.103.0 - tableIterate@CLAMAV_PRIVATE 0.103.0 - tableRemove@CLAMAV_PRIVATE 0.103.0 - tableUpdate@CLAMAV_PRIVATE 0.103.0 - text_normalize_init@CLAMAV_PRIVATE 0.103.0 - text_normalize_map@CLAMAV_PRIVATE 0.103.0 - text_normalize_reset@CLAMAV_PRIVATE 0.103.0 - uniq_add@CLAMAV_PRIVATE 0.103.0 - uniq_free@CLAMAV_PRIVATE 0.103.0 - uniq_get@CLAMAV_PRIVATE 0.103.0 - uniq_init@CLAMAV_PRIVATE 0.103.0 + messageCreate@CLAMAV_PRIVATE 0.103.2 + messageDestroy@CLAMAV_PRIVATE 0.103.2 + mpool_calloc@CLAMAV_PRIVATE 0.103.2 + mpool_create@CLAMAV_PRIVATE 0.103.2 + mpool_destroy@CLAMAV_PRIVATE 0.103.2 + mpool_free@CLAMAV_PRIVATE 0.103.2 + mpool_getstats@CLAMAV_PRIVATE 0.103.2 + phishingScan@CLAMAV_PRIVATE 0.103.2 + phishing_done@CLAMAV_PRIVATE 0.103.2 + phishing_init@CLAMAV_PRIVATE 0.103.2 + regex_list_add_pattern@CLAMAV_PRIVATE 0.103.2 + regex_list_done@CLAMAV_PRIVATE 0.103.2 + regex_list_match@CLAMAV_PRIVATE 0.103.2 + tableCreate@CLAMAV_PRIVATE 0.103.2 + tableDestroy@CLAMAV_PRIVATE 0.103.2 + tableFind@CLAMAV_PRIVATE 0.103.2 + tableInsert@CLAMAV_PRIVATE 0.103.2 + tableIterate@CLAMAV_PRIVATE 0.103.2 + tableRemove@CLAMAV_PRIVATE 0.103.2 + tableUpdate@CLAMAV_PRIVATE 0.103.2 + text_normalize_init@CLAMAV_PRIVATE 0.103.2 + text_normalize_map@CLAMAV_PRIVATE 0.103.2 + text_normalize_reset@CLAMAV_PRIVATE 0.103.2 + uniq_add@CLAMAV_PRIVATE 0.103.2 + uniq_free@CLAMAV_PRIVATE 0.103.2 + uniq_get@CLAMAV_PRIVATE 0.103.2 + uniq_init@CLAMAV_PRIVATE 0.103.2 libfreshclam.so.2 libclamav9 #MINVER# FRESHCLAM_PRIVATE@FRESHCLAM_PRIVATE 0.103.0 FRESHCLAM_PUBLIC@FRESHCLAM_PUBLIC 0.102.1 diff -Nru clamav-0.103.0+dfsg/debian/patches/0001-Change-paths-in-sample-conf-file-to-match-Debian.patch clamav-0.103.2+dfsg/debian/patches/0001-Change-paths-in-sample-conf-file-to-match-Debian.patch --- clamav-0.103.0+dfsg/debian/patches/0001-Change-paths-in-sample-conf-file-to-match-Debian.patch 1970-01-01 00:00:00.000000000 +0000 +++ clamav-0.103.2+dfsg/debian/patches/0001-Change-paths-in-sample-conf-file-to-match-Debian.patch 2021-04-12 18:51:20.000000000 +0000 @@ -0,0 +1,40 @@ +From a2ae02924bf2fc91d949cd59742ca01a25893816 Mon Sep 17 00:00:00 2001 +From: Scott Kitterman +Date: Mon, 10 Mar 2014 19:20:18 -0400 +Subject: Change paths in sample conf file to match Debian + +--- + etc/clamav-milter.conf.sample | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/etc/clamav-milter.conf.sample b/etc/clamav-milter.conf.sample +index bf46b4f..b1b533b 100644 +--- a/etc/clamav-milter.conf.sample ++++ b/etc/clamav-milter.conf.sample +@@ -64,7 +64,7 @@ Example + # also owned by root to keep other users from tampering with it. + # + # Default: disabled +-#PidFile /var/run/clamav-milter.pid ++#PidFile /var/run/clamav/clamav-milter.pid + + # Optional path to the global temporary directory. + # Default: system specific (usually /tmp or /var/tmp). +@@ -91,7 +91,7 @@ Example + # fashion. + # + # Default: no default +-#ClamdSocket tcp:scanner.mydomain:7357 ++ClamdSocket /var/run/clamav/clamd + + + ## +@@ -214,7 +214,7 @@ Example + # A full path is required. + # + # Default: disabled +-#LogFile /tmp/clamav-milter.log ++#LogFile /var/log/clamav/clamav-milter.log + + # By default the log file is locked for writing - the lock protects against + # running clamav-milter multiple times. diff -Nru clamav-0.103.0+dfsg/debian/patches/0002-add-support-for-system-tomsfastmath.patch clamav-0.103.2+dfsg/debian/patches/0002-add-support-for-system-tomsfastmath.patch --- clamav-0.103.0+dfsg/debian/patches/0002-add-support-for-system-tomsfastmath.patch 1970-01-01 00:00:00.000000000 +0000 +++ clamav-0.103.2+dfsg/debian/patches/0002-add-support-for-system-tomsfastmath.patch 2021-04-12 18:51:20.000000000 +0000 @@ -0,0 +1,108 @@ +From d49c808e8d7d7b76e23fcbb20b8da85aef17aea9 Mon Sep 17 00:00:00 2001 +From: Andreas Cadhalpun +Date: Wed, 11 Mar 2015 20:03:15 +0100 +Subject: add support for system tomsfastmath + +--- + configure.ac | 2 ++ + libclamav/Makefile.am | 6 ++++++ + libclamav/bignum.h | 6 +++++- + libclamav/xdp.c | 2 +- + m4/reorganization/libs/tomsfastmath.m4 | 12 ++++++++++++ + 5 files changed, 26 insertions(+), 2 deletions(-) + create mode 100644 m4/reorganization/libs/tomsfastmath.m4 + +diff --git a/configure.ac b/configure.ac +index 6da01a3..1e46398 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -98,6 +98,7 @@ m4_include([m4/reorganization/libs/libmspack.m4]) + if test "x$use_internal_mspack" = "xno"; then + mspack_msg="External, $LIBMSPACK_CFLAGS $LIBMSPACK_LIBS" + fi ++m4_include([m4/reorganization/libs/tomsfastmath.m4]) + + AM_MAINTAINER_MODE + m4_include([m4/reorganization/libs/libz.m4]) +@@ -362,6 +363,7 @@ fi + CL_MSG_STATUS([yara ],[$enable_yara],[$enable_yara]) + CL_MSG_STATUS([fts ],[yes],[$lfs_fts_msg]) + ++CL_MSG_STATUS([tomsfastmath],[yes],[$tomsfastmath_msg]) + + # Yep, downgrading the compiler avoids the bug too: + # 4.0.x, and 4.1.0 are the known buggy versions +diff --git a/libclamav/Makefile.am b/libclamav/Makefile.am +index 0174a92..5547972 100644 +--- a/libclamav/Makefile.am ++++ b/libclamav/Makefile.am +@@ -588,6 +588,7 @@ libclamav_la_SOURCES += yara_arena.c \ + yara_clam.h + endif + ++if !SYSTEM_TOMSFASTMATH + libclamav_la_SOURCES += bignum.h\ + bignum_fast.h\ + tomsfastmath/addsub/fp_add.c\ +@@ -672,6 +673,11 @@ libclamav_la_SOURCES += bignum.h\ + tomsfastmath/sqr/fp_sqr_comba_small_set.c\ + tomsfastmath/sqr/fp_sqrmod.c + ++else ++libclamav_la_CFLAGS += $(TOMSFASTMATH_CFLAGS) ++libclamav_la_LIBADD += $(TOMSFASTMATH_LIBS) ++endif ++ + .PHONY2: version.h.tmp + version.c: version.h + version.h: version.h.tmp +diff --git a/libclamav/bignum.h b/libclamav/bignum.h +index 8fdc956..56dfa95 100644 +--- a/libclamav/bignum.h ++++ b/libclamav/bignum.h +@@ -1,9 +1,13 @@ + #ifndef BIGNUM_H_ + #define BIGNUM_H_ + ++#if HAVE_SYSTEM_TOMSFASTMATH ++#include ++#else + #define TFM_CHECK +- + #include "bignum_fast.h" ++#endif ++ + typedef fp_int mp_int; + #define mp_cmp fp_cmp + #define mp_toradix_n(a, b, c, d) fp_toradix_n(a, b, c, d) +diff --git a/libclamav/xdp.c b/libclamav/xdp.c +index 8742342..6370221 100644 +--- a/libclamav/xdp.c ++++ b/libclamav/xdp.c +@@ -52,7 +52,7 @@ + #include "scanners.h" + #include "conv.h" + #include "xdp.h" +-#include "bignum_fast.h" ++#include "bignum.h" + #include "filetypes.h" + + static char *dump_xdp(cli_ctx *ctx, const char *start, size_t sz); +diff --git a/m4/reorganization/libs/tomsfastmath.m4 b/m4/reorganization/libs/tomsfastmath.m4 +new file mode 100644 +index 0000000..2a821a1 +--- /dev/null ++++ b/m4/reorganization/libs/tomsfastmath.m4 +@@ -0,0 +1,12 @@ ++dnl Check for system tomsfastmath ++PKG_CHECK_MODULES([TOMSFASTMATH], [tomsfastmath], [have_system_tomsfastmath=yes], [have_system_tomsfastmath=no]) ++ ++AM_CONDITIONAL([SYSTEM_TOMSFASTMATH], [test "x$have_system_tomsfastmath" = "xyes"]) ++ ++if test "x$have_system_tomsfastmath" = "xyes"; then ++ AC_DEFINE([HAVE_SYSTEM_TOMSFASTMATH], [1], [link against system-wide tomsfastmath library]) ++ tomsfastmath_msg="External, $TOMSFASTMATH_CFLAGS $TOMSFASTMATH_LIBS" ++else ++ AC_DEFINE([HAVE_SYSTEM_TOMSFASTMATH], [0], [don't link against system-wide tomsfastmath library]) ++ tomsfastmath_msg="Internal" ++fi diff -Nru clamav-0.103.0+dfsg/debian/patches/0003-clamd-don-t-depend-on-clamav-demon.socket.patch clamav-0.103.2+dfsg/debian/patches/0003-clamd-don-t-depend-on-clamav-demon.socket.patch --- clamav-0.103.0+dfsg/debian/patches/0003-clamd-don-t-depend-on-clamav-demon.socket.patch 1970-01-01 00:00:00.000000000 +0000 +++ clamav-0.103.2+dfsg/debian/patches/0003-clamd-don-t-depend-on-clamav-demon.socket.patch 2021-04-12 18:51:20.000000000 +0000 @@ -0,0 +1,34 @@ +From 85f632861ea91755a7cc98fc4848183ac9c0ec14 Mon Sep 17 00:00:00 2001 +From: Sebastian Andrzej Siewior +Date: Thu, 11 Aug 2016 21:54:10 +0200 +Subject: clamd: don't depend on clamav-demon.socket + +Let's try to live without it. +This should avoid the endless loop in #824042. Newer systemd have +rate-limiting on (re)starts. This rate-limiting would stop the socket +service. The only purpose for the socket activation is to get clamd +started after the initial freshclam run on installs so I think we can +live without and manually start the daemon after installation. + +Signed-off-by: Sebastian Andrzej Siewior +--- + clamd/clamav-daemon.service.in | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/clamd/clamav-daemon.service.in b/clamd/clamav-daemon.service.in +index 9a262c3..c13d72f 100644 +--- a/clamd/clamav-daemon.service.in ++++ b/clamd/clamav-daemon.service.in +@@ -1,7 +1,6 @@ + [Unit] + Description=Clam AntiVirus userspace daemon + Documentation=man:clamd(8) man:clamd.conf(5) https://www.clamav.net/documents/ +-Requires=clamav-daemon.socket + # Check for database existence + ConditionPathExistsGlob=@DBDIR@/main.{c[vl]d,inc} + ConditionPathExistsGlob=@DBDIR@/daily.{c[vl]d,inc} +@@ -15,4 +14,3 @@ TimeoutStartSec=420 + + [Install] + WantedBy=multi-user.target +-Also=clamav-daemon.socket diff -Nru clamav-0.103.0+dfsg/debian/patches/0004-Add-support-for-LLVM-3.7.patch clamav-0.103.2+dfsg/debian/patches/0004-Add-support-for-LLVM-3.7.patch --- clamav-0.103.0+dfsg/debian/patches/0004-Add-support-for-LLVM-3.7.patch 1970-01-01 00:00:00.000000000 +0000 +++ clamav-0.103.2+dfsg/debian/patches/0004-Add-support-for-LLVM-3.7.patch 2021-04-12 18:51:20.000000000 +0000 @@ -0,0 +1,738 @@ +From f80c73ea6ca910ff54190329e9037688774f5ad1 Mon Sep 17 00:00:00 2001 +From: Andreas Cadhalpun +Date: Fri, 14 Oct 2016 20:24:39 +0200 +Subject: Add support for LLVM 3.7 + +Main changes: +The DataLayoutPass is no longer necessary. +The LoopInfo pass is now a WrapperPass. +Before creating TargetLibraryInfo one needs to create a +TargetLibraryInfoImpl. +PassManager is now in the legacy:: namespace. +GetElementPtrInst::getIndexedType changed behavior causing segfaults in +the testsuite; emulating the old behavior now. +CreateCallX functions for fixed number X of elements got removed. +JITEmitDebugInfo Option was removed. +DIDescriptor was removed. +--- + libclamav/c++/ClamBCRTChecks.cpp | 34 +++++- + libclamav/c++/PointerTracking.cpp | 44 +++++++- + libclamav/c++/bytecode2llvm.cpp | 181 ++++++++++++++++++++++++++++-- + libclamav/c++/configure.ac | 4 +- + 4 files changed, 244 insertions(+), 19 deletions(-) + +diff --git a/libclamav/c++/ClamBCRTChecks.cpp b/libclamav/c++/ClamBCRTChecks.cpp +index c8a853f..09657b9 100644 +--- a/libclamav/c++/ClamBCRTChecks.cpp ++++ b/libclamav/c++/ClamBCRTChecks.cpp +@@ -201,9 +201,11 @@ namespace llvm { + TD = &getAnalysis(); + #elif LLVM_VERSION < 35 + TD = &getAnalysis(); +-#else ++#elif LLVM_VERSION < 37 + DataLayoutPass *DLP = getAnalysisIfAvailable(); + TD = DLP ? &DLP->getDataLayout() : 0; ++#else ++ TD = &F.getEntryBlock().getModule()->getDataLayout(); + #endif + SE = &getAnalysis(); + PT = &getAnalysis(); +@@ -212,7 +214,11 @@ namespace llvm { + #else + DT = &getAnalysis().getDomTree(); + #endif ++#if LLVM_VERSION < 37 + expander = new SCEVExpander(*SE OPT("SCEVexpander")); ++#else ++ expander = new SCEVExpander(*SE, *TD OPT("SCEVexpander")); ++#endif + + std::vector insns; + +@@ -351,8 +357,10 @@ namespace llvm { + AU.addRequired(); + #elif LLVM_VERSION < 35 + AU.addRequired(); +-#else ++#elif LLVM_VERSION < 37 + AU.addRequired(); ++#else ++ // No DataLayout pass needed anymore. + #endif + #if LLVM_VERSION < 35 + AU.addRequired(); +@@ -406,7 +414,11 @@ namespace llvm { + if (BaseMap.count(P)) { + return BaseMap[Ptr] = BaseMap[P]; + } ++#if LLVM_VERSION < 37 + Value *P2 = GetUnderlyingObject(P, TD); ++#else ++ Value *P2 = GetUnderlyingObject(P, *TD); ++#endif + if (P2 != P) { + Value *V = getPointerBase(P2); + return BaseMap[Ptr] = V; +@@ -520,7 +532,11 @@ namespace llvm { + } + } + if (LoadInst *LI = dyn_cast(Base)) { ++#if LLVM_VERSION < 37 + Value *V = GetUnderlyingObject(LI->getPointerOperand()->stripPointerCasts(), TD); ++#else ++ Value *V = GetUnderlyingObject(LI->getPointerOperand()->stripPointerCasts(), *TD); ++#endif + if (Argument *A = dyn_cast(V)) { + if (A->getArgNo() == 0) { + // pointers from hidden ctx are trusted to be at least the +@@ -674,7 +690,11 @@ namespace llvm { + } + BasicBlock *BB = I->getParent(); + BasicBlock::iterator It = I; ++#if LLVM_VERSION < 37 + BasicBlock *newBB = SplitBlock(BB, &*It, this); ++#else ++ BasicBlock *newBB = SplitBlock(BB, &*It); ++#endif + PHINode *PN; + unsigned MDDbgKind = I->getContext().getMDKindID("dbg"); + //verifyFunction(*BB->getParent()); +@@ -719,9 +739,15 @@ namespace llvm { + unsigned locationid = 0; + bool Approximate; + if (MDNode *Dbg = getLocation(I, Approximate, MDDbgKind)) { ++#if LLVM_VERSION < 37 + DILocation Loc(Dbg); + locationid = Loc.getLineNumber() << 8; + unsigned col = Loc.getColumnNumber(); ++#else ++ DebugLoc Loc(Dbg); ++ locationid = Loc.getLine() << 8; ++ unsigned col = Loc.getCol(); ++#endif + if (col > 254) + col = 254; + if (Approximate) +@@ -945,7 +971,11 @@ INITIALIZE_PASS_DEPENDENCY(TargetData) + #elif LLVM_VERSION < 35 + INITIALIZE_PASS_DEPENDENCY(DataLayout) + #else ++#if LLVM_VERSION < 37 + INITIALIZE_PASS_DEPENDENCY(DataLayoutPass) ++#else ++// No DataLayout pass needed anymore. ++#endif + #endif + #if LLVM_VERSION < 35 + INITIALIZE_PASS_DEPENDENCY(DominatorTree) +diff --git a/libclamav/c++/PointerTracking.cpp b/libclamav/c++/PointerTracking.cpp +index d5841a1..5567894 100644 +--- a/libclamav/c++/PointerTracking.cpp ++++ b/libclamav/c++/PointerTracking.cpp +@@ -30,7 +30,11 @@ + #include "llvm/IR/InstIterator.h" + #endif + #include "llvm/Support/raw_ostream.h" ++#if LLVM_VERSION < 37 + #include "llvm/Target/TargetLibraryInfo.h" ++#else ++#include ++#endif + + #if LLVM_VERSION < 32 + #include "llvm/Target/TargetData.h" +@@ -70,7 +74,11 @@ INITIALIZE_PASS_DEPENDENCY(DominatorTree) + #else + INITIALIZE_PASS_DEPENDENCY(DominatorTreeWrapperPass) + #endif ++#if LLVM_VERSION < 37 + INITIALIZE_PASS_DEPENDENCY(LoopInfo) ++#else ++INITIALIZE_PASS_DEPENDENCY(LoopInfoWrapperPass) ++#endif + INITIALIZE_PASS_DEPENDENCY(ScalarEvolution) + #if LLVM_VERSION < 35 + INITIALIZE_PASS_DEPENDENCY(DominatorTree) +@@ -96,12 +104,18 @@ bool PointerTracking::runOnFunction(Function &F) { + TD = getAnalysisIfAvailable(); + #elif LLVM_VERSION < 35 + TD = getAnalysisIfAvailable(); +-#else ++#elif LLVM_VERSION < 37 + DataLayoutPass *DLP = getAnalysisIfAvailable(); + TD = DLP ? &DLP->getDataLayout() : 0; ++#else ++ TD = &F.getEntryBlock().getModule()->getDataLayout(); + #endif + SE = &getAnalysis(); ++#if LLVM_VERSION < 37 + LI = &getAnalysis(); ++#else ++ LI = &getAnalysis().getLoopInfo(); ++#endif + #if LLVM_VERSION < 35 + DT = &getAnalysis(); + #else +@@ -116,7 +130,11 @@ void PointerTracking::getAnalysisUsage(AnalysisUsage &AU) const { + #else + AU.addRequiredTransitive(); + #endif ++#if LLVM_VERSION < 37 + AU.addRequiredTransitive(); ++#else ++ AU.addRequiredTransitive(); ++#endif + AU.addRequiredTransitive(); + AU.setPreservesAll(); + } +@@ -178,12 +196,19 @@ const SCEV *PointerTracking::computeAllocationCount(Value *P, + if (CallInst *CI = extractMallocCall(V)) { + Value *arraySize = getMallocArraySize(CI, TD); + constType* AllocTy = getMallocAllocatedType(CI); +-#else ++#elif LLVM_VERSION < 37 + TargetLibraryInfo* TLI = new TargetLibraryInfo(); + + if (CallInst *CI = extractMallocCall(V, TLI)) { + Value *arraySize = getMallocArraySize(CI, TD, TLI); + constType* AllocTy = getMallocAllocatedType(CI, TLI); ++#else ++ TargetLibraryInfoImpl* TLII = new TargetLibraryInfoImpl(); ++ TargetLibraryInfo* TLI = new TargetLibraryInfo(*TLII); ++ ++ if (CallInst *CI = extractMallocCall(V, TLI)) { ++ Value *arraySize = getMallocArraySize(CI, *TD, TLI); ++ constType* AllocTy = getMallocAllocatedType(CI, TLI); + #endif + if (!AllocTy || !arraySize) return SE->getCouldNotCompute(); + Ty = AllocTy; +@@ -240,7 +265,7 @@ Value *PointerTracking::computeAllocationCountValue(Value *P, constType *&Ty) co + if (!Ty) + return 0; + Value *arraySize = getMallocArraySize(CI, TD); +-#else ++#elif LLVM_VERSION < 37 + TargetLibraryInfo* TLI = new TargetLibraryInfo(); + + if (CallInst *CI = extractMallocCall(V, TLI)) { +@@ -248,6 +273,15 @@ Value *PointerTracking::computeAllocationCountValue(Value *P, constType *&Ty) co + if (!Ty) + return 0; + Value *arraySize = getMallocArraySize(CI, TD, TLI); ++#else ++ TargetLibraryInfoImpl* TLII = new TargetLibraryInfoImpl(); ++ TargetLibraryInfo* TLI = new TargetLibraryInfo(*TLII); ++ ++ if (CallInst *CI = extractMallocCall(V, TLI)) { ++ Ty = getMallocAllocatedType(CI, TLI); ++ if (!Ty) ++ return 0; ++ Value *arraySize = getMallocArraySize(CI, *TD, TLI); + #endif + if (!arraySize) { + Ty = Type::getInt8Ty(P->getContext()); +@@ -351,7 +385,11 @@ void PointerTracking::getPointerOffset(Value *Pointer, Value *&Base, + const SCEV *&Offset) const + { + Pointer = Pointer->stripPointerCasts(); ++#if LLVM_VERSION < 37 + Base = GetUnderlyingObject(Pointer, TD); ++#else ++ Base = GetUnderlyingObject(Pointer, *TD); ++#endif + Limit = getAllocationSizeInBytes(Base); + if (isa(Limit)) { + Base = 0; +diff --git a/libclamav/c++/bytecode2llvm.cpp b/libclamav/c++/bytecode2llvm.cpp +index 6f1181a..a0bab63 100644 +--- a/libclamav/c++/bytecode2llvm.cpp ++++ b/libclamav/c++/bytecode2llvm.cpp +@@ -64,7 +64,11 @@ + #include "llvm/Object/ObjectFile.h" + #endif + #include "llvm/ExecutionEngine/JITEventListener.h" ++#if LLVM_VERSION < 37 + #include "llvm/PassManager.h" ++#else ++#include "llvm/IR/LegacyPassManager.h" ++#endif + #include "llvm/Support/Compiler.h" + #include "llvm/Support/Debug.h" + #include "llvm/Support/CommandLine.h" +@@ -232,7 +236,9 @@ namespace { + #define llvm_report_error(x) report_fatal_error(x) + #define llvm_install_error_handler(x) install_fatal_error_handler(x) + #define DwarfExceptionHandling JITExceptionHandling ++#if LLVM_VERSION < 37 + #define SetCurrentDebugLocation(x) SetCurrentDebugLocation(DebugLoc::getFromDILocation(x)) ++#endif + #define DEFINEPASS(passname) passname() : FunctionPass(ID) + #else + #define DEFINEPASS(passname) passname() : FunctionPass(&ID) +@@ -719,7 +725,11 @@ class RuntimeLimits : public FunctionPass { + BBMap[BB] = apicalls; + } + if (!BackedgeTargets.empty()) { ++#if LLVM_VERSION < 37 + LoopInfo &LI = getAnalysis(); ++#else ++ LoopInfo &LI = getAnalysis().getLoopInfo(); ++#endif + ScalarEvolution &SE = getAnalysis(); + + // Now check whether any of these backedge targets are part of a loop +@@ -803,7 +813,11 @@ class RuntimeLimits : public FunctionPass { + #endif + // Load Flag that tells us we timed out (first byte in bc_ctx) + Value *Cond = Builder.CreateLoad(Flag, true); ++#if LLVM_VERSION < 37 + BasicBlock *newBB = SplitBlock(BB, BB->getTerminator(), this); ++#else ++ BasicBlock *newBB = SplitBlock(BB, BB->getTerminator()); ++#endif + TerminatorInst *TI = BB->getTerminator(); + BranchInst::Create(AbrtBB, newBB, Cond, TI); + TI->eraseFromParent(); +@@ -824,7 +838,11 @@ class RuntimeLimits : public FunctionPass { + + virtual void getAnalysisUsage(AnalysisUsage &AU) const { + AU.setPreservesAll(); ++#if LLVM_VERSION < 37 + AU.addRequired(); ++#else ++ AU.addRequired(); ++#endif + AU.addRequired(); + #if LLVM_VERSION < 35 + AU.addRequired(); +@@ -917,7 +935,11 @@ class LLVMCodegen { + Module *M; + LLVMContext &Context; + ExecutionEngine *EE; ++#if LLVM_VERSION < 37 + FunctionPassManager &PM, &PMUnsigned; ++#else ++ legacy::FunctionPassManager &PM, &PMUnsigned; ++#endif + LLVMTypeMapper *TypeMap; + + Function **apiFuncs; +@@ -1090,7 +1112,11 @@ class LLVMCodegen { + Constant *C = ConstantExpr::getPointerCast(GV, IP8Ty); + //TODO: check constant bounds here + return ConstantExpr::getPointerCast( ++#if LLVM_VERSION < 37 + ConstantExpr::getInBoundsGetElementPtr(C, ARRAYREF(Value*, idxs, 1)), ++#else ++ ConstantExpr::getInBoundsGetElementPtr(Ty, C, ARRAYREF(Value*, idxs, 1)), ++#endif + PTy); + } + if (isa(Ty)) { +@@ -1119,15 +1145,21 @@ class LLVMCodegen { + + public: + LLVMCodegen(const struct cli_bc *bc, Module *M, struct CommonFunctions *CF, FunctionMapTy &cFuncs, ++#if LLVM_VERSION < 37 + ExecutionEngine *EE, FunctionPassManager &PM, FunctionPassManager &PMUnsigned, ++#else ++ ExecutionEngine *EE, legacy::FunctionPassManager &PM, legacy::FunctionPassManager &PMUnsigned, ++#endif + Function **apiFuncs, LLVMTypeMapper &apiMap) + : bc(bc), M(M), Context(M->getContext()), EE(EE), + PM(PM),PMUnsigned(PMUnsigned), TypeMap(), apiFuncs(apiFuncs),apiMap(apiMap), + compiledFunctions(cFuncs), BytecodeID("bc"+Twine(bc->id)), + #if LLVM_VERSION < 32 + Folder(EE->getTargetData()), Builder(Context, Folder), Values(), CF(CF) { +-#else ++#elif LLVM_VERSION < 37 + Folder(EE->getDataLayout()), Builder(Context, Folder), Values(), CF(CF) { ++#else ++ Folder(*EE->getDataLayout()), Builder(Context, Folder), Values(), CF(CF) { + #endif + + for (unsigned i=0;i + #endif + Value* createGEP(Value *Base, constType *ETy, ARRAYREFPARAM(Value*,InputIterator Start,InputIterator End,ARef)) { ++#if LLVM_VERSION < 37 + constType *Ty = GetElementPtrInst::getIndexedType(Base->getType(),ARRAYREFP(Start,End,ARef)); ++#else ++ Type *Ty = NULL; ++ // This used to be done internally in LLVM's getIndexedTypeInternal. ++ PointerType *PTy = dyn_cast(Base->getType()->getScalarType()); ++ if (PTy) { ++ Type *Agg = PTy->getElementType(); ++ Ty = GetElementPtrInst::getIndexedType(Agg,ARRAYREFP(Start,End,ARef)); ++ } ++#endif + if (!Ty || (ETy && (Ty != ETy && (!isa(Ty) || !isa(ETy))))) { + if (cli_debug_flag) { + std::string str; +@@ -1458,7 +1500,11 @@ class LLVMCodegen { + if (func->dbgnodes[c] != ~0u) { + unsigned j = func->dbgnodes[c]; + assert(j < mdnodes.size()); ++#if LLVM_VERSION < 37 + Builder.SetCurrentDebugLocation(mdnodes[j]); ++#else ++ Builder.SetCurrentDebugLocation(DebugLoc(mdnodes[j])); ++#endif + } else + Builder.SetCurrentDebugLocation(0); + } +@@ -1768,11 +1814,16 @@ class LLVMCodegen { + #if LLVM_VERSION < 29 + CallInst *c = Builder.CreateCall4(CF->FMemset, Dst, Val, Len, + ConstantInt::get(Type::getInt32Ty(Context), 1)); +-#else ++#elif LLVM_VERSION < 37 + CallInst *c = Builder.CreateCall5(CF->FMemset, Dst, Val, Len, + ConstantInt::get(Type::getInt32Ty(Context), 1), + ConstantInt::get(Type::getInt1Ty(Context), 0) + ); ++#else ++ Value *args[] = { Dst, Val, Len, ++ ConstantInt::get(Type::getInt32Ty(Context), 1), ++ ConstantInt::get(Type::getInt1Ty(Context), 0)}; ++ CallInst *c = Builder.CreateCall(CF->FMemset, ARRAYREF(Value*, args, args + 5)); + #endif + c->setTailCall(true); + c->setDoesNotThrow(); +@@ -1789,11 +1840,16 @@ class LLVMCodegen { + #if LLVM_VERSION < 29 + CallInst *c = Builder.CreateCall4(CF->FMemcpy, Dst, Src, Len, + ConstantInt::get(Type::getInt32Ty(Context), 1)); +-#else ++#elif LLVM_VERSION < 37 + CallInst *c = Builder.CreateCall5(CF->FMemcpy, Dst, Src, Len, + ConstantInt::get(Type::getInt32Ty(Context), 1), + ConstantInt::get(Type::getInt1Ty(Context), 0) + ); ++#else ++ Value *args[] = { Dst, Src, Len, ++ ConstantInt::get(Type::getInt32Ty(Context), 1), ++ ConstantInt::get(Type::getInt1Ty(Context), 0)}; ++ CallInst *c = Builder.CreateCall(CF->FMemcpy, ARRAYREF(Value*, args, args + 5)); + #endif + c->setTailCall(true); + c->setDoesNotThrow(); +@@ -1810,10 +1866,15 @@ class LLVMCodegen { + #if LLVM_VERSION < 29 + CallInst *c = Builder.CreateCall4(CF->FMemmove, Dst, Src, Len, + ConstantInt::get(Type::getInt32Ty(Context), 1)); +-#else ++#elif LLVM_VERSION < 37 + CallInst *c = Builder.CreateCall5(CF->FMemmove, Dst, Src, Len, + ConstantInt::get(Type::getInt32Ty(Context), 1), + ConstantInt::get(Type::getInt1Ty(Context), 0)); ++#else ++ Value *args[] = {Dst, Src, Len, ++ ConstantInt::get(Type::getInt32Ty(Context), 1), ++ ConstantInt::get(Type::getInt1Ty(Context), 0)}; ++ CallInst *c = Builder.CreateCall(CF->FMemmove, args); + #endif + c->setTailCall(true); + c->setDoesNotThrow(); +@@ -1831,7 +1892,12 @@ class LLVMCodegen { + #else + Value *Len = convertOperand(func, EE->getDataLayout()->getIntPtrType(Context), inst->u.three[2]); + #endif ++#if LLVM_VERSION < 37 + CallInst *c = Builder.CreateCall3(CF->FRealmemcmp, Dst, Src, Len); ++#else ++ Value *args[] = {Dst, Src, Len}; ++ CallInst *c = Builder.CreateCall(CF->FRealmemcmp, ARRAYREF(Value*, args, args + 3)); ++#endif + c->setTailCall(true); + c->setDoesNotThrow(); + Store(inst->dest, c); +@@ -2212,7 +2278,11 @@ static void addFunctionProtos(struct CommonFunctions *CF, ExecutionEngine *EE, M + } + #if LLVM_VERSION >= 29 + INITIALIZE_PASS_BEGIN(RuntimeLimits, "rl", "Runtime Limits", false, false) ++#if LLVM_VERSION < 37 + INITIALIZE_PASS_DEPENDENCY(LoopInfo) ++#else ++INITIALIZE_PASS_DEPENDENCY(LoopInfoWrapperPass) ++#endif + INITIALIZE_PASS_DEPENDENCY(ScalarEvolution) + #if LLVM_VERSION < 35 + INITIALIZE_PASS_DEPENDENCY(DominatorTree) +@@ -2438,8 +2508,10 @@ static void addFPasses(FunctionPassManager &FPM, bool trusted, const TargetData + static void addFPasses(FunctionPassManager &FPM, bool trusted, const DataLayout *TD) + #elif LLVM_VERSION < 36 + static void addFPasses(FunctionPassManager &FPM, bool trusted, const Module *M) +-#else ++#elif LLVM_VERSION < 37 + static void addFPasses(FunctionPassManager &FPM, bool trusted, Module *M) ++#else ++static void addFPasses(legacy::FunctionPassManager &FPM, bool trusted, Module *M) + #endif + { + // Set up the optimizer pipeline. Start with registering info about how +@@ -2450,10 +2522,12 @@ static void addFPasses(FunctionPassManager &FPM, bool trusted, Module *M) + FPM.add(new DataLayout(*TD)); + #elif LLVM_VERSION < 36 + FPM.add(new DataLayoutPass(M)); +-#else ++#elif LLVM_VERSION < 37 + DataLayoutPass *DLP = new DataLayoutPass(); + DLP->doInitialization(*M); + FPM.add(DLP); ++#else ++ // No DataLayout pass needed anymore. + #endif + // Promote allocas to registers. + FPM.add(createPromoteMemoryToRegisterPass()); +@@ -2483,6 +2557,8 @@ int cli_bytecode_prepare_jit(struct cli_all_bc *bcs) + + #if LLVM_VERSION >= 31 + TargetOptions Options; ++#if LLVM_VERSION < 37 ++ // This option was removed. + #ifdef CL_DEBUG + //disable this for now, it leaks + Options.JITEmitDebugInfo = false; +@@ -2490,6 +2566,7 @@ int cli_bytecode_prepare_jit(struct cli_all_bc *bcs) + #else + Options.JITEmitDebugInfo = false; + #endif ++#endif + #if LLVM_VERSION < 34 + Options.DwarfExceptionHandling = false; + #else +@@ -2526,7 +2603,11 @@ int cli_bytecode_prepare_jit(struct cli_all_bc *bcs) + struct CommonFunctions CF; + addFunctionProtos(&CF, EE, M); + ++#if LLVM_VERSION < 37 + FunctionPassManager OurFPM(M), OurFPMUnsigned(M); ++#else ++ legacy::FunctionPassManager OurFPM(M), OurFPMUnsigned(M); ++#endif + #if LLVM_VERSION < 32 + M->setDataLayout(EE->getTargetData()->getStringRepresentation()); + #else +@@ -2666,17 +2747,23 @@ int cli_bytecode_prepare_jit(struct cli_all_bc *bcs) + break; + } + } ++#if LLVM_VERSION < 37 + PassManager PM; ++#else ++ legacy::PassManager PM; ++#endif + #if LLVM_VERSION < 32 + PM.add(new TargetData(*EE->getTargetData())); + #elif LLVM_VERSION < 35 + PM.add(new DataLayout(*EE->getDataLayout())); + #elif LLVM_VERSION < 36 + PM.add(new DataLayoutPass(M)); +-#else ++#elif LLVM_VERSION < 37 + DataLayoutPass *DLP = new DataLayoutPass(); + DLP->doInitialization(*M); + PM.add(DLP); ++#else ++ // No DataLayout pass needed anymore. + #endif + // TODO: only run this on the untrusted bytecodes, not all of them... + if (has_untrusted) +@@ -2988,11 +3075,19 @@ static Metadata *findDbgGlobalDeclare(GlobalVariable *V) { + return 0; + + for (unsigned i = 0, e = NMD->getNumOperands(); i != e; ++i) { ++#if LLVM_VERSION < 37 + DIDescriptor DIG(cast(NMD->getOperand(i))); + if (!DIG.isGlobalVariable()) + continue; + if (DIGlobalVariable(DIG).getGlobal() == V) + return DIG; ++#else ++ MDNode *DIG = NMD->getOperand(i); ++ if (!DIGlobalVariable::classof(DIG)) ++ continue; ++ if ((cast(DIG))->getVariable() == V) ++ return DIG; ++#endif + } + return 0; + } +@@ -3009,11 +3104,19 @@ static Metadata *findDbgSubprogramDeclare(Function *V) { + return 0; + + for (unsigned i = 0, e = NMD->getNumOperands(); i != e; ++i) { ++#if LLVM_VERSION < 37 + DIDescriptor DIG(cast(NMD->getOperand(i))); + if (!DIG.isSubprogram()) + continue; + if (DISubprogram(DIG).getFunction() == V) + return DIG; ++#else ++ MDNode *DIG = NMD->getOperand(i); ++ if (!DISubprogram::classof(DIG)) ++ continue; ++ if ((cast(DIG))->getFunction() == V) ++ return DIG; ++#endif + } + return 0; + } +@@ -3062,22 +3165,39 @@ static bool getLocationInfo(const Value *V, std::string &DisplayName, + Metadata *DIGV = findDbgGlobalDeclare(GV); + #endif + if (!DIGV) return false; ++#if LLVM_VERSION < 37 + DIGlobalVariable Var(cast(DIGV)); ++#else ++ DIGlobalVariable *Var = cast(DIGV); ++#endif + ++#if LLVM_VERSION < 37 + StringRef D = Var.getDisplayName(); ++#else ++ StringRef D = Var->getDisplayName(); ++#endif + if (!D.empty()) + DisplayName = D; ++#if LLVM_VERSION < 37 + LineNo = Var.getLineNumber(); ++#else ++ LineNo = Var->getLine(); ++#endif + #if LLVM_VERSION < 33 + Unit = Var.getCompileUnit(); +-#else ++#elif LLVM_VERSION < 37 + G = Var.getFilename(); + H = Var.getDirectory(); ++#else ++ G = Var->getFilename(); ++ H = Var->getDirectory(); + #endif + #if LLVM_VERSION < 35 + TypeD = Var.getType(); +-#else ++#elif LLVM_VERSION < 37 + T = Var.getType().getName(); ++#else ++ T = (cast(*Var->getType())).getName(); + #endif + } else if (Function *F = dyn_cast(const_cast(V))){ + #if LLVM_VERSION < 36 +@@ -3086,32 +3206,61 @@ static bool getLocationInfo(const Value *V, std::string &DisplayName, + Metadata *DIF = findDbgSubprogramDeclare(F); + #endif + if (!DIF) return false; ++#if LLVM_VERSION < 37 + DISubprogram Var(cast(DIF)); ++#else ++ DISubprogram *Var = cast(DIF); ++#endif + ++#if LLVM_VERSION < 37 + StringRef D = Var.getDisplayName(); ++#else ++ StringRef D = Var->getDisplayName(); ++#endif + if (!D.empty()) + DisplayName = D; ++#if LLVM_VERSION < 37 + LineNo = Var.getLineNumber(); ++#else ++ LineNo = Var->getLine(); ++#endif + #if LLVM_VERSION < 33 + Unit = Var.getCompileUnit(); +-#else ++#elif LLVM_VERSION < 37 + G = Var.getFilename(); + H = Var.getDirectory(); ++#else ++ G = Var->getFilename(); ++ H = Var->getDirectory(); + #endif + #if LLVM_VERSION < 35 + TypeD = Var.getType(); +-#else ++#elif LLVM_VERSION < 37 + T = Var.getType().getName(); ++#else ++ T = Var->getType()->getName(); + #endif + } else { + const DbgDeclareInst *DDI = findDbgDeclare(V); + if (!DDI) return false; ++#if LLVM_VERSION < 37 + DIVariable Var(cast(DDI->getVariable())); ++#else ++ DIVariable* Var = DDI->getVariable(); ++#endif + ++#if LLVM_VERSION < 37 + StringRef D = Var.getName(); ++#else ++ StringRef D = Var->getName(); ++#endif + if (!D.empty()) + DisplayName = D; ++#if LLVM_VERSION < 37 + LineNo = Var.getLineNumber(); ++#else ++ LineNo = Var->getLine(); ++#endif + #if LLVM_VERSION < 33 + Unit = Var.getCompileUnit(); + #else +@@ -3121,8 +3270,10 @@ static bool getLocationInfo(const Value *V, std::string &DisplayName, + #endif + #if LLVM_VERSION < 35 + TypeD = Var.getType(); +-#else ++#elif LLVM_VERSION < 37 + T = Var.getType().getName(); ++#else ++ T = (cast(*Var->getType())).getName(); + #endif + } + +@@ -3158,9 +3309,15 @@ void printValue(llvm::Value *V, bool a, bool b) { + + void printLocation(llvm::Instruction *I, bool a, bool b) { + if (MDNode *N = I->getMetadata("dbg")) { ++#if LLVM_VERSION < 37 + DILocation Loc(N); + errs() << Loc.getFilename() << ":" << Loc.getLineNumber(); + if (unsigned Col = Loc.getColumnNumber()) { ++#else ++ DebugLoc Loc(N); ++ errs() << Loc.get()->getFilename() << ":" << Loc.getLine(); ++ if (unsigned Col = Loc.getCol()) { ++#endif + errs() << ":" << Col; + } + errs() << ": "; +diff --git a/libclamav/c++/configure.ac b/libclamav/c++/configure.ac +index 14e1ada..0bc8985 100644 +--- a/libclamav/c++/configure.ac ++++ b/libclamav/c++/configure.ac +@@ -90,14 +90,14 @@ elif test $llvmver_test -lt 290; then + elif test $llvmver_test -lt 360; then + llvmcomp="jit nativecodegen scalaropts ipo" + AC_MSG_RESULT([ok ($llvmver)]) +-elif test $llvmver_test -lt 370; then ++elif test $llvmver_test -lt 380; then + dnl LLVM 3.6.0 removed jit, so we have to use mcjit + dnl and we're using InitializeNativeTargetAsmParser, so we need the architecture specific parsers + llvmcomp="mcjit nativecodegen scalaropts ipo x86asmparser powerpcasmparser" + AC_MSG_RESULT([ok ($llvmver)]) + else + AC_MSG_RESULT([no ($llvmver)]) +- AC_MSG_ERROR([LLVM < 3.7 required, but "$llvmver"($llvmver_test) found]) ++ AC_MSG_ERROR([LLVM < 3.8 required, but "$llvmver"($llvmver_test) found]) + fi + + dnl acquire the required flags to properly link in external LLVM diff -Nru clamav-0.103.0+dfsg/debian/patches/0005-Add-support-for-LLVM-3.8.patch clamav-0.103.2+dfsg/debian/patches/0005-Add-support-for-LLVM-3.8.patch --- clamav-0.103.0+dfsg/debian/patches/0005-Add-support-for-LLVM-3.8.patch 1970-01-01 00:00:00.000000000 +0000 +++ clamav-0.103.2+dfsg/debian/patches/0005-Add-support-for-LLVM-3.8.patch 2021-04-12 18:51:20.000000000 +0000 @@ -0,0 +1,455 @@ +From 6f87c1e75ef32530b38923dcffb74b38a0ea17ef Mon Sep 17 00:00:00 2001 +From: Andreas Cadhalpun +Date: Fri, 14 Oct 2016 20:24:48 +0200 +Subject: Add support for LLVM 3.8 + +Main changes: +llvm/Config/config.h was removed. +The ScalarEvolution pass is now a WrapperPass. +Iterators are no longer automatically converted to and from pointers. +The GVNPass causes the test_bswap_jit test to fail; replaced with +ConstantPropagationPass. +LLVMIsMultithreaded is from the C API, while llvm_is_multithreaded is +the corresponding C++ API. +--- + libclamav/c++/ClamBCRTChecks.cpp | 50 ++++++++++++++++++++++++ + libclamav/c++/PointerTracking.cpp | 12 ++++++ + libclamav/c++/bytecode2llvm.cpp | 65 +++++++++++++++++++++++++------ + libclamav/c++/configure.ac | 4 +- + libclamav/c++/detect.cpp | 2 + + 5 files changed, 119 insertions(+), 14 deletions(-) + +diff --git a/libclamav/c++/ClamBCRTChecks.cpp b/libclamav/c++/ClamBCRTChecks.cpp +index 09657b9..695a32b 100644 +--- a/libclamav/c++/ClamBCRTChecks.cpp ++++ b/libclamav/c++/ClamBCRTChecks.cpp +@@ -54,7 +54,9 @@ + #include "llvm/Analysis/ScalarEvolution.h" + #include "llvm/Analysis/ScalarEvolutionExpressions.h" + #include "llvm/Analysis/ScalarEvolutionExpander.h" ++#if LLVM_VERSION < 38 + #include "llvm/Config/config.h" ++#endif + #include "llvm/Pass.h" + #include "llvm/Support/CommandLine.h" + #if LLVM_VERSION < 35 +@@ -207,7 +209,11 @@ namespace llvm { + #else + TD = &F.getEntryBlock().getModule()->getDataLayout(); + #endif ++#if LLVM_VERSION < 38 + SE = &getAnalysis(); ++#else ++ SE = &getAnalysis().getSE(); ++#endif + PT = &getAnalysis(); + #if LLVM_VERSION < 35 + DT = &getAnalysis(); +@@ -332,7 +338,11 @@ namespace llvm { + AbrtC->setDoesNotThrow(); + #endif + // remove all instructions from entry ++#if LLVM_VERSION < 38 + BasicBlock::iterator BBI = I, BBE=BB->end(); ++#else ++ BasicBlock::iterator BBI = I->getIterator(), BBE=BB->end(); ++#endif + while (BBI != BBE) { + if (!BBI->use_empty()) + BBI->replaceAllUsesWith(UndefValue::get(BBI->getType())); +@@ -367,7 +377,11 @@ namespace llvm { + #else + AU.addRequired(); + #endif ++#if LLVM_VERSION < 38 + AU.addRequired(); ++#else ++ AU.addRequired(); ++#endif + AU.addRequired(); + #if LLVM_VERSION < 35 + AU.addRequired(); +@@ -398,9 +412,17 @@ namespace llvm { + + Instruction *getInsertPoint(Value *V) + { ++#if LLVM_VERSION < 38 + BasicBlock::iterator It = EP; ++#else ++ BasicBlock::iterator It = EP->getIterator(); ++#endif + if (Instruction *I = dyn_cast(V)) { ++#if LLVM_VERSION < 38 + It = I; ++#else ++ It = I->getIterator(); ++#endif + ++It; + } + return &*It; +@@ -427,7 +449,11 @@ namespace llvm { + constType *P8Ty = + PointerType::getUnqual(Type::getInt8Ty(Ptr->getContext())); + if (PHINode *PN = dyn_cast(Ptr)) { ++#if LLVM_VERSION < 38 + BasicBlock::iterator It = PN; ++#else ++ BasicBlock::iterator It = PN->getIterator(); ++#endif + ++It; + PHINode *newPN = PHINode::Create(P8Ty, HINT(PN->getNumIncomingValues()) ".verif.base", &*It); + Changed = true; +@@ -441,7 +467,11 @@ namespace llvm { + return newPN; + } + if (SelectInst *SI = dyn_cast(Ptr)) { ++#if LLVM_VERSION < 38 + BasicBlock::iterator It = SI; ++#else ++ BasicBlock::iterator It = SI->getIterator(); ++#endif + ++It; + Value *TrueB = getPointerBase(SI->getTrueValue()); + Value *FalseB = getPointerBase(SI->getFalseValue()); +@@ -575,7 +605,11 @@ namespace llvm { + } + #endif + if (PHINode *PN = dyn_cast(Base)) { ++#if LLVM_VERSION < 38 + BasicBlock::iterator It = PN; ++#else ++ BasicBlock::iterator It = PN->getIterator(); ++#endif + ++It; + PHINode *newPN = PHINode::Create(I64Ty, HINT(PN->getNumIncomingValues()) ".verif.bounds", &*It); + Changed = true; +@@ -598,7 +632,11 @@ namespace llvm { + return BoundsMap[Base] = newPN; + } + if (SelectInst *SI = dyn_cast(Base)) { ++#if LLVM_VERSION < 38 + BasicBlock::iterator It = SI; ++#else ++ BasicBlock::iterator It = SI->getIterator(); ++#endif + ++It; + Value *TrueB = getPointerBounds(SI->getTrueValue()); + Value *FalseB = getPointerBounds(SI->getFalseValue()); +@@ -655,7 +693,11 @@ namespace llvm { + if (!MDDbgKind) + return 0; + Approximate = true; ++#if LLVM_VERSION < 38 + BasicBlock::iterator It = I; ++#else ++ BasicBlock::iterator It = I->getIterator(); ++#endif + while (It != I->getParent()->begin()) { + --It; + if (MDNode *Dbg = It->getMetadata(MDDbgKind)) +@@ -689,7 +731,11 @@ namespace llvm { + return false; + } + BasicBlock *BB = I->getParent(); ++#if LLVM_VERSION < 38 + BasicBlock::iterator It = I; ++#else ++ BasicBlock::iterator It = I->getIterator(); ++#endif + #if LLVM_VERSION < 37 + BasicBlock *newBB = SplitBlock(BB, &*It, this); + #else +@@ -982,7 +1028,11 @@ INITIALIZE_PASS_DEPENDENCY(DominatorTree) + #else + INITIALIZE_PASS_DEPENDENCY(DominatorTreeWrapperPass) + #endif ++#if LLVM_VERSION < 38 + INITIALIZE_PASS_DEPENDENCY(ScalarEvolution) ++#else ++INITIALIZE_PASS_DEPENDENCY(ScalarEvolutionWrapperPass) ++#endif + #if LLVM_VERSION < 34 + INITIALIZE_AG_DEPENDENCY(CallGraph) + #elif LLVM_VERSION < 35 +diff --git a/libclamav/c++/PointerTracking.cpp b/libclamav/c++/PointerTracking.cpp +index 5567894..147ad48 100644 +--- a/libclamav/c++/PointerTracking.cpp ++++ b/libclamav/c++/PointerTracking.cpp +@@ -79,7 +79,11 @@ INITIALIZE_PASS_DEPENDENCY(LoopInfo) + #else + INITIALIZE_PASS_DEPENDENCY(LoopInfoWrapperPass) + #endif ++#if LLVM_VERSION < 38 + INITIALIZE_PASS_DEPENDENCY(ScalarEvolution) ++#else ++INITIALIZE_PASS_DEPENDENCY(ScalarEvolutionWrapperPass) ++#endif + #if LLVM_VERSION < 35 + INITIALIZE_PASS_DEPENDENCY(DominatorTree) + #else +@@ -110,7 +114,11 @@ bool PointerTracking::runOnFunction(Function &F) { + #else + TD = &F.getEntryBlock().getModule()->getDataLayout(); + #endif ++#if LLVM_VERSION < 38 + SE = &getAnalysis(); ++#else ++ SE = &getAnalysis().getSE(); ++#endif + #if LLVM_VERSION < 37 + LI = &getAnalysis(); + #else +@@ -135,7 +143,11 @@ void PointerTracking::getAnalysisUsage(AnalysisUsage &AU) const { + #else + AU.addRequiredTransitive(); + #endif ++#if LLVM_VERSION < 38 + AU.addRequiredTransitive(); ++#else ++ AU.addRequiredTransitive(); ++#endif + AU.setPreservesAll(); + } + +diff --git a/libclamav/c++/bytecode2llvm.cpp b/libclamav/c++/bytecode2llvm.cpp +index a0bab63..e7093cb 100644 +--- a/libclamav/c++/bytecode2llvm.cpp ++++ b/libclamav/c++/bytecode2llvm.cpp +@@ -171,7 +171,9 @@ void LLVMInitializePowerPCAsmPrinter(); + //#define TIMING + #undef TIMING + ++#if LLVM_VERSION < 38 + #include "llvm/Config/config.h" ++#endif + #ifdef ENABLE_THREADS + #if !ENABLE_THREADS + #error "Thread support was explicitly disabled. Cannot continue" +@@ -730,7 +732,11 @@ class RuntimeLimits : public FunctionPass { + #else + LoopInfo &LI = getAnalysis().getLoopInfo(); + #endif ++#if LLVM_VERSION < 38 + ScalarEvolution &SE = getAnalysis(); ++#else ++ ScalarEvolution &SE = getAnalysis().getSE(); ++#endif + + // Now check whether any of these backedge targets are part of a loop + // with a small constant trip count +@@ -784,7 +790,11 @@ class RuntimeLimits : public FunctionPass { + new UnreachableInst(F.getContext(), AbrtBB); + IRBuilder Builder(F.getContext()); + ++#if LLVM_VERSION < 38 + Value *Flag = F.arg_begin(); ++#else ++ Value *Flag = &*F.arg_begin(); ++#endif + #if LLVM_VERSION < 30 + Function *LSBarrier = Intrinsic::getDeclaration(F.getParent(), + Intrinsic::memory_barrier); +@@ -798,13 +808,21 @@ class RuntimeLimits : public FunctionPass { + #endif + verifyFunction(F); + BasicBlock *BB = &F.getEntryBlock(); ++#if LLVM_VERSION < 38 + Builder.SetInsertPoint(BB, BB->getTerminator()); ++#else ++ Builder.SetInsertPoint(BB, BB->getTerminator()->getIterator()); ++#endif + Flag = Builder.CreatePointerCast(Flag, PointerType::getUnqual( + Type::getInt1Ty(F.getContext()))); + for (BBSetTy::iterator I=needsTimeoutCheck.begin(), + E=needsTimeoutCheck.end(); I != E; ++I) { + BasicBlock *BB = *I; ++#if LLVM_VERSION < 38 + Builder.SetInsertPoint(BB, BB->getTerminator()); ++#else ++ Builder.SetInsertPoint(BB, BB->getTerminator()->getIterator()); ++#endif + #if LLVM_VERSION < 30 + // store-load barrier: will be a no-op on x86 but not other arches + Builder.CreateCall(LSBarrier, ARRAYREF(Value*, MBArgs, MBArgs+5)); +@@ -843,7 +861,11 @@ class RuntimeLimits : public FunctionPass { + #else + AU.addRequired(); + #endif ++#if LLVM_VERSION < 38 + AU.addRequired(); ++#else ++ AU.addRequired(); ++#endif + #if LLVM_VERSION < 35 + AU.addRequired(); + #else +@@ -1158,8 +1180,10 @@ class LLVMCodegen { + Folder(EE->getTargetData()), Builder(Context, Folder), Values(), CF(CF) { + #elif LLVM_VERSION < 37 + Folder(EE->getDataLayout()), Builder(Context, Folder), Values(), CF(CF) { +-#else ++#elif LLVM_VERSION < 38 + Folder(*EE->getDataLayout()), Builder(Context, Folder), Values(), CF(CF) { ++#else ++ Folder(EE->getDataLayout()), Builder(Context, Folder), Values(), CF(CF) { + #endif + + for (unsigned i=0;igetTargetData()->getPointerSize() == 8) { +-#else ++#elif LLVM_VERSION < 38 + if (EE->getDataLayout()->getPointerSize() == 8) { ++#else ++ if (EE->getDataLayout().getPointerSize() == 8) { + #endif + // eliminate useless trunc, GEP can take i64 too + if (TruncInst *I = dyn_cast(V)) { +@@ -1441,7 +1467,11 @@ class LLVMCodegen { + numArgs = func->numArgs; + + if (FakeGVs.any()) { ++#if LLVM_VERSION < 38 + Argument *Ctx = F->arg_begin(); ++#else ++ Argument *Ctx = &*F->arg_begin(); ++#endif + for (unsigned i=0;inum_globals;i++) { + if (!FakeGVs[i]) + continue; +@@ -1889,8 +1919,10 @@ class LLVMCodegen { + Src = Builder.CreatePointerCast(Src, PointerType::getUnqual(Type::getInt8Ty(Context))); + #if LLVM_VERSION < 32 + Value *Len = convertOperand(func, EE->getTargetData()->getIntPtrType(Context), inst->u.three[2]); +-#else ++#elif LLVM_VERSION < 38 + Value *Len = convertOperand(func, EE->getDataLayout()->getIntPtrType(Context), inst->u.three[2]); ++#else ++ Value *Len = convertOperand(func, EE->getDataLayout().getIntPtrType(Context), inst->u.three[2]); + #endif + #if LLVM_VERSION < 37 + CallInst *c = Builder.CreateCall3(CF->FRealmemcmp, Dst, Src, Len); +@@ -2029,6 +2061,7 @@ class LLVMCodegen { + PMUnsigned.run(*F); + PMUnsigned.doFinalization(); + } ++ + apiMap.pmTimer.stopTimer(); + apiMap.irgenTimer.startTimer(); + } +@@ -2261,8 +2294,10 @@ static void addFunctionProtos(struct CommonFunctions *CF, ExecutionEngine *EE, M + args.push_back(PointerType::getUnqual(Type::getInt8Ty(Context))); + #if LLVM_VERSION < 32 + args.push_back(EE->getTargetData()->getIntPtrType(Context)); +-#else ++#elif LLVM_VERSION < 38 + args.push_back(EE->getDataLayout()->getIntPtrType(Context)); ++#else ++ args.push_back(EE->getDataLayout().getIntPtrType(Context)); + #endif + FuncTy_5 = FunctionType::get(Type::getInt32Ty(Context), + args, false); +@@ -2283,7 +2318,11 @@ INITIALIZE_PASS_DEPENDENCY(LoopInfo) + #else + INITIALIZE_PASS_DEPENDENCY(LoopInfoWrapperPass) + #endif ++#if LLVM_VERSION < 38 + INITIALIZE_PASS_DEPENDENCY(ScalarEvolution) ++#else ++INITIALIZE_PASS_DEPENDENCY(ScalarEvolutionWrapperPass) ++#endif + #if LLVM_VERSION < 35 + INITIALIZE_PASS_DEPENDENCY(DominatorTree) + #else +@@ -2610,8 +2649,10 @@ int cli_bytecode_prepare_jit(struct cli_all_bc *bcs) + #endif + #if LLVM_VERSION < 32 + M->setDataLayout(EE->getTargetData()->getStringRepresentation()); +-#else ++#elif LLVM_VERSION < 38 + M->setDataLayout(EE->getDataLayout()->getStringRepresentation()); ++#else ++ M->setDataLayout(EE->getDataLayout().getStringRepresentation()); + #endif + #if LLVM_VERSION < 31 + M->setTargetTriple(sys::getHostTriple()); +@@ -2768,7 +2809,11 @@ int cli_bytecode_prepare_jit(struct cli_all_bc *bcs) + // TODO: only run this on the untrusted bytecodes, not all of them... + if (has_untrusted) + PM.add(createClamBCRTChecks()); +-#if LLVM_VERSION >= 36 ++#if LLVM_VERSION >= 38 ++ // With LLVM 3.8 the test_bswap_jit test fails with the GVNPass enabled. ++ // To prevent the segfaults mentioned below, replace it with the ConstantPropagationPass. ++ PM.add(createConstantPropagationPass()); ++#elif LLVM_VERSION >= 36 + // With LLVM 3.6 (MCJIT) this Pass is required to work around + // a crash in LLVM caused by the SCCP Pass: + // Pass 'Sparse Conditional Constant Propagation' is not initialized. +@@ -2842,7 +2887,7 @@ int bytecode_init(void) + return CL_EARG; + } + #else +- if (!LLVMIsMultithreaded()) { ++ if (!llvm_is_multithreaded()) { + cli_warnmsg("bytecode_init: LLVM is compiled without multithreading support\n"); + } + #endif +@@ -2891,11 +2936,7 @@ int bytecode_init(void) + InitializeAllTargets(); + #endif + +-#if LLVM_VERSION < 35 + if (!llvm_is_multithreaded()) { +-#else +- if (!LLVMIsMultithreaded()) { +-#endif + //TODO:cli_dbgmsg + DEBUG(errs() << "WARNING: ClamAV JIT built w/o atomic builtins\n" + << "On x86 for best performance ClamAV should be built for i686, not i386!\n"); +@@ -3114,7 +3155,7 @@ static Metadata *findDbgSubprogramDeclare(Function *V) { + MDNode *DIG = NMD->getOperand(i); + if (!DISubprogram::classof(DIG)) + continue; +- if ((cast(DIG))->getFunction() == V) ++ if ((cast(DIG))->describes(V)) + return DIG; + #endif + } +diff --git a/libclamav/c++/configure.ac b/libclamav/c++/configure.ac +index 0bc8985..cab73e5 100644 +--- a/libclamav/c++/configure.ac ++++ b/libclamav/c++/configure.ac +@@ -90,14 +90,14 @@ elif test $llvmver_test -lt 290; then + elif test $llvmver_test -lt 360; then + llvmcomp="jit nativecodegen scalaropts ipo" + AC_MSG_RESULT([ok ($llvmver)]) +-elif test $llvmver_test -lt 380; then ++elif test $llvmver_test -lt 390; then + dnl LLVM 3.6.0 removed jit, so we have to use mcjit + dnl and we're using InitializeNativeTargetAsmParser, so we need the architecture specific parsers + llvmcomp="mcjit nativecodegen scalaropts ipo x86asmparser powerpcasmparser" + AC_MSG_RESULT([ok ($llvmver)]) + else + AC_MSG_RESULT([no ($llvmver)]) +- AC_MSG_ERROR([LLVM < 3.8 required, but "$llvmver"($llvmver_test) found]) ++ AC_MSG_ERROR([LLVM < 3.9 required, but "$llvmver"($llvmver_test) found]) + fi + + dnl acquire the required flags to properly link in external LLVM +diff --git a/libclamav/c++/detect.cpp b/libclamav/c++/detect.cpp +index 42fc3d6..e1c1d11 100644 +--- a/libclamav/c++/detect.cpp ++++ b/libclamav/c++/detect.cpp +@@ -22,7 +22,9 @@ + */ + + #include "llvm/ADT/Triple.h" ++#if LLVM_VERSION < 38 + #include "llvm/Config/config.h" ++#endif + #include "llvm/Support/raw_ostream.h" + #if LLVM_VERSION < 29 + #include "llvm/System/DataTypes.h" diff -Nru clamav-0.103.0+dfsg/debian/patches/0006-Add-support-for-LLVM-3.9.patch clamav-0.103.2+dfsg/debian/patches/0006-Add-support-for-LLVM-3.9.patch --- clamav-0.103.0+dfsg/debian/patches/0006-Add-support-for-LLVM-3.9.patch 1970-01-01 00:00:00.000000000 +0000 +++ clamav-0.103.2+dfsg/debian/patches/0006-Add-support-for-LLVM-3.9.patch 2021-04-12 18:51:20.000000000 +0000 @@ -0,0 +1,74 @@ +From c1a84c5e27582da02e9bdea3aad616625ee9154d Mon Sep 17 00:00:00 2001 +From: Andreas Cadhalpun +Date: Fri, 14 Oct 2016 20:24:56 +0200 +Subject: Add support for LLVM 3.9 + +Changes: +IRBuilder no longer has a preserveNames template argument. +AtomicOrdering is now a strongly typed enum. +--- + libclamav/c++/bytecode2llvm.cpp | 12 +++++++++++- + libclamav/c++/configure.ac | 4 ++-- + 2 files changed, 13 insertions(+), 3 deletions(-) + +diff --git a/libclamav/c++/bytecode2llvm.cpp b/libclamav/c++/bytecode2llvm.cpp +index e7093cb..ad93eae 100644 +--- a/libclamav/c++/bytecode2llvm.cpp ++++ b/libclamav/c++/bytecode2llvm.cpp +@@ -788,7 +788,11 @@ class RuntimeLimits : public FunctionPass { + AbrtC->setDoesNotThrow(); + #endif + new UnreachableInst(F.getContext(), AbrtBB); ++#if LLVM_VERSION < 39 + IRBuilder Builder(F.getContext()); ++#else ++ IRBuilder<> Builder(F.getContext()); ++#endif + + #if LLVM_VERSION < 38 + Value *Flag = F.arg_begin(); +@@ -826,8 +830,10 @@ class RuntimeLimits : public FunctionPass { + #if LLVM_VERSION < 30 + // store-load barrier: will be a no-op on x86 but not other arches + Builder.CreateCall(LSBarrier, ARRAYREF(Value*, MBArgs, MBArgs+5)); +-#else ++#elif LLVM_VERSION < 39 + Builder.CreateFence(Release); ++#else ++ Builder.CreateFence(AtomicOrdering::Release); + #endif + // Load Flag that tells us we timed out (first byte in bc_ctx) + Value *Cond = Builder.CreateLoad(Flag, true); +@@ -970,7 +976,11 @@ class LLVMCodegen { + Twine BytecodeID; + + TargetFolder Folder; ++#if LLVM_VERSION < 39 + IRBuilder Builder; ++#else ++ IRBuilder Builder; ++#endif + + std::vector globals; + DenseMap GVoffsetMap; +diff --git a/libclamav/c++/configure.ac b/libclamav/c++/configure.ac +index cab73e5..a2453cd 100644 +--- a/libclamav/c++/configure.ac ++++ b/libclamav/c++/configure.ac +@@ -90,14 +90,14 @@ elif test $llvmver_test -lt 290; then + elif test $llvmver_test -lt 360; then + llvmcomp="jit nativecodegen scalaropts ipo" + AC_MSG_RESULT([ok ($llvmver)]) +-elif test $llvmver_test -lt 390; then ++elif test $llvmver_test -lt 400; then + dnl LLVM 3.6.0 removed jit, so we have to use mcjit + dnl and we're using InitializeNativeTargetAsmParser, so we need the architecture specific parsers + llvmcomp="mcjit nativecodegen scalaropts ipo x86asmparser powerpcasmparser" + AC_MSG_RESULT([ok ($llvmver)]) + else + AC_MSG_RESULT([no ($llvmver)]) +- AC_MSG_ERROR([LLVM < 3.9 required, but "$llvmver"($llvmver_test) found]) ++ AC_MSG_ERROR([LLVM < 4.0 required, but "$llvmver"($llvmver_test) found]) + fi + + dnl acquire the required flags to properly link in external LLVM diff -Nru clamav-0.103.0+dfsg/debian/patches/0007-unit-tests-Fix-ck_assert_msg-call.patch clamav-0.103.2+dfsg/debian/patches/0007-unit-tests-Fix-ck_assert_msg-call.patch --- clamav-0.103.0+dfsg/debian/patches/0007-unit-tests-Fix-ck_assert_msg-call.patch 1970-01-01 00:00:00.000000000 +0000 +++ clamav-0.103.2+dfsg/debian/patches/0007-unit-tests-Fix-ck_assert_msg-call.patch 2021-04-12 18:51:20.000000000 +0000 @@ -0,0 +1,23 @@ +From e3fe85c3a7fd4c273b1fe61b871ab9d935bca417 Mon Sep 17 00:00:00 2001 +From: Orion Poplawski +Date: Thu, 17 Sep 2020 22:26:04 -0600 +Subject: unit tests: Fix ck_assert_msg() call + +The first argument to ck_assert_msg() should be a logical condition. +--- + unit_tests/check_jsnorm.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/unit_tests/check_jsnorm.c b/unit_tests/check_jsnorm.c +index f15dce4..7618776 100644 +--- a/unit_tests/check_jsnorm.c ++++ b/unit_tests/check_jsnorm.c +@@ -247,7 +247,7 @@ static void tokenizer_test(const char *in, const char *expected, int split) + fd = open(filename, O_RDONLY); + if (fd < 0) { + jstest_teardown(); +- ck_assert_msg("failed to open output file: %s", filename); ++ ck_assert_msg(0, "failed to open output file: %s", filename); + } + + diff_file_mem(fd, expected, len); diff -Nru clamav-0.103.0+dfsg/debian/patches/Add-support-for-LLVM-3.7.patch clamav-0.103.2+dfsg/debian/patches/Add-support-for-LLVM-3.7.patch --- clamav-0.103.0+dfsg/debian/patches/Add-support-for-LLVM-3.7.patch 2020-11-01 19:07:16.000000000 +0000 +++ clamav-0.103.2+dfsg/debian/patches/Add-support-for-LLVM-3.7.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,740 +0,0 @@ -From cb48d3277b88039e0acbe3f5feca291328612676 Mon Sep 17 00:00:00 2001 -From: Andreas Cadhalpun -Date: Fri, 14 Oct 2016 20:24:39 +0200 -Subject: Add support for LLVM 3.7 - -Main changes: -The DataLayoutPass is no longer necessary. -The LoopInfo pass is now a WrapperPass. -Before creating TargetLibraryInfo one needs to create a -TargetLibraryInfoImpl. -PassManager is now in the legacy:: namespace. -GetElementPtrInst::getIndexedType changed behavior causing segfaults in -the testsuite; emulating the old behavior now. -CreateCallX functions for fixed number X of elements got removed. -JITEmitDebugInfo Option was removed. -DIDescriptor was removed. - -Patch-Name: Add-support-for-LLVM-3.7.patch ---- - libclamav/c++/ClamBCRTChecks.cpp | 34 +++++- - libclamav/c++/PointerTracking.cpp | 44 +++++++- - libclamav/c++/bytecode2llvm.cpp | 181 ++++++++++++++++++++++++++++-- - libclamav/c++/configure.ac | 4 +- - 4 files changed, 244 insertions(+), 19 deletions(-) - -diff --git a/libclamav/c++/ClamBCRTChecks.cpp b/libclamav/c++/ClamBCRTChecks.cpp -index 2ee7691..511cf19 100644 ---- a/libclamav/c++/ClamBCRTChecks.cpp -+++ b/libclamav/c++/ClamBCRTChecks.cpp -@@ -201,9 +201,11 @@ namespace llvm { - TD = &getAnalysis(); - #elif LLVM_VERSION < 35 - TD = &getAnalysis(); --#else -+#elif LLVM_VERSION < 37 - DataLayoutPass *DLP = getAnalysisIfAvailable(); - TD = DLP ? &DLP->getDataLayout() : 0; -+#else -+ TD = &F.getEntryBlock().getModule()->getDataLayout(); - #endif - SE = &getAnalysis(); - PT = &getAnalysis(); -@@ -212,7 +214,11 @@ namespace llvm { - #else - DT = &getAnalysis().getDomTree(); - #endif -+#if LLVM_VERSION < 37 - expander = new SCEVExpander(*SE OPT("SCEVexpander")); -+#else -+ expander = new SCEVExpander(*SE, *TD OPT("SCEVexpander")); -+#endif - - std::vector insns; - -@@ -351,8 +357,10 @@ namespace llvm { - AU.addRequired(); - #elif LLVM_VERSION < 35 - AU.addRequired(); --#else -+#elif LLVM_VERSION < 37 - AU.addRequired(); -+#else -+ // No DataLayout pass needed anymore. - #endif - #if LLVM_VERSION < 35 - AU.addRequired(); -@@ -406,7 +414,11 @@ namespace llvm { - if (BaseMap.count(P)) { - return BaseMap[Ptr] = BaseMap[P]; - } -+#if LLVM_VERSION < 37 - Value *P2 = GetUnderlyingObject(P, TD); -+#else -+ Value *P2 = GetUnderlyingObject(P, *TD); -+#endif - if (P2 != P) { - Value *V = getPointerBase(P2); - return BaseMap[Ptr] = V; -@@ -520,7 +532,11 @@ namespace llvm { - } - } - if (LoadInst *LI = dyn_cast(Base)) { -+#if LLVM_VERSION < 37 - Value *V = GetUnderlyingObject(LI->getPointerOperand()->stripPointerCasts(), TD); -+#else -+ Value *V = GetUnderlyingObject(LI->getPointerOperand()->stripPointerCasts(), *TD); -+#endif - if (Argument *A = dyn_cast(V)) { - if (A->getArgNo() == 0) { - // pointers from hidden ctx are trusted to be at least the -@@ -674,7 +690,11 @@ namespace llvm { - } - BasicBlock *BB = I->getParent(); - BasicBlock::iterator It = I; -+#if LLVM_VERSION < 37 - BasicBlock *newBB = SplitBlock(BB, &*It, this); -+#else -+ BasicBlock *newBB = SplitBlock(BB, &*It); -+#endif - PHINode *PN; - unsigned MDDbgKind = I->getContext().getMDKindID("dbg"); - //verifyFunction(*BB->getParent()); -@@ -719,9 +739,15 @@ namespace llvm { - unsigned locationid = 0; - bool Approximate; - if (MDNode *Dbg = getLocation(I, Approximate, MDDbgKind)) { -+#if LLVM_VERSION < 37 - DILocation Loc(Dbg); - locationid = Loc.getLineNumber() << 8; - unsigned col = Loc.getColumnNumber(); -+#else -+ DebugLoc Loc(Dbg); -+ locationid = Loc.getLine() << 8; -+ unsigned col = Loc.getCol(); -+#endif - if (col > 254) - col = 254; - if (Approximate) -@@ -945,7 +971,11 @@ INITIALIZE_PASS_DEPENDENCY(TargetData) - #elif LLVM_VERSION < 35 - INITIALIZE_PASS_DEPENDENCY(DataLayout) - #else -+#if LLVM_VERSION < 37 - INITIALIZE_PASS_DEPENDENCY(DataLayoutPass) -+#else -+// No DataLayout pass needed anymore. -+#endif - #endif - #if LLVM_VERSION < 35 - INITIALIZE_PASS_DEPENDENCY(DominatorTree) -diff --git a/libclamav/c++/PointerTracking.cpp b/libclamav/c++/PointerTracking.cpp -index d5841a1..5567894 100644 ---- a/libclamav/c++/PointerTracking.cpp -+++ b/libclamav/c++/PointerTracking.cpp -@@ -30,7 +30,11 @@ - #include "llvm/IR/InstIterator.h" - #endif - #include "llvm/Support/raw_ostream.h" -+#if LLVM_VERSION < 37 - #include "llvm/Target/TargetLibraryInfo.h" -+#else -+#include -+#endif - - #if LLVM_VERSION < 32 - #include "llvm/Target/TargetData.h" -@@ -70,7 +74,11 @@ INITIALIZE_PASS_DEPENDENCY(DominatorTree) - #else - INITIALIZE_PASS_DEPENDENCY(DominatorTreeWrapperPass) - #endif -+#if LLVM_VERSION < 37 - INITIALIZE_PASS_DEPENDENCY(LoopInfo) -+#else -+INITIALIZE_PASS_DEPENDENCY(LoopInfoWrapperPass) -+#endif - INITIALIZE_PASS_DEPENDENCY(ScalarEvolution) - #if LLVM_VERSION < 35 - INITIALIZE_PASS_DEPENDENCY(DominatorTree) -@@ -96,12 +104,18 @@ bool PointerTracking::runOnFunction(Function &F) { - TD = getAnalysisIfAvailable(); - #elif LLVM_VERSION < 35 - TD = getAnalysisIfAvailable(); --#else -+#elif LLVM_VERSION < 37 - DataLayoutPass *DLP = getAnalysisIfAvailable(); - TD = DLP ? &DLP->getDataLayout() : 0; -+#else -+ TD = &F.getEntryBlock().getModule()->getDataLayout(); - #endif - SE = &getAnalysis(); -+#if LLVM_VERSION < 37 - LI = &getAnalysis(); -+#else -+ LI = &getAnalysis().getLoopInfo(); -+#endif - #if LLVM_VERSION < 35 - DT = &getAnalysis(); - #else -@@ -116,7 +130,11 @@ void PointerTracking::getAnalysisUsage(AnalysisUsage &AU) const { - #else - AU.addRequiredTransitive(); - #endif -+#if LLVM_VERSION < 37 - AU.addRequiredTransitive(); -+#else -+ AU.addRequiredTransitive(); -+#endif - AU.addRequiredTransitive(); - AU.setPreservesAll(); - } -@@ -178,12 +196,19 @@ const SCEV *PointerTracking::computeAllocationCount(Value *P, - if (CallInst *CI = extractMallocCall(V)) { - Value *arraySize = getMallocArraySize(CI, TD); - constType* AllocTy = getMallocAllocatedType(CI); --#else -+#elif LLVM_VERSION < 37 - TargetLibraryInfo* TLI = new TargetLibraryInfo(); - - if (CallInst *CI = extractMallocCall(V, TLI)) { - Value *arraySize = getMallocArraySize(CI, TD, TLI); - constType* AllocTy = getMallocAllocatedType(CI, TLI); -+#else -+ TargetLibraryInfoImpl* TLII = new TargetLibraryInfoImpl(); -+ TargetLibraryInfo* TLI = new TargetLibraryInfo(*TLII); -+ -+ if (CallInst *CI = extractMallocCall(V, TLI)) { -+ Value *arraySize = getMallocArraySize(CI, *TD, TLI); -+ constType* AllocTy = getMallocAllocatedType(CI, TLI); - #endif - if (!AllocTy || !arraySize) return SE->getCouldNotCompute(); - Ty = AllocTy; -@@ -240,7 +265,7 @@ Value *PointerTracking::computeAllocationCountValue(Value *P, constType *&Ty) co - if (!Ty) - return 0; - Value *arraySize = getMallocArraySize(CI, TD); --#else -+#elif LLVM_VERSION < 37 - TargetLibraryInfo* TLI = new TargetLibraryInfo(); - - if (CallInst *CI = extractMallocCall(V, TLI)) { -@@ -248,6 +273,15 @@ Value *PointerTracking::computeAllocationCountValue(Value *P, constType *&Ty) co - if (!Ty) - return 0; - Value *arraySize = getMallocArraySize(CI, TD, TLI); -+#else -+ TargetLibraryInfoImpl* TLII = new TargetLibraryInfoImpl(); -+ TargetLibraryInfo* TLI = new TargetLibraryInfo(*TLII); -+ -+ if (CallInst *CI = extractMallocCall(V, TLI)) { -+ Ty = getMallocAllocatedType(CI, TLI); -+ if (!Ty) -+ return 0; -+ Value *arraySize = getMallocArraySize(CI, *TD, TLI); - #endif - if (!arraySize) { - Ty = Type::getInt8Ty(P->getContext()); -@@ -351,7 +385,11 @@ void PointerTracking::getPointerOffset(Value *Pointer, Value *&Base, - const SCEV *&Offset) const - { - Pointer = Pointer->stripPointerCasts(); -+#if LLVM_VERSION < 37 - Base = GetUnderlyingObject(Pointer, TD); -+#else -+ Base = GetUnderlyingObject(Pointer, *TD); -+#endif - Limit = getAllocationSizeInBytes(Base); - if (isa(Limit)) { - Base = 0; -diff --git a/libclamav/c++/bytecode2llvm.cpp b/libclamav/c++/bytecode2llvm.cpp -index 739644d..4aab39b 100644 ---- a/libclamav/c++/bytecode2llvm.cpp -+++ b/libclamav/c++/bytecode2llvm.cpp -@@ -64,7 +64,11 @@ - #include "llvm/Object/ObjectFile.h" - #endif - #include "llvm/ExecutionEngine/JITEventListener.h" -+#if LLVM_VERSION < 37 - #include "llvm/PassManager.h" -+#else -+#include "llvm/IR/LegacyPassManager.h" -+#endif - #include "llvm/Support/Compiler.h" - #include "llvm/Support/Debug.h" - #include "llvm/Support/CommandLine.h" -@@ -232,7 +236,9 @@ namespace { - #define llvm_report_error(x) report_fatal_error(x) - #define llvm_install_error_handler(x) install_fatal_error_handler(x) - #define DwarfExceptionHandling JITExceptionHandling -+#if LLVM_VERSION < 37 - #define SetCurrentDebugLocation(x) SetCurrentDebugLocation(DebugLoc::getFromDILocation(x)) -+#endif - #define DEFINEPASS(passname) passname() : FunctionPass(ID) - #else - #define DEFINEPASS(passname) passname() : FunctionPass(&ID) -@@ -719,7 +725,11 @@ class RuntimeLimits : public FunctionPass { - BBMap[BB] = apicalls; - } - if (!BackedgeTargets.empty()) { -+#if LLVM_VERSION < 37 - LoopInfo &LI = getAnalysis(); -+#else -+ LoopInfo &LI = getAnalysis().getLoopInfo(); -+#endif - ScalarEvolution &SE = getAnalysis(); - - // Now check whether any of these backedge targets are part of a loop -@@ -803,7 +813,11 @@ class RuntimeLimits : public FunctionPass { - #endif - // Load Flag that tells us we timed out (first byte in bc_ctx) - Value *Cond = Builder.CreateLoad(Flag, true); -+#if LLVM_VERSION < 37 - BasicBlock *newBB = SplitBlock(BB, BB->getTerminator(), this); -+#else -+ BasicBlock *newBB = SplitBlock(BB, BB->getTerminator()); -+#endif - TerminatorInst *TI = BB->getTerminator(); - BranchInst::Create(AbrtBB, newBB, Cond, TI); - TI->eraseFromParent(); -@@ -824,7 +838,11 @@ class RuntimeLimits : public FunctionPass { - - virtual void getAnalysisUsage(AnalysisUsage &AU) const { - AU.setPreservesAll(); -+#if LLVM_VERSION < 37 - AU.addRequired(); -+#else -+ AU.addRequired(); -+#endif - AU.addRequired(); - #if LLVM_VERSION < 35 - AU.addRequired(); -@@ -917,7 +935,11 @@ class LLVMCodegen { - Module *M; - LLVMContext &Context; - ExecutionEngine *EE; -+#if LLVM_VERSION < 37 - FunctionPassManager &PM, &PMUnsigned; -+#else -+ legacy::FunctionPassManager &PM, &PMUnsigned; -+#endif - LLVMTypeMapper *TypeMap; - - Function **apiFuncs; -@@ -1090,7 +1112,11 @@ class LLVMCodegen { - Constant *C = ConstantExpr::getPointerCast(GV, IP8Ty); - //TODO: check constant bounds here - return ConstantExpr::getPointerCast( -+#if LLVM_VERSION < 37 - ConstantExpr::getInBoundsGetElementPtr(C, ARRAYREF(Value*, idxs, 1)), -+#else -+ ConstantExpr::getInBoundsGetElementPtr(Ty, C, ARRAYREF(Value*, idxs, 1)), -+#endif - PTy); - } - if (isa(Ty)) { -@@ -1119,15 +1145,21 @@ class LLVMCodegen { - - public: - LLVMCodegen(const struct cli_bc *bc, Module *M, struct CommonFunctions *CF, FunctionMapTy &cFuncs, -+#if LLVM_VERSION < 37 - ExecutionEngine *EE, FunctionPassManager &PM, FunctionPassManager &PMUnsigned, -+#else -+ ExecutionEngine *EE, legacy::FunctionPassManager &PM, legacy::FunctionPassManager &PMUnsigned, -+#endif - Function **apiFuncs, LLVMTypeMapper &apiMap) - : bc(bc), M(M), Context(M->getContext()), EE(EE), - PM(PM),PMUnsigned(PMUnsigned), TypeMap(), apiFuncs(apiFuncs),apiMap(apiMap), - compiledFunctions(cFuncs), BytecodeID("bc"+Twine(bc->id)), - #if LLVM_VERSION < 32 - Folder(EE->getTargetData()), Builder(Context, Folder), Values(), CF(CF) { --#else -+#elif LLVM_VERSION < 37 - Folder(EE->getDataLayout()), Builder(Context, Folder), Values(), CF(CF) { -+#else -+ Folder(*EE->getDataLayout()), Builder(Context, Folder), Values(), CF(CF) { - #endif - - for (unsigned i=0;i - #endif - Value* createGEP(Value *Base, constType *ETy, ARRAYREFPARAM(Value*,InputIterator Start,InputIterator End,ARef)) { -+#if LLVM_VERSION < 37 - constType *Ty = GetElementPtrInst::getIndexedType(Base->getType(),ARRAYREFP(Start,End,ARef)); -+#else -+ Type *Ty = NULL; -+ // This used to be done internally in LLVM's getIndexedTypeInternal. -+ PointerType *PTy = dyn_cast(Base->getType()->getScalarType()); -+ if (PTy) { -+ Type *Agg = PTy->getElementType(); -+ Ty = GetElementPtrInst::getIndexedType(Agg,ARRAYREFP(Start,End,ARef)); -+ } -+#endif - if (!Ty || (ETy && (Ty != ETy && (!isa(Ty) || !isa(ETy))))) { - if (cli_debug_flag) { - std::string str; -@@ -1458,7 +1500,11 @@ class LLVMCodegen { - if (func->dbgnodes[c] != ~0u) { - unsigned j = func->dbgnodes[c]; - assert(j < mdnodes.size()); -+#if LLVM_VERSION < 37 - Builder.SetCurrentDebugLocation(mdnodes[j]); -+#else -+ Builder.SetCurrentDebugLocation(DebugLoc(mdnodes[j])); -+#endif - } else - Builder.SetCurrentDebugLocation(0); - } -@@ -1768,11 +1814,16 @@ class LLVMCodegen { - #if LLVM_VERSION < 29 - CallInst *c = Builder.CreateCall4(CF->FMemset, Dst, Val, Len, - ConstantInt::get(Type::getInt32Ty(Context), 1)); --#else -+#elif LLVM_VERSION < 37 - CallInst *c = Builder.CreateCall5(CF->FMemset, Dst, Val, Len, - ConstantInt::get(Type::getInt32Ty(Context), 1), - ConstantInt::get(Type::getInt1Ty(Context), 0) - ); -+#else -+ Value *args[] = { Dst, Val, Len, -+ ConstantInt::get(Type::getInt32Ty(Context), 1), -+ ConstantInt::get(Type::getInt1Ty(Context), 0)}; -+ CallInst *c = Builder.CreateCall(CF->FMemset, ARRAYREF(Value*, args, args + 5)); - #endif - c->setTailCall(true); - c->setDoesNotThrow(); -@@ -1789,11 +1840,16 @@ class LLVMCodegen { - #if LLVM_VERSION < 29 - CallInst *c = Builder.CreateCall4(CF->FMemcpy, Dst, Src, Len, - ConstantInt::get(Type::getInt32Ty(Context), 1)); --#else -+#elif LLVM_VERSION < 37 - CallInst *c = Builder.CreateCall5(CF->FMemcpy, Dst, Src, Len, - ConstantInt::get(Type::getInt32Ty(Context), 1), - ConstantInt::get(Type::getInt1Ty(Context), 0) - ); -+#else -+ Value *args[] = { Dst, Src, Len, -+ ConstantInt::get(Type::getInt32Ty(Context), 1), -+ ConstantInt::get(Type::getInt1Ty(Context), 0)}; -+ CallInst *c = Builder.CreateCall(CF->FMemcpy, ARRAYREF(Value*, args, args + 5)); - #endif - c->setTailCall(true); - c->setDoesNotThrow(); -@@ -1810,10 +1866,15 @@ class LLVMCodegen { - #if LLVM_VERSION < 29 - CallInst *c = Builder.CreateCall4(CF->FMemmove, Dst, Src, Len, - ConstantInt::get(Type::getInt32Ty(Context), 1)); --#else -+#elif LLVM_VERSION < 37 - CallInst *c = Builder.CreateCall5(CF->FMemmove, Dst, Src, Len, - ConstantInt::get(Type::getInt32Ty(Context), 1), - ConstantInt::get(Type::getInt1Ty(Context), 0)); -+#else -+ Value *args[] = {Dst, Src, Len, -+ ConstantInt::get(Type::getInt32Ty(Context), 1), -+ ConstantInt::get(Type::getInt1Ty(Context), 0)}; -+ CallInst *c = Builder.CreateCall(CF->FMemmove, args); - #endif - c->setTailCall(true); - c->setDoesNotThrow(); -@@ -1831,7 +1892,12 @@ class LLVMCodegen { - #else - Value *Len = convertOperand(func, EE->getDataLayout()->getIntPtrType(Context), inst->u.three[2]); - #endif -+#if LLVM_VERSION < 37 - CallInst *c = Builder.CreateCall3(CF->FRealmemcmp, Dst, Src, Len); -+#else -+ Value *args[] = {Dst, Src, Len}; -+ CallInst *c = Builder.CreateCall(CF->FRealmemcmp, ARRAYREF(Value*, args, args + 3)); -+#endif - c->setTailCall(true); - c->setDoesNotThrow(); - Store(inst->dest, c); -@@ -2212,7 +2278,11 @@ static void addFunctionProtos(struct CommonFunctions *CF, ExecutionEngine *EE, M - } - #if LLVM_VERSION >= 29 - INITIALIZE_PASS_BEGIN(RuntimeLimits, "rl", "Runtime Limits", false, false) -+#if LLVM_VERSION < 37 - INITIALIZE_PASS_DEPENDENCY(LoopInfo) -+#else -+INITIALIZE_PASS_DEPENDENCY(LoopInfoWrapperPass) -+#endif - INITIALIZE_PASS_DEPENDENCY(ScalarEvolution) - #if LLVM_VERSION < 35 - INITIALIZE_PASS_DEPENDENCY(DominatorTree) -@@ -2438,8 +2508,10 @@ static void addFPasses(FunctionPassManager &FPM, bool trusted, const TargetData - static void addFPasses(FunctionPassManager &FPM, bool trusted, const DataLayout *TD) - #elif LLVM_VERSION < 36 - static void addFPasses(FunctionPassManager &FPM, bool trusted, const Module *M) --#else -+#elif LLVM_VERSION < 37 - static void addFPasses(FunctionPassManager &FPM, bool trusted, Module *M) -+#else -+static void addFPasses(legacy::FunctionPassManager &FPM, bool trusted, Module *M) - #endif - { - // Set up the optimizer pipeline. Start with registering info about how -@@ -2450,10 +2522,12 @@ static void addFPasses(FunctionPassManager &FPM, bool trusted, Module *M) - FPM.add(new DataLayout(*TD)); - #elif LLVM_VERSION < 36 - FPM.add(new DataLayoutPass(M)); --#else -+#elif LLVM_VERSION < 37 - DataLayoutPass *DLP = new DataLayoutPass(); - DLP->doInitialization(*M); - FPM.add(DLP); -+#else -+ // No DataLayout pass needed anymore. - #endif - // Promote allocas to registers. - FPM.add(createPromoteMemoryToRegisterPass()); -@@ -2483,6 +2557,8 @@ int cli_bytecode_prepare_jit(struct cli_all_bc *bcs) - - #if LLVM_VERSION >= 31 - TargetOptions Options; -+#if LLVM_VERSION < 37 -+ // This option was removed. - #ifdef CL_DEBUG - //disable this for now, it leaks - Options.JITEmitDebugInfo = false; -@@ -2490,6 +2566,7 @@ int cli_bytecode_prepare_jit(struct cli_all_bc *bcs) - #else - Options.JITEmitDebugInfo = false; - #endif -+#endif - #if LLVM_VERSION < 34 - Options.DwarfExceptionHandling = false; - #else -@@ -2526,7 +2603,11 @@ int cli_bytecode_prepare_jit(struct cli_all_bc *bcs) - struct CommonFunctions CF; - addFunctionProtos(&CF, EE, M); - -+#if LLVM_VERSION < 37 - FunctionPassManager OurFPM(M), OurFPMUnsigned(M); -+#else -+ legacy::FunctionPassManager OurFPM(M), OurFPMUnsigned(M); -+#endif - #if LLVM_VERSION < 32 - M->setDataLayout(EE->getTargetData()->getStringRepresentation()); - #else -@@ -2666,17 +2747,23 @@ int cli_bytecode_prepare_jit(struct cli_all_bc *bcs) - break; - } - } -+#if LLVM_VERSION < 37 - PassManager PM; -+#else -+ legacy::PassManager PM; -+#endif - #if LLVM_VERSION < 32 - PM.add(new TargetData(*EE->getTargetData())); - #elif LLVM_VERSION < 35 - PM.add(new DataLayout(*EE->getDataLayout())); - #elif LLVM_VERSION < 36 - PM.add(new DataLayoutPass(M)); --#else -+#elif LLVM_VERSION < 37 - DataLayoutPass *DLP = new DataLayoutPass(); - DLP->doInitialization(*M); - PM.add(DLP); -+#else -+ // No DataLayout pass needed anymore. - #endif - // TODO: only run this on the untrusted bytecodes, not all of them... - if (has_untrusted) -@@ -2988,11 +3075,19 @@ static Metadata *findDbgGlobalDeclare(GlobalVariable *V) { - return 0; - - for (unsigned i = 0, e = NMD->getNumOperands(); i != e; ++i) { -+#if LLVM_VERSION < 37 - DIDescriptor DIG(cast(NMD->getOperand(i))); - if (!DIG.isGlobalVariable()) - continue; - if (DIGlobalVariable(DIG).getGlobal() == V) - return DIG; -+#else -+ MDNode *DIG = NMD->getOperand(i); -+ if (!DIGlobalVariable::classof(DIG)) -+ continue; -+ if ((cast(DIG))->getVariable() == V) -+ return DIG; -+#endif - } - return 0; - } -@@ -3009,11 +3104,19 @@ static Metadata *findDbgSubprogramDeclare(Function *V) { - return 0; - - for (unsigned i = 0, e = NMD->getNumOperands(); i != e; ++i) { -+#if LLVM_VERSION < 37 - DIDescriptor DIG(cast(NMD->getOperand(i))); - if (!DIG.isSubprogram()) - continue; - if (DISubprogram(DIG).getFunction() == V) - return DIG; -+#else -+ MDNode *DIG = NMD->getOperand(i); -+ if (!DISubprogram::classof(DIG)) -+ continue; -+ if ((cast(DIG))->getFunction() == V) -+ return DIG; -+#endif - } - return 0; - } -@@ -3062,22 +3165,39 @@ static bool getLocationInfo(const Value *V, std::string &DisplayName, - Metadata *DIGV = findDbgGlobalDeclare(GV); - #endif - if (!DIGV) return false; -+#if LLVM_VERSION < 37 - DIGlobalVariable Var(cast(DIGV)); -+#else -+ DIGlobalVariable *Var = cast(DIGV); -+#endif - -+#if LLVM_VERSION < 37 - StringRef D = Var.getDisplayName(); -+#else -+ StringRef D = Var->getDisplayName(); -+#endif - if (!D.empty()) - DisplayName = D; -+#if LLVM_VERSION < 37 - LineNo = Var.getLineNumber(); -+#else -+ LineNo = Var->getLine(); -+#endif - #if LLVM_VERSION < 33 - Unit = Var.getCompileUnit(); --#else -+#elif LLVM_VERSION < 37 - G = Var.getFilename(); - H = Var.getDirectory(); -+#else -+ G = Var->getFilename(); -+ H = Var->getDirectory(); - #endif - #if LLVM_VERSION < 35 - TypeD = Var.getType(); --#else -+#elif LLVM_VERSION < 37 - T = Var.getType().getName(); -+#else -+ T = (cast(*Var->getType())).getName(); - #endif - } else if (Function *F = dyn_cast(const_cast(V))){ - #if LLVM_VERSION < 36 -@@ -3086,32 +3206,61 @@ static bool getLocationInfo(const Value *V, std::string &DisplayName, - Metadata *DIF = findDbgSubprogramDeclare(F); - #endif - if (!DIF) return false; -+#if LLVM_VERSION < 37 - DISubprogram Var(cast(DIF)); -+#else -+ DISubprogram *Var = cast(DIF); -+#endif - -+#if LLVM_VERSION < 37 - StringRef D = Var.getDisplayName(); -+#else -+ StringRef D = Var->getDisplayName(); -+#endif - if (!D.empty()) - DisplayName = D; -+#if LLVM_VERSION < 37 - LineNo = Var.getLineNumber(); -+#else -+ LineNo = Var->getLine(); -+#endif - #if LLVM_VERSION < 33 - Unit = Var.getCompileUnit(); --#else -+#elif LLVM_VERSION < 37 - G = Var.getFilename(); - H = Var.getDirectory(); -+#else -+ G = Var->getFilename(); -+ H = Var->getDirectory(); - #endif - #if LLVM_VERSION < 35 - TypeD = Var.getType(); --#else -+#elif LLVM_VERSION < 37 - T = Var.getType().getName(); -+#else -+ T = Var->getType()->getName(); - #endif - } else { - const DbgDeclareInst *DDI = findDbgDeclare(V); - if (!DDI) return false; -+#if LLVM_VERSION < 37 - DIVariable Var(cast(DDI->getVariable())); -+#else -+ DIVariable* Var = DDI->getVariable(); -+#endif - -+#if LLVM_VERSION < 37 - StringRef D = Var.getName(); -+#else -+ StringRef D = Var->getName(); -+#endif - if (!D.empty()) - DisplayName = D; -+#if LLVM_VERSION < 37 - LineNo = Var.getLineNumber(); -+#else -+ LineNo = Var->getLine(); -+#endif - #if LLVM_VERSION < 33 - Unit = Var.getCompileUnit(); - #else -@@ -3121,8 +3270,10 @@ static bool getLocationInfo(const Value *V, std::string &DisplayName, - #endif - #if LLVM_VERSION < 35 - TypeD = Var.getType(); --#else -+#elif LLVM_VERSION < 37 - T = Var.getType().getName(); -+#else -+ T = (cast(*Var->getType())).getName(); - #endif - } - -@@ -3158,9 +3309,15 @@ void printValue(llvm::Value *V, bool a, bool b) { - - void printLocation(llvm::Instruction *I, bool a, bool b) { - if (MDNode *N = I->getMetadata("dbg")) { -+#if LLVM_VERSION < 37 - DILocation Loc(N); - errs() << Loc.getFilename() << ":" << Loc.getLineNumber(); - if (unsigned Col = Loc.getColumnNumber()) { -+#else -+ DebugLoc Loc(N); -+ errs() << Loc.get()->getFilename() << ":" << Loc.getLine(); -+ if (unsigned Col = Loc.getCol()) { -+#endif - errs() << ":" << Col; - } - errs() << ": "; -diff --git a/libclamav/c++/configure.ac b/libclamav/c++/configure.ac -index 14e1ada..0bc8985 100644 ---- a/libclamav/c++/configure.ac -+++ b/libclamav/c++/configure.ac -@@ -90,14 +90,14 @@ elif test $llvmver_test -lt 290; then - elif test $llvmver_test -lt 360; then - llvmcomp="jit nativecodegen scalaropts ipo" - AC_MSG_RESULT([ok ($llvmver)]) --elif test $llvmver_test -lt 370; then -+elif test $llvmver_test -lt 380; then - dnl LLVM 3.6.0 removed jit, so we have to use mcjit - dnl and we're using InitializeNativeTargetAsmParser, so we need the architecture specific parsers - llvmcomp="mcjit nativecodegen scalaropts ipo x86asmparser powerpcasmparser" - AC_MSG_RESULT([ok ($llvmver)]) - else - AC_MSG_RESULT([no ($llvmver)]) -- AC_MSG_ERROR([LLVM < 3.7 required, but "$llvmver"($llvmver_test) found]) -+ AC_MSG_ERROR([LLVM < 3.8 required, but "$llvmver"($llvmver_test) found]) - fi - - dnl acquire the required flags to properly link in external LLVM diff -Nru clamav-0.103.0+dfsg/debian/patches/Add-support-for-LLVM-3.8.patch clamav-0.103.2+dfsg/debian/patches/Add-support-for-LLVM-3.8.patch --- clamav-0.103.0+dfsg/debian/patches/Add-support-for-LLVM-3.8.patch 2020-11-01 19:07:16.000000000 +0000 +++ clamav-0.103.2+dfsg/debian/patches/Add-support-for-LLVM-3.8.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,457 +0,0 @@ -From 4210d867c344024c9ebefd7d970effaa63666212 Mon Sep 17 00:00:00 2001 -From: Andreas Cadhalpun -Date: Fri, 14 Oct 2016 20:24:48 +0200 -Subject: Add support for LLVM 3.8 - -Main changes: -llvm/Config/config.h was removed. -The ScalarEvolution pass is now a WrapperPass. -Iterators are no longer automatically converted to and from pointers. -The GVNPass causes the test_bswap_jit test to fail; replaced with -ConstantPropagationPass. -LLVMIsMultithreaded is from the C API, while llvm_is_multithreaded is -the corresponding C++ API. - -Patch-Name: Add-support-for-LLVM-3.8.patch ---- - libclamav/c++/ClamBCRTChecks.cpp | 50 ++++++++++++++++++++++++ - libclamav/c++/PointerTracking.cpp | 12 ++++++ - libclamav/c++/bytecode2llvm.cpp | 65 +++++++++++++++++++++++++------ - libclamav/c++/configure.ac | 4 +- - libclamav/c++/detect.cpp | 2 + - 5 files changed, 119 insertions(+), 14 deletions(-) - -diff --git a/libclamav/c++/ClamBCRTChecks.cpp b/libclamav/c++/ClamBCRTChecks.cpp -index 511cf19..ffc056a 100644 ---- a/libclamav/c++/ClamBCRTChecks.cpp -+++ b/libclamav/c++/ClamBCRTChecks.cpp -@@ -54,7 +54,9 @@ - #include "llvm/Analysis/ScalarEvolution.h" - #include "llvm/Analysis/ScalarEvolutionExpressions.h" - #include "llvm/Analysis/ScalarEvolutionExpander.h" -+#if LLVM_VERSION < 38 - #include "llvm/Config/config.h" -+#endif - #include "llvm/Pass.h" - #include "llvm/Support/CommandLine.h" - #if LLVM_VERSION < 35 -@@ -207,7 +209,11 @@ namespace llvm { - #else - TD = &F.getEntryBlock().getModule()->getDataLayout(); - #endif -+#if LLVM_VERSION < 38 - SE = &getAnalysis(); -+#else -+ SE = &getAnalysis().getSE(); -+#endif - PT = &getAnalysis(); - #if LLVM_VERSION < 35 - DT = &getAnalysis(); -@@ -332,7 +338,11 @@ namespace llvm { - AbrtC->setDoesNotThrow(); - #endif - // remove all instructions from entry -+#if LLVM_VERSION < 38 - BasicBlock::iterator BBI = I, BBE=BB->end(); -+#else -+ BasicBlock::iterator BBI = I->getIterator(), BBE=BB->end(); -+#endif - while (BBI != BBE) { - if (!BBI->use_empty()) - BBI->replaceAllUsesWith(UndefValue::get(BBI->getType())); -@@ -367,7 +377,11 @@ namespace llvm { - #else - AU.addRequired(); - #endif -+#if LLVM_VERSION < 38 - AU.addRequired(); -+#else -+ AU.addRequired(); -+#endif - AU.addRequired(); - #if LLVM_VERSION < 35 - AU.addRequired(); -@@ -398,9 +412,17 @@ namespace llvm { - - Instruction *getInsertPoint(Value *V) - { -+#if LLVM_VERSION < 38 - BasicBlock::iterator It = EP; -+#else -+ BasicBlock::iterator It = EP->getIterator(); -+#endif - if (Instruction *I = dyn_cast(V)) { -+#if LLVM_VERSION < 38 - It = I; -+#else -+ It = I->getIterator(); -+#endif - ++It; - } - return &*It; -@@ -427,7 +449,11 @@ namespace llvm { - constType *P8Ty = - PointerType::getUnqual(Type::getInt8Ty(Ptr->getContext())); - if (PHINode *PN = dyn_cast(Ptr)) { -+#if LLVM_VERSION < 38 - BasicBlock::iterator It = PN; -+#else -+ BasicBlock::iterator It = PN->getIterator(); -+#endif - ++It; - PHINode *newPN = PHINode::Create(P8Ty, HINT(PN->getNumIncomingValues()) ".verif.base", &*It); - Changed = true; -@@ -441,7 +467,11 @@ namespace llvm { - return newPN; - } - if (SelectInst *SI = dyn_cast(Ptr)) { -+#if LLVM_VERSION < 38 - BasicBlock::iterator It = SI; -+#else -+ BasicBlock::iterator It = SI->getIterator(); -+#endif - ++It; - Value *TrueB = getPointerBase(SI->getTrueValue()); - Value *FalseB = getPointerBase(SI->getFalseValue()); -@@ -575,7 +605,11 @@ namespace llvm { - } - #endif - if (PHINode *PN = dyn_cast(Base)) { -+#if LLVM_VERSION < 38 - BasicBlock::iterator It = PN; -+#else -+ BasicBlock::iterator It = PN->getIterator(); -+#endif - ++It; - PHINode *newPN = PHINode::Create(I64Ty, HINT(PN->getNumIncomingValues()) ".verif.bounds", &*It); - Changed = true; -@@ -598,7 +632,11 @@ namespace llvm { - return BoundsMap[Base] = newPN; - } - if (SelectInst *SI = dyn_cast(Base)) { -+#if LLVM_VERSION < 38 - BasicBlock::iterator It = SI; -+#else -+ BasicBlock::iterator It = SI->getIterator(); -+#endif - ++It; - Value *TrueB = getPointerBounds(SI->getTrueValue()); - Value *FalseB = getPointerBounds(SI->getFalseValue()); -@@ -655,7 +693,11 @@ namespace llvm { - if (!MDDbgKind) - return 0; - Approximate = true; -+#if LLVM_VERSION < 38 - BasicBlock::iterator It = I; -+#else -+ BasicBlock::iterator It = I->getIterator(); -+#endif - while (It != I->getParent()->begin()) { - --It; - if (MDNode *Dbg = It->getMetadata(MDDbgKind)) -@@ -689,7 +731,11 @@ namespace llvm { - return false; - } - BasicBlock *BB = I->getParent(); -+#if LLVM_VERSION < 38 - BasicBlock::iterator It = I; -+#else -+ BasicBlock::iterator It = I->getIterator(); -+#endif - #if LLVM_VERSION < 37 - BasicBlock *newBB = SplitBlock(BB, &*It, this); - #else -@@ -982,7 +1028,11 @@ INITIALIZE_PASS_DEPENDENCY(DominatorTree) - #else - INITIALIZE_PASS_DEPENDENCY(DominatorTreeWrapperPass) - #endif -+#if LLVM_VERSION < 38 - INITIALIZE_PASS_DEPENDENCY(ScalarEvolution) -+#else -+INITIALIZE_PASS_DEPENDENCY(ScalarEvolutionWrapperPass) -+#endif - #if LLVM_VERSION < 34 - INITIALIZE_AG_DEPENDENCY(CallGraph) - #elif LLVM_VERSION < 35 -diff --git a/libclamav/c++/PointerTracking.cpp b/libclamav/c++/PointerTracking.cpp -index 5567894..147ad48 100644 ---- a/libclamav/c++/PointerTracking.cpp -+++ b/libclamav/c++/PointerTracking.cpp -@@ -79,7 +79,11 @@ INITIALIZE_PASS_DEPENDENCY(LoopInfo) - #else - INITIALIZE_PASS_DEPENDENCY(LoopInfoWrapperPass) - #endif -+#if LLVM_VERSION < 38 - INITIALIZE_PASS_DEPENDENCY(ScalarEvolution) -+#else -+INITIALIZE_PASS_DEPENDENCY(ScalarEvolutionWrapperPass) -+#endif - #if LLVM_VERSION < 35 - INITIALIZE_PASS_DEPENDENCY(DominatorTree) - #else -@@ -110,7 +114,11 @@ bool PointerTracking::runOnFunction(Function &F) { - #else - TD = &F.getEntryBlock().getModule()->getDataLayout(); - #endif -+#if LLVM_VERSION < 38 - SE = &getAnalysis(); -+#else -+ SE = &getAnalysis().getSE(); -+#endif - #if LLVM_VERSION < 37 - LI = &getAnalysis(); - #else -@@ -135,7 +143,11 @@ void PointerTracking::getAnalysisUsage(AnalysisUsage &AU) const { - #else - AU.addRequiredTransitive(); - #endif -+#if LLVM_VERSION < 38 - AU.addRequiredTransitive(); -+#else -+ AU.addRequiredTransitive(); -+#endif - AU.setPreservesAll(); - } - -diff --git a/libclamav/c++/bytecode2llvm.cpp b/libclamav/c++/bytecode2llvm.cpp -index 4aab39b..ab4f146 100644 ---- a/libclamav/c++/bytecode2llvm.cpp -+++ b/libclamav/c++/bytecode2llvm.cpp -@@ -171,7 +171,9 @@ void LLVMInitializePowerPCAsmPrinter(); - //#define TIMING - #undef TIMING - -+#if LLVM_VERSION < 38 - #include "llvm/Config/config.h" -+#endif - #ifdef ENABLE_THREADS - #if !ENABLE_THREADS - #error "Thread support was explicitly disabled. Cannot continue" -@@ -730,7 +732,11 @@ class RuntimeLimits : public FunctionPass { - #else - LoopInfo &LI = getAnalysis().getLoopInfo(); - #endif -+#if LLVM_VERSION < 38 - ScalarEvolution &SE = getAnalysis(); -+#else -+ ScalarEvolution &SE = getAnalysis().getSE(); -+#endif - - // Now check whether any of these backedge targets are part of a loop - // with a small constant trip count -@@ -784,7 +790,11 @@ class RuntimeLimits : public FunctionPass { - new UnreachableInst(F.getContext(), AbrtBB); - IRBuilder Builder(F.getContext()); - -+#if LLVM_VERSION < 38 - Value *Flag = F.arg_begin(); -+#else -+ Value *Flag = &*F.arg_begin(); -+#endif - #if LLVM_VERSION < 30 - Function *LSBarrier = Intrinsic::getDeclaration(F.getParent(), - Intrinsic::memory_barrier); -@@ -798,13 +808,21 @@ class RuntimeLimits : public FunctionPass { - #endif - verifyFunction(F); - BasicBlock *BB = &F.getEntryBlock(); -+#if LLVM_VERSION < 38 - Builder.SetInsertPoint(BB, BB->getTerminator()); -+#else -+ Builder.SetInsertPoint(BB, BB->getTerminator()->getIterator()); -+#endif - Flag = Builder.CreatePointerCast(Flag, PointerType::getUnqual( - Type::getInt1Ty(F.getContext()))); - for (BBSetTy::iterator I=needsTimeoutCheck.begin(), - E=needsTimeoutCheck.end(); I != E; ++I) { - BasicBlock *BB = *I; -+#if LLVM_VERSION < 38 - Builder.SetInsertPoint(BB, BB->getTerminator()); -+#else -+ Builder.SetInsertPoint(BB, BB->getTerminator()->getIterator()); -+#endif - #if LLVM_VERSION < 30 - // store-load barrier: will be a no-op on x86 but not other arches - Builder.CreateCall(LSBarrier, ARRAYREF(Value*, MBArgs, MBArgs+5)); -@@ -843,7 +861,11 @@ class RuntimeLimits : public FunctionPass { - #else - AU.addRequired(); - #endif -+#if LLVM_VERSION < 38 - AU.addRequired(); -+#else -+ AU.addRequired(); -+#endif - #if LLVM_VERSION < 35 - AU.addRequired(); - #else -@@ -1158,8 +1180,10 @@ class LLVMCodegen { - Folder(EE->getTargetData()), Builder(Context, Folder), Values(), CF(CF) { - #elif LLVM_VERSION < 37 - Folder(EE->getDataLayout()), Builder(Context, Folder), Values(), CF(CF) { --#else -+#elif LLVM_VERSION < 38 - Folder(*EE->getDataLayout()), Builder(Context, Folder), Values(), CF(CF) { -+#else -+ Folder(EE->getDataLayout()), Builder(Context, Folder), Values(), CF(CF) { - #endif - - for (unsigned i=0;igetTargetData()->getPointerSize() == 8) { --#else -+#elif LLVM_VERSION < 38 - if (EE->getDataLayout()->getPointerSize() == 8) { -+#else -+ if (EE->getDataLayout().getPointerSize() == 8) { - #endif - // eliminate useless trunc, GEP can take i64 too - if (TruncInst *I = dyn_cast(V)) { -@@ -1441,7 +1467,11 @@ class LLVMCodegen { - numArgs = func->numArgs; - - if (FakeGVs.any()) { -+#if LLVM_VERSION < 38 - Argument *Ctx = F->arg_begin(); -+#else -+ Argument *Ctx = &*F->arg_begin(); -+#endif - for (unsigned i=0;inum_globals;i++) { - if (!FakeGVs[i]) - continue; -@@ -1889,8 +1919,10 @@ class LLVMCodegen { - Src = Builder.CreatePointerCast(Src, PointerType::getUnqual(Type::getInt8Ty(Context))); - #if LLVM_VERSION < 32 - Value *Len = convertOperand(func, EE->getTargetData()->getIntPtrType(Context), inst->u.three[2]); --#else -+#elif LLVM_VERSION < 38 - Value *Len = convertOperand(func, EE->getDataLayout()->getIntPtrType(Context), inst->u.three[2]); -+#else -+ Value *Len = convertOperand(func, EE->getDataLayout().getIntPtrType(Context), inst->u.three[2]); - #endif - #if LLVM_VERSION < 37 - CallInst *c = Builder.CreateCall3(CF->FRealmemcmp, Dst, Src, Len); -@@ -2029,6 +2061,7 @@ class LLVMCodegen { - PMUnsigned.run(*F); - PMUnsigned.doFinalization(); - } -+ - apiMap.pmTimer.stopTimer(); - apiMap.irgenTimer.startTimer(); - } -@@ -2261,8 +2294,10 @@ static void addFunctionProtos(struct CommonFunctions *CF, ExecutionEngine *EE, M - args.push_back(PointerType::getUnqual(Type::getInt8Ty(Context))); - #if LLVM_VERSION < 32 - args.push_back(EE->getTargetData()->getIntPtrType(Context)); --#else -+#elif LLVM_VERSION < 38 - args.push_back(EE->getDataLayout()->getIntPtrType(Context)); -+#else -+ args.push_back(EE->getDataLayout().getIntPtrType(Context)); - #endif - FuncTy_5 = FunctionType::get(Type::getInt32Ty(Context), - args, false); -@@ -2283,7 +2318,11 @@ INITIALIZE_PASS_DEPENDENCY(LoopInfo) - #else - INITIALIZE_PASS_DEPENDENCY(LoopInfoWrapperPass) - #endif -+#if LLVM_VERSION < 38 - INITIALIZE_PASS_DEPENDENCY(ScalarEvolution) -+#else -+INITIALIZE_PASS_DEPENDENCY(ScalarEvolutionWrapperPass) -+#endif - #if LLVM_VERSION < 35 - INITIALIZE_PASS_DEPENDENCY(DominatorTree) - #else -@@ -2610,8 +2649,10 @@ int cli_bytecode_prepare_jit(struct cli_all_bc *bcs) - #endif - #if LLVM_VERSION < 32 - M->setDataLayout(EE->getTargetData()->getStringRepresentation()); --#else -+#elif LLVM_VERSION < 38 - M->setDataLayout(EE->getDataLayout()->getStringRepresentation()); -+#else -+ M->setDataLayout(EE->getDataLayout().getStringRepresentation()); - #endif - #if LLVM_VERSION < 31 - M->setTargetTriple(sys::getHostTriple()); -@@ -2768,7 +2809,11 @@ int cli_bytecode_prepare_jit(struct cli_all_bc *bcs) - // TODO: only run this on the untrusted bytecodes, not all of them... - if (has_untrusted) - PM.add(createClamBCRTChecks()); --#if LLVM_VERSION >= 36 -+#if LLVM_VERSION >= 38 -+ // With LLVM 3.8 the test_bswap_jit test fails with the GVNPass enabled. -+ // To prevent the segfaults mentioned below, replace it with the ConstantPropagationPass. -+ PM.add(createConstantPropagationPass()); -+#elif LLVM_VERSION >= 36 - // With LLVM 3.6 (MCJIT) this Pass is required to work around - // a crash in LLVM caused by the SCCP Pass: - // Pass 'Sparse Conditional Constant Propagation' is not initialized. -@@ -2842,7 +2887,7 @@ int bytecode_init(void) - return CL_EARG; - } - #else -- if (!LLVMIsMultithreaded()) { -+ if (!llvm_is_multithreaded()) { - cli_warnmsg("bytecode_init: LLVM is compiled without multithreading support\n"); - } - #endif -@@ -2891,11 +2936,7 @@ int bytecode_init(void) - InitializeAllTargets(); - #endif - --#if LLVM_VERSION < 35 - if (!llvm_is_multithreaded()) { --#else -- if (!LLVMIsMultithreaded()) { --#endif - //TODO:cli_dbgmsg - DEBUG(errs() << "WARNING: ClamAV JIT built w/o atomic builtins\n" - << "On x86 for best performance ClamAV should be built for i686, not i386!\n"); -@@ -3114,7 +3155,7 @@ static Metadata *findDbgSubprogramDeclare(Function *V) { - MDNode *DIG = NMD->getOperand(i); - if (!DISubprogram::classof(DIG)) - continue; -- if ((cast(DIG))->getFunction() == V) -+ if ((cast(DIG))->describes(V)) - return DIG; - #endif - } -diff --git a/libclamav/c++/configure.ac b/libclamav/c++/configure.ac -index 0bc8985..cab73e5 100644 ---- a/libclamav/c++/configure.ac -+++ b/libclamav/c++/configure.ac -@@ -90,14 +90,14 @@ elif test $llvmver_test -lt 290; then - elif test $llvmver_test -lt 360; then - llvmcomp="jit nativecodegen scalaropts ipo" - AC_MSG_RESULT([ok ($llvmver)]) --elif test $llvmver_test -lt 380; then -+elif test $llvmver_test -lt 390; then - dnl LLVM 3.6.0 removed jit, so we have to use mcjit - dnl and we're using InitializeNativeTargetAsmParser, so we need the architecture specific parsers - llvmcomp="mcjit nativecodegen scalaropts ipo x86asmparser powerpcasmparser" - AC_MSG_RESULT([ok ($llvmver)]) - else - AC_MSG_RESULT([no ($llvmver)]) -- AC_MSG_ERROR([LLVM < 3.8 required, but "$llvmver"($llvmver_test) found]) -+ AC_MSG_ERROR([LLVM < 3.9 required, but "$llvmver"($llvmver_test) found]) - fi - - dnl acquire the required flags to properly link in external LLVM -diff --git a/libclamav/c++/detect.cpp b/libclamav/c++/detect.cpp -index 0665291..c283af3 100644 ---- a/libclamav/c++/detect.cpp -+++ b/libclamav/c++/detect.cpp -@@ -22,7 +22,9 @@ - */ - - #include "llvm/ADT/Triple.h" -+#if LLVM_VERSION < 38 - #include "llvm/Config/config.h" -+#endif - #include "llvm/Support/raw_ostream.h" - #if LLVM_VERSION < 29 - #include "llvm/System/DataTypes.h" diff -Nru clamav-0.103.0+dfsg/debian/patches/Add-support-for-LLVM-3.9.patch clamav-0.103.2+dfsg/debian/patches/Add-support-for-LLVM-3.9.patch --- clamav-0.103.0+dfsg/debian/patches/Add-support-for-LLVM-3.9.patch 2020-11-01 19:07:16.000000000 +0000 +++ clamav-0.103.2+dfsg/debian/patches/Add-support-for-LLVM-3.9.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,76 +0,0 @@ -From 969d8d37a0fd287514cb17647585e082e3481c7c Mon Sep 17 00:00:00 2001 -From: Andreas Cadhalpun -Date: Fri, 14 Oct 2016 20:24:56 +0200 -Subject: Add support for LLVM 3.9 - -Changes: -IRBuilder no longer has a preserveNames template argument. -AtomicOrdering is now a strongly typed enum. - -Patch-Name: Add-support-for-LLVM-3.9.patch ---- - libclamav/c++/bytecode2llvm.cpp | 12 +++++++++++- - libclamav/c++/configure.ac | 4 ++-- - 2 files changed, 13 insertions(+), 3 deletions(-) - -diff --git a/libclamav/c++/bytecode2llvm.cpp b/libclamav/c++/bytecode2llvm.cpp -index ab4f146..c867383 100644 ---- a/libclamav/c++/bytecode2llvm.cpp -+++ b/libclamav/c++/bytecode2llvm.cpp -@@ -788,7 +788,11 @@ class RuntimeLimits : public FunctionPass { - AbrtC->setDoesNotThrow(); - #endif - new UnreachableInst(F.getContext(), AbrtBB); -+#if LLVM_VERSION < 39 - IRBuilder Builder(F.getContext()); -+#else -+ IRBuilder<> Builder(F.getContext()); -+#endif - - #if LLVM_VERSION < 38 - Value *Flag = F.arg_begin(); -@@ -826,8 +830,10 @@ class RuntimeLimits : public FunctionPass { - #if LLVM_VERSION < 30 - // store-load barrier: will be a no-op on x86 but not other arches - Builder.CreateCall(LSBarrier, ARRAYREF(Value*, MBArgs, MBArgs+5)); --#else -+#elif LLVM_VERSION < 39 - Builder.CreateFence(Release); -+#else -+ Builder.CreateFence(AtomicOrdering::Release); - #endif - // Load Flag that tells us we timed out (first byte in bc_ctx) - Value *Cond = Builder.CreateLoad(Flag, true); -@@ -970,7 +976,11 @@ class LLVMCodegen { - Twine BytecodeID; - - TargetFolder Folder; -+#if LLVM_VERSION < 39 - IRBuilder Builder; -+#else -+ IRBuilder Builder; -+#endif - - std::vector globals; - DenseMap GVoffsetMap; -diff --git a/libclamav/c++/configure.ac b/libclamav/c++/configure.ac -index cab73e5..a2453cd 100644 ---- a/libclamav/c++/configure.ac -+++ b/libclamav/c++/configure.ac -@@ -90,14 +90,14 @@ elif test $llvmver_test -lt 290; then - elif test $llvmver_test -lt 360; then - llvmcomp="jit nativecodegen scalaropts ipo" - AC_MSG_RESULT([ok ($llvmver)]) --elif test $llvmver_test -lt 390; then -+elif test $llvmver_test -lt 400; then - dnl LLVM 3.6.0 removed jit, so we have to use mcjit - dnl and we're using InitializeNativeTargetAsmParser, so we need the architecture specific parsers - llvmcomp="mcjit nativecodegen scalaropts ipo x86asmparser powerpcasmparser" - AC_MSG_RESULT([ok ($llvmver)]) - else - AC_MSG_RESULT([no ($llvmver)]) -- AC_MSG_ERROR([LLVM < 3.9 required, but "$llvmver"($llvmver_test) found]) -+ AC_MSG_ERROR([LLVM < 4.0 required, but "$llvmver"($llvmver_test) found]) - fi - - dnl acquire the required flags to properly link in external LLVM diff -Nru clamav-0.103.0+dfsg/debian/patches/add-support-for-system-tomsfastmath.patch clamav-0.103.2+dfsg/debian/patches/add-support-for-system-tomsfastmath.patch --- clamav-0.103.0+dfsg/debian/patches/add-support-for-system-tomsfastmath.patch 2020-11-01 19:07:16.000000000 +0000 +++ clamav-0.103.2+dfsg/debian/patches/add-support-for-system-tomsfastmath.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,109 +0,0 @@ -From 637d9ec09f5d854f0a9d694431586971125823c2 Mon Sep 17 00:00:00 2001 -From: Andreas Cadhalpun -Date: Wed, 11 Mar 2015 20:03:15 +0100 -Subject: add support for system tomsfastmath - -Patch-Name: add-support-for-system-tomsfastmath.patch ---- - configure.ac | 2 ++ - libclamav/Makefile.am | 6 ++++++ - libclamav/bignum.h | 6 +++++- - libclamav/xdp.c | 2 +- - m4/reorganization/libs/tomsfastmath.m4 | 12 ++++++++++++ - 5 files changed, 26 insertions(+), 2 deletions(-) - create mode 100644 m4/reorganization/libs/tomsfastmath.m4 - -diff --git a/configure.ac b/configure.ac -index 3cfd18a..d339f9d 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -98,6 +98,7 @@ m4_include([m4/reorganization/libs/libmspack.m4]) - if test "x$use_internal_mspack" = "xno"; then - mspack_msg="External, $LIBMSPACK_CFLAGS $LIBMSPACK_LIBS" - fi -+m4_include([m4/reorganization/libs/tomsfastmath.m4]) - - AM_MAINTAINER_MODE - m4_include([m4/reorganization/libs/libz.m4]) -@@ -362,6 +363,7 @@ fi - CL_MSG_STATUS([yara ],[$enable_yara],[$enable_yara]) - CL_MSG_STATUS([fts ],[yes],[$lfs_fts_msg]) - -+CL_MSG_STATUS([tomsfastmath],[yes],[$tomsfastmath_msg]) - - # Yep, downgrading the compiler avoids the bug too: - # 4.0.x, and 4.1.0 are the known buggy versions -diff --git a/libclamav/Makefile.am b/libclamav/Makefile.am -index ae655cf..522f7fc 100644 ---- a/libclamav/Makefile.am -+++ b/libclamav/Makefile.am -@@ -588,6 +588,7 @@ libclamav_la_SOURCES += yara_arena.c \ - yara_clam.h - endif - -+if !SYSTEM_TOMSFASTMATH - libclamav_la_SOURCES += bignum.h\ - bignum_fast.h\ - tomsfastmath/addsub/fp_add.c\ -@@ -672,6 +673,11 @@ libclamav_la_SOURCES += bignum.h\ - tomsfastmath/sqr/fp_sqr_comba_small_set.c\ - tomsfastmath/sqr/fp_sqrmod.c - -+else -+libclamav_la_CFLAGS += $(TOMSFASTMATH_CFLAGS) -+libclamav_la_LIBADD += $(TOMSFASTMATH_LIBS) -+endif -+ - .PHONY2: version.h.tmp - version.c: version.h - version.h: version.h.tmp -diff --git a/libclamav/bignum.h b/libclamav/bignum.h -index 8fdc956..56dfa95 100644 ---- a/libclamav/bignum.h -+++ b/libclamav/bignum.h -@@ -1,9 +1,13 @@ - #ifndef BIGNUM_H_ - #define BIGNUM_H_ - -+#if HAVE_SYSTEM_TOMSFASTMATH -+#include -+#else - #define TFM_CHECK -- - #include "bignum_fast.h" -+#endif -+ - typedef fp_int mp_int; - #define mp_cmp fp_cmp - #define mp_toradix_n(a, b, c, d) fp_toradix_n(a, b, c, d) -diff --git a/libclamav/xdp.c b/libclamav/xdp.c -index 8742342..6370221 100644 ---- a/libclamav/xdp.c -+++ b/libclamav/xdp.c -@@ -52,7 +52,7 @@ - #include "scanners.h" - #include "conv.h" - #include "xdp.h" --#include "bignum_fast.h" -+#include "bignum.h" - #include "filetypes.h" - - static char *dump_xdp(cli_ctx *ctx, const char *start, size_t sz); -diff --git a/m4/reorganization/libs/tomsfastmath.m4 b/m4/reorganization/libs/tomsfastmath.m4 -new file mode 100644 -index 0000000..2a821a1 ---- /dev/null -+++ b/m4/reorganization/libs/tomsfastmath.m4 -@@ -0,0 +1,12 @@ -+dnl Check for system tomsfastmath -+PKG_CHECK_MODULES([TOMSFASTMATH], [tomsfastmath], [have_system_tomsfastmath=yes], [have_system_tomsfastmath=no]) -+ -+AM_CONDITIONAL([SYSTEM_TOMSFASTMATH], [test "x$have_system_tomsfastmath" = "xyes"]) -+ -+if test "x$have_system_tomsfastmath" = "xyes"; then -+ AC_DEFINE([HAVE_SYSTEM_TOMSFASTMATH], [1], [link against system-wide tomsfastmath library]) -+ tomsfastmath_msg="External, $TOMSFASTMATH_CFLAGS $TOMSFASTMATH_LIBS" -+else -+ AC_DEFINE([HAVE_SYSTEM_TOMSFASTMATH], [0], [don't link against system-wide tomsfastmath library]) -+ tomsfastmath_msg="Internal" -+fi diff -Nru clamav-0.103.0+dfsg/debian/patches/Change-paths-in-sample-conf-file-to-match-Debian.patch clamav-0.103.2+dfsg/debian/patches/Change-paths-in-sample-conf-file-to-match-Debian.patch --- clamav-0.103.0+dfsg/debian/patches/Change-paths-in-sample-conf-file-to-match-Debian.patch 2020-11-01 19:07:16.000000000 +0000 +++ clamav-0.103.2+dfsg/debian/patches/Change-paths-in-sample-conf-file-to-match-Debian.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,41 +0,0 @@ -From 2152ddb28e98651e10d846662ca00ddf32022095 Mon Sep 17 00:00:00 2001 -From: Scott Kitterman -Date: Mon, 10 Mar 2014 19:20:18 -0400 -Subject: Change paths in sample conf file to match Debian - -Patch-Name: Change-paths-in-sample-conf-file-to-match-Debian.patch ---- - etc/clamav-milter.conf.sample | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/etc/clamav-milter.conf.sample b/etc/clamav-milter.conf.sample -index bf46b4f..b1b533b 100644 ---- a/etc/clamav-milter.conf.sample -+++ b/etc/clamav-milter.conf.sample -@@ -64,7 +64,7 @@ Example - # also owned by root to keep other users from tampering with it. - # - # Default: disabled --#PidFile /var/run/clamav-milter.pid -+#PidFile /var/run/clamav/clamav-milter.pid - - # Optional path to the global temporary directory. - # Default: system specific (usually /tmp or /var/tmp). -@@ -91,7 +91,7 @@ Example - # fashion. - # - # Default: no default --#ClamdSocket tcp:scanner.mydomain:7357 -+ClamdSocket /var/run/clamav/clamd - - - ## -@@ -214,7 +214,7 @@ Example - # A full path is required. - # - # Default: disabled --#LogFile /tmp/clamav-milter.log -+#LogFile /var/log/clamav/clamav-milter.log - - # By default the log file is locked for writing - the lock protects against - # running clamav-milter multiple times. diff -Nru clamav-0.103.0+dfsg/debian/patches/clamd_dont_depend_on_clamav_demon_socket.patch clamav-0.103.2+dfsg/debian/patches/clamd_dont_depend_on_clamav_demon_socket.patch --- clamav-0.103.0+dfsg/debian/patches/clamd_dont_depend_on_clamav_demon_socket.patch 2020-11-01 19:07:16.000000000 +0000 +++ clamav-0.103.2+dfsg/debian/patches/clamd_dont_depend_on_clamav_demon_socket.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,35 +0,0 @@ -From 7307f570665abe40cfc5cf1cf67b4211c758266e Mon Sep 17 00:00:00 2001 -From: Sebastian Andrzej Siewior -Date: Thu, 11 Aug 2016 21:54:10 +0200 -Subject: clamd: don't depend on clamav-demon.socket - -Let's try to live without it. -This should avoid the endless loop in #824042. Newer systemd have -rate-limiting on (re)starts. This rate-limiting would stop the socket -service. The only purpose for the socket activation is to get clamd -started after the initial freshclam run on installs so I think we can -live without and manually start the daemon after installation. - -Patch-Name: clamd_dont_depend_on_clamav_demon_socket.patch -Signed-off-by: Sebastian Andrzej Siewior ---- - clamd/clamav-daemon.service.in | 2 -- - 1 file changed, 2 deletions(-) - -diff --git a/clamd/clamav-daemon.service.in b/clamd/clamav-daemon.service.in -index 9a262c3..c13d72f 100644 ---- a/clamd/clamav-daemon.service.in -+++ b/clamd/clamav-daemon.service.in -@@ -1,7 +1,6 @@ - [Unit] - Description=Clam AntiVirus userspace daemon - Documentation=man:clamd(8) man:clamd.conf(5) https://www.clamav.net/documents/ --Requires=clamav-daemon.socket - # Check for database existence - ConditionPathExistsGlob=@DBDIR@/main.{c[vl]d,inc} - ConditionPathExistsGlob=@DBDIR@/daily.{c[vl]d,inc} -@@ -15,4 +14,3 @@ TimeoutStartSec=420 - - [Install] - WantedBy=multi-user.target --Also=clamav-daemon.socket diff -Nru clamav-0.103.0+dfsg/debian/patches/clamd-Use-localhost-as-default-hostname-for-connecti.patch clamav-0.103.2+dfsg/debian/patches/clamd-Use-localhost-as-default-hostname-for-connecti.patch --- clamav-0.103.0+dfsg/debian/patches/clamd-Use-localhost-as-default-hostname-for-connecti.patch 2020-11-01 19:07:17.000000000 +0000 +++ clamav-0.103.2+dfsg/debian/patches/clamd-Use-localhost-as-default-hostname-for-connecti.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,42 +0,0 @@ -From 8cc00e2788269dfbe22306042e92196061ce8fe6 Mon Sep 17 00:00:00 2001 -From: Sebastian Andrzej Siewior -Date: Sat, 31 Oct 2020 23:20:42 +0100 -Subject: clamd: Use `localhost' as default hostname for connection - -Using the IPv4 address directly will fail on IPv6 only hosts. - -Upstream: https://bugzilla.clamav.net/show_bug.cgi?id=12633 -BTS: #963853 -Patch-Name: clamd-Use-localhost-as-default-hostname-for-connecti.patch -Signed-off-by: Sebastian Andrzej Siewior ---- - shared/optparser.c | 2 +- - unit_tests/check_common.sh | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/shared/optparser.c b/shared/optparser.c -index 072911c..95ebeeb 100644 ---- a/shared/optparser.c -+++ b/shared/optparser.c -@@ -275,7 +275,7 @@ const struct clam_option __clam_options[] = { - {"TCPSocket", NULL, 0, CLOPT_TYPE_NUMBER, MATCH_NUMBER, -1, NULL, 0, OPT_CLAMD, "A TCP port number the daemon will listen on.", "3310"}, - - /* FIXME: add a regex for IP addr */ -- {"TCPAddr", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, FLAG_MULTIPLE, OPT_CLAMD, "By default clamd binds to INADDR_ANY.\nThis option allows you to restrict the TCP address and provide\nsome degree of protection from the outside world.", "127.0.0.1"}, -+ {"TCPAddr", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, FLAG_MULTIPLE, OPT_CLAMD, "By default clamd binds to INADDR_ANY.\nThis option allows you to restrict the TCP address and provide\nsome degree of protection from the outside world.", "localhost"}, - - {"MaxConnectionQueueLength", NULL, 0, CLOPT_TYPE_NUMBER, MATCH_NUMBER, 200, NULL, 0, OPT_CLAMD, "Maximum length the queue of pending connections may grow to.", "30"}, - -diff --git a/unit_tests/check_common.sh b/unit_tests/check_common.sh -index ccf5504..1c651b0 100644 ---- a/unit_tests/check_common.sh -+++ b/unit_tests/check_common.sh -@@ -77,7 +77,7 @@ LogVerbose yes - PidFile `pwd`/clamd-test.pid - DatabaseDirectory `pwd`/test-db - LocalSocket clamd-test.socket --TCPAddr 127.0.0.1 -+TCPAddr localhost - # using different port here to avoid conflicts with system clamd daemon - TCPSocket $port - ExitOnOOM yes diff -Nru clamav-0.103.0+dfsg/debian/patches/Fix-ck_assert_msg-call.patch clamav-0.103.2+dfsg/debian/patches/Fix-ck_assert_msg-call.patch --- clamav-0.103.0+dfsg/debian/patches/Fix-ck_assert_msg-call.patch 2021-02-21 15:00:07.000000000 +0000 +++ clamav-0.103.2+dfsg/debian/patches/Fix-ck_assert_msg-call.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,23 +0,0 @@ -From 18306a889918187a63e80c07fd5edd2241e1906b Mon Sep 17 00:00:00 2001 -From: Orion Poplawski -Date: Thu, 17 Sep 2020 22:26:04 -0600 -Subject: [PATCH] unit tests: Fix ck_assert_msg() call - -The first argument to ck_assert_msg() should be a logical condition. ---- - unit_tests/check_jsnorm.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/unit_tests/check_jsnorm.c b/unit_tests/check_jsnorm.c -index 5067a21a55..64f6bf8b37 100644 ---- a/unit_tests/check_jsnorm.c -+++ b/unit_tests/check_jsnorm.c -@@ -247,7 +247,7 @@ static void tokenizer_test(const char *in, const char *expected, int split) - fd = open(filename, O_RDONLY); - if (fd < 0) { - jstest_teardown(); -- ck_assert_msg("failed to open output file: %s", filename); -+ ck_assert_msg(0, "failed to open output file: %s", filename); - } - - diff_file_mem(fd, expected, len); diff -Nru clamav-0.103.0+dfsg/debian/patches/series clamav-0.103.2+dfsg/debian/patches/series --- clamav-0.103.0+dfsg/debian/patches/series 2021-02-21 15:00:07.000000000 +0000 +++ clamav-0.103.2+dfsg/debian/patches/series 2021-04-12 18:51:20.000000000 +0000 @@ -1,8 +1,7 @@ -Change-paths-in-sample-conf-file-to-match-Debian.patch -add-support-for-system-tomsfastmath.patch -clamd_dont_depend_on_clamav_demon_socket.patch -Add-support-for-LLVM-3.7.patch -Add-support-for-LLVM-3.8.patch -Add-support-for-LLVM-3.9.patch -clamd-Use-localhost-as-default-hostname-for-connecti.patch -Fix-ck_assert_msg-call.patch +0001-Change-paths-in-sample-conf-file-to-match-Debian.patch +0002-add-support-for-system-tomsfastmath.patch +0003-clamd-don-t-depend-on-clamav-demon.socket.patch +0004-Add-support-for-LLVM-3.7.patch +0005-Add-support-for-LLVM-3.8.patch +0006-Add-support-for-LLVM-3.9.patch +0007-unit-tests-Fix-ck_assert_msg-call.patch diff -Nru clamav-0.103.0+dfsg/debian/rules clamav-0.103.2+dfsg/debian/rules --- clamav-0.103.0+dfsg/debian/rules 2020-11-01 19:07:16.000000000 +0000 +++ clamav-0.103.2+dfsg/debian/rules 2021-04-12 18:59:21.000000000 +0000 @@ -88,7 +88,7 @@ fi;\ done; \ # Check for library features which may have been upgraded. - if ! grep -q "CL_FLEVEL 121" libclamav/others.h ; then \ + if ! grep -q "CL_FLEVEL 123" libclamav/others.h ; then \ echo "cl_retflevel needs boosting in symbol file"; \ touch debian/exit; \ fi; diff -Nru clamav-0.103.0+dfsg/debian/upstream/signing-key.asc clamav-0.103.2+dfsg/debian/upstream/signing-key.asc --- clamav-0.103.0+dfsg/debian/upstream/signing-key.asc 2020-11-01 19:07:16.000000000 +0000 +++ clamav-0.103.2+dfsg/debian/upstream/signing-key.asc 2021-04-12 18:51:19.000000000 +0000 @@ -1,51 +1,51 @@ -----BEGIN PGP PUBLIC KEY BLOCK----- -mQINBFj3nAABEADRS+B5sv1AnRBvf8dLFd9zuXjFc7e+laeTKcGUKhM4AV8G2qJU -wfQFu35J8D5PkTit/qCYCpnrcE9gR1tTvhSDy0ekWfNlqzukfLRvL5VuMq08+ebz -3QaQP2lvBzhw5afInLSfu1xjMHdd6048kGUOCGQjBZpNd0tOt0QNfoqTUzAN0Jaq -lWnbjGm2kIxD6gyugG031TCcRE+ck9dxg67KEEXlGNmpUF6GWrozB+tRKt9VP/hc -db/Qyri3DIEI1RJlSJhBrbasSBbSkBaH0mDOQ3NAxfq95/2rY/K0kg1o8YsxVKvz -p1FLE/3Cwxbs81JLtvrrapfmFZFOSahBLyMFDLet7y+m7r8fUMjj7bSeWwIsGcPa -Jh+mYEZOibJkgQcgcFE3vP+Px9mXa99VmD0iVj8wIt4sVGxjKnRr4oWpD4/A3E4+ -KjxKapnrE45WciSjakxtBMl3ltbT3F+D4Tpnq2ijL7pwMlNreeguIeVDFGd+jvYY -m5dGfjmFQhZ29Fp+VDHjhkbDx0JILJF2YRofcml4Z+B3Hwqr1JQetGYiDVOZCEUZ -V4dVmhUBsEfbznXT7+SsV+u34F3IOVs7m0bQb2ty3unlUGmEoP2LVPzWZWHQN4vu -X41e0t+3dZCurMvCLdU2V4XIGCwACAF5WFhx9xPmZdmSAYjIjRKu3KSy1QARAQAB +mQINBGBjkiwBEADgJTEabt5zCareK9pJJswGU62smrq3uOaaDhtgztj3bxRY/UGT +jypxMee1S/fGWQZQy52lFOXLud5gFC5QU8Yk+7EAsh2ZJSKtWUw8/iMxZ4vsrKVV +QQRLTqMUY16R6/8UzdIT/hD6CbgWgiXF4NH5AGleNqjkF4TXrGof0AK0veekZYJV +WWStqJR/cIiG0nxDQ87RWfeZgrULZmA8uii22po7rGGzxT0byb83dKK+7IoJ/6B/ +ZlI0PmzuJ9/Xp6Mmm//sdPEqRwedt2aGrvtdF79xYJ1tDhOVMpID0aPdURBwlliq +fyKGaIUEa1ke+Dy7sQF8i3zY7ce6PZOtbsts9xsJLvF98VhRsFy0vProPv1mVbiU +PoxxPTnyLeGUm27amIMl4NfX4a8Hdu+ExzKprqWo3Ir08HQzNt6QoFghDIpi9nm4 +k327CJzJv/g2dq5kY/KU6wFHbdH3zP7u+p9DDqKJYFebPCvwM1hMxPdLqemTsfob +kJ4iXcAXjpMqwXX9m0lyQcRHdIdc99yyCUMdPNfapLgY7rOahsS16795/5KSrCuF +h2RcoAWUjh6sGjgGIY4Hy1qQwp3t6X/L6TOhDkBDWId5bTKFR9NqrVprOVsUutbs +0TOqLyH4GXCpE9vzg8DX7FTdRiCTpbyQ7VuSxRN/vAyVRP4chrABNfvh/QARAQAB tDtUYWxvcyAoVGFsb3MsIENpc2NvIFN5c3RlbXMgSW5jLikgPHJlc2VhcmNoQHNv -dXJjZWZpcmUuY29tPokCPQQTAQoAJwUCWPecAAIbAwUJB4YfgAULCQgHAwUVCgkI -CwUWAgMBAAIeAQIXgAAKCRDxP54WvKW/rQZnD/9xWiC/y9JEsbHnsNrzGosGQxsp -QSxgDcHUM0hjuhfpxDyaT/bm/qJcHWDLh7c/WiL0B1b9bGaj/soSn5ZSKaSAyThF -S48uG0q1rFlr2E/vP4ExZacLLndRHD4oaR/glp+NLsB60skz2b70IazSfm4uvKE0 -Wb7EgXm3exyJxS2vht51xLvPxj+VY7rVVJ7oQKMgv+Z9wMUj9kwbb7V/ytoYUVgG -N0aJ7tzuyOk2DeZ/0Mh4swEQ5QQE9X2KREOAfcrfpnyV8vIrTnwSian6KstuoAN9 -Ux+tqXS9SmexTaILqwXi0C1k7Loy5GDIKxwQHYI5xJ4eQbJNTGWTbGzQDd8VLRN4 -9yy0DYrayfTenWvsnBhS27X/dKitZVT90vKlqEaEMYRXV2d6Bu9Hq/USv1+AAFBB -MMi/9UBf3NHI3egNp//OkUReiusUImiq7TEBYSXmpVJ5L8SbDiahZ+YUzJHkd5u+ -j6BLNybj9kGilGRf3IsRqcu1BNvO8pqE/GkwDpDXXQWgfOykTflCROK32Nz4+asr -0y5Q73MiifkqTD0f/bDsryHtzGM+EIg81FcUCrtAHf/K9JDephwXstrhXue9Uupp -Arg/iHXXOcxR0ThrrRN+Fx10/5e2ALrVely5ZNZVhuvxg6EKzwJdnyw6IivJB/27 -IvlaaeLwpFaVgHgXIbkCDQRY95wAARAAqH5sChZORId5RJv3PQWmFZwLAIWaj0Zy -7QQnUvJecAi0doQe2w4fGTZOSfOX4LxPVgHkc59omPnDs30sVp8YiGt4luSLvQ49 -OhKUtPW6Z5B3UxTdbZCF1zs8t3tkHkGjxwfbhoZKdyrJvVQ7tz2l7lxiSI6x65I7 -v/+auTUc+ihskSSCvm6XeX3ekKOWJ96pnLItC1Pvh2bd4BOW4swSlXZ2k1/p1c2G -5vC7bFwUJbb67Y9wPJl0nCCBzZCfAtgMmKieq51rvtJ/83CNf8P7dMmZbRwUp4fN -xLPrvocDAJn3drfoKV3eX3st5M7SODKIF2gglXIQwYb1h/IJSRap9tgktOQVBBuy -tI6n1zo2Ga5kRK06tX/NBVRQI8we8WR8ePVkg0bZYIo1EKNa89xjTwQXqrbmvs7F -VSpsV2zMtMu6zDtJBcAGW+1feo7m1kL5ZGR4Dl3rbdImq2AdAt2TRfisZYmYAQyw -hIa7eNted2Bxs4KWrgwHgkk1ljjn/wF3InyKXnySPIpW2LT+kRWS0KujIDeiZTp5 -tAQP2qfL2mFcStyeBSqDW6s725a2oYv74yCycbbYSD3nxjruWrYVjF01/MKoSx5o -BFRkN7/n4hIpvcSlIzmmFPocbZCRTP9+4Miewq7e9ASnx+vxFpelBZTM1Oe+DZdB -zEvTjbqK698AEQEAAYkCJQQYAQoADwUCWPecAAIbDAUJB4YfgAAKCRDxP54WvKW/ -rQELEACGWflvcVbhmeSAbJqZNRcUGHQ0o2YMEHptErs0f6KVhBlI6Ouc37VHJgH0 -Vu75o5C/aagNghMPdAKCGf4DbYcBd8FzM7EHZspMcG5/rrE9zX9zYlcdD8KAN5Nm -ZZQz6+htMzD6ROdJWjkdnIpZvAb/6weSpj9ZI1hAhMr+2+kU13fUk70x2cWGMVsT -LpTjOo4ad0Qec5/s4MZ7enGz34DJLLCIzcA3K2S6AxO4cucord6onIkgikDq0LvX -RfMp18n+0vlEk6msuhSYAi04iPAS/mbYCpsuNMQefF6LJmICMpn2Vm4TOW6GMIa9 -lilC0oodVYYCKvhdXWB1MRoO5axnxSrNNLm8s7pxR5NzRvLxBiBxVqAJuw4rvFxN -4BZ5M1JSZWu2Rcz+xeh/szXRmWUbLScr4hwQRBSi2efiqPYjkWmxk8MJ5pHvwNK1 -DO33H3btRriWK7RZYRYq2Bjpuo8iGevgZ5pyiJkX1p72UehkC6ogGgW2ULgolIUa -LkZivq7Z2vICdouOKAhA2/QaQG0mA7O7RdOLWPX7EH720e4yqUPH9Hxv95EAeYkr -4Zg38cdiIevqjwUOwjMpxtIAj3ol+OvBFbiqJW5PICm7vi5HMIXuwQ6aIgSVDfic -Tjaszr4bkQdr3OpqhR4+ZN5/BAKY4IIzMmvF6v1X8s9DtzjFFg== -=rmWe +dXJjZWZpcmUuY29tPokCPgQTAQIAKAUCYGOSLAIbAwUJA8JnAAYLCQgHAwIGFQgC +CQoLBBYCAwECHgECF4AACgkQYJsCTys+3QfbLg//eZ0yCLr957FtztVlLIHYLpJn +LIl8m+hu3KeUTIwvMoCLiw48cWqFZaJS9PTmrraSj5SKMDnAYFl4O0fhHfQiWDjb +sZ32hQni1PcqxoXqSnkXD7mXjcPH2WuNnQM5WZoAD2VmksqRT57I/K2omW/sjaVe +Nbq3GSOy8WThibswxzioDHtTPFa0/Ah2qq8OkcVJuTwCS1xkLijJc3jx/pOBHWFA +BA4VX5pwcSou/woJ+ySsgBGEo5hOsd0r7h3a0O8EiuGulHTqQt87rVWGv0JKhnub +FULr/ld8+d1zGvJL3OzFG6udjWjw3QqsLDZa94G1ksZWgqr/RgexlSYuxPW+lKUC +QkgotLaEKQC4cpBLRcJEjWyrf4IjoJvkFrUtPsVH9VStICUQATyXARNVWbnJHq3Y +qynCXSB4NZvdo9BF6Tx3FA+ZUjK4/X/UsjL/Hmv99huBctQsWL7gQCoSw9YOt4qs +/As6fgPaNpYb9woJqNMEQNmrhfnnX9PGaM5dM769/E5vF67mkhBNqVJ0+4gyrpTU +T7Pmavrc3T4aSSde8eG6zSlmW8wM5xELfK5TeTexBKGAaDV8c2BkfenRO8OvBSvr +Gz+Xp/YzO9uGUPnbMsTVtxClmzmEj/MVpvtRdEo+dbVOSy8nk3XCu7jMjpojggPv +YQ+4CZYxYpW1T2hSFxG5Ag0EYGOSLAEQAM5kdheiwStznKiaIWaO+0PBA8bAv2xG +7qW/Di85xdcH9miHZM9+lx/iZoOBC9wZC9eatV4Hcukff700a/LGZSYVDvHvdEWb +Tv6ZwvHzbxuc1Kv8cLYopRUfOAwMYOmXriMLxVmd3fcfPNsfPRqfkaZRdkm7qTbP +DeKpSL157HbUG64Eej3cOViq49Hy9L6jtfjtZVxX7OavjnEpyezG6qSIAkvD6O7J +Yg3yfkr4sa44qohq9lDfjWpoXMebu0WsIyW11hm+7KMrBMHjlNgXppu0+ryeKfQi +FjPDBd9aflnHy2e8aHef9S5349thNGzjV3TNMV6A6oAN2XQ7pgj5DTwMZtHFCjdE +HIyfGCAgQQL0/MaFzKwuw/l/m31smZgItAZXYY1xoC2gh7LTPZ/3t2VVVof4TNXD +c+pUNgY6bwPBksuhsX8qsldDr5q3jdHZsjlycpL38Z4EZNg3BqxJlVseB395ZOQ6 +FCtHGh6rpsYQZDj1QWcUyev8NHSbSNRMS2/Nn5bT3KgEWEWrmOxp3iMmunBqmnt2 +/xJ83PKRTbSKgcG+Y/+DtnleHpRueRUPC/5XX0DNznSjF10vAh4XtBKGBNaHU9Vv +nMXlYeJ9kCMdSs7cM4FfLFMtPkFwpDYhvQRAEwt11RV6bGo5ZCgGrHGIBlNk6ZSO +1hP15hUtkWU7ABEBAAGJAiUEGAECAA8FAmBjkiwCGwwFCQPCZwAACgkQYJsCTys+ +3QfI7Q//Sb2yotfcsG5Q2FkHRBE85su01c6pewImV9bofNhATSQ37yVHUDrchm+k +Y6Pq5Tdgg+eAMcYz2yv9JhFxJyzgI0viQrkjD7oXeRTGZ0CvzxHhTakAOADXAnYt +wmJglEBTCCbUZ968kQkdBxEaUjVWPCMyIceRr8kUfiCjX51+DLESy8b5lOBhprO6 +vDukk/rmDruIpJPhJ3f89gsp2Ry7gk7a5ENIuVEElLK6OPBZhC3dDZwsvm5CYb62 ++U/b1xtmElpgGbNJCjxvAZiJ0WN2zfBXan+SJ4I9NFUw9jvSURvDV24s4YPhkbZu +OIqQEEYF8QMZ1VJlsr7BoWIXrdKDNJbmEVyx3UiYXKD1BVXCQADPu8G8EPuo4yAf +WymJAOJbAqNF2Op6+sC7/v8Xcgc3PGGyu23cZwikfCAgV+beywTPI5+eVV5F/rpx +XOlvNxT0NOg3UOeQ9GvCbD5ZcuDzmhqso0eMABeq5K5XB12xlWNaTZsIt8Dim4uK +aKMGeB+6iygkHITbay0sMUo0dX6nT27bjX5dTBo/vnVAPYuCS6rh8ojalR1fYFKA +1zdeSaJ2EW5KmgC9yedylSbHdQ+LjSY3t/Ut4RYaekIDeGmVoQkJkL7gIAs8NOYw +G3ayr0AtmeMagAMy94NH5ufVgFk+QPmXpzS7rMLQ3Is1ZOuWNrQ= +=gazS -----END PGP PUBLIC KEY BLOCK----- diff -Nru clamav-0.103.0+dfsg/docs/html/UserManual/Contribute.html clamav-0.103.2+dfsg/docs/html/UserManual/Contribute.html --- clamav-0.103.0+dfsg/docs/html/UserManual/Contribute.html 1970-01-01 00:00:00.000000000 +0000 +++ clamav-0.103.2+dfsg/docs/html/UserManual/Contribute.html 2021-04-06 19:04:05.000000000 +0000 @@ -0,0 +1,289 @@ + + + + + + + + + + + +

Contribute

For ClamAV library & application projects, submit pull-requests to: https://github.com/Cisco-Talos/clamav-devel

For ClamAV documentation projects, submit pull-requests to: https://github.com/Cisco-Talos/clamav-faq/pulls

Tip: If you find that any of the bugs or projects have already been completed, you can help out simply by updating the list in a pull-request to update this document.

Contribute
Bugs
Larger Projects +

Bugs

There's only so much our core dev team can schedule into each release. Many bugs probably won't be fixed without your help! Feel free to troll our open Bugzilla tickets if you're looking for project ideas!

Larger Projects

The following are a list of project ideas for someone looking to work on a larger project.
+Any projects labeled "Risky" or "Exploratory" are thought to be more likely to fail, or to have signifacnt drawbacks that will result in the new feature being ultimately rejected.

Please don't take it personally if the ClamAV team decide not to merge your implementation due to perceived complexity, stability, or other such concerns.

Contributors are expected to implement ample documentation for any new code or feature. Directions on how to test the contribution as well as unit and/or system tests will significantly help with PR review and will improve the likelihood that your contribution will be accepted.

Unstable or incomplete work is not likely to be accepted. The core development team has a long backlog of tasks and a currated roadmap for the next 6-12 months and will not have time to complete an unfinished project for you.

Contributors submitting a sizeable new feature will be asked to sign a Contributors License Agreement (CLA) before the contribution can be accepted.

CMake: `-DMAINTAINER_MODE=ON`

The purpose of "maintainer" build-mode is to update source generated by tools like Flex, Bison, and GPerf which are not readily accessible on every platform.

In this case, the project is to add GNU gperf support to the our CMake build system's Maintainer-Mode (-DMAINTAINER_MODE=ON). To complete this task, you'll need to detect GPerf when using Maintainer-Mode, and it should be required. When the build runs, it should regenerate and overwrite the libclamav/jsparse/generated files in the source directory using gperf with jsparse-keywords.gperf.

The contributor should add the new option to CMakeOptions.cmake and document the feature in INSTALL.cmake.md as well as in the clamav-faq repo's development.md developer documentation, after the feature has merged.

Category: Low-hanging fruit, Development

What you will learn from this project:

CMake C/C++ build system skills

Required skills:

Linux/Unix familiarity. Familiarity with compiling C/C++ projects.

Project Size: Small

CMake: `-DCODE_COVERAGE=ON`

Add a -DCODE_COVERAGE=ON option to the CMake build system which will build ClamAV with code coverage features enabled.

An ideal solution would support code coverage in when using GCC, Clang, and MSVC.

See development.md in the clamav-faq repo for additional insight on how gcov, lcov, and genhtml can be used today with the Autotools build system.

Category: Low-hanging fruit, Development

What you will learn from this project:

CMake C/C++ build system skills
Familiarity with C/C++ code coverage

Required skills:

Linux/Unix familiarity. Familiarity with compiling C/C++ projects.

Project Size: Small

Develop New Detection Capabilities for PE/ELF/MachO Executables

ClamAV parses the PE/ELF/MachO headers on executables that it scans, but doesn't make all of the data that it extracts available for use by NDB/LDB signatures. Some features that would be great to have include:

The ability to distinguish between regular executables and DLLs/SOs/DYLIBs (add new keywords?)
Subsignature modifiers that can limit subsigs to only being evaluated against sections with memory permission flags (Read/Write/Execute). This would allow signatures to be evaluated more efficiently and also would decrease the chance of signature false positives.
Parsing digital signatures in signed MachO exes and evaluating against the certificate trust / block .crb rules
Other features that might be helpful?

As PE, ELF, and MachO parsing features already exist in C, C is the mostly likely language of choice. However any major new self contained code would ideally be written in Rust.

Category: Core Development

What you will learn from this project:

The PE, ELF, and MachO file formats
How ClamAV parses executable headers, performs signature matching, and the capabilities are provided
How to write ClamAV signatures to match on executable files

Required skills:

Strong C development experience
Rust development experince (as needed)

Project Size: Large

Develop Memory Scanning Capabilities for Unix

Today, ClamAV works by scanning files on disk for malware. It'd be great if ClamAV could also be used to scan process memory on a system its running on in order to detect malware that isn't present on disk.

The ClamAV team is already looking into integrating such a feature from clamav-win32, a project by Gianluigi Tiesi who has graciously agreed to allow us to include this memory scanning feature and others in the upstream clamav project.

This project would be to develop a similar capability for use on Linux and/or macOS and/or BSD Unix scanning clients.

As this is a relatively large new feature, an ideal solution would be written in Rust.

Category: Fun/Peripheral

What you will learn from this project:

The techniques and OS APIs related to inspecting the memory of running processes
The security mechanisms in place to limit arbitrary access to process memory

Required skills:

Strong Rust development experience.
Linux/Unix operating systems experience.

Project Size: Large

WebAssembly Runtime

Background: ClamAV has for a long time had runtime support for running portable plugins we call "bytecode signatures". ClamAV has a custom bytecode compiler to compile these plugins from a C-like language and uses LLVM or a homegrown "bytecode interpreter" to run the plugins. This solution is strikingly similar to a newer portable plugin technology: WebAssembly!

The goal of project would be to create a proof-of-concept WebAssembly (wasm) runtime in ClamAV so that "wasm signatures" could be written in Rust and executed in a wasm sandbox. As with our current bytecode signature technology, the wasm signatures would run at specific hooks in the ClamAV scanning process. They would need access to the file map (buffer) being scanned, and would be given a limited API to call into ClamAV functions.

For a proof-of-concept, executing a local wasm plugin that has access to the file being scanned (without copying the data) would be fine. A production solution would need to convert the wasm plugin to an ascii-text encoding so it can be distributed much the same way the current bytecode signature .cbc plugins are distributed. As with the bytecode signatures, clamscan and clamd must not load the plugins unless they've been digitally signed or the --bytecode-unsigned/BytecodeUnsigned options are set, which would disable this safety precaution.

Important Notes: The ClamAV bytecode compiler project is currently undergoing a major re-write. Once complete, the new bytecode compiler will effectively be a Python script that invokes clang with a collection of custom compiler passes that effectively compile C code into ClamAV-bytecode plugins. This project would have you extend that project to instead use rustc to compile Rust ClamAV-WASM plugins.

Category: Core Development, Fun

What you will learn from this project:

Compilers
LLVM, WebAssembly JIT
Executable plugin sandboxing
Rust

Required skills:

C/C++ development experience.
Rust development experience.

Project Size: Large

Add Unpacking Support for New Packers

ClamAV includes support for unpacking executables generated by several software packers so that malware can't use them to easily evade detection. The list of packers currently supported can be found in the Introduction of the ClamAV Manual. There are many packers out there, though, so there is always a need to write unpacking code for ones that are frequently used by malware authors. Some that are currently needed include:

UPX for ELF
MPRESS (although we do have some bytecode signatures for MPRESS - those might be sufficient)
If anyone is interested in this, we can analyze thousands of samples and identify more candidates for this list

Improvements to existing executable (PE/ELF/MachO) parsing code would likely be in C, but any new standalone modules would ideally be written in Rust.

Category: Fun/Peripheral

What you will learn from this project:

How packers function, the steps involved in run-time loading and fixing memory maps, and a general approach to unpacking
You'll gain experience reverse-engineering real-world malware

Required skills:

C development experience.
Rust development experience.

Project Size: Large

Add Support for Matching on .NET Internals

Yara extracts certain properties of .NET executables and makes them available for signatures to use for detection: https://yara.readthedocs.io/en/v3.6.0/modules/dotnet.html

Can ClamAV do something similar? For instance, extract the GUIDs and allow matching on those the way we do entries in the PE VersionInfo section?

Tip: An ideal solution for this and any new file parsing feature should be written in Rust and called by our existing C code.

Category: Fun/Peripheral

What you will learn from this project:

How .NET executables are structured, and how they work internally
How to write .NET applications (for testing)
You'll also test your code against real-world malware, and perform reverse-engineering of samples as needed (if they break your code).

Required skills:

C development experience.
Rust development experience.
Any prior experience in the areas listed above is a plus.

Project Size: Large

Extract Macros from OXML docs

ClamAV and Sigtool currently support parsing OLE Office files to decompress and extract macros for scanning. The newer version OOXML Office files do not have this support, resulting in detection possible for macros in these documents. The ability to both extract and scan macros would enable better coverage. This might mean creating a new target type to prevent creating two signatures one for OLE macros and another for OOXML macros.

Tip: An ideal solution for this and any new file parsing feature should be written in Rust and called by our existing C code.

Category:

What you will learn from this project:

ClamAV and Sigtool internals
Office document macro compression (RLE compression)
Macro storage in OOXML files

Required skills:

C development experience.
Rust development experience.
Any prior experience in the areas listed above is a plus.

Project Size: Medium

Dynamically add new file types simply by adding file type magic (.ftm) signatures

Known file types are currently baked into each ClamAV versions along with file type magic signatures. See filetypes_int.h, filetypes.h, and filetypes.c. The hardcoded signature definitions for these hardcoded types are generally overridden by daily.ftm, a component of daily.cvd used to tweak file type identification definitions after release.

This project would be to re-architect how file types are stored in libclamav so new file types can be dynamically added when daily.ftm (or some other .ftm file) is loaded. Supplemental .ftm files should supplement the existing file type definitions, allowing an extra.ftm file to be tested alongside daily.cvd.

This new capability when combined with the ability to register bytecode signatures as new file type scanners will dramatically increase the ability to extend ClamAV functionality between major version updates. Even when combined with logical signatures that target specific file types (using the proposed new Type: keyword instead of Target:, see below project idea), will allow creative analysts to write more compact and efficient logical signatures.

Category: Fun, Core Development

What you will learn from this project:

Software architecture experience.

Required skills:

C development experience.

Project Size: Medium

Register scanners for each file type, Write bytecode "signature" scanners.

Bytecode signatures are the portable executable plugin format for ClamAV. If ClamAV file types each had one or more* linked list of file type handlers ("scanners"), then a bytecode API could be added to register a bytecode signature as a new scanner for a file type.

This project should be completed after the project to dynamically add new file types with new file type magic signatures (above). This new scanning architecture would be really powerful way to add features to the product without requiring a major version update. When combined with the project to run WebAssembly signatures written in Rust (project idea above) -- this plugin-based scanner feature would have the potential to become the fastest and safest way to add new capabilities to ClamAV.

Example use case:

One example use case of this feature would be to alert on the malicious use of crypto miner wallet IDs.

Cryptomining malware has become increasingly prevalent with the rise in cryptocurrency prices, and we have thousands of wallet identifiers known to be associated with malicious cryptomining campaigns. We don't have a robust way of using these IDs for detection, though, because we only want to raise an alert if the ID appears to be used in a malicious way (Ex: hardcoded into a mining application or as part of a coin miner configuration file) and not in legitimate ways (Ex: blog posts about campaigns or wallet blacklists used by the mining pools).

The two use-cases that we want to alert on are miner config files and executables with the embedded wallet identifier. We could have two .ftm rules (one for each case) that indicate a CL_TYPE_MINER or something like that, and then scanning execution for CL_TYPE_MINER can go to the bytecode sig to perform any other checks that may be necessary.

*Additional Considerations: ClamAV has several locations in the scanning process for invoking file type scanners:

After initial file type identification, and before the "raw scan". In cli_magic_scan().
Once for each embedded file types found when using scanraw() to also match on embedded type recognition signatures*. In scanraw().

*Embedded type recognition signature matching is a feature used to identify self-extracting archives and some harder to identify file formats, like XML-based office document formats, DMG files, master boot records (MBR), etc. It isn't used for some archive and disk image formats that we'll unpack later anyways because they cause excessive type false positives and duplicate file scanning. A common example without this safety measure was duplicate file extraction and scanning of zip file entries found in a tarball.

After scanning all of the found embedded types (above). At the end of scanraw(). These could probably be moved to (4) if it is deemed safe to remove the 1st "safety measure" call to scanraw() in cli_magic_scan() (i.e we'd only call scanraw() once, ever).
Again, after the call to scanraw() at the bottom of cli_magic_scan(), for types that have bytecode hooks that won't execute unless a logical signature matches, requiring scanraw() to perform matching first.

Considering that there are 3 or 4 placement options for scanners, it may be required to have 3 (or 4) different lists to add to when registering a new scanner to indicate when to run the scanner in the scanning process. An enum argument for the function would indicate which list to add it to. If inserting the new scanner for a given type from the front of the list, and only invoking the next scanner if the first one returns CL_EPARSE or CL_EFORMAT, then a scanner registration could be used to override an existing/built-in one or supplement it, whichever is desired.

This project would would require coming up with a common file-type-scanner API for all scanners (including bytecode scanners), and would enable moving all file-type-scanners out of scanners.c and into a new file for each in a scanners subdirectory. A separate parsers subdirectory should be added at this time and each file type parser would be moved there. The distinction between a "scanner" and a "parser" is this. A scanner uses a parser to extract bits to be scanned. A parser may simply be something like an archive extraction library. In some cases, particularly in internally developed code, the distinction may be less clear and so the entire thing may be better placed under the scanners directory as the entry-point will doubtless need to use the common file-type-scanner API.

This project will also require creating lots of regression tests for file type identification to ensure that the new architecture doesn't accidentally misclassify or fail to scan certain files.

The majority of the work won't actually change ClamAV's behavior, which may seem frustrating, but the end goal is super cool. Code cleanup and organization along the way will also make a meaningful difference. This project could be split into pieces:

Establish a common file type scanner function API and reorganize the scanners and parsers as described above.
Convert the API into a callback function pointer definition and create a registration API. Add a set of scanner callback lists to each file type. The built-in scanners should be initialized either at compile time or at least when libclamav is initialized, depending on the chosen design.

Category: Very Fun, Core Development

What you will learn from this project:

Software architecture experience
How to write ClamAV signatures (bytecode and LDB sigs)
You'll test your code against real-world malware, and can do reverse engineering if you'd like to expand the initial coinminer classification logic.

Required skills:

Strong C development experience.
Any prior experience in the areas listed below is a plus.

Project Size: Very Large

Limit logical signature alerts based on file type

ClamAV signatures have a "Target Type" which is an integer type which can be used in signatures to limit signature matches to specific file types. ClamAV also categorizes signature patterns into two different Aho-Corasick pattern-matching trie's by Target Type. Target Type 1 (Windows executables (EXE/DLL/SYS/etc.) go in one trie, and everything else goes in the other trie. Unfortunately, not every file type has an associated target type. In addition, while it's conceivable to be able to add new text-based file types dynamically (see the above project idea about file type magic signatures), it is less feasible to dynamically add new numerical target types.

For some advanced reading, see:

This project is to add a new "Type:" keyword to the TargetDescriptionBlock for Logical Signature (.ldb) to limit logical signature alerts to specific file types, much like you currently can do with Target Types ("Target:"), Container File Types ("Container:"), and Container Intermediate Types ("Intermediates:"). While this isn't expected to improve scan times, it should reduce overall signature size as analysts will no longer need to duplicate the file-type-magic signature in order to limit alerting on a signature match by file type.

To illustrate, this is the file type magic signature for a Microsoft Shorcut File, aka CL_TYPE_LNK:

+    0:0:4C0000000114020000000000C000000000000046:Microsoft Windows Shortcut File:CL_TYPE_ANY:CL_TYPE_LNK:100
+

Though we can classify a file as CL_TYPE_LNK and even unpack the file with custom scanner using that type, there is presently no way to write a signature for CL_TYPE_LNK files without duplicating the 0:4C0000000114020000000000C000000000000046 bit.

At present a signature to alert on a "malicious" shortcut containing 0xdeadbeef might look like this:

+    SignatureName;Target:0;(0&1);0:4C0000000114020000000000C000000000000046;deadbeef
+

After this change, the signature could instead read:

+    SignatureName;Target:0,Type:CL_TYPE_LNK;(0);deadbeef
+

Category: Low-hanging Fruit, Core Development

What you will learn from this project:

Knowledge of ClamAV's signature databases, and logical signature evaluation.

Required skills:

C development experience.

Project Size: Small

libclamav Callback Function to Request Additional File

Add a callback function to give libclamav file parsers the ability to request additional file data from the scanning application -- I.e. clamscan and clamd (and by extension clamdscan & clamonacc).

This feature would enable support for split-archive scans, if all components of the split archive are present and available to the scanning application. To make this work for clamdscan+clamd, or clamonacc+clamd, the request would also have to be relayed by clamd over the socket API to the scanning client, and the client would have to respond with additional data, filepath, or file descriptor for clamd to provide via the callback to file parser.

Disclaimer: It's entirely likely that this idea is bogus and wouldn't work over the clamd+clamdscan socket API. This task would require a fair amount exploratory coding.

When a file is scanned, the scanner (eg cli_scanrar) may call a callback function provided by clamscan or clamd to request scan access to other files by name, with the expectation that it would receive an fmap in response. Specifically, when the first file in a split archive is scanned, the parser could request fmaps for subsequent files to provide to the archive extraction library. Direct scanning of files other than the first file in a split archive will skip, because they are split and are not the first file.

Category: Risky/Exploratory, Core Development

What you will learn from this project:

ClamAV and Sigtool internals
Socket programming

Required skills:

C and C++ development experience.

Project Size: Large

+ + diff -Nru clamav-0.103.0+dfsg/docs/html/UserManual/development.html clamav-0.103.2+dfsg/docs/html/UserManual/development.html --- clamav-0.103.0+dfsg/docs/html/UserManual/development.html 2020-09-13 00:27:11.000000000 +0000 +++ clamav-0.103.2+dfsg/docs/html/UserManual/development.html 2021-04-06 19:04:06.000000000 +0000 @@ -6,6 +6,43 @@ + @@ -15,6 +52,7 @@

ClamAV Development
Introduction
Contributing to ClamAV
Building ClamAV for Development
- Satisfying Build Dependencies
- macOS
- Download the Source
- Building ClamAV with CMake
- Linux/Unix
- Windows
- Testing with CTest
- Unit Tests
- Integration Tests
- Feature Tests
- Building ClamAV with Autotools
- Running ./autogen.sh
- Running ./configure
- --gen-json: Print some additional debug information in a JSON format
- --statistics=pcre --statistics=bytecode: Print execution statistics on any PCRE and bytecode rules that were evaluated
- --dev-performance: Print per-file statistics regarding how long scanning took and the times spent in various scanning stages
- --detect-broken: This will attempt to detect broken executable files. If an executable is determined to be broken, some functionality might not get invoked for the sample, and this could be an indication of an issue parsing the PE header or file. This causes those binary to generate an alert instead of just continuing on. NOTE: This will be renamed to --alert-broken starting in ClamAV 0.101.
- --max-filesize=2000M --max-scansize=2000M --max-files=2000000 --max-recursion=2000000 --max-embeddedpe=2000M --max-htmlnormalize=2000000 --max-htmlnotags=2000000 --max-scriptnormalize=2000000 --max-ziptypercg=2000000 --max-partitions=2000000 --max-iconspe=2000000 --max-rechwp3=2000000 --pcre-match-limit=2000000 --pcre-recmatch-limit=2000000 --pcre-max-filesize=2000M:
- --alert-broken: This will attempt to detect broken executable files. If an executable is determined to be broken, some functionality might not get invoked for the sample, and this could be an indication of an issue parsing the PE header or file. This causes those binary to generate an alert instead of just continuing on. This flag replaces the --detect-broken flag from releases prior to 0.101.
- --max-filesize=2000M --max-scansize=2000M --max-files=2000000 --max-recursion=2000000 --max-embeddedpe=2000M --max-htmlnormalize=2000000 --max-htmlnotags=2000000 --max-scriptnormalize=2000000 --max-ziptypercg=2000000 --max-partitions=2000000 --max-iconspe=2000000 --max-rechwp3=2000000 --pcre-match-limit=2000000 --pcre-recmatch-limit=2000000 --pcre-max-filesize=2000M --max-scantime=2000000:
Effectively disables all file limits and maximums for scanning. This is useful if you'd like to ensure that all files in a set get scanned, and would prefer clam to just run slowly or crash rather than skip a file because it encounters one of these thresholds

The following are useful flags to include when debugging rules that you're
@@ -450,5 +555,10 @@ pread64(3, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 65536, 15597568) = 65536
More documentation on using strace to perform system call fault injection, see this presentation from FOSDEM 2017.
+
Running ClamAV with AddressSanitizer (ASAN)
+
Building ClamAV with ASAN support can be extremely useful in detecting memory corruption and memory leaks. To build with ASAN, use a ..\configure line like the following:
+
```
+    CFLAGS="-ggdb -O0 -fsanitize=address -fno-omit-frame-pointer" LDFLAGS="-fsanitize=address" CXXFLAGS="-ggdb -O0 -fsanitize=address -fno-omit-frame-pointer" OBJCFLAGS="-ggdb -O0 -fsanitize=address -fno-omit-frame-pointer" ../configure --prefix=`pwd`/../installed --enable-debug --enable-libjson --with-systemdsystemunitdir=no --enable-experimental --enable-clamdtop --enable-libjson --enable-xml --enable-pcre --disable-llvm
+
```
diff -Nru clamav-0.103.0+dfsg/docs/html/UserManual/Installation-Unix/Steps-Debian-Ubuntu.html clamav-0.103.2+dfsg/docs/html/UserManual/Installation-Unix/Steps-Debian-Ubuntu.html --- clamav-0.103.0+dfsg/docs/html/UserManual/Installation-Unix/Steps-Debian-Ubuntu.html 2020-09-13 00:27:17.000000000 +0000 +++ clamav-0.103.2+dfsg/docs/html/UserManual/Installation-Unix/Steps-Debian-Ubuntu.html 2021-04-06 19:04:10.000000000 +0000 @@ -22,7 +22,7 @@

Install library dependencies



-sudo apt-get install openssl libssl-dev libcurl4-openssl-dev zlib1g-dev libpng-dev libxml2-dev libjson-c-dev libbz2-dev libpcre3-dev ncurses-dev

+sudo apt-get install openssl libssl-dev libcurl4-openssl-dev zlib1g-dev libpng-dev libxml2-dev libjson-c-dev libbz2-dev libpcre2-dev ncurses-dev

(very optional) Those wishing to use clamav-milter may wish to install the following



diff -Nru clamav-0.103.0+dfsg/docs/html/UserManual/Installation-Windows.html clamav-0.103.2+dfsg/docs/html/UserManual/Installation-Windows.html
--- clamav-0.103.0+dfsg/docs/html/UserManual/Installation-Windows.html	2020-09-13 00:27:09.000000000 +0000
+++ clamav-0.103.2+dfsg/docs/html/UserManual/Installation-Windows.html	2021-04-06 19:04:04.000000000 +0000
@@ -15,9 +15,9 @@
 Install using the ClamAV Windows Installer
 Important: Installing ClamAV using the Installer will require Administrator privileges.
 
-Download: http://www.clamav.net/downloads/production/ClamAV-0.102.3.exe
+Download: http://www.clamav.net/downloads/production/ClamAV-0.103.1.exe
 Locate the file in your Downloads directory.
-Right-click on ClamAV-0.102.3.exe and select Run as administrator. You may receive a warning message along the lines of "Windows protected your PC". Select More info and then select Run anyway.
+Right-click on ClamAV-0.103.1.exe and select Run as administrator. You may receive a warning message along the lines of "Windows protected your PC". Select More info and then select Run anyway.
 Select I accept the agreement and click Next.
 Click Next again. If you've removed a previous installation of ClamAV, you may receive the prompt "The folder ... already exists...". If you do, select Yes.
 Click Install.
@@ -36,9 +36,9 @@
 
 Install using the ClamAV Portable Install Package
 
-Download: https://www.clamav.net/downloads/production/clamav-0.102.3-win-x64-portable.zip
+Download: https://www.clamav.net/downloads/production/clamav-0.103.1-win-x64-portable.zip
 Unzip it.
-Open the clamav-0.102.3-win-x64-portable directory.
+Open the clamav-0.103.1-win-x64-portable directory.
 Hold down Shift and then right-click on the background in the current directory (but not on one of the files). Select "Open PowerShell window here". If that option doesn't appear, try again.
 
 Continue on to "First Time Set-Up"...
@@ -65,6 +65,25 @@

WordPad will pop up. Delete the line that says "Example". You may also wish to set additional options to enable features or alter default behavior, such as enabling logging. Save the file and close WordPad.

Additional notes about the config files and database directories

The install directory is but one of a few locations ClamAV may search for configs and for signature databases.

Config files path search order

The content of the registry key:
+"HKEY_LOCAL_MACHINE/Software/ClamAV/ConfDir"
The directory where libclamav.dll is located:
+"C:\Program Files\ClamAV"
"C:\ClamAV"

Database files path search order

The content of the registry key:
+"HKEY_LOCAL_MACHINE/Software/ClamAV/DataDir"
The directory "database" inside the directory where libclamav.dll is located:
+"C:\Program Files\ClamAV\database"
"C:\ClamAV\db"

Next Steps

Download the Signature Databases

@@ -102,8 +121,8 @@

Faster a-la-carte Scanning with `clamd`

You may have noticed that clamscan takes a while to get started. This is because it loads the signature database each time you start a scan. If you require faster scanning of individual files, you will want to use clamd with clamdscan instead.

Faster a-la-carte Scanning with ClamD

You may have noticed that clamscan.exe takes a while to get started. This is because it loads the signature database each time you start a scan. If you require faster scanning of individual files, you will want to use clamd.exe with clamdscan.exe instead. Please note that many of the command line options for clamscan should instead be configured in clamd.conf when using clamd.exe.

Continuing in the PowerShell window:

Run:
@@ -111,13 +130,33 @@ .\clamd.exe

The application will take a moment to load and then appear to hang, but it is in fact waiting for scanning commands from clamdscan.

The application will take a moment to load and then appear to hang, but it is in fact waiting for scanning commands from clamdscan.exe.

Open a second PowerShell window as you did above, in the same directory.
In the second PowerShell window, you can now run clamdscan much the same way you did with clamscan above.
+
In the second PowerShell window, you can now run clamdscan.exe much the same way you did with clamscan.exe above.
```
 .\clamdscan.exe .

 
```

Additional Notes about Windows-specific Issues

Globbing

Since the Windows command prompt doesn't take care of wildcard expansion, minimal emulation of unix glob() is performed internally. It supports * and ? only.

File paths

Please always use the backslash as the path separator. SMB Network shares and UNC paths are supported.

Socket and libclamav API Input

The Windows version of ClamAV requires all the input to be UTF-8 encoded.

This affects:

The API, notably the cl_scanfile() function
ClamD socket input, e.g. the commands SCAN, CONTSCAN, MUTLISCAN, etc.
ClamD socket output, i.e replies to the above queries

For legacy reasons ANSI (i.e. CP_ACP) input will still be accepted and processed as before, but with two important remarks:

Socket replies to ANSI queries will still be UTF-8 encoded.
ANSI sequences which are also valid UTF-8 sequences will be handled as UTF-8.

As a side note, console output (stdin and stderr) will always be OEM encoded, even when redirected to a file.

diff -Nru clamav-0.103.0+dfsg/docs/html/UserManual/Introduction.html clamav-0.103.2+dfsg/docs/html/UserManual/Introduction.html --- clamav-0.103.0+dfsg/docs/html/UserManual/Introduction.html 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/docs/html/UserManual/Introduction.html 2021-04-06 19:04:04.000000000 +0000 @@ -49,6 +49,7 @@

SIS (SymbianOS packages)

AutoIt

InstallShield

ESTsoft EGG

Supports Windows executable file parsing, also known as Portable Executables (PE) both 32/64-bit, including PE files that are compressed or obfuscated with:

AsPack

UPX

@@ -79,56 +80,59 @@

Clam AntiVirus is highly cross-platform. The development team cannot test every OS, so we have chosen to test ClamAV using the two most recent Long Term Support (LTS) versions of each of the most popular desktop operating systems. Our regularly tested operating systems include:

GNU/Linux
Alpine +
- 3.11 (64bit)
Ubuntu
- 16.04
- 18.04
- 18.04 (64bit, 32bit)
- 20.04 (64bit)
Debian
- 7
- 8
- 9 (64bit, 32bit)
- 10 (64bit, 32bit)
CentOS
- 6
- 7
- 7 (64bit, 32bit)
- 8 (64bit)
UNIX
Solaris +
Fedora
- 11
- 30 (64bit)
- 31 (64bit)
UNIX
FreeBSD
- 11
- 12
- 11 (64bit)
- 12 (64bit)
macOS
- 10.13 (High Sierra)
- 10.14 (Mojave)
- 10.15 (Catalina)
Windows
7
10
7 (64bit, 32bit)
10 (64bit, 32bit)

Recommended System Requirements

The following minimum recommended system requirements are for using clamscan or clamd and clamdscan binaries with the standard ClamAV signature database provided by Cisco.

Minimum recommended RAM:

Minimum recommended RAM for ClamAV:

FreeBSD and Linux server edition: 1 GiB+
FreeBSD and Linux server edition: 2 GiB+
Linux non-server edition: 2 GiB+
Windows 7 & 10 32-bit: 2 GiB+
Windows 7 & 10 64-bit: 3 GiB+
macOS: 3 GiB+

Minimum recommended CPU:

Minimum recommended CPU for ClamAV:

FreeBSD and Linux systems: 1 CPU 2.0 Ghz+
Windows 7 & 10: 1 CPU 2.0 Ghz+
OSX: 2 CPUs at 2.0 Ghz+
1 CPUs at 2.0 Ghz+

Minimum available hard disk space required:

For the ClamAV application we recommend having 5 GB of free space available. This recommendation is in addition to the recommended disk space for each OS.

@@ -153,7 +157,7 @@ /server irc.freenode.net /join #clamav -

If you prefer Discord over IRC, join the ClamAV Discord chat server. The ClamAV Discord #general, and #irc-verbose channels are bridged with the #clamav IRC channel using a pair of bots to relay messages.

Submitting New or Otherwise Undetected Malware

If you've got a virus which is not detected by the current version of ClamAV using the latest signature databases, please submit the sample for review at our website:

diff -Nru clamav-0.103.0+dfsg/docs/html/UserManual/Signatures/FileTypes.html clamav-0.103.2+dfsg/docs/html/UserManual/Signatures/FileTypes.html --- clamav-0.103.0+dfsg/docs/html/UserManual/Signatures/FileTypes.html 2020-09-13 00:27:16.000000000 +0000 +++ clamav-0.103.2+dfsg/docs/html/UserManual/Signatures/FileTypes.html 2021-04-06 19:04:09.000000000 +0000 @@ -71,9 +71,11 @@ | `CL_TYPE_CPIO_OLD` | CPIO Archive (OLD, Little Endian or Big Endian) | | `CL_TYPE_CRYPTFF` | Files encrypted by CryptFF malware | | `CL_TYPE_DMG` | Apple DMG Archive | +| `CL_TYPE_EGG` | ESTSoft EGG Archive, new in 0.102 | | `CL_TYPE_ELF` | ELF Executable (Linux/Unix program or library) | +| `CL_TYPE_GIF` | GIF Graphics File, new in 0.103 | | `CL_TYPE_GPT` | Disk Image - GUID Partition Table | -| `CL_TYPE_GRAPHICS` | TIFF (Little Endian or Big Endian) | +| `CL_TYPE_GRAPHICS` | Other graphics files; BMP, JPEG2000 | | `CL_TYPE_GZ` | GZip Compressed File | | `CL_TYPE_HTML_UTF16` | Wide-Character / UTF16 encoded HTML | | `CL_TYPE_HTML` | HTML data | @@ -83,6 +85,7 @@ | `CL_TYPE_ISHIELD_MSI` | Windows Install Shield MSI installer | | `CL_TYPE_ISO9660` | ISO 9660 file system for optical disc media | | `CL_TYPE_JAVA` | Java Class File | +| `CL_TYPE_JPEG` | JPEG Graphics File, new in 0.103.1 | | `CL_TYPE_LNK` | Microsoft Windows Shortcut File | | `CL_TYPE_MACHO_UNIBIN` | Universal Binary/Java Bytecode | | `CL_TYPE_MACHO` | Apple/NeXTSTEP Mach-O Executable file format | @@ -102,6 +105,7 @@ | `CL_TYPE_OOXML_XL` | Microsoft Office Open Excel 2007+ | | `CL_TYPE_PART_HFSPLUS` | Apple HFS+ partition | | `CL_TYPE_PDF` | Adobe PDF document | +| `CL_TYPE_PNG` | PNG Graphics File, new in 0.103 | | `CL_TYPE_POSIX_TAR` | TAR archive | | `CL_TYPE_PS` | Postscript | | `CL_TYPE_RAR` | RAR Archive | @@ -116,6 +120,7 @@ | `CL_TYPE_TEXT_UTF16BE` | UTF-16BE text | | `CL_TYPE_TEXT_UTF16LE` | UTF-16LE text | | `CL_TYPE_TEXT_UTF8` | UTF-8 text | +| `CL_TYPE_TIFF` | TIFF Graphics File (Little or Big Endian), new in 0.103.1 | | `CL_TYPE_TNEF` | Microsoft Outlook & Exchange email attachment format | | `CL_TYPE_UUENCODED` | UUEncoded (Unix-to-Unix) binary file (Unix email attachment) | | `CL_TYPE_XAR` | XAR Archive | diff -Nru clamav-0.103.0+dfsg/docs/Makefile.am clamav-0.103.2+dfsg/docs/Makefile.am --- clamav-0.103.0+dfsg/docs/Makefile.am 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/docs/Makefile.am 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ # -# Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. # Copyright (C) 2007-2013 Sourcefire, Inc. # Copyright (C) 2002-2007 Tomasz Kojm # diff -Nru clamav-0.103.0+dfsg/docs/Makefile.in clamav-0.103.2+dfsg/docs/Makefile.in --- clamav-0.103.0+dfsg/docs/Makefile.in 2020-09-13 00:27:51.000000000 +0000 +++ clamav-0.103.2+dfsg/docs/Makefile.in 2021-04-06 19:04:43.000000000 +0000 @@ -15,7 +15,7 @@ @SET_MAKE@ # -# Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. # Copyright (C) 2007-2013 Sourcefire, Inc. # Copyright (C) 2002-2007 Tomasz Kojm # diff -Nru clamav-0.103.0+dfsg/docs/man/clamd.conf.5.in clamav-0.103.2+dfsg/docs/man/clamd.conf.5.in --- clamav-0.103.0+dfsg/docs/man/clamd.conf.5.in 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/docs/man/clamd.conf.5.in 2021-04-06 19:03:42.000000000 +0000 @@ -477,6 +477,11 @@ .br Default: no .TP +\fBAlertBrokenMedia BOOL\fR +Alert on broken graphics files (JPEG, TIFF, PNG, GIF). +.br +Default: no +.TP \fBAlertEncrypted BOOL\fR Alert on encrypted archives and documents (encrypted .zip, .7zip, .rar, .pdf). .br @@ -535,7 +540,7 @@ Default: 100M .TP \fBMaxFileSize SIZE\fR -Files larger than this limit won't be scanned. Affects the input file itself as well as files contained inside it (when the input file is an archive, a document or some other kind of container). \fBWarning: disabling this limit or setting it too high may result in severe damage to the system.\fR +Files larger than this limit won't be scanned. Affects the input file itself as well as files contained inside it (when the input file is an archive, a document or some other kind of container). \fBWarning: disabling this limit or setting it too high may result in severe damage to the system. Technical design limitations prevent ClamAV from scanning files greater than 2 GB at this time.\fR .br Default: 25M .TP diff -Nru clamav-0.103.0+dfsg/docs/man/freshclam.1.in clamav-0.103.2+dfsg/docs/man/freshclam.1.in --- clamav-0.103.0+dfsg/docs/man/freshclam.1.in 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/docs/man/freshclam.1.in 2021-04-06 19:03:42.000000000 +0000 @@ -10,7 +10,7 @@ freshclam is a virus database update tool for ClamAV. .SH "OPTIONS" .LP -Freshclam reads its configuration from freshclam.conf. The settings can be overwritten with command line options. +FreshClam reads its configuration from freshclam.conf. The settings can be overwritten with command line options. .TP \fB\-h, \-\-help\fR Output help information and exit. diff -Nru clamav-0.103.0+dfsg/docs/man/freshclam.conf.5.in clamav-0.103.2+dfsg/docs/man/freshclam.conf.5.in --- clamav-0.103.0+dfsg/docs/man/freshclam.conf.5.in 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/docs/man/freshclam.conf.5.in 2021-04-06 19:03:42.000000000 +0000 @@ -92,7 +92,7 @@ Default: 12 .TP \fBDNSDatabaseInfo STRING\fR -Use DNS to verify the virus database version. Freshclam uses DNS TXT records to verify the versions of the database and software itself. With this directive you can change the database verification domain. +Use DNS to verify the virus database version. FreshClam uses DNS TXT records to verify the versions of the database and software itself. With this directive you can change the database verification domain. .br \fBWARNING:\fR Please don't change it unless you're configuring freshclam to use your own database verification domain. .br @@ -203,11 +203,6 @@ .br Default: 0 .TP -\fBSafeBrowsing BOOL\fR -This option enables support for Google Safe Browsing. When activated for the first time, freshclam will download a new database file (safebrowsing.cvd) which will be automatically loaded by clamd and clamscan during the next reload, provided that the heuristic phishing detection is turned on. This database includes information about websites that may be phishing sites or possible sources of malware. When using this option, it's mandatory to run freshclam at least every 30 minutes. Freshclam uses the ClamAV's mirror infrastructure to distribute the database and its updates but all the contents are provided under Google's terms of use. See https://support.google.com/code/answer/70015 and https://www.clamav.net/documents/safebrowsing for more information. -.br -Default: no -.TP \fBBytecode BOOL\fR This option enables downloading of bytecode.cvd, which includes additional detection mechanisms and improvements to the ClamAV engine. .br diff -Nru clamav-0.103.0+dfsg/etc/clamd.conf.sample clamav-0.103.2+dfsg/etc/clamd.conf.sample --- clamav-0.103.0+dfsg/etc/clamd.conf.sample 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/etc/clamd.conf.sample 2021-04-06 19:03:42.000000000 +0000 @@ -301,6 +301,11 @@ # Default: no #AlertBrokenExecutables yes +# With this option clamav will try to detect broken media file (JPEG, +# TIFF, PNG, GIF) and alert on them with a Broken.Media heuristic signature. +# Default: no +#AlertBrokenMedia yes + # Alert on encrypted archives _and_ documents with heuristic signature # (encrypted .zip, .7zip, .rar, .pdf). # Default: no @@ -519,6 +524,8 @@ # Value of 0 disables the limit. # Note: disabling this limit or setting it too high may result in severe damage # to the system. +# Technical design limitations prevent ClamAV from scanning files greater than +# 2 GB at this time. # Default: 25M #MaxFileSize 30M @@ -783,4 +790,3 @@ # # Default: 5000 # BytecodeTimeout 1000 - diff -Nru clamav-0.103.0+dfsg/etc/freshclam.conf.sample clamav-0.103.2+dfsg/etc/freshclam.conf.sample --- clamav-0.103.0+dfsg/etc/freshclam.conf.sample 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/etc/freshclam.conf.sample 2021-04-06 19:03:42.000000000 +0000 @@ -58,7 +58,7 @@ # Default: clamav (may depend on installation options) #DatabaseOwner clamav -# Use DNS to verify virus database version. Freshclam uses DNS TXT records +# Use DNS to verify virus database version. FreshClam uses DNS TXT records # to verify database and software versions. With this directive you can change # the database verification domain. # WARNING: Do not touch it unless you're configuring freshclam to use your @@ -148,6 +148,7 @@ #NotifyClamd /path/to/clamd.conf # Run command after successful database update. +# Use EXIT_1 to return 1 after successful database update. # Default: disabled #OnUpdateExecute command @@ -176,26 +177,14 @@ # Default: 0 #ReceiveTimeout 1800 -# With this option enabled, freshclam will attempt to load new -# databases into memory to make sure they are properly handled -# by libclamav before replacing the old ones. +# With this option enabled, freshclam will attempt to load new databases into +# memory to make sure they are properly handled by libclamav before replacing +# the old ones. +# Tip: This feature uses a lot of RAM. If your system has limited RAM and you +# are actively running ClamD or ClamScan during the update, then you may need +# to set `TestDatabases no`. # Default: yes -#TestDatabases yes - -# This option enables support for Google Safe Browsing. When activated for -# the first time, freshclam will download a new database file -# (safebrowsing.cvd) which will be automatically loaded by clamd and -# clamscan during the next reload, provided that the heuristic phishing -# detection is turned on. This database includes information about websites -# that may be phishing sites or possible sources of malware. When using this -# option, it's mandatory to run freshclam at least every 30 minutes. -# Freshclam uses the ClamAV's mirror infrastructure to distribute the -# database and its updates but all the contents are provided under Google's -# terms of use. -# See https://transparencyreport.google.com/safe-browsing/overview -# and https://www.clamav.net/documents/safebrowsing for more information. -# Default: no -#SafeBrowsing yes +#TestDatabases no # This option enables downloading of bytecode.cvd, which includes additional # detection mechanisms and improvements to the ClamAV engine. diff -Nru clamav-0.103.0+dfsg/etc/Makefile.am clamav-0.103.2+dfsg/etc/Makefile.am --- clamav-0.103.0+dfsg/etc/Makefile.am 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/etc/Makefile.am 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ # -# Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. # Copyright (C) 2007-2013 Sourcefire, Inc. # Copyright (C) 2002-2007 Tomasz Kojm # diff -Nru clamav-0.103.0+dfsg/etc/Makefile.in clamav-0.103.2+dfsg/etc/Makefile.in --- clamav-0.103.0+dfsg/etc/Makefile.in 2020-09-13 00:27:51.000000000 +0000 +++ clamav-0.103.2+dfsg/etc/Makefile.in 2021-04-06 19:04:43.000000000 +0000 @@ -15,7 +15,7 @@ @SET_MAKE@ # -# Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. # Copyright (C) 2007-2013 Sourcefire, Inc. # Copyright (C) 2002-2007 Tomasz Kojm # diff -Nru clamav-0.103.0+dfsg/examples/CMakeLists.txt clamav-0.103.2+dfsg/examples/CMakeLists.txt --- clamav-0.103.0+dfsg/examples/CMakeLists.txt 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/examples/CMakeLists.txt 2021-04-06 19:03:42.000000000 +0000 @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2020-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. cmake_minimum_required( VERSION 3.12...3.13 ) diff -Nru clamav-0.103.0+dfsg/examples/ex1.c clamav-0.103.2+dfsg/examples/ex1.c --- clamav-0.103.0+dfsg/examples/ex1.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/examples/ex1.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,7 +1,7 @@ /* * Compilation: gcc -Wall ex1.c -o ex1 -lclamav * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * Author: Tomasz Kojm * diff -Nru clamav-0.103.0+dfsg/freshclam/CMakeLists.txt clamav-0.103.2+dfsg/freshclam/CMakeLists.txt --- clamav-0.103.0+dfsg/freshclam/CMakeLists.txt 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/freshclam/CMakeLists.txt 2021-04-06 19:03:42.000000000 +0000 @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2020-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. cmake_minimum_required( VERSION 3.12...3.13 ) diff -Nru clamav-0.103.0+dfsg/freshclam/freshclam.c clamav-0.103.2+dfsg/freshclam/freshclam.c --- clamav-0.103.0+dfsg/freshclam/freshclam.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/freshclam/freshclam.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * Copyright (C) 2002-2007 Tomasz Kojm * @@ -158,7 +158,7 @@ printf("\n"); printf(" Clam AntiVirus: Database Updater %s\n", get_version()); printf(" By The ClamAV Team: https://www.clamav.net/about.html#credits\n"); - printf(" (C) 2020 Cisco Systems, Inc.\n"); + printf(" (C) 2021 Cisco Systems, Inc.\n"); printf("\n"); printf(" freshclam [options]\n"); printf("\n"); @@ -184,7 +184,8 @@ printf(" --datadir=DIRECTORY Download new databases into DIRECTORY\n"); printf(" --daemon-notify[=/path/clamd.conf] Send RELOAD command to clamd\n"); printf(" --local-address=IP -a IP Bind to IP for HTTP downloads\n"); - printf(" --on-update-execute=COMMAND Execute COMMAND after successful update\n"); + printf(" --on-update-execute=COMMAND Execute COMMAND after successful update.\n"); + printf(" Use EXIT_1 to return 1 after successful database update.\n"); printf(" --on-error-execute=COMMAND Execute COMMAND if errors occurred\n"); printf(" --on-outdated-execute=COMMAND Execute COMMAND when software is outdated\n"); printf(" --update-db=DBNAME Only update database DBNAME\n"); @@ -260,7 +261,7 @@ ret = FC_ETESTFAIL; } if (FC_SUCCESS != ret) { - logg("^Database load exited with \"%s\" (%d)\n", fc_strerror(ret), ret); + logg("^Database load exited with \"%s\"\n", fc_strerror(ret)); status = FC_ETESTFAIL; goto done; } @@ -275,11 +276,19 @@ logg("^pipe() failed: %s\n", strerror(errno)); ret = fc_test_database(dbFilename, fc_context->bBytecodeEnabled); if (FC_SUCCESS != ret) { - logg("^Database load exited with \"%s\" (%d)\n", fc_strerror(ret), ret); + logg("^Database load exited with \"%s\"\n", fc_strerror(ret)); status = FC_ETESTFAIL; goto done; } } else { + /* + * Attempt to test database in a child process. + */ + + /* We need to be able to wait for the child process ourselves. + * We'll re-enable wait in the global handler when we're done. */ + g_sigchildWait = 0; + switch (pid = fork()) { case -1: { /* @@ -293,7 +302,7 @@ /* Test the database without forking. */ ret = fc_test_database(dbFilename, fc_context->bBytecodeEnabled); if (FC_SUCCESS != ret) { - logg("^Database load exited with \"%s\" (%d)\n", fc_strerror(ret), ret); + logg("^Database load exited with \"%s\"\n", fc_strerror(ret)); status = FC_ETESTFAIL; goto done; } @@ -358,7 +367,7 @@ if (WIFEXITED(stat_loc)) { ret = (fc_error_t)WEXITSTATUS(stat_loc); if (FC_SUCCESS != ret) { - logg("^Database load exited with \"%s\" (%d)\n", fc_strerror(ret), ret); + logg("^Database load exited with \"%s\"\n", fc_strerror(ret)); status = FC_ETESTFAIL; goto done; } @@ -391,6 +400,7 @@ logg("!Database test FAILED.\n"); } + /* Re-enable the global handler's child process wait */ g_sigchildWait = 1; return status; @@ -545,7 +555,7 @@ /** * @brief Get the database server list object * - * @param opts Freshclam options struct. + * @param opts FreshClam options struct. * @param serverList [out] List of servers. * @param nServers [out] Number of servers in list. * @param bPrivate [out] Non-zero if PrivateMirror servers were selected. @@ -1453,7 +1463,7 @@ (void *)fc_context, &nUpdated); if (FC_SUCCESS != ret) { - logg("!Database update process failed: %s (%d)\n", fc_strerror(ret), ret); + logg("!Database update process failed: %s\n", fc_strerror(ret)); status = ret; goto done; } @@ -1470,7 +1480,7 @@ (void *)fc_context, &nUpdated); if (FC_SUCCESS != ret) { - logg("!Database update process failed: %s (%d)\n", fc_strerror(ret), ret); + logg("!Database update process failed: %s\n", fc_strerror(ret)); status = ret; goto done; } @@ -1480,18 +1490,11 @@ } if (0 < nTotalUpdated) { - if (NULL != notifyClamd) + if (NULL != notifyClamd) { notify(notifyClamd); - - if (NULL != onUpdateExecute) { - execute("OnUpdateExecute", onUpdateExecute, bDaemonized); } } - if ((NULL != newVersion) && (NULL != onOutdatedExecute)) { - executeIfNewVersion(onOutdatedExecute, newVersion, bDaemonized); - } - status = FC_SUCCESS; done: @@ -1502,6 +1505,20 @@ cli_rmdirs(g_freshclamTempDirectory); } } + + if (FC_SUCCESS == status) { + /* Run Execute commands after we clean up the temp directory, + * in case they want us to EXIT */ + if (0 < nTotalUpdated) { + if (NULL != onUpdateExecute) { + execute("OnUpdateExecute", onUpdateExecute, bDaemonized); + } + } + if ((NULL != newVersion) && (NULL != onOutdatedExecute)) { + executeIfNewVersion(onOutdatedExecute, newVersion, bDaemonized); + } + } + if (NULL != dnsUpdateInfo) { free(dnsUpdateInfo); } @@ -1684,16 +1701,6 @@ status = ret; goto done; } - if (optget(opts, "SafeBrowsing")->enabled) { - if (FC_SUCCESS != (ret = string_list_add("safebrowsing", &optInList, &nOptIns))) { - free_string_list(optInList, nOptIns); - optInList = NULL; - - mprintf("!Failed to add safebrowsing to list of opt-in databases.\n"); - status = ret; - goto done; - } - } /* * Collect list of database opt-outs. @@ -1925,7 +1932,7 @@ alarm(0); #endif - if (ret > 1) { + if (ret > FC_UPTODATE) { if ((opt = optget(opts, "OnErrorExecute"))->enabled) arg = opt->strarg; @@ -1933,6 +1940,14 @@ execute("OnErrorExecute", arg, optget(opts, "daemon")->enabled); arg = NULL; + + if (FC_EFORBIDDEN == ret) { + /* We're being actively blocked, which is a fatal error. Exit. */ + logg("^FreshClam was forbidden from downloading a database.\n"); + logg("^This is fatal. Retrying later won't help. Exiting now.\n"); + status = ret; + goto done; + } } logg("#--------------------------------------\n"); diff -Nru clamav-0.103.0+dfsg/freshclam/Makefile.am clamav-0.103.2+dfsg/freshclam/Makefile.am --- clamav-0.103.0+dfsg/freshclam/Makefile.am 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/freshclam/Makefile.am 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ # -# Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. # Copyright (C) 2007-2013 Sourcefire, Inc. # Copyright (C) 2002-2007 Tomasz Kojm # Fixes - Arkadiusz Miskiewicz diff -Nru clamav-0.103.0+dfsg/freshclam/Makefile.in clamav-0.103.2+dfsg/freshclam/Makefile.in --- clamav-0.103.0+dfsg/freshclam/Makefile.in 2020-09-13 00:27:51.000000000 +0000 +++ clamav-0.103.2+dfsg/freshclam/Makefile.in 2021-04-06 19:04:43.000000000 +0000 @@ -15,7 +15,7 @@ @SET_MAKE@ # -# Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. # Copyright (C) 2007-2013 Sourcefire, Inc. # Copyright (C) 2002-2007 Tomasz Kojm # Fixes - Arkadiusz Miskiewicz diff -Nru clamav-0.103.0+dfsg/freshclam/notify.c clamav-0.103.2+dfsg/freshclam/notify.c --- clamav-0.103.0+dfsg/freshclam/notify.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/freshclam/notify.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2002-2013 Sourcefire, Inc. * * This program is free software; you can redistribute it and/or modify diff -Nru clamav-0.103.0+dfsg/freshclam/notify.h clamav-0.103.2+dfsg/freshclam/notify.h --- clamav-0.103.0+dfsg/freshclam/notify.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/freshclam/notify.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * Copyright (C) 2002-2007 Tomasz Kojm * diff -Nru clamav-0.103.0+dfsg/fuzz/clamav_dbload_fuzzer.cpp clamav-0.103.2+dfsg/fuzz/clamav_dbload_fuzzer.cpp --- clamav-0.103.0+dfsg/fuzz/clamav_dbload_fuzzer.cpp 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/fuzz/clamav_dbload_fuzzer.cpp 2021-04-06 19:03:42.000000000 +0000 @@ -1,7 +1,7 @@ /* * Fuzz target for cl_load() * - * Copyright (C) 2018-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2018-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Authors: Micah Snyder * * Redistribution and use in source and binary forms, with or without diff -Nru clamav-0.103.0+dfsg/fuzz/clamav_scanfile_fuzzer.cpp clamav-0.103.2+dfsg/fuzz/clamav_scanfile_fuzzer.cpp --- clamav-0.103.0+dfsg/fuzz/clamav_scanfile_fuzzer.cpp 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/fuzz/clamav_scanfile_fuzzer.cpp 2021-04-06 19:03:42.000000000 +0000 @@ -1,7 +1,7 @@ /* * Fuzz target for cl_scanfile() * - * Copyright (C) 2018-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2018-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Authors: Micah Snyder, Alex Gaynor * * Redistribution and use in source and binary forms, with or without diff -Nru clamav-0.103.0+dfsg/fuzz/clamav_scanmap_fuzzer.cpp clamav-0.103.2+dfsg/fuzz/clamav_scanmap_fuzzer.cpp --- clamav-0.103.0+dfsg/fuzz/clamav_scanmap_fuzzer.cpp 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/fuzz/clamav_scanmap_fuzzer.cpp 2021-04-06 19:03:42.000000000 +0000 @@ -1,7 +1,7 @@ /* * Fuzz target for cl_scanmap_callback() * - * Copyright (C) 2018-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2018-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Authors: Micah Snyder, Alex Gaynor * * Redistribution and use in source and binary forms, with or without diff -Nru clamav-0.103.0+dfsg/fuzz/run_fuzzer_tests.py clamav-0.103.2+dfsg/fuzz/run_fuzzer_tests.py --- clamav-0.103.0+dfsg/fuzz/run_fuzzer_tests.py 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/fuzz/run_fuzzer_tests.py 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ #!/usr/bin/env python -# Copyright (C) 2018-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2018-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. ''' This script is a convenience tool to run a standalone fuzz target against each diff -Nru clamav-0.103.0+dfsg/libclamav/7z_iface.c clamav-0.103.2+dfsg/libclamav/7z_iface.c --- clamav-0.103.0+dfsg/libclamav/7z_iface.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/7z_iface.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2011-2013 Sourcefire, Inc. * * Authors: aCaB diff -Nru clamav-0.103.0+dfsg/libclamav/7z_iface.h clamav-0.103.2+dfsg/libclamav/7z_iface.h --- clamav-0.103.0+dfsg/libclamav/7z_iface.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/7z_iface.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2011-2013 Sourcefire, Inc. * * Authors: aCaB diff -Nru clamav-0.103.0+dfsg/libclamav/adc.c clamav-0.103.2+dfsg/libclamav/adc.c --- clamav-0.103.0+dfsg/libclamav/adc.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/adc.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2013 Sourcefire, Inc. * * Authors: David Raynor diff -Nru clamav-0.103.0+dfsg/libclamav/adc.h clamav-0.103.2+dfsg/libclamav/adc.h --- clamav-0.103.0+dfsg/libclamav/adc.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/adc.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2013 Sourcefire, Inc. * * Authors: David Raynor diff -Nru clamav-0.103.0+dfsg/libclamav/apm.c clamav-0.103.2+dfsg/libclamav/apm.c --- clamav-0.103.0+dfsg/libclamav/apm.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/apm.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2014-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2014-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Kevin Lin * @@ -53,7 +53,7 @@ struct apm_partition_info aptable, apentry; int ret = CL_CLEAN, detection = CL_CLEAN, old_school = 0; size_t sectorsize, maplen, partsize; - off_t pos = 0, partoff = 0; + size_t pos = 0, partoff = 0; unsigned i; uint32_t max_prtns = 0; @@ -219,8 +219,8 @@ cli_dbgmsg("Type: %s\n", (char *)apentry.type); cli_dbgmsg("Signature: %x\n", apentry.signature); cli_dbgmsg("Partition Count: %u\n", apentry.numPartitions); - cli_dbgmsg("Blocks: [%u, +%u), ([%lu, +%lu))\n", - apentry.pBlockStart, apentry.pBlockCount, (long unsigned)partoff, (long unsigned)partsize); + cli_dbgmsg("Blocks: [%u, +%u), ([%zu, +%zu))\n", + apentry.pBlockStart, apentry.pBlockCount, partoff, partsize); /* send the partition to cli_magic_scan_nested_fmap_type */ ret = cli_magic_scan_nested_fmap_type(*ctx->fmap, partoff, partsize, ctx, CL_TYPE_PART_ANY, (const char *)apentry.name); @@ -245,7 +245,7 @@ struct apm_partition_info apentry; unsigned i, pitxn; int ret = CL_CLEAN, tmp = CL_CLEAN; - off_t pos; + size_t pos; uint32_t max_prtns = 0; int virus_found = 0; diff -Nru clamav-0.103.0+dfsg/libclamav/apm.h clamav-0.103.2+dfsg/libclamav/apm.h --- clamav-0.103.0+dfsg/libclamav/apm.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/apm.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2014-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2014-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Kevin Lin * diff -Nru clamav-0.103.0+dfsg/libclamav/arc4.c clamav-0.103.2+dfsg/libclamav/arc4.c --- clamav-0.103.0+dfsg/libclamav/arc4.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/arc4.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2011-2013 Sourcefire, Inc. * * Author: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/arc4.h clamav-0.103.2+dfsg/libclamav/arc4.h --- clamav-0.103.0+dfsg/libclamav/arc4.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/arc4.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2011-2013 Sourcefire, Inc. * * Author: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/asn1.c clamav-0.103.2+dfsg/libclamav/asn1.c --- clamav-0.103.0+dfsg/libclamav/asn1.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/asn1.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2011-2013 Sourcefire, Inc. * * Authors: aCaB diff -Nru clamav-0.103.0+dfsg/libclamav/asn1.h clamav-0.103.2+dfsg/libclamav/asn1.h --- clamav-0.103.0+dfsg/libclamav/asn1.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/asn1.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2011-2013 Sourcefire, Inc. * * Authors: aCaB diff -Nru clamav-0.103.0+dfsg/libclamav/aspack.c clamav-0.103.2+dfsg/libclamav/aspack.c --- clamav-0.103.0+dfsg/libclamav/aspack.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/aspack.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Luciano Giuseppe 'Pnluck', Alberto Wu diff -Nru clamav-0.103.0+dfsg/libclamav/aspack.h clamav-0.103.2+dfsg/libclamav/aspack.h --- clamav-0.103.0+dfsg/libclamav/aspack.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/aspack.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Luciano Giuseppe 'Pnluck', Alberto Wu diff -Nru clamav-0.103.0+dfsg/libclamav/autoit.c clamav-0.103.2+dfsg/libclamav/autoit.c --- clamav-0.103.0+dfsg/libclamav/autoit.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/autoit.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Alberto Wu diff -Nru clamav-0.103.0+dfsg/libclamav/autoit.h clamav-0.103.2+dfsg/libclamav/autoit.h --- clamav-0.103.0+dfsg/libclamav/autoit.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/autoit.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Alberto Wu diff -Nru clamav-0.103.0+dfsg/libclamav/bcfeatures.h clamav-0.103.2+dfsg/libclamav/bcfeatures.h --- clamav-0.103.0+dfsg/libclamav/bcfeatures.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/bcfeatures.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/binhex.c clamav-0.103.2+dfsg/libclamav/binhex.c --- clamav-0.103.0+dfsg/libclamav/binhex.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/binhex.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2010-2013 Sourcefire, Inc. * * Authors: aCaB diff -Nru clamav-0.103.0+dfsg/libclamav/binhex.h clamav-0.103.2+dfsg/libclamav/binhex.h --- clamav-0.103.0+dfsg/libclamav/binhex.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/binhex.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Nigel Horne diff -Nru clamav-0.103.0+dfsg/libclamav/blob.c clamav-0.103.2+dfsg/libclamav/blob.c --- clamav-0.103.0+dfsg/libclamav/blob.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/blob.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Nigel Horne diff -Nru clamav-0.103.0+dfsg/libclamav/blob.h clamav-0.103.2+dfsg/libclamav/blob.h --- clamav-0.103.0+dfsg/libclamav/blob.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/blob.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Nigel Horne diff -Nru clamav-0.103.0+dfsg/libclamav/builtin_bytecodes.h clamav-0.103.2+dfsg/libclamav/builtin_bytecodes.h --- clamav-0.103.0+dfsg/libclamav/builtin_bytecodes.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/builtin_bytecodes.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,7 +1,7 @@ /* * Builtin ClamAV bytecodes. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2010-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/bytecode_api.c clamav-0.103.2+dfsg/libclamav/bytecode_api.c --- clamav-0.103.0+dfsg/libclamav/bytecode_api.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/bytecode_api.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,7 +1,7 @@ /* * ClamAV bytecode internal API * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/bytecode_api_decl.c clamav-0.103.2+dfsg/libclamav/bytecode_api_decl.c --- clamav-0.103.0+dfsg/libclamav/bytecode_api_decl.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/bytecode_api_decl.c 2021-04-06 19:03:42.000000000 +0000 @@ -2,7 +2,7 @@ * ClamAV bytecode internal API * This is an automatically generated file! * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Redistribution and use in source and binary forms, with or without diff -Nru clamav-0.103.0+dfsg/libclamav/bytecode_api.h clamav-0.103.2+dfsg/libclamav/bytecode_api.h --- clamav-0.103.0+dfsg/libclamav/bytecode_api.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/bytecode_api.h 2021-04-06 19:03:42.000000000 +0000 @@ -146,6 +146,8 @@ FUNC_LEVEL_0103_BETA = 120, /**< LibClamAV release 0.103.0-BETA */ FUNC_LEVEL_0103 = 121, /**< LibClamAV release 0.103.0 */ + FUNC_LEVEL_0103_1 = 122, /**< LibClamAV release 0.103.1 */ + FUNC_LEVEL_0103_2 = 123, /**< LibClamAV release 0.103.2 */ }; /** diff -Nru clamav-0.103.0+dfsg/libclamav/bytecode_api_impl.h clamav-0.103.2+dfsg/libclamav/bytecode_api_impl.h --- clamav-0.103.0+dfsg/libclamav/bytecode_api_impl.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/bytecode_api_impl.h 2021-04-06 19:03:42.000000000 +0000 @@ -2,7 +2,7 @@ * ClamAV bytecode internal API * This is an automatically generated file! * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Redistribution and use in source and binary forms, with or without diff -Nru clamav-0.103.0+dfsg/libclamav/bytecode.c clamav-0.103.2+dfsg/libclamav/bytecode.c --- clamav-0.103.0+dfsg/libclamav/bytecode.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/bytecode.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,7 +1,7 @@ /* * Load, and verify ClamAV bytecode. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/bytecode_detect.c clamav-0.103.2+dfsg/libclamav/bytecode_detect.c --- clamav-0.103.0+dfsg/libclamav/bytecode_detect.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/bytecode_detect.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,7 +1,7 @@ /* * Detect environment for bytecode. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/bytecode_detect.h clamav-0.103.2+dfsg/libclamav/bytecode_detect.h --- clamav-0.103.0+dfsg/libclamav/bytecode_detect.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/bytecode_detect.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Redistribution and use in source and binary forms, with or without diff -Nru clamav-0.103.0+dfsg/libclamav/bytecode.h clamav-0.103.2+dfsg/libclamav/bytecode.h --- clamav-0.103.0+dfsg/libclamav/bytecode.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/bytecode.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,7 +1,7 @@ /* * Load, verify and execute ClamAV bytecode. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/bytecode_hooks.h clamav-0.103.2+dfsg/libclamav/bytecode_hooks.h --- clamav-0.103.0+dfsg/libclamav/bytecode_hooks.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/bytecode_hooks.h 2021-04-06 19:03:42.000000000 +0000 @@ -2,7 +2,7 @@ * ClamAV bytecode internal API * This is an automatically generated file! * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Redistribution and use in source and binary forms, with or without diff -Nru clamav-0.103.0+dfsg/libclamav/bytecode_nojit.c clamav-0.103.2+dfsg/libclamav/bytecode_nojit.c --- clamav-0.103.0+dfsg/libclamav/bytecode_nojit.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/bytecode_nojit.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,7 +1,7 @@ /* * Load, and verify ClamAV bytecode. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/bytecode_priv.h clamav-0.103.2+dfsg/libclamav/bytecode_priv.h --- clamav-0.103.0+dfsg/libclamav/bytecode_priv.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/bytecode_priv.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,7 +1,7 @@ /* * Load, verify and execute ClamAV bytecode. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/bytecode_vm.c clamav-0.103.2+dfsg/libclamav/bytecode_vm.c --- clamav-0.103.0+dfsg/libclamav/bytecode_vm.c 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/bytecode_vm.c 2021-04-06 19:03:42.000000000 +0000 @@ -1,7 +1,7 @@ /* * Execute ClamAV bytecode. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/c++/bytecode2llvm.cpp clamav-0.103.2+dfsg/libclamav/c++/bytecode2llvm.cpp --- clamav-0.103.0+dfsg/libclamav/c++/bytecode2llvm.cpp 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/c++/bytecode2llvm.cpp 2021-04-06 19:03:42.000000000 +0000 @@ -1,7 +1,7 @@ /* * JIT compile ClamAV bytecode. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/c++/ClamBCDiagnostics.h clamav-0.103.2+dfsg/libclamav/c++/ClamBCDiagnostics.h --- clamav-0.103.0+dfsg/libclamav/c++/ClamBCDiagnostics.h 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/c++/ClamBCDiagnostics.h 2021-04-06 19:03:42.000000000 +0000 @@ -1,7 +1,7 @@ /* * Compile LLVM bytecode to ClamAV bytecode. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2010-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/c++/ClamBCRTChecks.cpp clamav-0.103.2+dfsg/libclamav/c++/ClamBCRTChecks.cpp --- clamav-0.103.0+dfsg/libclamav/c++/ClamBCRTChecks.cpp 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/c++/ClamBCRTChecks.cpp 2021-04-06 19:03:42.000000000 +0000 @@ -1,7 +1,7 @@ /* * Compile LLVM bytecode to ClamAV bytecode. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Authors: Török Edvin, Kevin Lin diff -Nru clamav-0.103.0+dfsg/libclamav/c++/detect.cpp clamav-0.103.2+dfsg/libclamav/c++/detect.cpp --- clamav-0.103.0+dfsg/libclamav/c++/detect.cpp 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/c++/detect.cpp 2021-04-06 19:03:42.000000000 +0000 @@ -1,7 +1,7 @@ /* * JIT detection for ClamAV bytecode. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2010-2013 Sourcefire, Inc. * * Authors: Török Edvin @@ -186,4 +186,3 @@ sys::Memory::ReleaseRWX(B); } } - diff -Nru clamav-0.103.0+dfsg/libclamav/c++/Makefile.in clamav-0.103.2+dfsg/libclamav/c++/Makefile.in --- clamav-0.103.0+dfsg/libclamav/c++/Makefile.in 2020-09-13 00:27:40.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/c++/Makefile.in 2021-04-06 19:04:34.000000000 +0000 @@ -5333,8 +5333,8 @@ @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) -@BUILD_EXTERNAL_LLVM_TRUE@clean-local: @BUILD_EXTERNAL_LLVM_TRUE@distclean-local: +@BUILD_EXTERNAL_LLVM_TRUE@clean-local: clean: clean-am clean-am: clean-generic clean-libtool clean-local \ diff -Nru clamav-0.103.0+dfsg/libclamav/cache.c clamav-0.103.2+dfsg/libclamav/cache.c --- clamav-0.103.0+dfsg/libclamav/cache.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/cache.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2010-2013 Sourcefire, Inc. * * Authors: aCaB , Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/cache.h clamav-0.103.2+dfsg/libclamav/cache.h --- clamav-0.103.0+dfsg/libclamav/cache.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/cache.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2010-2013 Sourcefire, Inc. * * Authors: aCaB diff -Nru clamav-0.103.0+dfsg/libclamav/clamav.h clamav-0.103.2+dfsg/libclamav/clamav.h --- clamav-0.103.0+dfsg/libclamav/clamav.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/clamav.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm @@ -191,8 +191,8 @@ #define CL_SCAN_HEURISTIC_STRUCTURED 0x200 /* data loss prevention options, i.e. alert when detecting personal information */ #define CL_SCAN_HEURISTIC_STRUCTURED_SSN_NORMAL 0x400 /* alert when detecting social security numbers */ #define CL_SCAN_HEURISTIC_STRUCTURED_SSN_STRIPPED 0x800 /* alert when detecting stripped social security numbers */ - #define CL_SCAN_HEURISTIC_STRUCTURED_CC 0x1000 /* alert when detecting credit card numbers */ +#define CL_SCAN_HEURISTIC_BROKEN_MEDIA 0x2000 /* alert if a file does not match the identified file format, works with JPEG, TIFF, GIF, PNG */ /* mail scanning options */ #define CL_SCAN_MAIL_PARTIAL_MESSAGE 0x1 diff -Nru clamav-0.103.0+dfsg/libclamav/CMakeLists.txt clamav-0.103.2+dfsg/libclamav/CMakeLists.txt --- clamav-0.103.0+dfsg/libclamav/CMakeLists.txt 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/CMakeLists.txt 2021-04-06 19:03:42.000000000 +0000 @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2020-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. cmake_minimum_required( VERSION 3.12...3.13 ) diff -Nru clamav-0.103.0+dfsg/libclamav/cpio.c clamav-0.103.2+dfsg/libclamav/cpio.c --- clamav-0.103.0+dfsg/libclamav/cpio.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/cpio.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm @@ -103,7 +103,7 @@ unsigned int file = 0, trailer = 0; uint32_t filesize, namesize, hdr_namesize; int ret = CL_CLEAN, conv; - off_t pos = 0; + size_t pos = 0; int virus_found = 0; memset(name, 0, sizeof(name)); @@ -195,7 +195,7 @@ unsigned int file = 0, trailer = 0; uint32_t filesize, namesize, hdr_namesize; int ret = CL_CLEAN; - off_t pos = 0; + size_t pos = 0; int virus_found = 0; while (fmap_readn(*ctx->fmap, &hdr_odc, pos, sizeof(hdr_odc)) == sizeof(hdr_odc)) { @@ -281,7 +281,7 @@ unsigned int file = 0, trailer = 0; uint32_t filesize, namesize, hdr_namesize, pad; int ret = CL_CLEAN; - off_t pos = 0; + size_t pos = 0; int virus_found = 0; memset(name, 0, 513); diff -Nru clamav-0.103.0+dfsg/libclamav/cpio.h clamav-0.103.2+dfsg/libclamav/cpio.h --- clamav-0.103.0+dfsg/libclamav/cpio.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/cpio.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/libclamav/crtmgr.c clamav-0.103.2+dfsg/libclamav/crtmgr.c --- clamav-0.103.0+dfsg/libclamav/crtmgr.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/crtmgr.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2011-2013 Sourcefire, Inc. * * Authors: aCaB diff -Nru clamav-0.103.0+dfsg/libclamav/crtmgr.h clamav-0.103.2+dfsg/libclamav/crtmgr.h --- clamav-0.103.0+dfsg/libclamav/crtmgr.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/crtmgr.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2011-2013 Sourcefire, Inc. * * Authors: aCaB diff -Nru clamav-0.103.0+dfsg/libclamav/cvd.c clamav-0.103.2+dfsg/libclamav/cvd.c --- clamav-0.103.0+dfsg/libclamav/cvd.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/cvd.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/libclamav/cvd.h clamav-0.103.2+dfsg/libclamav/cvd.h --- clamav-0.103.0+dfsg/libclamav/cvd.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/cvd.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/libclamav/dconf.c clamav-0.103.2+dfsg/libclamav/dconf.c --- clamav-0.103.0+dfsg/libclamav/dconf.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/dconf.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm @@ -134,6 +134,7 @@ {"OTHER", "LZW", OTHER_CONF_LZW, 1}, {"OTHER", "GIF", OTHER_CONF_GIF, 1}, {"OTHER", "PNG", OTHER_CONF_PNG, 1}, + {"OTHER", "TIFF", OTHER_CONF_TIFF, 1}, {"PHISHING", "ENGINE", PHISHING_CONF_ENGINE, 1}, {"PHISHING", "ENTCONV", PHISHING_CONF_ENTCONV, 1}, @@ -169,27 +170,21 @@ if (!strcmp(modules[i].mname, "PE")) { if (modules[i].state) dconf->pe |= modules[i].bflag; - } else if (!strcmp(modules[i].mname, "ELF")) { if (modules[i].state) dconf->elf |= modules[i].bflag; - } else if (!strcmp(modules[i].mname, "MACHO")) { if (modules[i].state) dconf->macho |= modules[i].bflag; - } else if (!strcmp(modules[i].mname, "ARCHIVE")) { if (modules[i].state) dconf->archive |= modules[i].bflag; - } else if (!strcmp(modules[i].mname, "DOCUMENT")) { if (modules[i].state) dconf->doc |= modules[i].bflag; - } else if (!strcmp(modules[i].mname, "MAIL")) { if (modules[i].state) dconf->mail |= modules[i].bflag; - } else if (!strcmp(modules[i].mname, "OTHER")) { if (modules[i].state) dconf->other |= modules[i].bflag; diff -Nru clamav-0.103.0+dfsg/libclamav/dconf.h clamav-0.103.2+dfsg/libclamav/dconf.h --- clamav-0.103.0+dfsg/libclamav/dconf.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/dconf.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm @@ -127,6 +127,7 @@ #define OTHER_CONF_LZW 0x400 #define OTHER_CONF_PNG 0x800 #define OTHER_CONF_GIF 0x1000 +#define OTHER_CONF_TIFF 0x2000 /* Phishing flags */ #define PHISHING_CONF_ENGINE 0x1 diff -Nru clamav-0.103.0+dfsg/libclamav/default.h clamav-0.103.2+dfsg/libclamav/default.h --- clamav-0.103.0+dfsg/libclamav/default.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/default.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/libclamav/disasm.c clamav-0.103.2+dfsg/libclamav/disasm.c --- clamav-0.103.0+dfsg/libclamav/disasm.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/disasm.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Authors: aCaB diff -Nru clamav-0.103.0+dfsg/libclamav/disasm-common.h clamav-0.103.2+dfsg/libclamav/disasm-common.h --- clamav-0.103.0+dfsg/libclamav/disasm-common.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/disasm-common.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/disasm.h clamav-0.103.2+dfsg/libclamav/disasm.h --- clamav-0.103.0+dfsg/libclamav/disasm.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/disasm.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Authors: aCaB diff -Nru clamav-0.103.0+dfsg/libclamav/disasmpriv.h clamav-0.103.2+dfsg/libclamav/disasmpriv.h --- clamav-0.103.0+dfsg/libclamav/disasmpriv.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/disasmpriv.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Authors: aCaB diff -Nru clamav-0.103.0+dfsg/libclamav/dlp.c clamav-0.103.2+dfsg/libclamav/dlp.c --- clamav-0.103.0+dfsg/libclamav/dlp.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/dlp.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Simple library to detect and validate SSN and Credit Card numbers. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Martin Roesch diff -Nru clamav-0.103.0+dfsg/libclamav/dlp.h clamav-0.103.2+dfsg/libclamav/dlp.h --- clamav-0.103.0+dfsg/libclamav/dlp.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/dlp.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Simple library to detect and validate SSN and Credit Card numbers. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Martin Roesch diff -Nru clamav-0.103.0+dfsg/libclamav/dmg.c clamav-0.103.2+dfsg/libclamav/dmg.c --- clamav-0.103.0+dfsg/libclamav/dmg.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/dmg.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2013 Sourcefire, Inc. * * Authors: David Raynor @@ -97,7 +97,7 @@ struct dmg_koly_block hdr; int ret; size_t maplen, nread; - off_t pos = 0; + size_t pos = 0; char *dirname; const char *outdata; unsigned int file = 0; @@ -114,11 +114,11 @@ } maplen = (*ctx->fmap)->real_len; - pos = maplen - 512; - if (pos <= 0) { - cli_dbgmsg("cli_scandmg: Sizing problem for DMG archive.\n"); + if (maplen <= 512) { + cli_dbgmsg("cli_scandmg: DMG smaller than DMG koly block!\n"); return CL_CLEAN; } + pos = maplen - 512; /* Grab koly block */ if (fmap_readn(*ctx->fmap, &hdr, pos, sizeof(hdr)) != sizeof(hdr)) { @@ -129,7 +129,7 @@ /* Check magic */ hdr.magic = be32_to_host(hdr.magic); if (hdr.magic == 0x6b6f6c79) { - cli_dbgmsg("cli_scandmg: Found koly block @ %ld\n", (long)pos); + cli_dbgmsg("cli_scandmg: Found koly block @ %zu\n", pos); } else { cli_dbgmsg("cli_scandmg: No koly magic, %8x\n", hdr.magic); return CL_EFORMAT; @@ -179,7 +179,7 @@ } /* scan XML with cli_magic_scan_nested_fmap_type */ - ret = cli_magic_scan_nested_fmap_type(*ctx->fmap, (off_t)hdr.xmlOffset, (size_t)hdr.xmlLength, ctx, CL_TYPE_ANY, NULL); + ret = cli_magic_scan_nested_fmap_type(*ctx->fmap, (size_t)hdr.xmlOffset, (size_t)hdr.xmlLength, ctx, CL_TYPE_ANY, NULL); if (ret != CL_CLEAN) { cli_dbgmsg("cli_scandmg: retcode from scanning TOC xml: %s\n", cl_strerror(ret)); if (!ctx->engine->keeptmp) @@ -844,7 +844,7 @@ } if (strm.avail_out != sizeof(obuf)) { - if (cli_writen(fd, obuf, sizeof(obuf) - strm.avail_out) < 0) { + if (cli_writen(fd, obuf, sizeof(obuf) - strm.avail_out) == (size_t)-1) { cli_errmsg("dmg_stripe_inflate: failed write to output file\n"); inflateEnd(&strm); return CL_EWRITE; diff -Nru clamav-0.103.0+dfsg/libclamav/dmg.h clamav-0.103.2+dfsg/libclamav/dmg.h --- clamav-0.103.0+dfsg/libclamav/dmg.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/dmg.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2013 Sourcefire, Inc. * * Authors: David Raynor diff -Nru clamav-0.103.0+dfsg/libclamav/dsig.c clamav-0.103.2+dfsg/libclamav/dsig.c --- clamav-0.103.0+dfsg/libclamav/dsig.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/dsig.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/libclamav/dsig.h clamav-0.103.2+dfsg/libclamav/dsig.h --- clamav-0.103.0+dfsg/libclamav/dsig.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/dsig.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/libclamav/egg.c clamav-0.103.2+dfsg/libclamav/egg.c --- clamav-0.103.0+dfsg/libclamav/egg.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/egg.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2019-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * EGG is an archive format created by ESTsoft used by their ALZip * archiving software. diff -Nru clamav-0.103.0+dfsg/libclamav/egg.h clamav-0.103.2+dfsg/libclamav/egg.h --- clamav-0.103.0+dfsg/libclamav/egg.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/egg.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2019-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2019-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * EGG is an archive format created by ESTsoft used by their ALZip * archiving software. diff -Nru clamav-0.103.0+dfsg/libclamav/elf.c clamav-0.103.2+dfsg/libclamav/elf.c --- clamav-0.103.0+dfsg/libclamav/elf.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/elf.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/libclamav/elf.h clamav-0.103.2+dfsg/libclamav/elf.h --- clamav-0.103.0+dfsg/libclamav/elf.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/elf.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/libclamav/encoding_aliases.h clamav-0.103.2+dfsg/libclamav/encoding_aliases.h --- clamav-0.103.0+dfsg/libclamav/encoding_aliases.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/encoding_aliases.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * HTML Entity & Encoding normalization. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/entconv.c clamav-0.103.2+dfsg/libclamav/entconv.c --- clamav-0.103.0+dfsg/libclamav/entconv.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/entconv.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * HTML Entity & Encoding normalization. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/entconv.h clamav-0.103.2+dfsg/libclamav/entconv.h --- clamav-0.103.0+dfsg/libclamav/entconv.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/entconv.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * HTML Entity & Encoding normalization. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/entitylist.h clamav-0.103.2+dfsg/libclamav/entitylist.h --- clamav-0.103.0+dfsg/libclamav/entitylist.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/entitylist.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/events.c clamav-0.103.2+dfsg/libclamav/events.c --- clamav-0.103.0+dfsg/libclamav/events.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/events.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * (bytecode) events * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2010-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/events.h clamav-0.103.2+dfsg/libclamav/events.h --- clamav-0.103.0+dfsg/libclamav/events.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/events.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * (bytecode) events * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2010-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/execs.c clamav-0.103.2+dfsg/libclamav/execs.c --- clamav-0.103.0+dfsg/libclamav/execs.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/execs.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2018-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Andrew Williams * diff -Nru clamav-0.103.0+dfsg/libclamav/execs.h clamav-0.103.2+dfsg/libclamav/execs.h --- clamav-0.103.0+dfsg/libclamav/execs.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/execs.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/libclamav/explode.c clamav-0.103.2+dfsg/libclamav/explode.c --- clamav-0.103.0+dfsg/libclamav/explode.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/explode.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Authors: Alberto Wu diff -Nru clamav-0.103.0+dfsg/libclamav/explode.h clamav-0.103.2+dfsg/libclamav/explode.h --- clamav-0.103.0+dfsg/libclamav/explode.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/explode.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Authors: Alberto Wu diff -Nru clamav-0.103.0+dfsg/libclamav/filetypes.c clamav-0.103.2+dfsg/libclamav/filetypes.c --- clamav-0.103.0+dfsg/libclamav/filetypes.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/filetypes.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm @@ -86,6 +86,8 @@ { "CL_TYPE_GRAPHICS", CL_TYPE_GRAPHICS }, { "CL_TYPE_GIF", CL_TYPE_GIF }, { "CL_TYPE_PNG", CL_TYPE_PNG }, + { "CL_TYPE_JPEG", CL_TYPE_JPEG }, + { "CL_TYPE_TIFF", CL_TYPE_TIFF }, { "CL_TYPE_RIFF", CL_TYPE_RIFF }, { "CL_TYPE_BINHEX", CL_TYPE_BINHEX }, { "CL_TYPE_TNEF", CL_TYPE_TNEF }, diff -Nru clamav-0.103.0+dfsg/libclamav/filetypes.h clamav-0.103.2+dfsg/libclamav/filetypes.h --- clamav-0.103.0+dfsg/libclamav/filetypes.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/filetypes.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm @@ -68,6 +68,8 @@ CL_TYPE_GRAPHICS, CL_TYPE_GIF, CL_TYPE_PNG, + CL_TYPE_JPEG, + CL_TYPE_TIFF, CL_TYPE_RIFF, CL_TYPE_BINHEX, CL_TYPE_TNEF, diff -Nru clamav-0.103.0+dfsg/libclamav/filetypes_int.h clamav-0.103.2+dfsg/libclamav/filetypes_int.h --- clamav-0.103.0+dfsg/libclamav/filetypes_int.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/filetypes_int.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Static filetype data for use when daily.ftm is not available. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm @@ -54,7 +54,7 @@ "0:0:466f723a20:Eserv mail:CL_TYPE_ANY:CL_TYPE_MAIL", "0:0:46726f6d20:MBox:CL_TYPE_ANY:CL_TYPE_MAIL", "0:0:46726f6d3a20:Exim mail:CL_TYPE_ANY:CL_TYPE_MAIL", - "0:0:474946:GIF:CL_TYPE_ANY:CL_TYPE_GIF", + "0:0:474946:GIF:CL_TYPE_ANY:CL_TYPE_GIF:122", "0:0:48692e20546869732069732074686520716d61696c2d73656e64:Qmail bounce:CL_TYPE_ANY:CL_TYPE_MAIL", "0:0:494433:MP3:CL_TYPE_ANY:CL_TYPE_IGNORED", "0:0:49545346:MS CHM:CL_TYPE_ANY:CL_TYPE_MSCHM", @@ -87,10 +87,10 @@ "0:0:763a0d0a52656365697665643a20:VPOP3 Mail (DOS):CL_TYPE_ANY:CL_TYPE_MAIL", "0:0:789f3e22:TNEF:CL_TYPE_ANY:CL_TYPE_TNEF", "0:0:7f454c46:ELF:CL_TYPE_ANY:CL_TYPE_ELF", - "0:0:89504e47:PNG:CL_TYPE_ANY:CL_TYPE_PNG", + "0:0:89504e47:PNG:CL_TYPE_ANY:CL_TYPE_PNG:122", "0:0:b6b9acaefeffffff:CryptFF:CL_TYPE_ANY:CL_TYPE_CRYPTFF", "0:0:d0cf11e0a1b11ae1:OLE2 container:CL_TYPE_ANY:CL_TYPE_MSOLE2", - "0:0:ffd8ff:JPEG:CL_TYPE_ANY:CL_TYPE_GRAPHICS", + "0:0:ffd8ff:JPEG:CL_TYPE_ANY:CL_TYPE_JPEG:122", "0:0:fffb90:MP3:CL_TYPE_ANY:CL_TYPE_IGNORED", "1:*:3c4120*(68|48)(72|52)4546:HTML data:CL_TYPE_ANY:CL_TYPE_HTML", "1:*:3c4120*(68|48)(72|52)6566:HTML data:CL_TYPE_ANY:CL_TYPE_HTML", @@ -189,8 +189,8 @@ "1:0:3c3f786d6c2076657273696f6e3d22312e3022*70726f6769643d22576f72642e446f63756d656e74223f3e:Microsoft Word 2003 XML Document:CL_TYPE_ANY:CL_TYPE_XML_WORD:80", "1:0:3c3f786d6c2076657273696f6e3d22312e3022*3c576f726b626f6f6b:Microsoft Excel 2003 XML Document:CL_TYPE_ANY:CL_TYPE_XML_XL:80", "1:0:3c3f786d6c2076657273696f6e3d22312e3022*3c??3a576f726b626f6f6b:Microsoft Excel 2003 XML Document:CL_TYPE_ANY:CL_TYPE_XML_XL:80", - "0:0:49492a00:TIFF Little Endian:CL_TYPE_ANY:CL_TYPE_GRAPHICS:81", - "0:0:4d4d:TIFF Big Endian:CL_TYPE_ANY:CL_TYPE_GRAPHICS:81", + "0:0:49492a00:TIFF Little Endian:CL_TYPE_ANY:CL_TYPE_TIFF:122", + "0:0:4d4d:TIFF Big Endian:CL_TYPE_ANY:CL_TYPE_TIFF:122", "0:4:d0cf11e0a1b11ae1:HWP embedded OLE2:CL_TYPE_ANY:CL_TYPE_HWPOLE2", "0:0:48575020446f63756d656e742046696c652056332e3030201a0102030405:HWP 3.x Document:CL_TYPE_ANY:CL_TYPE_HWP3:82", "1:0:efbbbf3c3f786d6c2076657273696f6e3d22312e3022*3c4857504d4c:HWPML Document:CL_TYPE_ANY:CL_TYPE_XML_HWP:82", diff -Nru clamav-0.103.0+dfsg/libclamav/filtering.c clamav-0.103.2+dfsg/libclamav/filtering.c --- clamav-0.103.0+dfsg/libclamav/filtering.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/filtering.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * A fast filter for static patterns. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/filtering.h clamav-0.103.2+dfsg/libclamav/filtering.h --- clamav-0.103.0+dfsg/libclamav/filtering.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/filtering.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * A fast filter for static patterns. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/fmap.c clamav-0.103.2+dfsg/libclamav/fmap.c --- clamav-0.103.0+dfsg/libclamav/fmap.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/fmap.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Authors: aCaB @@ -85,9 +85,9 @@ #define fmap_bitmap (m->bitmap) -static inline unsigned int fmap_align_items(unsigned int sz, unsigned int al); -static inline unsigned int fmap_align_to(unsigned int sz, unsigned int al); -static inline unsigned int fmap_which_page(fmap_t *m, size_t at); +static inline uint64_t fmap_align_items(uint64_t sz, uint64_t al); +static inline uint64_t fmap_align_to(uint64_t sz, uint64_t al); +static inline uint64_t fmap_which_page(fmap_t *m, size_t at); static const void *handle_need(fmap_t *m, size_t at, size_t len, int lock); static void handle_unneed_off(fmap_t *m, size_t at, size_t len); @@ -111,8 +111,7 @@ fmap_t *fmap_check_empty(int fd, off_t offset, size_t len, int *empty, const char *name) { STATBUF st; - fmap_t *m = NULL; - unsigned char hash[16] = {'\0'}; + fmap_t *m = NULL; *empty = 0; if (FSTAT(fd, &st)) { @@ -133,15 +132,7 @@ m = cl_fmap_open_handle((void *)(ssize_t)fd, offset, len, pread_cb, 1); if (!m) return NULL; - m->mtime = st.st_mtime; - m->handle_is_fd = 1; - - /* Calculate the fmap hash to be used by the FP check later */ - if (CL_SUCCESS != fmap_get_MD5(hash, m)) { - funmap(m); - return NULL; - } - memcpy(m->maphash, hash, 16); + m->mtime = st.st_mtime; if (NULL != name) { m->name = cli_strdup(name); @@ -173,14 +164,13 @@ fmap_t *fmap_check_empty(int fd, off_t offset, size_t len, int *empty, const char *name) { /* WIN32 */ - unsigned int pages, mapsz; + uint64_t pages, mapsz; int pgsz = cli_getpagesize(); STATBUF st; fmap_t *m = NULL; const void *data; HANDLE fh; HANDLE mh; - unsigned char hash[16] = {'\0'}; *empty = 0; if (FSTAT(fd, &st)) { @@ -224,18 +214,11 @@ return NULL; } m->handle = (void *)(size_t)fd; - m->handle_is_fd = 1; + m->handle_is_fd = 1; /* This is probably(?) needed so `fmap_fd()` can return the file descriptor. */ m->fh = fh; m->mh = mh; m->unmap = unmap_win32; - /* Calculate the fmap hash to be used by the FP check later */ - if (CL_SUCCESS != fmap_get_MD5(hash, m)) { - funmap(m); - return NULL; - } - memcpy(m->maphash, hash, 16); - if (NULL != name) { m->name = cli_strdup(name); if (NULL == m->name) { @@ -250,11 +233,15 @@ /* vvvvv SHARED STUFF BELOW vvvvv */ -fmap_t *fmap_duplicate(cl_fmap_t *map, off_t offset, size_t length, const char *name) +fmap_t *fmap_duplicate(cl_fmap_t *map, size_t offset, size_t length, const char *name) { cl_error_t status = CL_ERROR; cl_fmap_t *duplicate_map = NULL; - unsigned char hash[16] = {'\0'}; + + if (NULL == map) { + cli_warnmsg("fmap_duplicate: map is NULL!\n"); + goto done; + } duplicate_map = cli_malloc(sizeof(cl_fmap_t)); if (!duplicate_map) { @@ -265,31 +252,39 @@ /* Duplicate the state of the original map */ memcpy(duplicate_map, map, sizeof(cl_fmap_t)); - /* Set the new offset and length for the new map */ - /* can't change offset because then we'd have to discard/move cached - * data, instead use another offset to reuse the already cached data */ - duplicate_map->nested_offset += offset; - duplicate_map->len = length; - duplicate_map->real_len = duplicate_map->nested_offset + length; - - if (!CLI_ISCONTAINED(map->nested_offset, map->len, - duplicate_map->nested_offset, duplicate_map->len)) { - uint64_t len1, len2; - len1 = map->nested_offset + map->len; - len2 = duplicate_map->nested_offset + duplicate_map->len; - cli_warnmsg("fmap_duplicate: internal map error: %zu, " STDu64 "; %zu, " STDu64 "\n", - (size_t)map->nested_offset, - (uint64_t)len1, - (size_t)duplicate_map->offset, - (uint64_t)len2); + if (offset > map->len) { + /* invalid offset, exceeds length of map */ + cli_warnmsg("fmap_duplicate: requested offset exceeds end of map\n"); + goto done; } - /* Calculate the fmap hash to be used by the FP check later */ - if (CL_SUCCESS != fmap_get_MD5(hash, duplicate_map)) { - cli_warnmsg("fmap_duplicate: failed to get fmap MD5\n"); - goto done; + if (offset > 0 || length < map->len) { + /* Caller requested a window into the current map, not the whole map */ + unsigned char hash[16] = {'\0'}; + + /* Set the new nested offset and (nested) length for the new map */ + /* can't change offset because then we'd have to discard/move cached + * data, instead use nested_offset to reuse the already cached data */ + duplicate_map->nested_offset += offset; + duplicate_map->len = MIN(length, map->len - offset); + + if (!CLI_ISCONTAINED2(map->nested_offset, map->len, + duplicate_map->nested_offset, duplicate_map->len)) { + size_t len1, len2; + len1 = map->nested_offset + map->len; + len2 = duplicate_map->nested_offset + duplicate_map->len; + cli_warnmsg("fmap_duplicate: internal map error: %zu, %zu; %zu, %zu\n", + map->nested_offset, len1, + duplicate_map->offset, len2); + } + + /* Calculate the fmap hash to be used by the FP check later */ + if (CL_SUCCESS != fmap_get_MD5(hash, duplicate_map)) { + cli_warnmsg("fmap_duplicate: failed to get fmap MD5\n"); + goto done; + } + memcpy(duplicate_map->maphash, hash, 16); } - memcpy(duplicate_map->maphash, hash, 16); if (NULL != name) { duplicate_map->name = cli_strdup(name); @@ -351,11 +346,13 @@ clcb_pread pread_cb, int use_aging) { cl_error_t status = CL_EMEM; - unsigned int pages; + uint64_t pages; size_t mapsz, bitmap_size; cl_fmap_t *m = NULL; int pgsz = cli_getpagesize(); + unsigned char hash[16] = {'\0'}; + if ((off_t)offset < 0 || offset != fmap_align_to(offset, pgsz)) { cli_warnmsg("fmap: attempted mapping with unaligned offset\n"); goto done; @@ -371,7 +368,7 @@ pages = fmap_align_items(len, pgsz); - bitmap_size = pages * sizeof(uint32_t); + bitmap_size = pages * sizeof(uint64_t); mapsz = pages * pgsz; m = cli_calloc(1, sizeof(fmap_t)); @@ -429,6 +426,14 @@ m->need_offstr = handle_need_offstr; m->gets = handle_gets; m->unneed_off = handle_unneed_off; + m->handle_is_fd = 1; + + /* Calculate the fmap hash to be used by the FP check later */ + if (CL_SUCCESS != fmap_get_MD5(hash, m)) { + cli_warnmsg("fmap: failed to get MD5\n"); + goto done; + } + memcpy(m->maphash, hash, 16); status = CL_SUCCESS; @@ -445,10 +450,10 @@ #ifdef ANONYMOUS_MAP if (!m->aging) return; if (m->paged * m->pgsz > UNPAGE_THRSHLD_HI) { /* we alloc'd too much */ - unsigned int i, avail = 0, freeme[2048], maxavail = MIN(sizeof(freeme) / sizeof(*freeme), m->paged - UNPAGE_THRSHLD_LO / m->pgsz) - 1; + uint64_t i, avail = 0, freeme[2048], maxavail = MIN(sizeof(freeme) / sizeof(*freeme), m->paged - UNPAGE_THRSHLD_LO / m->pgsz) - 1; for (i = 0; i < m->pages; i++) { - uint32_t s = fmap_bitmap[i]; + uint64_t s = fmap_bitmap[i]; if ((s & (FM_MASK_PAGED | FM_MASK_LOCKED)) == FM_MASK_PAGED) { /* page is paged and not locked: dec age */ if (s & FM_MASK_COUNT) fmap_bitmap[i]--; @@ -459,7 +464,7 @@ avail++; } else { /* Insert sort onto a stack'd array - same performance as quickselect */ - unsigned int insert_to = MIN(maxavail, avail) - 1, age = fmap_bitmap[i] & FM_MASK_COUNT; + uint64_t insert_to = MIN(maxavail, avail) - 1, age = fmap_bitmap[i] & FM_MASK_COUNT; if (avail <= maxavail || (fmap_bitmap[freeme[maxavail]] & FM_MASK_COUNT) > age) { while ((fmap_bitmap[freeme[insert_to]] & FM_MASK_COUNT) > age) { freeme[insert_to + 1] = freeme[insert_to]; @@ -508,15 +513,15 @@ #endif } -static int fmap_readpage(fmap_t *m, uint64_t first_page, uint32_t count, uint32_t lock_count) +static int fmap_readpage(fmap_t *m, uint64_t first_page, uint64_t count, uint64_t lock_count) { size_t readsz = 0, eintr_off; char *pptr = NULL, errtxt[256]; - uint32_t sbitmap; + uint64_t sbitmap; uint64_t i, page = first_page, force_read = 0; - if ((size_t)(m->real_len) > (size_t)(UINT_MAX)) { - cli_dbgmsg("fmap_readage: size of file exceeds total prefaultible page size (unpacked file is too large)\n"); + if ((uint64_t)(m->real_len) > (uint64_t)(m->pages * m->pgsz)) { + cli_dbgmsg("fmap_readpage: size of file exceeds total prefaultible page size (unpacked file is too large)\n"); return 1; } @@ -568,7 +573,7 @@ if (force_read) { /* we have some pending reads to perform */ if (m->handle_is_fd) { - unsigned int j; + uint64_t j; int _fd = (int)(ptrdiff_t)m->handle; for (j = first_page; j < page; j++) { if (fmap_bitmap[j] & FM_MASK_SEEN) { @@ -608,7 +613,7 @@ cli_strerror(errno, errtxt, sizeof(errtxt)); cli_errmsg("fmap_readpage: pread error: %s\n", errtxt); } else { - cli_warnmsg("fmap_readpage: pread fail: asked for %lu bytes @ offset %lu, got %lu\n", (long unsigned int)readsz, (long unsigned int)target_offset, (long unsigned int)got); + cli_warnmsg("fmap_readpage: pread fail: asked for %zu bytes @ offset %zu, got %zd\n", readsz, (size_t)target_offset, got); } return 1; } @@ -667,9 +672,9 @@ return (void *)ret; } -static void fmap_unneed_page(fmap_t *m, unsigned int page) +static void fmap_unneed_page(fmap_t *m, uint64_t page) { - uint32_t s = fmap_bitmap[page]; + uint64_t s = fmap_bitmap[page]; if ((s & (FM_MASK_PAGED | FM_MASK_LOCKED)) == (FM_MASK_PAGED | FM_MASK_LOCKED)) { /* page is paged and locked: check lock count */ @@ -688,7 +693,7 @@ static void handle_unneed_off(fmap_t *m, size_t at, size_t len) { - unsigned int i, first_page, last_page; + uint64_t i, first_page, last_page; if (!m->aging) return; if (!len) { cli_warnmsg("fmap_unneed: attempted void unneed\n"); @@ -732,7 +737,7 @@ static const void *handle_need_offstr(fmap_t *m, size_t at, size_t len_hint) { - unsigned int i, first_page, last_page; + uint64_t i, first_page, last_page; void *ptr = (void *)((char *)m->data + at); if (!len_hint || len_hint > m->real_len - at) @@ -748,7 +753,7 @@ for (i = first_page; i <= last_page; i++) { char *thispage = (char *)m->data + i * m->pgsz; - unsigned int scanat, scansz; + uint64_t scanat, scansz; if (fmap_readpage(m, i, 1, 1)) { last_page = i - 1; @@ -772,7 +777,7 @@ static const void *handle_gets(fmap_t *m, char *dst, size_t *at, size_t max_len) { - unsigned int i, first_page, last_page; + uint64_t i, first_page, last_page; char *src = (void *)((char *)m->data + *at); char *endptr = NULL; size_t len = MIN(max_len - 1, m->real_len - *at); @@ -788,7 +793,7 @@ for (i = first_page; i <= last_page; i++) { char *thispage = (char *)m->data + i * m->pgsz; - unsigned int scanat, scansz; + uint64_t scanat, scansz; if (fmap_readpage(m, i, 1, 0)) return NULL; @@ -828,6 +833,8 @@ fmap_t *fmap_open_memory(const void *start, size_t len, const char *name) { + unsigned char hash[16] = {'\0'}; + int pgsz = cli_getpagesize(); cl_fmap_t *m = cli_calloc(1, sizeof(*m)); if (!m) { @@ -853,6 +860,16 @@ } } + /* Calculate the fmap hash to be used by the FP check later */ + if (CL_SUCCESS != fmap_get_MD5(hash, m)) { + if (NULL != m->name) { + free(m->name); + } + free(m); + return NULL; + } + memcpy(m->maphash, hash, 16); + return m; } @@ -924,17 +941,17 @@ return fmap_check_empty(fd, offset, len, &unused, name); } -static inline unsigned int fmap_align_items(unsigned int sz, unsigned int al) +static inline uint64_t fmap_align_items(uint64_t sz, uint64_t al) { return sz / al + (sz % al != 0); } -static inline unsigned int fmap_align_to(unsigned int sz, unsigned int al) +static inline uint64_t fmap_align_to(uint64_t sz, uint64_t al) { return al * fmap_align_items(sz, al); } -static inline unsigned int fmap_which_page(fmap_t *m, size_t at) +static inline uint64_t fmap_which_page(fmap_t *m, size_t at) { return at / m->pgsz; } @@ -967,8 +984,8 @@ } else if ((start_offset != 0) && (end_offset != map->real_len)) { /* If we're only dumping a portion of the file, inlcude the offsets in the prefix,... * e.g. tmp filename will become something like: filebase.500-1200. */ - uint32_t prefix_len = strlen(filebase) + 1 + SIZE_T_CHARLEN + 1 + SIZE_T_CHARLEN + 1; - prefix = malloc(prefix_len); + size_t prefix_len = strlen(filebase) + 1 + SIZE_T_CHARLEN + 1 + SIZE_T_CHARLEN + 1; + prefix = malloc(prefix_len); if (NULL == prefix) { cli_errmsg("fmap_dump_to_file: Failed to allocate memory for tempfile prefix.\n"); if (NULL != filebase) @@ -1069,7 +1086,7 @@ while (todo) { const void *buf; - size_t readme = todo < FILEBUFF ? todo : FILEBUFF; + size_t readme = todo < 1024 * 1024 * 10 ? todo : 1024 * 1024 * 10; if (!(buf = fmap_need_off_once(map, at, readme))) { cl_hash_destroy(hashctx); diff -Nru clamav-0.103.0+dfsg/libclamav/fmap.h clamav-0.103.2+dfsg/libclamav/fmap.h --- clamav-0.103.0+dfsg/libclamav/fmap.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/fmap.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Authors: aCaB @@ -46,12 +46,12 @@ /* internal */ time_t mtime; - unsigned int pages; + uint64_t pages; uint64_t pgsz; - unsigned int paged; - unsigned short aging; - unsigned short dont_cache_flag; - unsigned short handle_is_fd; + uint64_t paged; + uint16_t aging; + uint16_t dont_cache_flag; + uint16_t handle_is_fd; /* memory interface */ const void *data; @@ -81,7 +81,7 @@ HANDLE mh; #endif unsigned char maphash[16]; - uint32_t *bitmap; + uint64_t *bitmap; char *name; }; @@ -130,7 +130,7 @@ * @param name (optional) Original name of the file (to set fmap name metadata) * @return fmap_t* NULL if failure or a special fmap that the caller must free with free_duplicate_fmap() */ -fmap_t *fmap_duplicate(cl_fmap_t *map, off_t offset, size_t length, const char *name); +fmap_t *fmap_duplicate(cl_fmap_t *map, size_t offset, size_t length, const char *name); /** * @brief Deallocate a _duplicated_ fmap. Does not unmap the mapped region. @@ -187,7 +187,7 @@ } /** - * @brief Read bytes from fmap at offset into destinatio buffer. + * @brief Read bytes from fmap at offset into destination buffer. * * @param m fmap * @param dst destination buffer diff -Nru clamav-0.103.0+dfsg/libclamav/fpu.c clamav-0.103.2+dfsg/libclamav/fpu.c --- clamav-0.103.0+dfsg/libclamav/fpu.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/fpu.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2013 Sourcefire, Inc. * * Authors: Steven Morgan diff -Nru clamav-0.103.0+dfsg/libclamav/fpu.h clamav-0.103.2+dfsg/libclamav/fpu.h --- clamav-0.103.0+dfsg/libclamav/fpu.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/fpu.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2013 Sourcefire, Inc. * * Authors: Steven Morgan diff -Nru clamav-0.103.0+dfsg/libclamav/fsg.c clamav-0.103.2+dfsg/libclamav/fsg.c --- clamav-0.103.0+dfsg/libclamav/fsg.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/fsg.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Alberto Wu diff -Nru clamav-0.103.0+dfsg/libclamav/fsg.h clamav-0.103.2+dfsg/libclamav/fsg.h --- clamav-0.103.0+dfsg/libclamav/fsg.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/fsg.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Alberto Wu diff -Nru clamav-0.103.0+dfsg/libclamav/gif.c clamav-0.103.2+dfsg/libclamav/gif.c --- clamav-0.103.0+dfsg/libclamav/gif.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/gif.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,32 +1,75 @@ /* -* Copyright (C) 2013-2019 Cisco Systems, Inc. and/or its affiliates. All rights reserved. -* Copyright (C) 2011-2013 Sourcefire, Inc. -* -* Authors: Tomasz Kojm -* -* This program is free software; you can redistribute it and/or modify -* it under the terms of the GNU General Public License version 2 as -* published by the Free Software Foundation. -* -* This program is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -* GNU General Public License for more details. -* -* You should have received a copy of the GNU General Public License -* along with this program; if not, write to the Free Software -* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, -* MA 02110-1301, USA. -*/ + * Copyright (C) 2013-2019 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2011-2013 Sourcefire, Inc. + * + * Authors: Tomasz Kojm , Aldo Mazzeo, Micah Snyder + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301, USA. + */ + +/* + * GIF Format + * ---------- + * + * 1. Signature: 3 bytes ("GIF") + * + * 2. Version: 3 bytes ("87a" or "89a") + * + * 3. Logical Screen Descriptor: 7 bytes (see `struct gif_screen_descriptor`) + * (Opt.) Global Color Table: n bytes (defined in the Logical Screen Descriptor flags) + * + * 4. All subsequent blocks are precededed by the following 1-byte labels... + * + * 0x21: Extension Introducer + * 0x01: Opt. (0+) Plain Text Extension + * 0xF9: Opt. (0+) Graphic Control Extension + * 0xFE: Opt. (0+) Comment Extension + * 0xFF: Opt. (0+) Application Extension + * + * Note: Each extension has a size field followed by some data. After the + * data may be a series of sub-blocks, each with a block size. + * If there are no more sub-blocks, the size will be 0x00, meaning + * there's no more blocks. + * The Graphic Control Extension never has any sub-blocks. + * + * 0x2C: Image Descriptor (1 per image, unlimited images) + * (Opt.) Local Color Table: n bytes (defined in the Image Descriptor flags) + * (Req.) Table-based Image Data Block* + * + * Note: Each image a series of data blocks of size 0-255 bytes each where + * the first byte is the size of the data-block. + * If there are no more data-blocks, the size will be 0x00, meaning + * there's no more data. + * + * 0x3B: Trailer (1 located at end of data stream) + * + * Reference https://www.w3.org/Graphics/GIF/spec-gif89a.txt for the GIF spec. + */ #if HAVE_CONFIG_H #include "clamav-config.h" #endif +#include +#include + #include "gif.h" #include "scanners.h" #include "clamav.h" +/* clang-format off */ #ifndef HAVE_ATTRIB_PACKED #define __attribute__(x) #endif @@ -37,23 +80,53 @@ #pragma pack 1 #endif -struct gif_screen_desc { +/** + * @brief Logical Screen Descriptor + * + * This block immediately follows the "GIF89a" magic bytes + + * Flags contains packed fields which are as follows: + * Global Color Table Flag - 1 Bit + * Color Resolution - 3 Bits + * Sort Flag - 1 Bit + * Size of Global Color Table - 3 Bits + */ +struct gif_screen_descriptor { uint16_t width; uint16_t height; uint8_t flags; - uint8_t bgcolor; - uint8_t aspect; + uint8_t bg_color_idx; + uint8_t pixel_aspect_ratio; } __attribute__((packed)); -struct gif_graphic_control_ext { - uint8_t blksize; +#define GIF_SCREEN_DESC_FLAGS_MASK_HAVE_GLOBAL_COLOR_TABLE 0x80 /* If set, a Global Color Table will follow the Logical Screen Descriptor */ +#define GIF_SCREEN_DESC_FLAGS_MASK_COLOR_RESOLUTION 0x70 /* Number of bits per primary color available to the original image, minus 1. */ +#define GIF_SCREEN_DESC_FLAGS_MASK_SORT_FLAG 0x08 /* Indicates whether the Global Color Table is sorted. */ +#define GIF_SCREEN_DESC_FLAGS_MASK_SIZE_OF_GLOBAL_COLOR_TABLE 0x07 /* If exists, the size = 3 * pow(2, this_field + 1), or: 3 * (1 << (this_field + 1)) */ + +/** + * @brief Graphic Control Extension + * + */ +struct gif_graphic_control_extension { + uint8_t block_size; uint8_t flags; uint16_t delaytime; - uint8_t tcoloridx; - uint8_t blkterm; + uint8_t transparent_color_idx; + uint8_t block_terminator; } __attribute__((packed)); -struct gif_image_desc { +/** + * @brief Image Descriptor + * + * Flags contains packed fields which are as follows: + * Local Color Table Flag - 1 Bit + * Interlace Flag - 1 Bit + * Sort Flag - 1 Bit + * Reserved - 2 Bits + * Size of Local Color Table - 3 Bits + */ +struct gif_image_descriptor { uint16_t leftpos; uint16_t toppos; uint16_t width; @@ -61,99 +134,292 @@ uint8_t flags; } __attribute__((packed)); +#define GIF_IMAGE_DESC_FLAGS_MASK_HAVE_LOCAL_COLOR_TABLE 0x80 /* If set, a Global Color Table will follow the Logical Screen Descriptor */ +#define GIF_IMAGE_DESC_FLAGS_MASK_IS_INTERLACED 0x40 /* Indicates if the image is interlaced */ +#define GIF_IMAGE_DESC_FLAGS_MASK_SORT_FLAG 0x20 /* Indicates whether the Local Color Table is sorted. */ +#define GIF_IMAGE_DESC_FLAGS_MASK_SIZE_OF_LOCAL_COLOR_TABLE 0x07 /* If exists, the size = 3 * pow(2, this_field + 1), or: 3 * (1 << (this_field + 1)) */ + +/* Main labels */ +#define GIF_LABEL_EXTENSION_INTRODUCER 0x21 +#define GIF_LABEL_GRAPHIC_IMAGE_DESCRIPTOR 0x2C +#define GIF_LABEL_SPECIAL_TRAILER 0x3B + +/* Extension labels (found after the Extension Introducer) */ +#define GIF_LABEL_GRAPHIC_PLAIN_TEXT_EXTENSION 0x01 +#define GIF_LABEL_CONTROL_GRAPHIC_CONTROL_EXTENSION 0xF9 +#define GIF_LABEL_SPECIAL_COMMENT_EXTENSION 0xFE +#define GIF_LABEL_SPECIAL_APP_EXTENSION 0xFF + +#define GIF_BLOCK_TERMINATOR 0x00 /* Used to indicate end of image data and also for end of extension sub-blocks */ + #ifdef HAVE_PRAGMA_PACK #pragma pack() #endif #ifdef HAVE_PRAGMA_PACK_HPPA #pragma pack #endif - -#define EC16(x) le16_to_host(x) - -#define GETDATA(v) \ - { \ - if (fmap_readn(map, &v, offset, sizeof(v)) == sizeof(v)) { \ - offset += sizeof(v); \ - } else { \ - cli_errmsg("cli_parsegif: Can't read file (truncated?)\n"); \ - return CL_EPARSE; \ - } \ - } +/* clang-format on */ cl_error_t cli_parsegif(cli_ctx *ctx) { - fmap_t *map = *ctx->fmap; - unsigned char v = 0; - unsigned int offset = 6; - struct gif_screen_desc screen_desc; - struct gif_image_desc image_desc; - cl_error_t retVal = CL_SUCCESS; + cl_error_t status = CL_SUCCESS; + + fmap_t *map = NULL; + size_t offset = 0; + + const char *signature = NULL; + char version[4]; + struct gif_screen_descriptor screen_desc; + size_t global_color_table_size = 0; + bool have_image_data = false; cli_dbgmsg("in cli_parsegif()\n"); - GETDATA(screen_desc); - cli_dbgmsg("GIF: Screen size %ux%u, gctsize: %u\n", EC16(screen_desc.width), EC16(screen_desc.height), screen_desc.flags & 0x7); - if (screen_desc.flags & 0x80) - offset += 3 * (1 << ((screen_desc.flags & 0x7) + 1)); + if (NULL == ctx) { + cli_dbgmsg("GIF: passed context was NULL\n"); + status = CL_EARG; + goto done; + } + map = *ctx->fmap; + + /* + * Skip the "GIF" Signature and "87a" or "89a" Version. + */ + if (NULL == (signature = fmap_need_off(map, offset, strlen("GIF")))) { + cli_dbgmsg("GIF: Can't read GIF magic bytes, not a GIF\n"); + goto done; + } + offset += strlen("GIF"); + + if (0 != strncmp("GIF", signature, 3)) { + cli_dbgmsg("GIF: First 3 bytes not 'GIF', not a GIF\n"); + goto done; + } + + if (3 != fmap_readn(map, &version, offset, strlen("89a"))) { + cli_dbgmsg("GIF: Can't read GIF format version, not a GIF\n"); + goto done; + } + offset += strlen("89a"); + + version[3] = '\0'; + cli_dbgmsg("GIF: Version: %s\n", version); + + /* + * Read the Logical Screen Descriptor + */ + if (fmap_readn(map, &screen_desc, offset, sizeof(screen_desc)) != sizeof(screen_desc)) { + cli_errmsg("GIF: Can't read logical screen description, file truncated?\n"); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.GIF.TruncatedScreenDescriptor"); + status = CL_EPARSE; + goto scan_overlay; + } + offset += sizeof(screen_desc); + + cli_dbgmsg("GIF: Screen Size: %u width x %u height.\n", + le16_to_host(screen_desc.width), + le16_to_host(screen_desc.height)); + + if (screen_desc.flags & GIF_SCREEN_DESC_FLAGS_MASK_HAVE_GLOBAL_COLOR_TABLE) { + global_color_table_size = 3 * (1 << ((screen_desc.flags & GIF_SCREEN_DESC_FLAGS_MASK_SIZE_OF_GLOBAL_COLOR_TABLE) + 1)); + cli_dbgmsg("GIF: Global Color Table size: %zu\n", global_color_table_size); + + if (offset + (size_t)global_color_table_size > map->len) { + cli_errmsg("GIF: EOF in the middle of the global color table, file truncated?\n"); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.GIF.TruncatedGlobalColorTable"); + status = CL_EPARSE; + goto scan_overlay; + } + offset += global_color_table_size; + } else { + cli_dbgmsg("GIF: No Global Color Table.\n"); + } while (1) { - GETDATA(v); - if (v == 0x21) { - GETDATA(v); - if (v == 0xf9) { - offset += sizeof(struct gif_graphic_control_ext); + uint8_t block_label = 0; + + /* + * Get the block label + */ + if (fmap_readn(map, &block_label, offset, sizeof(block_label)) != sizeof(block_label)) { + if (have_image_data) { + /* Users have identified that GIF's lacking the image trailer are surprisingly common, + can be rendered, and should be allowed. */ + cli_dbgmsg("GIF: Missing GIF trailer, slightly (but acceptably) malformed.\n"); } else { + cli_errmsg("GIF: Can't read block label, EOF before image data. File truncated?\n"); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.GIF.MissingImageData"); + } + status = CL_EPARSE; + goto scan_overlay; + } + offset += sizeof(block_label); + + if (block_label == GIF_LABEL_SPECIAL_TRAILER) { + /* + * Trailer (end of data stream) + */ + cli_dbgmsg("GIF: Trailer (End of stream)\n"); + goto scan_overlay; + } + + switch (block_label) { + case GIF_LABEL_EXTENSION_INTRODUCER: { + uint8_t extension_label = 0; + cli_dbgmsg("GIF: Extension introducer:\n"); + + if (fmap_readn(map, &extension_label, offset, sizeof(extension_label)) != sizeof(extension_label)) { + cli_errmsg("GIF: Failed to read the extension block label, file truncated?\n"); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.GIF.TruncatedExtension"); + status = CL_EPARSE; + goto scan_overlay; + } + offset += sizeof(extension_label); + + if (extension_label == GIF_LABEL_CONTROL_GRAPHIC_CONTROL_EXTENSION) { + cli_dbgmsg("GIF: Graphic control extension!\n"); + + /* The size of a graphic control extension block is fixed, we can skip it quickly */ + offset += sizeof(struct gif_graphic_control_extension); + } else { + switch (extension_label) { + case GIF_LABEL_GRAPHIC_PLAIN_TEXT_EXTENSION: + cli_dbgmsg("GIF: Plain text extension\n"); + break; + case GIF_LABEL_SPECIAL_COMMENT_EXTENSION: + cli_dbgmsg("GIF: Special comment extension\n"); + break; + case GIF_LABEL_SPECIAL_APP_EXTENSION: + cli_dbgmsg("GIF: Special app extension\n"); + break; + default: + cli_dbgmsg("GIF: Unfamiliar extension, label: 0x%x\n", extension_label); + } + + while (1) { + /* + * Skip over the extension and any sub-blocks, + * Try to read the block size for each sub-block to skip them. + */ + uint8_t extension_block_size = 0; + if (fmap_readn(map, &extension_block_size, offset, sizeof(extension_block_size)) != sizeof(extension_block_size)) { + cli_errmsg("GIF: EOF while attempting to read the block size for an extension, file truncated?\n"); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.GIF.TruncatedExtension"); + status = CL_EPARSE; + goto scan_overlay; + } else { + offset += sizeof(extension_block_size); + } + if (extension_block_size == GIF_BLOCK_TERMINATOR) { + cli_dbgmsg("GIF: No more sub-blocks for this extension.\n"); + break; + } else { + cli_dbgmsg("GIF: Found sub-block of size %d\n", extension_block_size); + } + + if (offset + (size_t)extension_block_size > map->len) { + cli_errmsg("GIF: EOF in the middle of a graphic control extension sub-block, file truncated?\n"); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.GIF.TruncatedExtensionSubBlock"); + status = CL_EPARSE; + goto scan_overlay; + } + offset += extension_block_size; + } + } + break; + } + case GIF_LABEL_GRAPHIC_IMAGE_DESCRIPTOR: { + struct gif_image_descriptor image_desc; + size_t local_color_table_size = 0; + + cli_dbgmsg("GIF: Found an image descriptor.\n"); + if (fmap_readn(map, &image_desc, offset, sizeof(image_desc)) != sizeof(image_desc)) { + cli_errmsg("GIF: Can't read image descriptor, file truncated?\n"); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.GIF.TruncatedImageDescriptor"); + status = CL_EPARSE; + goto scan_overlay; + } else { + offset += sizeof(image_desc); + } + cli_dbgmsg("GIF: Image size: %u width x %u height, left pos: %u, top pos: %u\n", + le16_to_host(image_desc.width), + le16_to_host(image_desc.height), + le16_to_host(image_desc.leftpos), + le16_to_host(image_desc.toppos)); + + if (image_desc.flags & GIF_IMAGE_DESC_FLAGS_MASK_HAVE_LOCAL_COLOR_TABLE) { + local_color_table_size = 3 * (1 << ((image_desc.flags & GIF_IMAGE_DESC_FLAGS_MASK_SIZE_OF_LOCAL_COLOR_TABLE) + 1)); + cli_dbgmsg("GIF: Found a Local Color Table (size: %zu)\n", local_color_table_size); + offset += local_color_table_size; + } else { + cli_dbgmsg("GIF: No Local Color Table.\n"); + } + + /* + * Parse the image data. + */ + offset++; /* Skip over the LZW Minimum Code Size uint8_t */ + while (1) { - GETDATA(v); - if (!v) + /* + * Skip over the image data block(s). + * Try to read the block size for each image data sub-block to skip them. + */ + uint8_t image_data_block_size = 0; + if (fmap_readn(map, &image_data_block_size, offset, sizeof(image_data_block_size)) != sizeof(image_data_block_size)) { + cli_errmsg("GIF: EOF while attempting to read the block size for an image data block, file truncated?\n"); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.GIF.TruncatedImageDataBlock"); + status = CL_EPARSE; + goto scan_overlay; + } else { + offset += sizeof(image_data_block_size); + } + if (image_data_block_size == GIF_BLOCK_TERMINATOR) { + cli_dbgmsg("GIF: No more data sub-blocks for this image.\n"); break; + } else { + cli_dbgmsg("GIF: Found a sub-block of size %d\n", image_data_block_size); + } - if (offset + v > map->len) { - retVal = CL_EPARSE; + if (offset + (size_t)image_data_block_size > map->len) { + cli_errmsg("GIF: EOF in the middle of an image data sub-block, file truncated?\n"); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.GIF.TruncatedImageDataBlock"); + status = CL_EPARSE; goto scan_overlay; } - offset += v; + offset += image_data_block_size; } + have_image_data = true; + break; } - } else if (v == 0x2c) { - GETDATA(image_desc); - cli_dbgmsg("GIF: Image size %ux%u, left pos: %u, top pos: %u\n", EC16(image_desc.width), EC16(image_desc.height), EC16(image_desc.leftpos), EC16(image_desc.toppos)); - - offset++; - if (image_desc.flags & 0x80) - offset += 3 * (1 << ((image_desc.flags & 0x7) + 1)); - - while (1) { - GETDATA(v); - if (!v) - break; - - if (offset + v > map->len) { - retVal = CL_EPARSE; - goto scan_overlay; - } - offset += v; + default: { + // An unknown code: break. + cli_errmsg("GIF: Found an unfamiliar block label: 0x%x\n", block_label); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.GIF.UnknownBlockLabel"); + status = CL_EPARSE; + goto scan_overlay; } - } else if (v == 0x3b) { - break; - } else { - // An unknown code: break. - retVal = CL_EPARSE; - goto scan_overlay; } } scan_overlay: - // Some recovery (I saw some "GIF89a;" or things like this) - if (retVal == CL_EPARSE && - offset == (6 + sizeof(screen_desc) + 1)) - offset = 6; + if (status == CL_EPARSE) { + /* We added with cli_append_possibly_unwanted so it will alert at the end if nothing else matches. */ + status = CL_CLEAN; + + // Some recovery (I saw some "GIF89a;" or things like this) + if (offset == (strlen("GIF89a") + sizeof(screen_desc) + 1)) { + offset = strlen("GIF89a"); + } + } // Is there an overlay? if (offset < map->len) { - cl_error_t recRetVal = cli_magic_scan_nested_fmap_type(map, offset, map->len - offset, ctx, CL_TYPE_ANY, NULL); - retVal = recRetVal != CL_SUCCESS ? recRetVal : retVal; + cli_dbgmsg("GIF: Found extra data after the end of the GIF data stream: %zu bytes, we'll scan it!\n", map->len - offset); + cl_error_t nested_scan_result = cli_magic_scan_nested_fmap_type(map, offset, map->len - offset, ctx, CL_TYPE_ANY, NULL); + status = nested_scan_result != CL_SUCCESS ? nested_scan_result : status; } - return retVal; +done: + return status; } diff -Nru clamav-0.103.0+dfsg/libclamav/gpt.c clamav-0.103.2+dfsg/libclamav/gpt.c --- clamav-0.103.0+dfsg/libclamav/gpt.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/gpt.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2014-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2014-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Kevin Lin * @@ -120,7 +120,7 @@ cli_dbgmsg("cli_scangpt: detected %lu sector size\n", (unsigned long)sectorsize); } if (sectorsize == 0) { - cli_errmsg("cli_scangpt: could not determine sector size\n"); + cli_dbgmsg("cli_scangpt: could not determine sector size\n"); return CL_EFORMAT; } @@ -262,7 +262,7 @@ struct gpt_partition_entry gpe; int ret = CL_CLEAN, detection = CL_CLEAN; size_t maplen, part_size = 0; - off_t pos = 0, part_off = 0; + size_t pos = 0, part_off = 0; unsigned i = 0, j = 0; uint32_t max_prtns = 0; @@ -482,7 +482,7 @@ static int gpt_check_mbr(cli_ctx *ctx, size_t sectorsize) { struct mbr_boot_record pmbr; - off_t pos = 0, mbr_base = 0; + size_t pos = 0, mbr_base = 0; int ret = CL_CLEAN; unsigned i = 0; @@ -533,7 +533,7 @@ { #ifdef DEBUG_GPT_PARSE struct gpt_header phdr, shdr; - off_t ppos = 0, spos = 0; + size_t ppos = 0, spos = 0; size_t pptable_len, sptable_len, maplen; uint64_t ptableLastLBA, stableLastLBA; @@ -586,7 +586,7 @@ struct gpt_partition_entry gpe; unsigned i, pitxn; int ret = CL_CLEAN, tmp = CL_CLEAN; - off_t pos; + size_t pos; size_t maplen; uint32_t max_prtns = 0; int virus_found = 0; diff -Nru clamav-0.103.0+dfsg/libclamav/gpt.h clamav-0.103.2+dfsg/libclamav/gpt.h --- clamav-0.103.0+dfsg/libclamav/gpt.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/gpt.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2014-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2014-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Kevin Lin * diff -Nru clamav-0.103.0+dfsg/libclamav/hashtab.c clamav-0.103.2+dfsg/libclamav/hashtab.c --- clamav-0.103.0+dfsg/libclamav/hashtab.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/hashtab.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/hashtab.h clamav-0.103.2+dfsg/libclamav/hashtab.h --- clamav-0.103.0+dfsg/libclamav/hashtab.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/hashtab.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/hfsplus.c clamav-0.103.2+dfsg/libclamav/hfsplus.c --- clamav-0.103.0+dfsg/libclamav/hfsplus.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/hfsplus.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2013 Sourcefire, Inc. * * Authors: David Raynor diff -Nru clamav-0.103.0+dfsg/libclamav/hfsplus.h clamav-0.103.2+dfsg/libclamav/hfsplus.h --- clamav-0.103.0+dfsg/libclamav/hfsplus.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/hfsplus.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2013 Sourcefire, Inc. * * Authors: David Raynor diff -Nru clamav-0.103.0+dfsg/libclamav/htmlnorm.c clamav-0.103.2+dfsg/libclamav/htmlnorm.c --- clamav-0.103.0+dfsg/libclamav/htmlnorm.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/htmlnorm.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Trog diff -Nru clamav-0.103.0+dfsg/libclamav/htmlnorm.h clamav-0.103.2+dfsg/libclamav/htmlnorm.h --- clamav-0.103.0+dfsg/libclamav/htmlnorm.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/htmlnorm.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Trog diff -Nru clamav-0.103.0+dfsg/libclamav/hwp.c clamav-0.103.2+dfsg/libclamav/hwp.c --- clamav-0.103.0+dfsg/libclamav/hwp.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/hwp.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * HWP Stuff * - * Copyright (C) 2015-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2015-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Kevin Lin * diff -Nru clamav-0.103.0+dfsg/libclamav/hwp.h clamav-0.103.2+dfsg/libclamav/hwp.h --- clamav-0.103.0+dfsg/libclamav/hwp.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/hwp.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * HWP Stuff * - * Copyright (C) 2015-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2015-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Kevin Lin * diff -Nru clamav-0.103.0+dfsg/libclamav/iowrap.c clamav-0.103.2+dfsg/libclamav/iowrap.c --- clamav-0.103.0+dfsg/libclamav/iowrap.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/iowrap.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2012-2013 Sourcefire, Inc. * * Authors: Dave Raynor diff -Nru clamav-0.103.0+dfsg/libclamav/iowrap.h clamav-0.103.2+dfsg/libclamav/iowrap.h --- clamav-0.103.0+dfsg/libclamav/iowrap.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/iowrap.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2012-2013 Sourcefire, Inc. * * Authors: Dave Raynor diff -Nru clamav-0.103.0+dfsg/libclamav/ishield.c clamav-0.103.2+dfsg/libclamav/ishield.c --- clamav-0.103.0+dfsg/libclamav/ishield.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/ishield.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Authors: aCaB @@ -773,7 +773,7 @@ zret = inflate(&z, 0); if (zret == Z_OK || zret == Z_STREAM_END || zret == Z_BUF_ERROR) { unsigned int umpd = IS_CABBUFSZ - z.avail_out; - if (cli_writen(ofd, outbuf, umpd) < umpd) + if (cli_writen(ofd, outbuf, umpd) != umpd) break; outsz += umpd; if (zret == Z_STREAM_END || z.avail_out == IS_CABBUFSZ /* FIXMEISHIELD: is the latter ok? */) { diff -Nru clamav-0.103.0+dfsg/libclamav/ishield.h clamav-0.103.2+dfsg/libclamav/ishield.h --- clamav-0.103.0+dfsg/libclamav/ishield.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/ishield.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Authors: aCaB diff -Nru clamav-0.103.0+dfsg/libclamav/iso9660.c clamav-0.103.2+dfsg/libclamav/iso9660.c --- clamav-0.103.0+dfsg/libclamav/iso9660.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/iso9660.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2011-2013 Sourcefire, Inc. * * Authors: aCaB diff -Nru clamav-0.103.0+dfsg/libclamav/iso9660.h clamav-0.103.2+dfsg/libclamav/iso9660.h --- clamav-0.103.0+dfsg/libclamav/iso9660.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/iso9660.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2011-2013 Sourcefire, Inc. * * Authors: aCaB diff -Nru clamav-0.103.0+dfsg/libclamav/jpeg.c clamav-0.103.2+dfsg/libclamav/jpeg.c --- clamav-0.103.0+dfsg/libclamav/jpeg.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/jpeg.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2011-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm @@ -32,173 +32,693 @@ #ifdef HAVE_UNISTD_H #include #endif +#include #include #include "jpeg.h" #include "clamav.h" +#include "scanners.h" -#define GETBYTE(v) \ - if (fmap_readn(map, &v, offset, sizeof(v)) == sizeof(v)) { \ - offset += sizeof(v); \ - } else { \ - cli_errmsg("cli_parsejpeg: Can't read file (corrupted?)\n"); \ - return CL_EPARSE; \ +// clang-format off +/* + * JPEG format highlights + * ---------------------- + * + * Links: + * - https://en.wikipedia.org/wiki/JPEG#Syntax_and_structure + * - https://en.wikipedia.org/wiki/JPEG_File_Interchange_Format + * - https://en.wikipedia.org/wiki/Exif + * + * A JPEG image is a sequence of segments. + * + * Each segment starts with a two-byte marker. The first byte is 0xff and is + * followed by one of the following to identify the segment. + + * Some segments are simply the 2-byte marker, while others have a payload. + * Realistically it appears that just the start-of-image and end-of-image lack + * the 2-byte size field, the rest have it, even the 4-byte DRI segment. + * + * All variable-byte payloads have 2-bytes indicating the size which includes + * the 2-bytes (but not the marker itself). + * + * Within entropy-encoded (compressed) data, any 0xff will have an 0x00 + * inserted after it to indicate that it's just and 0xff and _NOT_ a segment + * marker. Decoders skip the 0x00 byte. + * This only applies to entropy-encoded data, not to marker payload data. + * We dont' really worry about this though because this parser stops when it + * reaches the image data. + */ + +/* + * JPEG Segment & Entropy Markers. + */ +typedef enum { + /* Start of Image + * No payload + */ + JPEG_MARKER_SEGMENT_SOI_START_OF_IMAGE = 0xD8, + + /* Start of Frame for a Baseline DCT-based JPEG (S0F0) + * Variable size payload. + * Baseline DCT-based JPEG, and specifies the width, height, number of + * components, and component subsampling + */ + JPEG_MARKER_SEGMENT_S0F0_START_OF_FRAME_BASELINE_DCT = 0xC0, + + /* Start of Frame for a extended sequential DCT-based JPEG (S0F1) + * Variable size payload. + */ + JPEG_MARKER_SEGMENT_S0F1_START_OF_FRAME_EXT_SEQ_DCT = 0xC1, + + /* Start of Frame for a progressive DCT-based JPEG (S0F2) + * Variable size payload. + * Progressive DCT-based JPEG, and specifies the width, height, number of + * components, and component subsampling + */ + JPEG_MARKER_SEGMENT_S0F2_START_OF_FRAME_PROG_DCT = 0xC2, + + /* Start of Frame for a lossless sequential DCT-based JPEG (S0F3) + * Variable size payload. + */ + JPEG_MARKER_SEGMENT_S0F3_START_OF_FRAME_DIFF_SEQ_DCT = 0xC3, + + /* Start of Frame for a differential sequential DCT-based JPEG (S0F5) + * Variable size payload. + */ + JPEG_MARKER_SEGMENT_S0F5_START_OF_FRAME_DIFF_SEQ_DCT = 0xC5, + + /* Start of Frame for a differential progressive DCT-based JPEG (S0F6) + * Variable size payload. + */ + JPEG_MARKER_SEGMENT_S0F6_START_OF_FRAME_DIFF_PROG_DCT = 0xC6, + + /* Start of Frame for a differential lossless DCT-based JPEG (S0F7) + * Variable size payload. + */ + JPEG_MARKER_SEGMENT_S0F7_START_OF_FRAME_DIFF_LOSSLESS_DCT = 0xC7, + + /* Start of Frame for a differential sequential arithmatic-based JPEG (S0F5) + * Variable size payload. + */ + JPEG_MARKER_SEGMENT_S0F9_START_OF_FRAME_DIFF_SEQ_ARITH = 0xC9, + + /* Start of Frame for a differential progressive arithmatic-based JPEG (S0F6) + * Variable size payload. + */ + JPEG_MARKER_SEGMENT_S0F10_START_OF_FRAME_DIFF_PROG_ARITH = 0xCA, + + /* Start of Frame for a differential lossless arithmatic-based JPEG (S0F7) + * Variable size payload. + */ + JPEG_MARKER_SEGMENT_S0F11_START_OF_FRAME_DIFF_LOSSLESS_ARITH = 0xCB, + + /* Define Huffman Tables (DHT) + * Variable size payload. + * Defines one or more Huffman tables. + */ + JPEG_MARKER_SEGMENT_DHT_DEFINE_HUFFMAN_TABLES = 0xC4, + + /* Define Arithmatic Coding Conditioning (DAC) + * Variable size payload. + */ + JPEG_MARKER_SEGMENT_DHT_DEFINE_ARITH_CODING = 0xCC, + + /* Define Quantization Tables (DTQ) + * Variable size payload. + * Defines one or more quantization tables. + */ + JPEG_MARKER_SEGMENT_DQT_DEFINE_QUANTIZATION_TABLES = 0xDB, + + /* Define Restart Interval (DRI) + * 4-byte payload. + * Specifies the interval between RSTn markers, in Minimum Coded Units (MCUs). + * This marker is followed by two bytes indicating the fixed size so it can be + * treated like any other variable size segment. + */ + JPEG_MARKER_SEGMENT_DRI_DEFINE_RESTART_INTERVAL = 0xDD, + + /* Start of Scan (SOS) + * Variable size payload + * This is the start of the JPEG image data, so we'll actually stop parsing + * when we reach this. + */ + JPEG_MARKER_SEGMENT_SOS_START_OF_SCAN = 0xDA, + + /* + * App-specific markers E0 - EF + * Variable size payload. + * Since several vendors might use the *same* APPn marker type, application- + * specific markers often begin with a standard or vendor name (e.g., "Exif" or + * "Adobe") or some other identifying string. + * + * Some known app specific markers include: + * 0xE0: + * - JFIF + * 0xE1: + * - Exif + * - XMP data, starts with http://ns.adobe.com/xap/1.0/\0 + * 0xE2: + * - ICC Profile Chunk. There could be multiple of these to fit the entire profile, see http://www.color.org/icc_specs2.xalter and http://www.color.org/specification/ICC1v43_2010-12.pdf Section B.4 + * 0xE8: + * - SPIFF. Not a common format, see http://fileformats.archiveteam.org/wiki/SPIFF + * 0xED: + * - IPTC / IMM metadata (a type of comment) + * - Photoshop data + * 0xEE: + * - AdobeRGB (as opposed to sRGB) + */ + JPEG_MARKER_SEGMENT_APP0 = 0xE0, + JPEG_MARKER_SEGMENT_APP1 = 0xE1, + JPEG_MARKER_SEGMENT_APP2 = 0xE2, + JPEG_MARKER_SEGMENT_APP3 = 0xE3, + JPEG_MARKER_SEGMENT_APP4 = 0xE4, + JPEG_MARKER_SEGMENT_APP5 = 0xE5, + JPEG_MARKER_SEGMENT_APP6 = 0xE6, + JPEG_MARKER_SEGMENT_APP7 = 0xE7, + JPEG_MARKER_SEGMENT_APP8 = 0xE8, + JPEG_MARKER_SEGMENT_APP9 = 0xE9, + JPEG_MARKER_SEGMENT_APP10 = 0xEA, + JPEG_MARKER_SEGMENT_APP11 = 0xEB, + JPEG_MARKER_SEGMENT_APP12 = 0xEC, + JPEG_MARKER_SEGMENT_APP13 = 0xED, + JPEG_MARKER_SEGMENT_APP14 = 0xEE, + JPEG_MARKER_SEGMENT_APP15 = 0xEF, + + /* DTI (?) + * + */ + JPEG_MARKER_SEGMENT_DTI = 0xF1, + + /* DTT (?) + * + */ + JPEG_MARKER_SEGMENT_DTT = 0xF2, + + /* JPG7 + * Variable size payload (?) + */ + JPEG_MARKER_SEGMENT_JPG7 = 0xF7, + + /* Comment (COM) + * Variable size payload. + */ + JPEG_MARKER_SEGMENT_COM_COMMENT = 0xFE, + + /* End of Image + * No payload + */ + JPEG_MARKER_SEGMENT_EOI_END_OF_IMAGE = 0xD9, + + /* Entropy-encoded (aka compressed) data markers. + * + * These aren't referenced since we don't parse the image data. + */ + JPEG_MARKER_NOT_A_MARKER_0x00 = 0x00, + JPEG_MARKER_NOT_A_MARKER_0xFF = 0xFF, + + /* Reset entropy-markers are inserted every r macroblocks, where r is the restart interval set by a DRI marker. + * Not used if there was no DRI segment-marker. + * The low three bits of the marker code cycle in value from 0 to 7 (i.e. D0 - D7). + */ + JPEG_MARKER_ENTROPY_RST0_RESET = 0xD0, + JPEG_MARKER_ENTROPY_RST1_RESET = 0xD1, + JPEG_MARKER_ENTROPY_RST2_RESET = 0xD2, + JPEG_MARKER_ENTROPY_RST3_RESET = 0xD3, + JPEG_MARKER_ENTROPY_RST4_RESET = 0xD4, + JPEG_MARKER_ENTROPY_RST5_RESET = 0xD5, + JPEG_MARKER_ENTROPY_RST6_RESET = 0xD6, + JPEG_MARKER_ENTROPY_RST7_RESET = 0xD7, +} jpeg_marker_t; + +// clang-format on + +static cl_error_t jpeg_check_photoshop_8bim(cli_ctx *ctx, size_t *off) +{ + cl_error_t retval; + const unsigned char *buf; + uint16_t ntmp; + uint8_t nlength, id[2]; + uint32_t size; + size_t offset = *off; + fmap_t *map = *ctx->fmap; + + if (!(buf = fmap_need_off_once(map, offset, 4 + 2 + 1))) { + cli_dbgmsg("read bim failed\n"); + return CL_BREAK; + } + if (memcmp(buf, "8BIM", 4) != 0) { + cli_dbgmsg("missed 8bim\n"); + return CL_BREAK; + } + + id[0] = (uint8_t)buf[4]; + id[1] = (uint8_t)buf[5]; + cli_dbgmsg("ID: 0x%.2x%.2x\n", id[0], id[1]); + nlength = buf[6]; + ntmp = nlength + ((((uint16_t)nlength) + 1) & 0x01); + offset += 4 + 2 + 1 + ntmp; + + if (fmap_readn(map, &size, offset, 4) != 4) { + return CL_BREAK; + } + size = be32_to_host(size); + if (size == 0) { + return CL_BREAK; + } + if ((size & 0x01) == 1) { + size++; } + *off = offset + 4 + size; + /* Is it a thumbnail image: 0x0409 or 0x040c */ + if ((id[0] == 0x04) && ((id[1] == 0x09) || (id[1] == 0x0c))) { + /* Yes */ + cli_dbgmsg("found thumbnail\n"); + } else { + /* No - Seek past record */ + return CL_CLEAN; + } + + /* Jump past header */ + offset += 4 + 28; + + /* Scan the thumbnail JPEG */ + retval = cli_magic_scan_nested_fmap_type(map, offset, 0, ctx, CL_TYPE_JPEG, "photoshop-thumbnail"); + + return retval; +} + cl_error_t cli_parsejpeg(cli_ctx *ctx) { - fmap_t *map = *ctx->fmap; - unsigned char marker, prev_marker, prev_segment = 0, v1, v2, buff[8]; - unsigned int offset = 0, i, len, comment = 0, segment = 0, app = 0; + cl_error_t status = CL_CLEAN; + + fmap_t *map = NULL; + jpeg_marker_t marker, prev_marker, prev_segment = JPEG_MARKER_NOT_A_MARKER_0x00; + uint8_t buff[50]; /* 50 should be sufficient for now */ + uint16_t len_u16; + unsigned int offset = 0, i, len, segment = 0; + bool found_comment = false; + bool found_app = false; + + uint32_t num_JFIF = 0; + uint32_t num_Exif = 0; + uint32_t num_SPIFF = 0; cli_dbgmsg("in cli_parsejpeg()\n"); + if (NULL == ctx) { + cli_dbgmsg("passed context was NULL\n"); + status = CL_EARG; + goto done; + } + map = *ctx->fmap; + if (fmap_readn(map, buff, offset, 4) != 4) - return CL_SUCCESS; /* Ignore */ + goto done; /* Ignore */ if (!memcmp(buff, "\xff\xd8\xff", 3)) offset = 2; else if (!memcmp(buff, "\xff\xd9\xff\xd8", 4)) offset = 4; else - return CL_SUCCESS; /* Not a JPEG file */ + goto done; /* Not a JPEG file */ while (1) { segment++; - prev_marker = 0; + prev_marker = JPEG_MARKER_NOT_A_MARKER_0x00; for (i = 0; offset < map->len && i < 16; i++) { - GETBYTE(marker); - if (prev_marker == 0xff && marker != 0xff) + uint8_t marker_u8; + if (fmap_readn(map, &marker_u8, offset, sizeof(marker_u8)) == sizeof(marker_u8)) { + offset += sizeof(marker_u8); + } else { + if (SCAN_HEURISTIC_BROKEN_MEDIA) { + cli_errmsg("JPEG: Failed to read marker, file corrupted?\n"); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.JPEG.CantReadMarker"); + status = CL_EPARSE; + } else { + cli_dbgmsg("Failed to read marker, file corrupted?\n"); + } + goto done; + } + marker = (jpeg_marker_t)marker_u8; + + if (prev_marker == JPEG_MARKER_NOT_A_MARKER_0xFF && marker != JPEG_MARKER_NOT_A_MARKER_0xFF) break; prev_marker = marker; } if (i == 16) { - cli_warnmsg("cli_parsejpeg: Spurious bytes before segment %u\n", segment); - return CL_EPARSE; + if (SCAN_HEURISTIC_BROKEN_MEDIA) { + cli_warnmsg("JPEG: Spurious bytes before segment %u\n", segment); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.JPEG.SpuriousBytesBeforeSegment"); + status = CL_EPARSE; + } else { + cli_dbgmsg("Spurious bytes before segment %u\n", segment); + } + goto done; } - if (offset == map->len) { - cli_warnmsg("cli_parsejpeg: Error looking for marker\n"); - return CL_EPARSE; - } - GETBYTE(v1); - GETBYTE(v2); - len = (unsigned int)(v1 << 8) | v2; - cli_dbgmsg("JPEG: Marker %02x, length %u\n", marker, len); + + /* + * Check for MS04-028 exploit (See: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-028) + * You can reproduce to test with https://www.exploit-db.com/exploits/474 + * Checking here because the exploit PoC will fail our length check, below. + */ + if (JPEG_MARKER_SEGMENT_COM_COMMENT == marker) { + if (fmap_readn(map, buff, offset, 2) == 2) { + if (buff[0] == 0x00) { + if ((buff[1] == 0x00) || (buff[1] == 0x01)) { + /* Found exploit */ + status = cli_append_virus(ctx, "Heuristics.Exploit.W32.MS04-028"); + goto done; + } + } + } + } + + if (fmap_readn(map, &len_u16, offset, sizeof(len_u16)) != sizeof(len_u16)) { + if (SCAN_HEURISTIC_BROKEN_MEDIA) { + cli_errmsg("JPEG: Failed to read the segment size, file corrupted?\n"); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.JPEG.CantReadSegmentSize"); + status = CL_EPARSE; + } else { + cli_dbgmsg("Failed to read the segment size, file corrupted?\n"); + } + goto done; + } + len = (unsigned int)be16_to_host(len_u16); + cli_dbgmsg("segment[%d] = 0x%02x, Length %u\n", segment, marker, len); + if (len < 2) { - cli_warnmsg("cli_parsejpeg: Invalid segment size\n"); - return CL_EPARSE; + if (SCAN_HEURISTIC_BROKEN_MEDIA) { + cli_warnmsg("JPEG: Invalid segment size\n"); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.JPEG.InvalidSegmentSize"); + status = CL_EPARSE; + } else { + cli_dbgmsg("Invalid segment size\n"); + } + goto done; } - if (len >= map->len - offset + 2) { - cli_warnmsg("cli_parsejpeg: Segment data out of file\n"); - return CL_EPARSE; + if (len >= map->len - offset + sizeof(len_u16)) { + if (SCAN_HEURISTIC_BROKEN_MEDIA) { + cli_warnmsg("JPEG: Segment data out of file\n"); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.JPEG.SegmentDataOutOfFile"); + status = CL_EPARSE; + } else { + cli_dbgmsg("Segment data out of file\n"); + } + goto done; } - offset += len - 2; + offset += len; switch (marker) { - case 0xe0: /* JFIF */ - if (app) { - cli_warnmsg("cli_parsejpeg: Duplicate Application Marker\n"); - return CL_EPARSE; - } - if (segment != 1 && (segment != 2 || !comment)) { - cli_warnmsg("cli_parsejpeg: JFIF marker at wrong position\n"); - return CL_EPARSE; - } - if (fmap_readn(map, buff, offset - len + 2, 5) != 5 || memcmp(buff, "JFIF\0", 5)) { - cli_warnmsg("cli_parsejpeg: No JFIF marker\n"); - return CL_EPARSE; - } - if (len < 16) { - cli_warnmsg("cli_parsejpeg: JFIF header too short\n"); - return CL_EPARSE; + case JPEG_MARKER_SEGMENT_APP0: + /* + * JFIF, maybe + */ + if ((fmap_readn(map, buff, offset - len + sizeof(len_u16), strlen("JFIF") + 1) == strlen("JFIF") + 1) && + (0 == memcmp(buff, "JFIF\0", strlen("JFIF") + 1))) { + /* Found a JFIF marker */ + cli_dbgmsg(" JFIF application marker\n"); + + if (SCAN_HEURISTIC_BROKEN_MEDIA) { + if (found_app && num_JFIF > 0) { + cli_warnmsg("JPEG: Duplicate Application Marker found (JFIF)\n"); + cli_warnmsg("JPEG: Already observed JFIF: %d, Exif: %d, SPIFF: %d\n", num_JFIF, num_Exif, num_SPIFF); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.JPEG.JFIFdupAppMarker"); + status = CL_EPARSE; + goto done; + } + if (!(segment == 1 || + (segment == 2 && found_comment) || + (segment == 2 && num_Exif > 0) || + (segment == 3 && found_comment && num_Exif > 0))) { + /* The JFIF segment is technically required to appear first, though it has been observed + * appearing in segment 2 in functional images when segment 1 is a comment or an Exif segment. + * If segment 1 wasn't a comment or Exif, then the file structure is unusual. */ + cli_warnmsg("JPEG: JFIF marker at wrong position, found in segment # %d\n", segment); + cli_warnmsg("JPEG: Already observed JFIF: %d, Exif: %d, SPIFF: %d\n", num_JFIF, num_Exif, num_SPIFF); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.JPEG.JFIFmarkerBadPosition"); + status = CL_EPARSE; + goto done; + } + if (len < 16) { + cli_warnmsg("JPEG: JFIF header too short\n"); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.JPEG.JFIFheaderTooShort"); + status = CL_EPARSE; + goto done; + } + } + found_app = true; + num_JFIF += 1; + } else { + /* Found something else. Eg could be an Ocad Revision # (eg "Ocad$Rev: 14797 $"), for example. + Whatever it is, we don't really care for now */ + cli_dbgmsg(" Unfamiliar use of application marker: 0x%02x\n", marker); } - app = 0xe0; break; - case 0xe1: /* EXIF */ - if (fmap_readn(map, buff, offset - len + 2, 7) != 7) { - cli_warnmsg("cli_parsejpeg: Can't read Exif header\n"); - return CL_EPARSE; - } - if (!memcmp(buff, "Exif\0\0", 6)) { - if (app && app != 0xe0) { - cli_warnmsg("cli_parsejpeg: Duplicate Application Marker\n"); - return CL_EPARSE; - } - if (segment > 3 && !comment && app != 0xe0) { - cli_warnmsg("cli_parsejpeg: Exif marker at wrong position\n"); - return CL_EPARSE; + case JPEG_MARKER_SEGMENT_APP1: + /* + * Exif, or maybe XMP data + */ + if ((fmap_readn(map, buff, offset - len + sizeof(len_u16), strlen("Exif") + 2) == strlen("Exif") + 2) && + (0 == memcmp(buff, "Exif\0\0", strlen("Exif") + 2))) { + /* Found an Exif marker */ + cli_dbgmsg(" Exif application marker\n"); + + if (SCAN_HEURISTIC_BROKEN_MEDIA) { + if (found_app && (num_Exif > 0 || num_SPIFF > 0)) { + cli_warnmsg("JPEG: Duplicate Application Marker found (Exif)\n"); + cli_warnmsg("JPEG: Already observed JFIF: %d, Exif: %d, SPIFF: %d\n", num_JFIF, num_Exif, num_SPIFF); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.JPEG.ExifDupAppMarker"); + status = CL_EPARSE; + goto done; + } + if (segment > 3 && !found_comment && num_JFIF > 0) { + /* If Exif was found after segment 3 and previous segments weren't a comment or JFIF, something is unusual. */ + cli_warnmsg("JPEG: Exif marker at wrong position\n"); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.JPEG.ExifHeaderBadPosition"); + status = CL_EPARSE; + goto done; + } + if (len < 16) { + cli_warnmsg("JPEG: Exif header too short\n"); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.JPEG.ExifHeaderTooShort"); + status = CL_EPARSE; + goto done; + } } - } else if (!memcmp(buff, "http://", 7)) { - cli_dbgmsg("JPEG: XMP data in segment %u\n", segment); + found_app = true; + num_Exif += 1; + } else if ((fmap_readn(map, buff, offset - len + sizeof(len_u16), strlen("http://")) == strlen("http://")) && + (0 == memcmp(buff, "http://", strlen("http://")))) { + cli_dbgmsg(" XMP metadata\n"); + found_comment = true; } else { - cli_warnmsg("cli_parsejpeg: Invalid Exif header\n"); - return CL_EPARSE; - } - if (len < 16) { - cli_warnmsg("cli_parsejpeg: Exif header too short\n"); - return CL_EPARSE; + cli_dbgmsg(" Unfamiliar use of application marker: 0x%02x\n", marker); } - app = 0xe1; break; - case 0xe8: /* SPIFF */ - if (app) { - cli_warnmsg("cli_parsejpeg: Duplicate Application Marker\n"); - return CL_EPARSE; - } - if (segment != 1 && (segment != 2 || !comment)) { - cli_warnmsg("cli_parsejpeg: SPIFF marker at wrong position\n"); - return CL_EPARSE; - } - if (fmap_readn(map, buff, offset - len + 2, 6) != 6 || memcmp(buff, "SPIFF\0", 6)) { - cli_warnmsg("cli_parsejpeg: No SPIFF marker\n"); - return CL_EPARSE; + case JPEG_MARKER_SEGMENT_APP2: + /* + * ICC Profile + */ + if ((fmap_readn(map, buff, offset - len + sizeof(len_u16), strlen("ICC_PROFILE") + 2) == strlen("ICC_PROFILE") + 2) && + (0 == memcmp(buff, "ICC_PROFILE\0", strlen("ICC_PROFILE") + 1))) { + /* Found ICC Profile Chunk. Let's print out the chunk #, which follows "ICC_PROFILE\0"... */ + uint8_t chunk_no = buff[strlen("ICC_PROFILE") + 1]; + cli_dbgmsg(" ICC Profile, chunk # %d\n", chunk_no); + } else { + cli_dbgmsg(" Unfamiliar use of application marker: 0x%02x\n", marker); } - if (len < 16) { - cli_warnmsg("cli_parsejpeg: SPIFF header too short\n"); - return CL_EPARSE; + break; + + case JPEG_MARKER_SEGMENT_APP8: + /* + * SPIFF + */ + if ((fmap_readn(map, buff, offset - len + sizeof(len_u16), strlen("SPIFF") + 1) == strlen("SPIFF") + 1) && + (0 == memcmp(buff, "SPIFF\0", strlen("SPIFF") + 1))) { + /* Found SPIFF application marker */ + cli_dbgmsg(" SPIFF application marker\n"); + + if (SCAN_HEURISTIC_BROKEN_MEDIA) { + if (found_app) { + cli_warnmsg("JPEG: Duplicate Application Marker found (SPIFF)\n"); + cli_warnmsg("JPEG: Already observed JFIF: %d, Exif: %d, SPIFF: %d\n", num_JFIF, num_Exif, num_SPIFF); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.JPEG.SPIFFdupAppMarker"); + status = CL_EPARSE; + goto done; + } + if (segment != 1 && (segment != 2 || !found_comment)) { + cli_warnmsg("JPEG: SPIFF marker at wrong position\n"); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.JPEG.SPIFFmarkerBadPosition"); + status = CL_EPARSE; + goto done; + } + if (len < 16) { + cli_warnmsg("JPEG: SPIFF header too short\n"); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.JPEG.SPIFFheaderTooShort"); + status = CL_EPARSE; + goto done; + } + } + found_app = true; + num_SPIFF += 1; + } else { + cli_dbgmsg(" Unfamiliar use of application marker: 0x%02x\n", marker); } - app = 0xe8; break; - case 0xf7: /* JPG7 */ - if (app) { - cli_warnmsg("cli_parsejpeg: Application Marker before JPG7\n"); - return CL_EPARSE; + case JPEG_MARKER_SEGMENT_APP13: + /* + * Check for Photoshop information + * Example file to test with: 2c5883a964917aa54c8b3e2c70dabf0a7b06ba8c21bcbaf6f1c19501be9d9196 + */ + if ((fmap_readn(map, buff, offset - len + sizeof(len_u16), strlen("Photoshop 3.0") + 1) == strlen("Photoshop 3.0") + 1) && + (0 == memcmp(buff, "Photoshop 3.0\0", strlen("Photoshop 3.0") + 1))) { + /* Found a Photoshop file */ + size_t photoshop_data_offset = offset - len + sizeof(len_u16) + strlen("Photoshop 3.0") + 1; + size_t old_offset; + + cli_dbgmsg("Found Photoshop segment\n"); + do { + old_offset = photoshop_data_offset; + status = jpeg_check_photoshop_8bim(ctx, &photoshop_data_offset); + if (photoshop_data_offset <= old_offset) + break; + } while (status == CL_CLEAN); + + if (status == CL_BREAK) { + status = CL_CLEAN; + } + } else { + cli_dbgmsg(" Unfamiliar use of application marker: 0x%02x\n", marker); } - return CL_SUCCESS; + found_comment = true; + break; - case 0xda: /* SOS */ - if (!app) { - cli_warnmsg("cli_parsejpeg: Invalid file structure\n"); - return CL_EPARSE; + case JPEG_MARKER_SEGMENT_APP14: + /* + * Adobe RGB, probably + */ + if ((fmap_readn(map, buff, offset - len + sizeof(len_u16), strlen("Adobe") + 1) == strlen("Adobe") + 1) && + (0 == memcmp(buff, "Adobe\0", strlen("Adobe") + 1))) { + cli_dbgmsg(" AdobeRGB application marker\n"); + } else { + /* Not Adobe, dunno what this is. */ + cli_dbgmsg(" Unfamiliar use of application marker: 0x%02x\n", marker); } - return CL_SUCCESS; + break; + + case JPEG_MARKER_SEGMENT_APP3: + case JPEG_MARKER_SEGMENT_APP4: + case JPEG_MARKER_SEGMENT_APP5: + case JPEG_MARKER_SEGMENT_APP6: + case JPEG_MARKER_SEGMENT_APP7: + case JPEG_MARKER_SEGMENT_APP9: + case JPEG_MARKER_SEGMENT_APP10: + case JPEG_MARKER_SEGMENT_APP11: + case JPEG_MARKER_SEGMENT_APP12: + case JPEG_MARKER_SEGMENT_APP15: + /* + * Unknown + */ + cli_dbgmsg(" Unfamiliar application marker: 0x%02x\n", marker); + break; + + case JPEG_MARKER_SEGMENT_S0F0_START_OF_FRAME_BASELINE_DCT: + case JPEG_MARKER_SEGMENT_S0F1_START_OF_FRAME_EXT_SEQ_DCT: + case JPEG_MARKER_SEGMENT_S0F2_START_OF_FRAME_PROG_DCT: + case JPEG_MARKER_SEGMENT_S0F3_START_OF_FRAME_DIFF_SEQ_DCT: + case JPEG_MARKER_SEGMENT_S0F5_START_OF_FRAME_DIFF_SEQ_DCT: + case JPEG_MARKER_SEGMENT_S0F6_START_OF_FRAME_DIFF_PROG_DCT: + case JPEG_MARKER_SEGMENT_S0F7_START_OF_FRAME_DIFF_LOSSLESS_DCT: + case JPEG_MARKER_SEGMENT_S0F9_START_OF_FRAME_DIFF_SEQ_ARITH: + case JPEG_MARKER_SEGMENT_S0F10_START_OF_FRAME_DIFF_PROG_ARITH: + case JPEG_MARKER_SEGMENT_S0F11_START_OF_FRAME_DIFF_LOSSLESS_ARITH: + cli_dbgmsg(" Start of Frame (S0F) %02x\n", (uint8_t)marker); + break; - case 0xd9: /* EOI */ - cli_warnmsg("cli_parsejpeg: No image in jpeg\n"); - return CL_EPARSE; + case JPEG_MARKER_SEGMENT_DHT_DEFINE_HUFFMAN_TABLES: + cli_dbgmsg(" Huffman Tables definitions (DHT)\n"); + break; - case 0xfe: /* COM */ - comment = 1; + case JPEG_MARKER_SEGMENT_DQT_DEFINE_QUANTIZATION_TABLES: + cli_dbgmsg(" Quantization Tables definitions (DQT)\n"); break; - case 0xed: /* IPTC */ - comment = 1; + case JPEG_MARKER_SEGMENT_DRI_DEFINE_RESTART_INTERVAL: + cli_dbgmsg(" Restart Interval definition (DRI)\n"); break; - case 0xf2: /* DTT */ - if (prev_segment != 0xf1) { - cli_warnmsg("cli_parsejpeg: No DTI segment before DTT\n"); - return CL_EPARSE; + case JPEG_MARKER_SEGMENT_JPG7: /* JPG7 */ + cli_dbgmsg(" JPG7 segment marker\n"); + if (found_app) { + if (SCAN_HEURISTIC_BROKEN_MEDIA) { + cli_warnmsg("JPEG: Application Marker before JPG7\n"); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.JPEG.AppMarkerBeforeJPG7"); + status = CL_EPARSE; + goto done; + } + } + goto done; + + case JPEG_MARKER_SEGMENT_SOS_START_OF_SCAN: /* SOS */ + cli_dbgmsg(" Start of Scan (SOS) segment marker\n"); + if (!found_app) { + cli_dbgmsg(" Found the Start-of-Scan segment without identifying the JPEG application type.\n"); + } + /* What follows would be scan data (compressed image data), + * parsing is not presently required for validation purposes + * so we'll just call it quits. */ + goto done; + + case JPEG_MARKER_SEGMENT_EOI_END_OF_IMAGE: /* EOI (End of Image) */ + cli_dbgmsg(" End of Image (EOI) segment marker\n"); + /* + * We shouldn't reach this marker because we exit out when we hit the Start of Scan marker. + */ + if (SCAN_HEURISTIC_BROKEN_MEDIA) { + cli_warnmsg("JPEG: No image in jpeg\n"); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.JPEG.NoImages"); + status = CL_EPARSE; + } + goto done; + + case JPEG_MARKER_SEGMENT_COM_COMMENT: /* COM (comment) */ + cli_dbgmsg(" Comment (COM) segment marker\n"); + found_comment = true; + break; + + case JPEG_MARKER_SEGMENT_DTI: /* DTI */ + cli_dbgmsg(" DTI segment marker\n"); + break; + + case JPEG_MARKER_SEGMENT_DTT: /* DTT */ + cli_dbgmsg(" DTT segment marker\n"); + if (SCAN_HEURISTIC_BROKEN_MEDIA) { + if (prev_segment != JPEG_MARKER_SEGMENT_DTI) { + cli_warnmsg("JPEG: No DTI segment before DTT\n"); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.JPEG.DTTMissingDTISegment"); + status = CL_EPARSE; + goto done; + } } break; default: + /* Some unknown marker we don't presently handle, don't worry about it. */ break; } + prev_segment = marker; } - return CL_SUCCESS; + +done: + if (status == CL_EPARSE) { + /* We added with cli_append_possibly_unwanted so it will alert at the end if nothing else matches. */ + status = CL_CLEAN; + } + + return status; } diff -Nru clamav-0.103.0+dfsg/libclamav/jpeg.h clamav-0.103.2+dfsg/libclamav/jpeg.h --- clamav-0.103.0+dfsg/libclamav/jpeg.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/jpeg.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2011-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/libclamav/json_api.c clamav-0.103.2+dfsg/libclamav/json_api.c --- clamav-0.103.0+dfsg/libclamav/json_api.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/json_api.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * JSON Object API * - * Copyright (C) 2014-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2014-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Kevin Lin * diff -Nru clamav-0.103.0+dfsg/libclamav/json_api.h clamav-0.103.2+dfsg/libclamav/json_api.h --- clamav-0.103.0+dfsg/libclamav/json_api.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/json_api.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * JSON Object API * - * Copyright (C) 2014-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2014-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Kevin Lin * diff -Nru clamav-0.103.0+dfsg/libclamav/jsparse/js-norm.c clamav-0.103.2+dfsg/libclamav/jsparse/js-norm.c --- clamav-0.103.0+dfsg/libclamav/jsparse/js-norm.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/jsparse/js-norm.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Javascript normalizer. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/jsparse/js-norm.h clamav-0.103.2+dfsg/libclamav/jsparse/js-norm.h --- clamav-0.103.0+dfsg/libclamav/jsparse/js-norm.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/jsparse/js-norm.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Javascript normalizer. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/jsparse/lexglobal.h clamav-0.103.2+dfsg/libclamav/jsparse/lexglobal.h --- clamav-0.103.0+dfsg/libclamav/jsparse/lexglobal.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/jsparse/lexglobal.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Javascript normalizer. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/libclamav_main.c clamav-0.103.2+dfsg/libclamav/libclamav_main.c --- clamav-0.103.0+dfsg/libclamav/libclamav_main.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/libclamav_main.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2010-2013 Sourcefire, Inc. * * Authors: aCaB diff -Nru clamav-0.103.0+dfsg/libclamav/libclamav.map clamav-0.103.2+dfsg/libclamav/libclamav.map --- clamav-0.103.0+dfsg/libclamav/libclamav.map 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/libclamav.map 2021-04-06 19:03:43.000000000 +0000 @@ -262,6 +262,9 @@ cli_basename; cli_realpath; cli_codepage_to_utf8; + cli_get_filepath_from_filedesc; + fmap_duplicate; + free_duplicate_fmap; __cli_strcasestr; __cli_strndup; diff -Nru clamav-0.103.0+dfsg/libclamav/line.c clamav-0.103.2+dfsg/libclamav/line.c --- clamav-0.103.0+dfsg/libclamav/line.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/line.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Nigel Horne diff -Nru clamav-0.103.0+dfsg/libclamav/line.h clamav-0.103.2+dfsg/libclamav/line.h --- clamav-0.103.0+dfsg/libclamav/line.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/line.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Nigel Horne diff -Nru clamav-0.103.0+dfsg/libclamav/lzma_iface.c clamav-0.103.2+dfsg/libclamav/lzma_iface.c --- clamav-0.103.0+dfsg/libclamav/lzma_iface.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/lzma_iface.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: aCaB diff -Nru clamav-0.103.0+dfsg/libclamav/lzma_iface.h clamav-0.103.2+dfsg/libclamav/lzma_iface.h --- clamav-0.103.0+dfsg/libclamav/lzma_iface.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/lzma_iface.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Alberto Wu diff -Nru clamav-0.103.0+dfsg/libclamav/macho.c clamav-0.103.2+dfsg/libclamav/macho.c --- clamav-0.103.0+dfsg/libclamav/macho.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/macho.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/libclamav/macho.h clamav-0.103.2+dfsg/libclamav/macho.h --- clamav-0.103.0+dfsg/libclamav/macho.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/macho.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/libclamav/Makefile.am clamav-0.103.2+dfsg/libclamav/Makefile.am --- clamav-0.103.0+dfsg/libclamav/Makefile.am 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/Makefile.am 2021-04-06 19:03:42.000000000 +0000 @@ -1,5 +1,5 @@ # -# Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. # Copyright (C) 2007-2013 Sourcefire, Inc. # Copyright (C) 2002-2007 Tomasz Kojm # diff -Nru clamav-0.103.0+dfsg/libclamav/Makefile.in clamav-0.103.2+dfsg/libclamav/Makefile.in --- clamav-0.103.0+dfsg/libclamav/Makefile.in 2020-09-13 00:27:51.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/Makefile.in 2021-04-06 19:04:44.000000000 +0000 @@ -15,7 +15,7 @@ @SET_MAKE@ # -# Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. # Copyright (C) 2007-2013 Sourcefire, Inc. # Copyright (C) 2002-2007 Tomasz Kojm # diff -Nru clamav-0.103.0+dfsg/libclamav/matcher-ac.c clamav-0.103.2+dfsg/libclamav/matcher-ac.c --- clamav-0.103.0+dfsg/libclamav/matcher-ac.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/matcher-ac.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/libclamav/matcher-ac.h clamav-0.103.2+dfsg/libclamav/matcher-ac.h --- clamav-0.103.0+dfsg/libclamav/matcher-ac.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/matcher-ac.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/libclamav/matcher-bm.c clamav-0.103.2+dfsg/libclamav/matcher-bm.c --- clamav-0.103.0+dfsg/libclamav/matcher-bm.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/matcher-bm.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/libclamav/matcher-bm.h clamav-0.103.2+dfsg/libclamav/matcher-bm.h --- clamav-0.103.0+dfsg/libclamav/matcher-bm.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/matcher-bm.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/libclamav/matcher-byte-comp.c clamav-0.103.2+dfsg/libclamav/matcher-byte-comp.c --- clamav-0.103.0+dfsg/libclamav/matcher-byte-comp.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/matcher-byte-comp.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Byte comparison matcher support functions * - * Copyright (C) 2018-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2018-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Mickey Sola * diff -Nru clamav-0.103.0+dfsg/libclamav/matcher-byte-comp.h clamav-0.103.2+dfsg/libclamav/matcher-byte-comp.h --- clamav-0.103.0+dfsg/libclamav/matcher-byte-comp.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/matcher-byte-comp.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Support for matcher using byte compare * - * Copyright (C) 2018-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2018-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Mickey Sola * diff -Nru clamav-0.103.0+dfsg/libclamav/matcher.c clamav-0.103.2+dfsg/libclamav/matcher.c --- clamav-0.103.0+dfsg/libclamav/matcher.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/matcher.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/libclamav/matcher.h clamav-0.103.2+dfsg/libclamav/matcher.h --- clamav-0.103.0+dfsg/libclamav/matcher.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/matcher.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm @@ -163,8 +163,8 @@ cli_file_t ctype; /* container type */ regex_t name; /* filename regex */ size_t csize[2]; /* container size (min, max); if csize[0] != csize[1] - * then value of 0 makes the field ignored - */ + * then value of 0 makes the field ignored + */ size_t fsizec[2]; /* file size in container */ size_t fsizer[2]; /* real file size */ int encrypted; /* file is encrypted; 2 == ignore */ @@ -175,7 +175,7 @@ struct cli_cdb *next; }; -#define CLI_MAX_TARGETS 2 /* maximum filetypes for a specific target */ +#define CLI_MAX_TARGETS 10 /* maximum filetypes for a specific target */ struct cli_mtarget { cli_file_t target[CLI_MAX_TARGETS]; const char *name; @@ -185,26 +185,26 @@ uint8_t target_count; /* must be synced with non-zero values in the target array */ }; -// clang-format off - #define CLI_MTARGETS 15 -static const struct cli_mtarget cli_mtargets[CLI_MTARGETS] = { - { {0, 0}, "GENERIC", 0, 0, 1, 1 }, - { {CL_TYPE_MSEXE, 0}, "PE", 1, 0, 1, 1 }, - { {CL_TYPE_MSOLE2, 0}, "OLE2", 2, 1, 0, 1 }, - { {CL_TYPE_HTML, 0}, "HTML", 3, 1, 0, 1 }, - { {CL_TYPE_MAIL, 0}, "MAIL", 4, 1, 1, 1 }, - { {CL_TYPE_GRAPHICS, 0}, "GRAPHICS", 5, 1, 0, 1 }, - { {CL_TYPE_ELF, 0}, "ELF", 6, 1, 0, 1 }, - { {CL_TYPE_TEXT_ASCII, 0}, "ASCII", 7, 1, 1, 1 }, - { {CL_TYPE_ERROR, 0}, "NOT USED", 8, 1, 0, 1 }, - { {CL_TYPE_MACHO, CL_TYPE_MACHO_UNIBIN}, "MACH-O", 9, 1, 0, 2 }, - { {CL_TYPE_PDF, 0}, "PDF", 10, 1, 0, 1 }, - { {CL_TYPE_SWF, 0}, "FLASH", 11, 1, 0, 1 }, - { {CL_TYPE_JAVA, 0}, "JAVA", 12, 1, 0, 1 }, - { {CL_TYPE_INTERNAL, 0}, "INTERNAL", 13, 1, 0, 1 }, - { {CL_TYPE_OTHER, 0}, "OTHER", 14, 1, 0, 1 } -}; +static const struct cli_mtarget cli_mtargets[CLI_MTARGETS] = { + /* All types for target, name, idx, ac_only, pre-filtering?, # of types */ + {{0, 0, 0, 0, 0, 0, 0, 0, 0, 0}, "GENERIC", 0, 0, 1, 1}, + {{CL_TYPE_MSEXE, 0, 0, 0, 0, 0, 0, 0, 0, 0}, "PE", 1, 0, 1, 1}, + {{CL_TYPE_MSOLE2, 0, 0, 0, 0, 0, 0, 0, 0, 0}, "OLE2", 2, 1, 0, 1}, + {{CL_TYPE_HTML, 0, 0, 0, 0, 0, 0, 0, 0, 0}, "HTML", 3, 1, 0, 1}, + {{CL_TYPE_MAIL, 0, 0, 0, 0, 0, 0, 0, 0, 0}, "MAIL", 4, 1, 1, 1}, + {{CL_TYPE_GRAPHICS, CL_TYPE_GIF, CL_TYPE_PNG, CL_TYPE_JPEG, CL_TYPE_TIFF, 0, 0, 0, 0, 0}, "GRAPHICS", 5, 1, 0, 5}, + {{CL_TYPE_ELF, 0, 0, 0, 0, 0, 0, 0, 0, 0}, "ELF", 6, 1, 0, 1}, + {{CL_TYPE_TEXT_ASCII, 0, 0, 0, 0, 0, 0, 0, 0, 0}, "ASCII", 7, 1, 1, 1}, + {{CL_TYPE_ERROR, 0, 0, 0, 0, 0, 0, 0, 0, 0}, "NOT USED", 8, 1, 0, 1}, + {{CL_TYPE_MACHO, CL_TYPE_MACHO_UNIBIN, 0, 0, 0, 0, 0, 0, 0, 0}, "MACH-O", 9, 1, 0, 2}, + {{CL_TYPE_PDF, 0, 0, 0, 0, 0, 0, 0, 0, 0}, "PDF", 10, 1, 0, 1}, + {{CL_TYPE_SWF, 0, 0, 0, 0, 0, 0, 0, 0, 0}, "FLASH", 11, 1, 0, 1}, + {{CL_TYPE_JAVA, 0, 0, 0, 0, 0, 0, 0, 0, 0}, "JAVA", 12, 1, 0, 1}, + {{CL_TYPE_INTERNAL, 0, 0, 0, 0, 0, 0, 0, 0, 0}, "INTERNAL", 13, 1, 0, 1}, + {{CL_TYPE_OTHER, 0, 0, 0, 0, 0, 0, 0, 0, 0}, "OTHER", 14, 1, 0, 1}}; + +// clang-format off #define CLI_OFF_ANY 0xffffffff #define CLI_OFF_NONE 0xfffffffe diff -Nru clamav-0.103.0+dfsg/libclamav/matcher-hash.c clamav-0.103.2+dfsg/libclamav/matcher-hash.c --- clamav-0.103.0+dfsg/libclamav/matcher-hash.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/matcher-hash.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2010-2013 Sourcefire, Inc. * * Authors: aCaB diff -Nru clamav-0.103.0+dfsg/libclamav/matcher-hash.h clamav-0.103.2+dfsg/libclamav/matcher-hash.h --- clamav-0.103.0+dfsg/libclamav/matcher-hash.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/matcher-hash.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2010-2013 Sourcefire, Inc. * * Authors: aCaB diff -Nru clamav-0.103.0+dfsg/libclamav/matcher-pcre.c clamav-0.103.2+dfsg/libclamav/matcher-pcre.c --- clamav-0.103.0+dfsg/libclamav/matcher-pcre.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/matcher-pcre.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Support for matcher using PCRE * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Kevin Lin diff -Nru clamav-0.103.0+dfsg/libclamav/matcher-pcre.h clamav-0.103.2+dfsg/libclamav/matcher-pcre.h --- clamav-0.103.0+dfsg/libclamav/matcher-pcre.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/matcher-pcre.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Support for matcher using PCRE * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Kevin Lin diff -Nru clamav-0.103.0+dfsg/libclamav/mbox.c clamav-0.103.2+dfsg/libclamav/mbox.c --- clamav-0.103.0+dfsg/libclamav/mbox.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/mbox.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Nigel Horne @@ -458,6 +458,7 @@ body = parseEmailHeaders(m, rfc821, &heuristicFound); if (body == NULL) { messageReset(m); + messageSetCTX(m, ctx); if (heuristicFound) { retcode = CL_VIRUS; break; @@ -469,8 +470,9 @@ if (messageGetBody(body)) { mbox_status rc = parseEmailBody(body, NULL, &mctx, 0); if (rc == FAIL) { - messageReset(body); m = body; + messageReset(m); + messageSetCTX(m, ctx); continue; } else if (rc == VIRUS) { cli_dbgmsg("Message number %d is infected\n", @@ -489,8 +491,8 @@ * called */ m = body; - messageReset(body); - messageSetCTX(body, ctx); + messageReset(m); + messageSetCTX(m, ctx); cli_dbgmsg("Finished processing message\n"); } else @@ -3711,7 +3713,7 @@ while ((dent = readdir(dd))) { FILE *fin; - char buffer[BUFSIZ], fullname[PATH_MAX + 1]; + char buffer[BUFSIZ], fullname[PATH_MAX + 1 + 256 + 1]; int nblanks; STATBUF statb; const char *dentry_idpart; diff -Nru clamav-0.103.0+dfsg/libclamav/mbox.h clamav-0.103.2+dfsg/libclamav/mbox.h --- clamav-0.103.0+dfsg/libclamav/mbox.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/mbox.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Nigel Horne diff -Nru clamav-0.103.0+dfsg/libclamav/mbr.c clamav-0.103.2+dfsg/libclamav/mbr.c --- clamav-0.103.0+dfsg/libclamav/mbr.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/mbr.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2014-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2014-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Kevin Lin * @@ -64,17 +64,17 @@ SEEN_EMPTY }; -static int mbr_scanextprtn(cli_ctx *ctx, unsigned *prtncount, off_t extlba, +static int mbr_scanextprtn(cli_ctx *ctx, unsigned *prtncount, size_t extlba, size_t extlbasize, size_t sectorsize); static int mbr_check_mbr(struct mbr_boot_record *record, size_t maplen, size_t sectorsize); static int mbr_check_ebr(struct mbr_boot_record *record); static int mbr_primary_partition_intersection(cli_ctx *ctx, struct mbr_boot_record mbr, size_t sectorsize); -static int mbr_extended_partition_intersection(cli_ctx *ctx, unsigned *prtncount, off_t extlba, size_t sectorsize); +static int mbr_extended_partition_intersection(cli_ctx *ctx, unsigned *prtncount, size_t extlba, size_t sectorsize); int cli_mbr_check(const unsigned char *buff, size_t len, size_t maplen) { struct mbr_boot_record mbr; - off_t mbr_base = 0; + size_t mbr_base = 0; size_t sectorsize = 512; if (len < sectorsize) { @@ -94,7 +94,7 @@ int cli_mbr_check2(cli_ctx *ctx, size_t sectorsize) { struct mbr_boot_record mbr; - off_t pos = 0, mbr_base = 0; + size_t pos = 0, mbr_base = 0; size_t maplen; if (!ctx || !ctx->fmap) { @@ -140,7 +140,7 @@ struct mbr_boot_record mbr; enum MBR_STATE state = SEEN_NOTHING; int ret = CL_CLEAN, detection = CL_CLEAN; - off_t pos = 0, mbr_base = 0, partoff = 0; + size_t pos = 0, mbr_base = 0, partoff = 0; unsigned i = 0, prtncount = 0; size_t maplen, partsize; @@ -210,10 +210,10 @@ cli_dbgmsg("MBR Partition Entry %u:\n", i); cli_dbgmsg("Status: %u\n", mbr.entries[i].status); cli_dbgmsg("Type: %x\n", mbr.entries[i].type); - cli_dbgmsg("Blocks: [%u, +%u), ([%lu, +%lu))\n", + cli_dbgmsg("Blocks: [%u, +%u), ([%zu, +%zu))\n", mbr.entries[i].firstLBA, mbr.entries[i].numLBA, - (unsigned long)(mbr.entries[i].firstLBA * sectorsize), - (unsigned long)(mbr.entries[i].numLBA * sectorsize)); + mbr.entries[i].firstLBA * sectorsize, + mbr.entries[i].numLBA * sectorsize); /* Handle MBR entry based on type */ if (mbr.entries[i].type == MBR_EMPTY) { @@ -257,12 +257,12 @@ return detection; } -static int mbr_scanextprtn(cli_ctx *ctx, unsigned *prtncount, off_t extlba, size_t extlbasize, size_t sectorsize) +static int mbr_scanextprtn(cli_ctx *ctx, unsigned *prtncount, size_t extlba, size_t extlbasize, size_t sectorsize) { struct mbr_boot_record ebr; enum MBR_STATE state = SEEN_NOTHING; int ret = CL_CLEAN, detection = CL_CLEAN; - off_t pos = 0, mbr_base = 0, logiclba = 0, extoff = 0, partoff = 0; + size_t pos = 0, mbr_base = 0, logiclba = 0, extoff = 0, partoff = 0; size_t partsize, extsize; unsigned i = 0, j = 0; @@ -424,7 +424,7 @@ static int mbr_check_mbr(struct mbr_boot_record *record, size_t maplen, size_t sectorsize) { unsigned i = 0; - off_t partoff = 0; + size_t partoff = 0; size_t partsize = 0; for (i = 0; i < MBR_MAX_PARTITION_ENTRIES; ++i) { @@ -540,13 +540,13 @@ } /* checks internal logical partitions */ -static int mbr_extended_partition_intersection(cli_ctx *ctx, unsigned *prtncount, off_t extlba, size_t sectorsize) +static int mbr_extended_partition_intersection(cli_ctx *ctx, unsigned *prtncount, size_t extlba, size_t sectorsize) { struct mbr_boot_record ebr; partition_intersection_list_t prtncheck; unsigned i, pitxn; int ret = CL_CLEAN, tmp = CL_CLEAN, mbr_base = 0; - off_t pos = 0, logiclba = 0; + size_t pos = 0, logiclba = 0; int virus_found = 0; mbr_base = sectorsize - sizeof(struct mbr_boot_record); diff -Nru clamav-0.103.0+dfsg/libclamav/mbr.h clamav-0.103.2+dfsg/libclamav/mbr.h --- clamav-0.103.0+dfsg/libclamav/mbr.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/mbr.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2014-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2014-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Kevin Lin * diff -Nru clamav-0.103.0+dfsg/libclamav/message.c clamav-0.103.2+dfsg/libclamav/message.c --- clamav-0.103.0+dfsg/libclamav/message.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/message.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Nigel Horne diff -Nru clamav-0.103.0+dfsg/libclamav/message.h clamav-0.103.2+dfsg/libclamav/message.h --- clamav-0.103.0+dfsg/libclamav/message.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/message.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Nigel Horne diff -Nru clamav-0.103.0+dfsg/libclamav/mew.c clamav-0.103.2+dfsg/libclamav/mew.c --- clamav-0.103.0+dfsg/libclamav/mew.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/mew.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Michal 'GiM' Spadlinski diff -Nru clamav-0.103.0+dfsg/libclamav/mew.h clamav-0.103.2+dfsg/libclamav/mew.h --- clamav-0.103.0+dfsg/libclamav/mew.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/mew.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Michal 'GiM' Spadlinski diff -Nru clamav-0.103.0+dfsg/libclamav/mpool.c clamav-0.103.2+dfsg/libclamav/mpool.c --- clamav-0.103.0+dfsg/libclamav/mpool.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/mpool.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Authors: aCaB diff -Nru clamav-0.103.0+dfsg/libclamav/mpool.h clamav-0.103.2+dfsg/libclamav/mpool.h --- clamav-0.103.0+dfsg/libclamav/mpool.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/mpool.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Authors: aCaB diff -Nru clamav-0.103.0+dfsg/libclamav/msdoc.c clamav-0.103.2+dfsg/libclamav/msdoc.c --- clamav-0.103.0+dfsg/libclamav/msdoc.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/msdoc.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Extract component parts of OLE2 files (e.g. MS Office Documents) * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Kevin Lin diff -Nru clamav-0.103.0+dfsg/libclamav/msdoc.h clamav-0.103.2+dfsg/libclamav/msdoc.h --- clamav-0.103.0+dfsg/libclamav/msdoc.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/msdoc.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Extract component parts of OLE2 files (e.g. MS Office Documents) * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Kevin Lin diff -Nru clamav-0.103.0+dfsg/libclamav/msexpand.c clamav-0.103.2+dfsg/libclamav/msexpand.c --- clamav-0.103.0+dfsg/libclamav/msexpand.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/msexpand.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/libclamav/msexpand.h clamav-0.103.2+dfsg/libclamav/msexpand.h --- clamav-0.103.0+dfsg/libclamav/msexpand.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/msexpand.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/libclamav/msxml.c clamav-0.103.2+dfsg/libclamav/msxml.c --- clamav-0.103.0+dfsg/libclamav/msxml.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/msxml.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Extract component parts of MS XML files (e.g. MS Office 2003 XML Documents) * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Kevin Lin diff -Nru clamav-0.103.0+dfsg/libclamav/msxml.h clamav-0.103.2+dfsg/libclamav/msxml.h --- clamav-0.103.0+dfsg/libclamav/msxml.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/msxml.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Extract component parts of MS XML files (e.g. MS Office 2003 XML Documents) * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Kevin Lin diff -Nru clamav-0.103.0+dfsg/libclamav/msxml_parser.c clamav-0.103.2+dfsg/libclamav/msxml_parser.c --- clamav-0.103.0+dfsg/libclamav/msxml_parser.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/msxml_parser.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Extract component parts of various MS XML files (e.g. MS Office 2003 XML Documents) * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Kevin Lin diff -Nru clamav-0.103.0+dfsg/libclamav/msxml_parser.h clamav-0.103.2+dfsg/libclamav/msxml_parser.h --- clamav-0.103.0+dfsg/libclamav/msxml_parser.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/msxml_parser.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Extract component parts of various MS XML files (e.g. MS Office 2003 XML Documents) * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Kevin Lin diff -Nru clamav-0.103.0+dfsg/libclamav/ole2_extract.c clamav-0.103.2+dfsg/libclamav/ole2_extract.c --- clamav-0.103.0+dfsg/libclamav/ole2_extract.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/ole2_extract.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Trog @@ -942,7 +942,7 @@ /** * Scan through a buffer of BIFF records and find PARSERNAME, BOUNDSHEET records (Which indicate XLM macros). * BIFF streams follow the format OOLLDDDDDDDDD..., where OO is the opcode (little endian 16 bit value), - * LL is the data length (little endian 16 bit value), followed by LL bytes of data. Records are defined in + * LL is the data length (little endian 16 bit value), followed by LL bytes of data. Records are defined in * the MICROSOFT OFFICE EXCEL 97-2007 BINARY FILE FORMAT SPECIFICATION. * * \param state The parser state. @@ -991,8 +991,8 @@ break; default: switch (state->state) { -#if HAVE_JSON case BIFF_PARSER_NAME_RECORD: +#if HAVE_JSON if (state->data_offset == 0) { state->tmp = buff[i] & 0x20; } else if ((state->data_offset == 14 || state->data_offset == 15) && state->tmp) { @@ -1011,8 +1011,8 @@ state->tmp = 0; } } - break; #endif + break; case BIFF_PARSER_BOUNDSHEET_RECORD: if (state->data_offset == 4) { state->tmp = buff[i]; @@ -1044,7 +1044,7 @@ break; default: //Should never arrive here - cli_errmsg("[scan_biff_for_xlm_macros] Unexpected state value %d\n", (int)state->state); + cli_dbgmsg("[scan_biff_for_xlm_macros] Unexpected state value %d\n", (int)state->state); break; } state->data_offset += 1; diff -Nru clamav-0.103.0+dfsg/libclamav/ole2_extract.h clamav-0.103.2+dfsg/libclamav/ole2_extract.h --- clamav-0.103.0+dfsg/libclamav/ole2_extract.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/ole2_extract.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Trog diff -Nru clamav-0.103.0+dfsg/libclamav/ooxml.c clamav-0.103.2+dfsg/libclamav/ooxml.c --- clamav-0.103.0+dfsg/libclamav/ooxml.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/ooxml.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * OOXML JSON Internals * - * Copyright (C) 2014-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2014-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Kevin Lin * diff -Nru clamav-0.103.0+dfsg/libclamav/ooxml.h clamav-0.103.2+dfsg/libclamav/ooxml.h --- clamav-0.103.0+dfsg/libclamav/ooxml.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/ooxml.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2014-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2014-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Kevin Lin * diff -Nru clamav-0.103.0+dfsg/libclamav/openioc.c clamav-0.103.2+dfsg/libclamav/openioc.c --- clamav-0.103.0+dfsg/libclamav/openioc.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/openioc.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2014-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2014-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Steven Morgan * diff -Nru clamav-0.103.0+dfsg/libclamav/openioc.h clamav-0.103.2+dfsg/libclamav/openioc.h --- clamav-0.103.0+dfsg/libclamav/openioc.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/openioc.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2014-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2014-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Steven Morgan * diff -Nru clamav-0.103.0+dfsg/libclamav/others.c clamav-0.103.2+dfsg/libclamav/others.c --- clamav-0.103.0+dfsg/libclamav/others.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/others.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm, Trog @@ -173,9 +173,11 @@ static void *load_module(const char *name, const char *featurename) { static const char *suffixes[] = { +#ifndef _WIN32 LT_MODULE_EXT "." LIBCLAMAV_FULLVER, PASTE(LT_MODULE_EXT ".", LIBCLAMAV_MAJORVER), LT_MODULE_EXT, +#endif "." LT_LIBEXT}; const char *searchpath; @@ -196,7 +198,7 @@ #ifdef _WIN32 rhandle = LoadLibraryA(modulename); #else // !_WIN32 - rhandle = dlopen(modulename, RTLD_NOW); + rhandle = dlopen(modulename, RTLD_NOW); #endif // !_WIN32 if (rhandle) { break; @@ -415,6 +417,8 @@ return "Scanner still active"; case CL_ESTATE: return "Bad state (engine not initialized, or already initialized)"; + case CL_ERROR: + return "Unspecified error"; case CL_VERIFIED: return "The scanned object was verified and deemed trusted"; default: @@ -438,7 +442,7 @@ rarload(); } #else - rarload(); + rarload(); #endif gettimeofday(&tv, (struct timezone *)0); @@ -1261,9 +1265,9 @@ } return 0; #else - char err[128]; - cli_warnmsg("cli_unlink: unlink failure - %s\n", cli_strerror(errno, err, sizeof(err))); - return 1; + char err[128]; + cli_warnmsg("cli_unlink: unlink failure - %s\n", cli_strerror(errno, err, sizeof(err))); + return 1; #endif } return 0; @@ -1449,75 +1453,75 @@ return rc; } #else - int cli_rmdirs(const char *dirname) - { - DIR *dd; - struct dirent *dent; - STATBUF maind, statbuf; - char *path; - char err[128]; +int cli_rmdirs(const char *dirname) +{ + DIR *dd; + struct dirent *dent; + STATBUF maind, statbuf; + char *path; + char err[128]; - chmod(dirname, 0700); - if ((dd = opendir(dirname)) != NULL) { - while (CLAMSTAT(dirname, &maind) != -1) { - if (!rmdir(dirname)) break; - if (errno != ENOTEMPTY && errno != EEXIST && errno != EBADF) { - cli_errmsg("cli_rmdirs: Can't remove temporary directory %s: %s\n", dirname, cli_strerror(errno, err, sizeof(err))); - closedir(dd); - return -1; - } + chmod(dirname, 0700); + if ((dd = opendir(dirname)) != NULL) { + while (CLAMSTAT(dirname, &maind) != -1) { + if (!rmdir(dirname)) break; + if (errno != ENOTEMPTY && errno != EEXIST && errno != EBADF) { + cli_errmsg("cli_rmdirs: Can't remove temporary directory %s: %s\n", dirname, cli_strerror(errno, err, sizeof(err))); + closedir(dd); + return -1; + } - while ((dent = readdir(dd))) { - if (dent->d_ino) { - if (strcmp(dent->d_name, ".") && strcmp(dent->d_name, "..")) { - path = cli_malloc(strlen(dirname) + strlen(dent->d_name) + 2); - if (!path) { - cli_errmsg("cli_rmdirs: Unable to allocate memory for path %llu\n", (long long unsigned)(strlen(dirname) + strlen(dent->d_name) + 2)); - closedir(dd); - return -1; - } + while ((dent = readdir(dd))) { + if (dent->d_ino) { + if (strcmp(dent->d_name, ".") && strcmp(dent->d_name, "..")) { + path = cli_malloc(strlen(dirname) + strlen(dent->d_name) + 2); + if (!path) { + cli_errmsg("cli_rmdirs: Unable to allocate memory for path %llu\n", (long long unsigned)(strlen(dirname) + strlen(dent->d_name) + 2)); + closedir(dd); + return -1; + } - sprintf(path, "%s" PATHSEP "%s", dirname, dent->d_name); + sprintf(path, "%s" PATHSEP "%s", dirname, dent->d_name); - /* stat the file */ - if (LSTAT(path, &statbuf) != -1) { - if (S_ISDIR(statbuf.st_mode) && !S_ISLNK(statbuf.st_mode)) { - if (rmdir(path) == -1) { /* can't be deleted */ - if (errno == EACCES) { - cli_errmsg("cli_rmdirs: Can't remove some temporary directories due to access problem.\n"); - closedir(dd); - free(path); - return -1; - } - if (cli_rmdirs(path)) { - cli_warnmsg("cli_rmdirs: Can't remove nested directory %s\n", path); - free(path); - closedir(dd); - return -1; - } + /* stat the file */ + if (LSTAT(path, &statbuf) != -1) { + if (S_ISDIR(statbuf.st_mode) && !S_ISLNK(statbuf.st_mode)) { + if (rmdir(path) == -1) { /* can't be deleted */ + if (errno == EACCES) { + cli_errmsg("cli_rmdirs: Can't remove some temporary directories due to access problem.\n"); + closedir(dd); + free(path); + return -1; } - } else { - if (cli_unlink(path)) { + if (cli_rmdirs(path)) { + cli_warnmsg("cli_rmdirs: Can't remove nested directory %s\n", path); free(path); closedir(dd); return -1; } } + } else { + if (cli_unlink(path)) { + free(path); + closedir(dd); + return -1; + } } - free(path); } + free(path); } } - rewinddir(dd); } - - } else { - return -1; + rewinddir(dd); } - closedir(dd); - return 0; + } else { + return -1; } + + closedir(dd); + return 0; +} #endif /* Implement a generic bitset, trog@clamav.net */ diff -Nru clamav-0.103.0+dfsg/libclamav/others_common.c clamav-0.103.2+dfsg/libclamav/others_common.c --- clamav-0.103.0+dfsg/libclamav/others_common.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/others_common.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm, Trog @@ -1208,7 +1208,7 @@ link[sizeof(link) - 1] = '\0'; if (-1 == (linksz = readlink(link, fname, PATH_MAX - 1))) { - cli_errmsg("cli_get_filepath_from_filedesc: Failed to resolve filename for descriptor %d (%s)\n", desc, link); + cli_dbgmsg("cli_get_filepath_from_filedesc: Failed to resolve filename for descriptor %d (%s)\n", desc, link); status = CL_EOPEN; goto done; } @@ -1233,7 +1233,7 @@ } if (fcntl(desc, F_GETPATH, &fname) < 0) { - printf("cli_get_filepath_from_filedesc: Failed to resolve filename for descriptor %d\n", desc); + cli_dbgmsg("cli_get_filepath_from_filedesc: Failed to resolve filename for descriptor %d\n", desc); status = CL_EOPEN; goto done; } @@ -1260,7 +1260,7 @@ dwRet = GetFinalPathNameByHandleW((HANDLE)hFile, NULL, 0, VOLUME_NAME_DOS); if (dwRet == 0) { - cli_errmsg("cli_get_filepath_from_filedesc: Failed to resolve filename for descriptor %d\n", desc); + cli_dbgmsg("cli_get_filepath_from_filedesc: Failed to resolve filename for descriptor %d\n", desc); status = CL_EOPEN; goto done; } @@ -1274,7 +1274,7 @@ dwRet = GetFinalPathNameByHandleW((HANDLE)hFile, long_evaluated_filepathW, dwRet + 1, VOLUME_NAME_DOS); if (dwRet == 0) { - cli_errmsg("cli_get_filepath_from_filedesc: Failed to resolve filename for descriptor %d\n", desc); + cli_dbgmsg("cli_get_filepath_from_filedesc: Failed to resolve filename for descriptor %d\n", desc); status = CL_EOPEN; goto done; } diff -Nru clamav-0.103.0+dfsg/libclamav/others.h clamav-0.103.2+dfsg/libclamav/others.h --- clamav-0.103.0+dfsg/libclamav/others.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/others.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm @@ -72,7 +72,7 @@ * in re-enabling affected modules. */ -#define CL_FLEVEL 121 +#define CL_FLEVEL 123 #define CL_FLEVEL_DCONF CL_FLEVEL #define CL_FLEVEL_SIGTOOL CL_FLEVEL @@ -80,38 +80,36 @@ extern uint8_t cli_always_gen_section_hash; /* - * CLI_ISCONTAINED(bb, bb_size, sb, sb_size) checks if sb (sub buffer) is contained - * within bb (buffer). + * CLI_ISCONTAINED(bb, bb_size, sb, sb_size) checks if sb (small buffer) is + * within bb (big buffer). * * bb and sb are pointers (or offsets) for the main buffer and the * sub-buffer respectively, and bb_size and sb_size are their sizes * * The macro can be used to protect against wraps. */ -#define CLI_ISCONTAINED(bb, bb_size, sb, sb_size) \ - ( \ - (size_t)(bb_size) > 0 && (size_t)(sb_size) > 0 && \ - (size_t)(sb_size) <= (size_t)(bb_size) && \ - (ptrdiff_t)(sb) >= (ptrdiff_t)(bb) && \ - (ptrdiff_t)(sb) + (ptrdiff_t)(sb_size) <= (ptrdiff_t)(bb) + (ptrdiff_t)(bb_size) && \ - (ptrdiff_t)(sb) + (ptrdiff_t)(sb_size) > (ptrdiff_t)(bb) && \ - (ptrdiff_t)(sb) < (ptrdiff_t)(bb) + (ptrdiff_t)(bb_size)) +#define CLI_ISCONTAINED(bb, bb_size, sb, sb_size) \ + ((size_t)(bb_size) > 0 && (size_t)(sb_size) > 0 && \ + (size_t)(sb_size) <= (size_t)(bb_size) && \ + (size_t)(sb) >= (size_t)(bb) && \ + (size_t)(sb) + (size_t)(sb_size) <= (size_t)(bb) + (size_t)(bb_size) && \ + (size_t)(sb) + (size_t)(sb_size) > (size_t)(bb) && \ + (size_t)(sb) < (size_t)(bb) + (size_t)(bb_size)) /* - * CLI_ISCONTAINED2(bb, bb_size, sb, sb_size) checks if sb (sub buffer) is contained - * within bb (buffer). + * CLI_ISCONTAINED2(bb, bb_size, sb, sb_size) checks if sb (small buffer) is + * within bb (big buffer). * - * CLI_ISCONTAINED2 is the same as CLI_ISCONTAINED except that it allows for sub- - * buffers with sb_size == 0. + * CLI_ISCONTAINED2 is the same as CLI_ISCONTAINED except that it allows for + * small-buffers with sb_size == 0. */ -#define CLI_ISCONTAINED2(bb, bb_size, sb, sb_size) \ - ( \ - (size_t)(bb_size) > 0 && (size_t)(sb_size) >= 0 && \ - (size_t)(sb_size) <= (size_t)(bb_size) && \ - (ptrdiff_t)(sb) >= (ptrdiff_t)(bb) && \ - (ptrdiff_t)(sb) + (ptrdiff_t)(sb_size) <= (ptrdiff_t)(bb) + (ptrdiff_t)(bb_size) && \ - (ptrdiff_t)(sb) + (ptrdiff_t)(sb_size) >= (ptrdiff_t)(bb) && \ - (ptrdiff_t)(sb) < (ptrdiff_t)(bb) + (ptrdiff_t)(bb_size)) +#define CLI_ISCONTAINED2(bb, bb_size, sb, sb_size) \ + ((size_t)(bb_size) > 0 && \ + (size_t)(sb_size) <= (size_t)(bb_size) && \ + (size_t)(sb) >= (size_t)(bb) && \ + (size_t)(sb) + (size_t)(sb_size) <= (size_t)(bb) + (size_t)(bb_size) && \ + (size_t)(sb) + (size_t)(sb_size) >= (size_t)(bb) && \ + (size_t)(sb) <= (size_t)(bb) + (size_t)(bb_size)) #define CLI_MAX_ALLOCATION (182 * 1024 * 1024) @@ -509,6 +507,7 @@ #define SCAN_PARSE_PE (ctx->options->parse & CL_SCAN_PARSE_PE) #define SCAN_HEURISTIC_BROKEN (ctx->options->heuristic & CL_SCAN_HEURISTIC_BROKEN) +#define SCAN_HEURISTIC_BROKEN_MEDIA (ctx->options->heuristic & CL_SCAN_HEURISTIC_BROKEN_MEDIA) #define SCAN_HEURISTIC_EXCEEDS_MAX (ctx->options->heuristic & CL_SCAN_HEURISTIC_EXCEEDS_MAX) #define SCAN_HEURISTIC_PHISHING_SSL_MISMATCH (ctx->options->heuristic & CL_SCAN_HEURISTIC_PHISHING_SSL_MISMATCH) #define SCAN_HEURISTIC_PHISHING_CLOAK (ctx->options->heuristic & CL_SCAN_HEURISTIC_PHISHING_CLOAK) diff -Nru clamav-0.103.0+dfsg/libclamav/packlibs.c clamav-0.103.2+dfsg/libclamav/packlibs.c --- clamav-0.103.0+dfsg/libclamav/packlibs.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/packlibs.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Alberto Wu, Michal 'GiM' Spadlinski diff -Nru clamav-0.103.0+dfsg/libclamav/packlibs.h clamav-0.103.2+dfsg/libclamav/packlibs.h --- clamav-0.103.0+dfsg/libclamav/packlibs.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/packlibs.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Alberto Wu, Michal 'GiM' Spadlinski diff -Nru clamav-0.103.0+dfsg/libclamav/partition_intersection.c clamav-0.103.2+dfsg/libclamav/partition_intersection.c --- clamav-0.103.0+dfsg/libclamav/partition_intersection.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/partition_intersection.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2014-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2014-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Kevin Lin * diff -Nru clamav-0.103.0+dfsg/libclamav/partition_intersection.h clamav-0.103.2+dfsg/libclamav/partition_intersection.h --- clamav-0.103.0+dfsg/libclamav/partition_intersection.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/partition_intersection.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2014-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2014-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Kevin Lin * diff -Nru clamav-0.103.0+dfsg/libclamav/pdf.c clamav-0.103.2+dfsg/libclamav/pdf.c --- clamav-0.103.0+dfsg/libclamav/pdf.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/pdf.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Nigel Horne, Török Edvin @@ -236,26 +236,26 @@ /* Begin by finding the "stream" string that prefixes stream data. */ if ((stream_begin = cli_memstr(start, bytesleft, "stream", strlen("stream")))) { idx = stream_begin + strlen("stream"); - bytesleft -= idx - start; - if (bytesleft < 0) + if ((size_t)(idx - start) >= bytesleft) goto done; + bytesleft -= idx - start; /* Skip any new line charcters. */ if (bytesleft >= 2 && idx[0] == '\xd' && idx[1] == '\xa') { idx += 2; - if (newline_hack && (bytesleft > 2) && idx[0] == '\xa') + bytesleft -= 2; + if (newline_hack && (bytesleft > 2) && idx[0] == '\xa') { idx++; + bytesleft--; + } } else if (bytesleft && idx[0] == '\xa') { idx++; + bytesleft--; } /* Pass back start of the stream data. */ *stream = idx; - bytesleft = size - (idx - start); - if (bytesleft <= 0) - goto done; - /* Now find the "endstream" string that suffixes stream data. */ endstream_begin = cli_memstr(idx, bytesleft, "endstream", strlen("endstream")); if (!endstream_begin) { @@ -405,7 +405,7 @@ /* Update current_pair, if there are more */ if ((objstm->nobjs_found < objstm->n) && (index < objstm->streambuf + objstm->streambuf_len)) { - unsigned long next_objid = 0, next_objoff = 0; + unsigned long next_objoff = 0; /* * While we're at it, @@ -417,17 +417,19 @@ index = objstm->streambuf + objstm->current_pair; bytes_remaining = objstm->streambuf + objstm->streambuf_len - index; - if (CL_SUCCESS != cli_strntol_wrap(index, bytes_remaining, 0, 10, &temp_long)) { - /* Failed to find objid for next obj */ - cli_dbgmsg("pdf_findobj_in_objstm: Failed to find next objid for obj in object stream though there should be {%u} more.\n", objstm->n - objstm->nobjs_found); - status = CL_EPARSE; - goto done; - } else if (temp_long < 0) { - cli_dbgmsg("pdf_findobj_in_objstm: Encountered invalid negative objid (%ld).\n", temp_long); - status = CL_EPARSE; - goto done; - } - next_objid = (unsigned long)temp_long; + /* We don't actually care about the object id at this point, so reading the object id is commented out. + I didn't delete it entirely in case the object id is needed in the future. */ + // if (CL_SUCCESS != cli_strntol_wrap(index, bytes_remaining, 0, 10, &temp_long)) { + // /* Failed to find objid for next obj */ + // cli_dbgmsg("pdf_findobj_in_objstm: Failed to find next objid for obj in object stream though there should be {%u} more.\n", objstm->n - objstm->nobjs_found); + // status = CL_EPARSE; + // goto done; + // } else if (temp_long < 0) { + // cli_dbgmsg("pdf_findobj_in_objstm: Encountered invalid negative objid (%ld).\n", temp_long); + // status = CL_EPARSE; + // goto done; + // } + // next_objid = (unsigned long)temp_long; /* Find the obj offset that appears just after the objid*/ while ((index < objstm->streambuf + objstm->streambuf_len) && isdigit(*index)) { @@ -1499,8 +1501,6 @@ /* Find and interpret the length dictionary value */ length = find_length(pdf, obj, start, dict_len); - if (length < 0) - length = 0; orig_length = length; @@ -1511,7 +1511,7 @@ length = obj->stream_size; } - if (!(obj->flags & (1 << OBJ_FILTER_FLATE)) && (length <= 0)) { + if (!(obj->flags & (1 << OBJ_FILTER_FLATE)) && (length == 0)) { /* * If the length is unknown and this doesn't contain a FLATE encoded filter... * Calculate the length using the stream size, and trimming @@ -1521,19 +1521,18 @@ length = obj->stream_size; q--; - if (*q == '\n') { - q--; - length--; + if (length > 0) { + if (*q == '\n') { + q--; + length--; - if (*q == '\r') + if (length > 0 && *q == '\r') + length--; + } else if (*q == '\r') { length--; - } else if (*q == '\r') { - length--; + } } - if (length < 0) - length = 0; - cli_dbgmsg("pdf_extract_obj: calculated length %lld\n", (long long)length); } else { if (obj->stream_size > (size_t)length + 2) { @@ -2908,21 +2907,26 @@ compute_hash_r6(password, pwlen, (const unsigned char *)(U + 32), validationkey); if (!memcmp(U, validationkey, sizeof(validationkey))) { - size_t inLen = 32; + size_t UE_len; compute_hash_r6(password, pwlen, (const unsigned char *)(U + 40), hash); + UE_len = UE ? strlen(UE) : 0; + if (UE_len != 32) { + cli_dbgmsg("check_user_password: UE length is not 32: %zu\n", UE_len); + noisy_warnmsg("check_user_password: UE length is not 32: %zu\n", UE_len); + } else { + pdf->keylen = 32; + pdf->key = cli_malloc(pdf->keylen); + if (!pdf->key) { + cli_errmsg("check_user_password: Cannot allocate memory for pdf->key\n"); + return; + } - pdf->keylen = 32; - pdf->key = cli_malloc(pdf->keylen); - if (!pdf->key) { - cli_errmsg("check_user_password: Cannot allocate memory for pdf->key\n"); - return; - } - - aes_256cbc_decrypt((const unsigned char *)UE, &inLen, (unsigned char *)(pdf->key), (char *)hash, 32, 0); - dbg_printhex("check_user_password: Candidate encryption key", pdf->key, pdf->keylen); + aes_256cbc_decrypt((const unsigned char *)UE, &UE_len, (unsigned char *)(pdf->key), (char *)hash, 32, 0); + dbg_printhex("check_user_password: Candidate encryption key", pdf->key, pdf->keylen); - password_empty = 1; + password_empty = 1; + } } } else if ((R >= 2) && (R <= 4)) { unsigned char *d; diff -Nru clamav-0.103.0+dfsg/libclamav/pdf.h clamav-0.103.2+dfsg/libclamav/pdf.h --- clamav-0.103.0+dfsg/libclamav/pdf.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/pdf.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Nigel Horne diff -Nru clamav-0.103.0+dfsg/libclamav/pe.c clamav-0.103.2+dfsg/libclamav/pe.c --- clamav-0.103.0+dfsg/libclamav/pe.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/pe.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Alberto Wu, Tomasz Kojm, Andrew Williams diff -Nru clamav-0.103.0+dfsg/libclamav/pe.h clamav-0.103.2+dfsg/libclamav/pe.h --- clamav-0.103.0+dfsg/libclamav/pe.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/pe.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Alberto Wu, Tomasz Kojm, Andrew Williams diff -Nru clamav-0.103.0+dfsg/libclamav/pe_icons.c clamav-0.103.2+dfsg/libclamav/pe_icons.c --- clamav-0.103.0+dfsg/libclamav/pe_icons.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/pe_icons.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Authors: aCaB diff -Nru clamav-0.103.0+dfsg/libclamav/pe_icons.h clamav-0.103.2+dfsg/libclamav/pe_icons.h --- clamav-0.103.0+dfsg/libclamav/pe_icons.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/pe_icons.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Authors: aCaB diff -Nru clamav-0.103.0+dfsg/libclamav/perflogging.c clamav-0.103.2+dfsg/libclamav/perflogging.c --- clamav-0.103.0+dfsg/libclamav/perflogging.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/perflogging.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Gather statistics from performance sensitive code. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/perflogging.h clamav-0.103.2+dfsg/libclamav/perflogging.h --- clamav-0.103.0+dfsg/libclamav/perflogging.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/perflogging.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Gather statistics from performance sensitive code. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/pe_structs.h clamav-0.103.2+dfsg/libclamav/pe_structs.h --- clamav-0.103.0+dfsg/libclamav/pe_structs.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/pe_structs.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Alberto Wu, Tomasz Kojm, Andrew Williams diff -Nru clamav-0.103.0+dfsg/libclamav/petite.c clamav-0.103.2+dfsg/libclamav/petite.c --- clamav-0.103.0+dfsg/libclamav/petite.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/petite.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Alberto Wu diff -Nru clamav-0.103.0+dfsg/libclamav/petite.h clamav-0.103.2+dfsg/libclamav/petite.h --- clamav-0.103.0+dfsg/libclamav/petite.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/petite.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Alberto Wu diff -Nru clamav-0.103.0+dfsg/libclamav/phishcheck.c clamav-0.103.2+dfsg/libclamav/phishcheck.c --- clamav-0.103.0+dfsg/libclamav/phishcheck.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/phishcheck.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Detect phishing, based on URL spoofing detection. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/phishcheck.h clamav-0.103.2+dfsg/libclamav/phishcheck.h --- clamav-0.103.0+dfsg/libclamav/phishcheck.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/phishcheck.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/phish_domaincheck_db.c clamav-0.103.2+dfsg/libclamav/phish_domaincheck_db.c --- clamav-0.103.0+dfsg/libclamav/phish_domaincheck_db.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/phish_domaincheck_db.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Phishing module: domain list implementation. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/phish_domaincheck_db.h clamav-0.103.2+dfsg/libclamav/phish_domaincheck_db.h --- clamav-0.103.0+dfsg/libclamav/phish_domaincheck_db.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/phish_domaincheck_db.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Phishing module: domain list implementation. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/phish_whitelist.c clamav-0.103.2+dfsg/libclamav/phish_whitelist.c --- clamav-0.103.0+dfsg/libclamav/phish_whitelist.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/phish_whitelist.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Phishing module: whitelist implementation. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/phish_whitelist.h clamav-0.103.2+dfsg/libclamav/phish_whitelist.h --- clamav-0.103.0+dfsg/libclamav/phish_whitelist.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/phish_whitelist.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Phishing module: whitelist implementation. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/png.c clamav-0.103.2+dfsg/libclamav/png.c --- clamav-0.103.0+dfsg/libclamav/png.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/png.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,12 +1,14 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2011-2013 Sourcefire, Inc. * Copyright (C) 1995-2007 by Alexander Lehmann , * Andreas Dilger , * Glenn Randers-Pehrson , * Greg Roelofs , * John Bowler , - * Tom Lane \ + * Tom Lane + * + * Initial work derived from pngcheck: http://www.libpng.org/pub/png/apps/pngcheck.html * * Permission to use, copy, modify, and distribute this software and its * documentation for any purpose and without fee is hereby granted, provided @@ -26,6 +28,7 @@ #include #include #include +#include #include #include #ifdef HAVE_UNISTD_H @@ -38,288 +41,408 @@ #include "png.h" #include "scanners.h" +#define PNG_CHUNK_LENGTH_SIZE (4) +#define PNG_CHUNK_TYPE_SIZE (4) +#define PNG_CHUNK_CRC_SIZE (4) +/* Header Size does not include chunk data size */ +#define PNG_CHUNK_HEADER_SIZE (PNG_CHUNK_LENGTH_SIZE + \ + PNG_CHUNK_TYPE_SIZE + \ + PNG_CHUNK_CRC_SIZE) + +#ifndef HAVE_ATTRIB_PACKED +#define __attribute__(x) +#endif + +#ifdef HAVE_PRAGMA_PACK +#pragma pack(1) +#endif + +#ifdef HAVE_PRAGMA_PACK_HPPA +#pragma pack 1 +#endif + +typedef struct __attribute__((packed)) { + uint8_t red; + uint8_t green; + uint8_t blue; +} png_palette_entry; + +#ifdef HAVE_PRAGMA_PACK +#pragma pack() +#endif + +#ifdef HAVE_PRAGMA_PACK_HPPA +#pragma pack +#endif + #define BUFFER_SIZE 128000 /* size of read block */ +typedef enum { + PNG_IDAT_NOT_FOUND_YET, + PNG_IDAT_DECOMPRESSION_IN_PROGRESS, + PNG_IDAT_DECOMPRESSION_COMPLETE, + PNG_IDAT_DECOMPRESSION_FAILED, +} png_idat_state; + cl_error_t cli_parsepng(cli_ctx *ctx) { - uint64_t sz = 0; - char chunkid[5] = {'\0', '\0', '\0', '\0', '\0'}; - size_t toread = 0, toread_check = 0; - int32_t c = 0; - int32_t have_IEND = 0, have_PLTE = 0; - uint64_t zhead = 1; /* 0x10000 indicates both zlib header bytes read */ - int64_t num_chunks = 0L; - int64_t w = 0L, h = 0L; - int32_t bitdepth = 0, sampledepth = 0, lace = 0; - uint64_t nplte = 0; - uint32_t ityp = 1; - uint32_t buffer[BUFFER_SIZE]; - uint64_t offset = 8; - fmap_t *map = NULL; - - int64_t cur_xoff, cur_xskip; - uint64_t cur_width, cur_linebytes, cur_imagesize; - int32_t err = Z_OK; - uint32_t *outbuf = NULL; + cl_error_t status = CL_ERROR; + + uint64_t chunk_data_length = 0; + char chunk_type[5] = {'\0', '\0', '\0', '\0', '\0'}; + uint32_t chunk_crc; + uint32_t chunk_data_length_u32 = 0; + bool have_IEND = false; + bool have_PLTE = false; + uint64_t zhead = 1; /* 0x10000 indicates both zlib header bytes read */ + + int64_t num_chunks = 0; + uint64_t width = 0; + uint64_t height = 0; + + uint32_t sample_depth = 0, bit_depth = 0, interlace_method = 0; + uint64_t num_palette_entries = 0; + uint32_t color_type = 1; + uint32_t compression_method = 0; + uint32_t filter_method = 0; + uint8_t *ptr = NULL; + uint64_t offset = 8; + fmap_t *map = NULL; + + uint64_t image_size = 0; + + int err = Z_OK; + uint8_t *decompressed_data = NULL; + + bool zstrm_initialized = false; z_stream zstrm; - uint64_t offadjust = 0; - size_t left_comp_read = 0, uncomp_data = 0; + size_t decompressed_data_len = 0; + + png_idat_state idat_state = PNG_IDAT_NOT_FOUND_YET; cli_dbgmsg("in cli_parsepng()\n"); if (NULL == ctx) { cli_dbgmsg("PNG: passed context was NULL\n"); - return CL_EARG; + status = CL_EARG; + goto done; } map = *ctx->fmap; - while (fmap_readn(map, &c, offset, sizeof(c)) == sizeof(c)) { - - int j = 0; - for (j = 0; j < 4; ++j) { - unsigned char c; - if (fmap_readn(map, &c, offset, sizeof(c)) != sizeof(c)) { - cli_dbgmsg("PNG: EOF(?) while reading %s\n", "chunk length"); - return CL_CLEAN; - } - offset++; - sz <<= 8; - sz |= c & 0xff; - } - - if (sz > 0x7fffffff) { - cli_dbgmsg("PNG: invalid chunk length (too large)\n"); - return CL_EPARSE; + while (fmap_readn(map, (void *)&chunk_data_length_u32, offset, PNG_CHUNK_LENGTH_SIZE) == PNG_CHUNK_LENGTH_SIZE) { + chunk_data_length = be32_to_host(chunk_data_length_u32); + offset += PNG_CHUNK_LENGTH_SIZE; + + if (chunk_data_length > (uint64_t)0x7fffffff) { + cli_dbgmsg("PNG: invalid chunk length (too large): 0x" STDx64 "\n", chunk_data_length); + if (SCAN_HEURISTIC_BROKEN_MEDIA) { + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.PNG.InvalidChunkLength"); + status = CL_EPARSE; + } + goto scan_overlay; } - if (fmap_readn(map, chunkid, offset, 4) != 4) { + if (fmap_readn(map, chunk_type, offset, PNG_CHUNK_TYPE_SIZE) != PNG_CHUNK_TYPE_SIZE) { cli_dbgmsg("PNG: EOF while reading chunk type\n"); - return CL_EPARSE; + if (SCAN_HEURISTIC_BROKEN_MEDIA) { + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.PNG.EOFReadingChunkType"); + status = CL_EPARSE; + } + goto scan_overlay; } - offset += 4; + offset += PNG_CHUNK_TYPE_SIZE; - /* GRR: add 4-character EBCDIC conversion here (chunkid) */ + /* GRR: add 4-character EBCDIC conversion here (chunk_type) */ - chunkid[4] = '\0'; + chunk_type[4] = '\0'; ++num_chunks; - toread = (sz > BUFFER_SIZE) ? BUFFER_SIZE : sz; - toread_check = fmap_readn(map, buffer, offset, toread); - if ((size_t)-1 == toread_check) { - cli_dbgmsg("PNG: Failed to read from map.\n"); - return CL_EPARSE; - } - if (toread > toread_check) { - cli_dbgmsg("PNG: EOF while reading data\n"); - return CL_EPARSE; - } - toread = toread_check; + cli_dbgmsg("Chunk Type: %s, Data Length: " STDu64 " bytes\n", chunk_type, chunk_data_length); - offset += toread; + if (chunk_data_length > 0) { + ptr = (uint8_t *)fmap_need_off_once(map, offset, chunk_data_length); + if (NULL == ptr) { + cli_warnmsg("PNG: Unexpected early end-of-file.\n"); + if (SCAN_HEURISTIC_BROKEN_MEDIA) { + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.PNG.EOFReadingChunk"); + status = CL_EPARSE; + } + goto scan_overlay; + } + offset += chunk_data_length; + } - /*------* - | IHDR | - *------*/ - if (strcmp(chunkid, "IHDR") == 0) { - if (sz != 13) { - cli_dbgmsg("PNG: invalid IHDR length\n"); + if (strcmp(chunk_type, "IHDR") == 0) { + /*------* + | IHDR | + *------*/ + if (chunk_data_length != 13) { + cli_dbgmsg("PNG: invalid IHDR length: " STDu64 "\n", chunk_data_length); break; } else { - w = be32_to_host(*buffer); - h = be32_to_host(*(buffer + 4)); - if (w <= 0 || h <= 0 || w > 2147483647 || h > 2147483647) { - cli_dbgmsg("PNG: invalid image dimensions\n"); + width = be32_to_host(*(uint32_t *)ptr); + height = be32_to_host(*(uint32_t *)(ptr + 4)); + if (width == 0 || height == 0 || width > (uint64_t)0x7fffffff || height > (uint64_t)0x7fffffff) { + cli_dbgmsg("PNG: invalid image dimensions: width = " STDu64 ", height = " STDu64 "\n", width, height); break; } - bitdepth = sampledepth = (uint32_t)buffer[8]; - ityp = (uint32_t)buffer[9]; - lace = (uint32_t)buffer[12]; - switch (sampledepth) { + sample_depth = bit_depth = (uint32_t)ptr[8]; + color_type = (uint32_t)ptr[9]; + compression_method = (uint32_t)ptr[10]; + filter_method = (uint32_t)ptr[11]; + interlace_method = (uint32_t)ptr[12]; + + if (compression_method != 0) { + cli_dbgmsg("PNG: invalid compression method (%u)\n", compression_method); + } + if (filter_method != 0) { + cli_dbgmsg("PNG: invalid filter method (%u)\n", filter_method); + } + switch (bit_depth) { case 1: case 2: case 4: - if (ityp == 2 || ityp == 4 || ityp == 6) { /* RGB or GA or RGBA */ - cli_dbgmsg("PNG: invalid sample depth (%d)\n", sampledepth); + if (color_type == 2 || color_type == 4 || color_type == 6) { /* RGB or GA or RGBA */ + cli_dbgmsg("PNG: invalid sample depth (%u)\n", bit_depth); break; } break; case 8: break; case 16: - if (ityp == 3) { /* palette */ - cli_dbgmsg("PNG: invalid sample depth (%d)\n", sampledepth); + if (color_type == 3) { /* palette */ + cli_dbgmsg("PNG: invalid sample depth (%u)\n", bit_depth); break; } break; default: - cli_dbgmsg("PNG: invalid sample depth (%d)\n", sampledepth); + cli_dbgmsg("PNG: invalid sample depth (%u)\n", bit_depth); break; } - switch (ityp) { + switch (color_type) { case 2: - bitdepth = sampledepth * 3; /* RGB */ + sample_depth = bit_depth * 3; /* RGB */ break; case 4: - bitdepth = sampledepth * 2; /* gray+alpha */ + sample_depth = bit_depth * 2; /* gray+alpha */ break; case 6: - bitdepth = sampledepth * 4; /* RGBA */ + sample_depth = bit_depth * 4; /* RGBA */ break; } + cli_dbgmsg(" Width: " STDu64 "\n", width); + cli_dbgmsg(" Height: " STDu64 "\n", height); + cli_dbgmsg(" Bit Depth: " STDu32 " (Sample Depth: " STDu32 ")\n", bit_depth, sample_depth); + cli_dbgmsg(" Color Type: " STDu32 "\n", color_type); + cli_dbgmsg(" Compression Method: " STDu32 "\n", compression_method); + cli_dbgmsg(" Filter Method: " STDu32 "\n", filter_method); + cli_dbgmsg(" Interlace Method: " STDu32 "\n", interlace_method); + } + } else if (strcmp(chunk_type, "PLTE") == 0) { + /*------* + | PLTE | + *------*/ + if (have_PLTE) { + cli_dbgmsg("PNG: More than one PTLE chunk found in a PNG file, which is not valid\n"); } - /* GRR 20000304: data dump not yet compatible with interlaced images: */ - /*================================================* - * PNG chunks (with the exception of IHDR, above) * - *================================================*/ + if (!(chunk_data_length > sizeof(png_palette_entry) * 256 || chunk_data_length % 3 != 0)) { + num_palette_entries = chunk_data_length / 3; + } + if (color_type == 1) /* for MNG and tRNS */ { + color_type = 3; + } - } - /*------* - | PLTE | - *------*/ - else if (strcmp(chunkid, "PLTE") == 0) { - if (!(sz > 768 || sz % 3 != 0)) { - nplte = sz / 3; - } - if (ityp == 1) /* for MNG and tRNS */ - ityp = 3; - have_PLTE = 1; + if (color_type == 0 || color_type == 4) { + cli_dbgmsg("PNG: PTLE chunk found in a PNG file with color type set to (%u), which is not valid\n", color_type); + } + have_PLTE = true; - } - /*------* - | IDAT | - *------*/ - else if (lace == 0 && strcmp(chunkid, "IDAT") == 0) { - unsigned zlib_windowbits = 15; - - /* Dump the zlib header from the first two bytes. */ - if (zhead < 0x10000 && sz > 0) { - zhead = (zhead << 8) + buffer[0]; - if (sz > 1 && zhead < 0x10000) - zhead = (zhead << 8) + buffer[1]; - if (zhead >= 0x10000) { - unsigned int CINFO = (zhead & 0xf000) >> 12; - zlib_windowbits = CINFO + 8; + cli_dbgmsg(" # palette entries: " STDu64 "\n", num_palette_entries); + } else if (interlace_method == 0 && strcmp(chunk_type, "IDAT") == 0) { + /*------* + | IDAT | + *------*/ + + /* + * Note from pngcheck: + * GRR 20000304: data dump not yet compatible with interlaced images. + */ + + if (idat_state == PNG_IDAT_NOT_FOUND_YET) { + unsigned zlib_windowbits = 15; + + /* Dump the zlib header from the first two bytes. */ + if (zhead < 0x10000 && chunk_data_length > 0) { + zhead = (zhead << 8) + ptr[0]; + if (chunk_data_length > 1 && zhead < 0x10000) + zhead = (zhead << 8) + ptr[1]; + if (zhead >= 0x10000) { + unsigned int CINFO = (zhead & 0xf000) >> 12; + zlib_windowbits = CINFO + 8; + } } - } - outbuf = (uint32_t *)malloc(BUFFER_SIZE); - offadjust = offset + sz - 8; - left_comp_read = MIN(map->len - offset + sz - 8, sz); - - zstrm.next_in = (uint8_t *)buffer; - zstrm.avail_in = MIN(toread, left_comp_read); - left_comp_read -= zstrm.avail_in; - - /* initialize zlib and bit/byte/line variables if not already done */ - zstrm.zalloc = (alloc_func)Z_NULL; - zstrm.zfree = (free_func)Z_NULL; - zstrm.opaque = (voidpf)Z_NULL; - if ((err = inflateInit2(&zstrm, zlib_windowbits)) != Z_OK) { - cli_dbgmsg("PNG: zlib: can't initialize (error = %d)\n", err); - if (outbuf) { - free(outbuf); - outbuf = NULL; + decompressed_data = (uint8_t *)malloc(BUFFER_SIZE); + if (NULL == decompressed_data) { + cli_errmsg("Failed to allocation memory for decompressed PNG data.\n"); + goto done; } - } else { - cur_xoff = 0; - cur_xskip = lace ? 8 : 1; - cur_width = (w - cur_xoff + cur_xskip - 1) / cur_xskip; /* round up */ - cur_linebytes = ((cur_width * bitdepth + 7) >> 3) + 1; /* round, fltr */ - cur_imagesize = cur_linebytes * h; + + /* initialize zlib and bit/byte/line variables if not already done */ + zstrm.zalloc = (alloc_func)Z_NULL; + zstrm.zfree = (free_func)Z_NULL; + zstrm.opaque = (voidpf)Z_NULL; + if ((err = inflateInit2(&zstrm, zlib_windowbits)) != Z_OK) { + cli_dbgmsg("PNG: zlib: can't initialize (error = %d)\n", err); + + idat_state = PNG_IDAT_DECOMPRESSION_FAILED; + } else { + zstrm_initialized = true; + uint64_t cur_width, cur_linebytes; + int64_t cur_xoff = 0; + int64_t cur_xskip = interlace_method ? 8 : 1; + cur_width = (width - cur_xoff + cur_xskip - 1) / cur_xskip; /* round up */ + cur_linebytes = ((cur_width * sample_depth + 7) >> 3) + 1; /* round, fltr */ + image_size = cur_linebytes * height; + cli_dbgmsg(" Image Size: " STDu64 "\n", image_size); + + idat_state = PNG_IDAT_DECOMPRESSION_IN_PROGRESS; + } + } + + /* skip scans of image data > max scan size. */ + if (image_size > ctx->engine->maxscansize) { + idat_state = PNG_IDAT_DECOMPRESSION_COMPLETE; + } + + if (idat_state == PNG_IDAT_DECOMPRESSION_IN_PROGRESS) { + /* + * We'll decompress the image data, but we don't _actually_ scan it. + * We just want to know how much data comes out, so we can alert on the file + * if it exceeds the image size calculated above (CVE-2010-1205). + * Therefore, we'll use a static buffer and won't preserve the decompressed data. + * This will prevent realloc errors from exceeding CLI_MAX_ALLOCATION, + * will reduce RAM usage, and should be a wee bit faster. + */ + zstrm.next_in = ptr; + zstrm.avail_in = chunk_data_length; while (err != Z_STREAM_END) { if (zstrm.avail_in == 0) { - // The zlib stream is over. Quit the while loop - if (left_comp_read == 0) - break; - - toread = MIN(sizeof(buffer), left_comp_read); - toread_check = fmap_readn(map, buffer, offset, toread); - if ((size_t)-1 == toread_check) { - cli_dbgmsg("PNG: Failed to read from map.\n"); - if (outbuf) { - free(outbuf); - outbuf = NULL; - } - return CL_EPARSE; - } - if (toread > toread_check) { - cli_dbgmsg("PNG: EOF while reading data\n"); - if (outbuf) { - free(outbuf); - outbuf = NULL; - } - return CL_EPARSE; - } - toread = toread_check; - offset += toread; - zstrm.next_in = (uint8_t *)buffer; - zstrm.avail_in = toread; - left_comp_read -= toread; + // Ran out of data before zstream ended... Additional IDAT chunks expected. + idat_state = PNG_IDAT_DECOMPRESSION_IN_PROGRESS; + break; } - zstrm.next_out = (uint8_t *)outbuf; + /* Just keep overwriting our buffer, we don't need to save the PNG image data. */ + zstrm.next_out = decompressed_data; zstrm.avail_out = BUFFER_SIZE; - err = inflate(&zstrm, Z_NO_FLUSH); - uncomp_data += (BUFFER_SIZE - zstrm.avail_out); + + /* inflate! */ + err = inflate(&zstrm, Z_NO_FLUSH); + decompressed_data_len += BUFFER_SIZE - zstrm.avail_out; if (err != Z_OK && err != Z_STREAM_END) { - cli_dbgmsg("PNG: zlib: inflate error\n"); + cli_dbgmsg("PNG: zlib: inflate error: %d, Image decompression failed!\n", err); + inflateEnd(&zstrm); + zstrm_initialized = false; + idat_state = PNG_IDAT_DECOMPRESSION_FAILED; break; } } - inflateEnd(&zstrm); - if (outbuf) { - free(outbuf); - outbuf = NULL; - } - if (uncomp_data > cur_imagesize && err == Z_STREAM_END) { - cli_append_virus(ctx, "Heuristics.PNG.CVE-2010-1205"); - return CL_VIRUS; + if (err == Z_STREAM_END) { + cli_dbgmsg(" TOTAL decompressed: %zu\n", decompressed_data_len); + inflateEnd(&zstrm); + zstrm_initialized = false; + idat_state = PNG_IDAT_DECOMPRESSION_COMPLETE; + + if (decompressed_data_len > image_size) { + status = cli_append_virus(ctx, "Heuristics.PNG.CVE-2010-1205"); + goto done; + } + } else { + cli_dbgmsg(" Decompressed so far: %zu (Additional IDAT chunks expected)\n", decompressed_data_len); } } + } else if (strcmp(chunk_type, "IEND") == 0) { + /*------* + | IEND | + *------*/ + + have_IEND = true; + } else if (strcmp(chunk_type, "pHYs") == 0) { + /*------* + | pHYs | + *------*/ + if (chunk_data_length != 9) { + // Could it be CVE-2007-2365? + cli_dbgmsg("PNG: invalid pHYs length\n"); + } + } else if (strcmp(chunk_type, "tRNS") == 0) { + /*------* + | tRNS | + *------*/ + + if (color_type == 3) { + if ((chunk_data_length > 256 || chunk_data_length > num_palette_entries) && !have_PLTE) { + status = cli_append_virus(ctx, "Heuristics.PNG.CVE-2004-0597"); + goto done; + } + } } - /*------* - | IEND | - *------*/ - else if (strcmp(chunkid, "IEND") == 0) { - have_IEND = 1; + if (fmap_readn(map, &chunk_crc, offset, PNG_CHUNK_CRC_SIZE) != PNG_CHUNK_CRC_SIZE) { + cli_dbgmsg("PNG: EOF while reading chunk crc\n"); + if (SCAN_HEURISTIC_BROKEN_MEDIA) { + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.PNG.EOFReadingChunkCRC"); + status = CL_EPARSE; + } + goto scan_overlay; + } + chunk_crc = be32_to_host(chunk_crc); + cli_dbgmsg(" Chunk CRC: 0x" STDx32 "\n", chunk_crc); + offset += PNG_CHUNK_CRC_SIZE; + + if (have_IEND) { + /* + * That's all, folks! + */ break; - } - /*------* - | pHYs | - *------*/ - else if (strcmp(chunkid, "pHYs") == 0) { + } - if (sz != 9) { - // Could it be CVE-2007-2365? - cli_dbgmsg("PNG: invalid pHYS length\n"); - } - } - /*------* - | tRNS | - *------*/ - else if (strcmp(chunkid, "tRNS") == 0) { + if (!have_IEND) { + cli_dbgmsg("PNG: EOF before IEND chunk!\n"); + } - if (ityp == 3) { - if ((sz > 256 || sz > nplte) && !have_PLTE) { - cli_append_virus(ctx, "Heuristics.PNG.CVE-2004-0597"); - return CL_VIRUS; - } + if (idat_state == PNG_IDAT_DECOMPRESSION_IN_PROGRESS) { + cli_dbgmsg("PNG: EOF before Image data decompression completed, truncated or malformed file?\n"); + } - offset += (sz - toread) + 4; - } +scan_overlay: + if (status == CL_EPARSE) { + /* We added with cli_append_possibly_unwanted so it will alert at the end if nothing else matches. */ + status = CL_CLEAN; + } - // Is there an overlay? - if (have_IEND && (map->len - (offset + 4) > 0)) - return cli_magic_scan_nested_fmap_type(map, offset + 4, map->len - (offset + 4), ctx, CL_TYPE_ANY, NULL); + /* Check if there's an overlay, and scan it if one exists. */ + if (map->len - offset > 0) { + cli_dbgmsg("PNG: Found " STDu64 " additional data after end of PNG! Scanning as a nested file.\n", map->len - offset); + status = cli_magic_scan_nested_fmap_type(map, (size_t)offset, map->len - offset, ctx, CL_TYPE_ANY, NULL); + goto done; + } - return CL_SUCCESS; - } + status = CL_CLEAN; + +done: + if (NULL != decompressed_data) { + free(decompressed_data); } - return CL_SUCCESS; + if (zstrm_initialized) { + inflateEnd(&zstrm); + } + + return status; } diff -Nru clamav-0.103.0+dfsg/libclamav/png.h clamav-0.103.2+dfsg/libclamav/png.h --- clamav-0.103.0+dfsg/libclamav/png.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/png.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2011-2013 Sourcefire, Inc. * Copyright (C) 1995-2007 by Alexander Lehmann , * Andreas Dilger , diff -Nru clamav-0.103.0+dfsg/libclamav/readdb.c clamav-0.103.2+dfsg/libclamav/readdb.c --- clamav-0.103.0+dfsg/libclamav/readdb.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/readdb.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * Copyright (C) 2002-2007 Tomasz Kojm * diff -Nru clamav-0.103.0+dfsg/libclamav/readdb.h clamav-0.103.2+dfsg/libclamav/readdb.h --- clamav-0.103.0+dfsg/libclamav/readdb.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/readdb.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * Copyright (C) 2002-2007 Tomasz Kojm * diff -Nru clamav-0.103.0+dfsg/libclamav/rebuildpe.c clamav-0.103.2+dfsg/libclamav/rebuildpe.c --- clamav-0.103.0+dfsg/libclamav/rebuildpe.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/rebuildpe.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Alberto Wu diff -Nru clamav-0.103.0+dfsg/libclamav/rebuildpe.h clamav-0.103.2+dfsg/libclamav/rebuildpe.h --- clamav-0.103.0+dfsg/libclamav/rebuildpe.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/rebuildpe.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Alberto Wu diff -Nru clamav-0.103.0+dfsg/libclamav/regex_list.c clamav-0.103.2+dfsg/libclamav/regex_list.c --- clamav-0.103.0+dfsg/libclamav/regex_list.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/regex_list.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Match a string against a list of patterns/regexes. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/regex_list.h clamav-0.103.2+dfsg/libclamav/regex_list.h --- clamav-0.103.0+dfsg/libclamav/regex_list.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/regex_list.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Match a string against a list of patterns/regexes. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/regex_pcre.c clamav-0.103.2+dfsg/libclamav/regex_pcre.c --- clamav-0.103.0+dfsg/libclamav/regex_pcre.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/regex_pcre.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Support for PCRE regex variant * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Kevin Lin diff -Nru clamav-0.103.0+dfsg/libclamav/regex_pcre.h clamav-0.103.2+dfsg/libclamav/regex_pcre.h --- clamav-0.103.0+dfsg/libclamav/regex_pcre.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/regex_pcre.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Support for PCRE regex variant * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Kevin Lin diff -Nru clamav-0.103.0+dfsg/libclamav/regex_suffix.c clamav-0.103.2+dfsg/libclamav/regex_suffix.c --- clamav-0.103.0+dfsg/libclamav/regex_suffix.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/regex_suffix.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Parse a regular expression, and extract a static suffix. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/regex_suffix.h clamav-0.103.2+dfsg/libclamav/regex_suffix.h --- clamav-0.103.0+dfsg/libclamav/regex_suffix.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/regex_suffix.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Parse a regular expression, and extract a static suffix. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/rtf.c clamav-0.103.2+dfsg/libclamav/rtf.c --- clamav-0.103.0+dfsg/libclamav/rtf.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/rtf.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Extract embedded objects from RTF files. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/rtf.h clamav-0.103.2+dfsg/libclamav/rtf.h --- clamav-0.103.0+dfsg/libclamav/rtf.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/rtf.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/scanners.c clamav-0.103.2+dfsg/libclamav/scanners.c --- clamav-0.103.0+dfsg/libclamav/scanners.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/scanners.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm @@ -1506,7 +1506,8 @@ cli_ac_freedata(&tmdata); cli_ac_freedata(&gmdata); - return (ret != CL_CLEAN) ? ret : viruses_found ? CL_VIRUS : CL_CLEAN; + return (ret != CL_CLEAN) ? ret : viruses_found ? CL_VIRUS + : CL_CLEAN; } #define min(x, y) ((x) < (y) ? (x) : (y)) @@ -2562,16 +2563,6 @@ return ret; } -static cl_error_t cli_scanjpeg(cli_ctx *ctx) -{ - cl_error_t ret = CL_CLEAN; - - if (cli_check_jpeg_exploit(ctx, 0) == 1) - ret = cli_append_virus(ctx, "Heuristics.Exploit.W32.MS04-028"); - - return ret; -} - static cl_error_t cli_scancryptff(cli_ctx *ctx) { cl_error_t ret = CL_CLEAN, ndesc; @@ -3127,13 +3118,15 @@ } if ((typercg) && - (type != CL_TYPE_GPT) && - (type != CL_TYPE_CPIO_OLD) && - (type != CL_TYPE_ZIP) && - (type != CL_TYPE_OLD_TAR) && - (type != CL_TYPE_POSIX_TAR)) { + // We should also omit bzips, but DMG's may be detected in bzips. (type != CL_TYPE_BZ) && /* Omit BZ files because they can contain portions of original files like zip file entries that cause invalid extractions and lots of warnings. Decompress first, then scan! */ + (type != CL_TYPE_GZ) && /* Omit GZ files because they can contain portions of original files like zip file entries that cause invalid extractions and lots of warnings. Decompress first, then scan! */ + (type != CL_TYPE_GPT) && /* Omit GPT files because it's an image format that we can extract and scan manually. */ + (type != CL_TYPE_CPIO_OLD) && /* Omit CPIO_OLD files because it's an image format that we can extract and scan manually. */ + (type != CL_TYPE_ZIP) && /* Omit ZIP files because it'll detect each zip file entry as SFXZIP, which is a waste. We'll extract it and then scan. */ + (type != CL_TYPE_OLD_TAR) && /* Omit OLD TAR files because it's a raw archive format that we can extract and scan manually. */ + (type != CL_TYPE_POSIX_TAR)) { /* Omit POSIX TAR files because it's a raw archive format that we can extract and scan manually. */ /* - * Enable file type recognition scan mode if requested, except for some raw archive (non-compressed) types, etc. + * Enable file type recognition scan mode if requested, except for some some problematic types (above). */ acmode |= AC_SCAN_FT; } @@ -3487,12 +3480,18 @@ } if (nret != CL_VIRUS) + /* + * Now run the other file type parsers that may rely on file type + * recognition to determine the actual file type. + */ switch (ret) { case CL_TYPE_HTML: /* bb#11196 - autoit script file misclassified as HTML */ if (cli_get_container_intermediate(ctx, -2) == CL_TYPE_AUTOIT) { ret = CL_TYPE_TEXT_ASCII; - } else if (SCAN_PARSE_HTML && (type == CL_TYPE_TEXT_ASCII || type == CL_TYPE_GRAPHICS) && + } else if (SCAN_PARSE_HTML && + (type == CL_TYPE_TEXT_ASCII || + type == CL_TYPE_GIF) && /* Scan GIFs for embedded HTML/Javascript */ (DCONF_DOC & DOC_CONF_HTML)) { *dettype = CL_TYPE_HTML; nret = cli_scanhtml(ctx); @@ -3691,6 +3690,9 @@ typercg = 0; } + /* + * Perform file typing from the start of the file. + */ perf_start(ctx, PERFT_FT); if ((type == CL_TYPE_ANY) || type == CL_TYPE_PART_ANY) { type = cli_determine_fmap_type(*ctx->fmap, ctx->engine, type); @@ -3706,6 +3708,9 @@ #if HAVE_JSON if (SCAN_COLLECT_METADATA) { + /* + * Create JSON object to record metadata during the scan. + */ if (NULL == ctx->properties) { ctx->properties = json_object_new_object(); if (NULL == ctx->properties) { @@ -3789,6 +3794,9 @@ } } + /* + * Check if we've already scanned this file before. + */ perf_start(ctx, PERFT_CACHE); if (!(SCAN_COLLECT_METADATA)) res = cache_check(hash, ctx); @@ -3870,6 +3878,10 @@ } if (type != CL_TYPE_IGNORED && ctx->engine->sdb) { + /* + * If self protection mechanism enabled, do the scanraw() scan first + * before extracting with a file type parser. + */ ret = scanraw(ctx, type, 0, &dettype, (ctx->engine->engine_options & ENGINE_OPTIONS_DISABLE_CACHE) ? NULL : hash); if (ret == CL_EMEM || ret == CL_VIRUS) { ret = cli_checkfp(ctx); @@ -3879,6 +3891,9 @@ } } + /* + * Run the file type parsers that we normally use before the raw scan. + */ ctx->recursion++; perf_nested_start(ctx, PERFT_CONTAINER, PERFT_SCAN); /* set current level as container AFTER recursing */ @@ -4069,6 +4084,7 @@ if (SCAN_PARSE_HTML && (DCONF_DOC & DOC_CONF_HTML)) ret = cli_scanhtml(ctx); break; + case CL_TYPE_HTML_UTF16: if (SCAN_PARSE_HTML && (DCONF_DOC & DOC_CONF_HTML)) ret = cli_scanhtml_utf16(ctx); @@ -4170,31 +4186,32 @@ break; case CL_TYPE_GRAPHICS: - if (SCAN_HEURISTICS && (DCONF_OTHER & OTHER_CONF_JPEG)) - ret = cli_scanjpeg(ctx); - - if (ctx->img_validate && SCAN_HEURISTICS && ret != CL_VIRUS) - ret = cli_parsejpeg(ctx); - - if (ctx->img_validate && SCAN_HEURISTICS && ret != CL_VIRUS && ret != CL_EPARSE) - ret = cli_parsepng(ctx); - - if (ctx->img_validate && SCAN_HEURISTICS && ret != CL_VIRUS && ret != CL_EPARSE) - ret = cli_parsegif(ctx); - - if (ctx->img_validate && SCAN_HEURISTICS && ret != CL_VIRUS && ret != CL_EPARSE) - ret = cli_parsetiff(ctx); - + /* + * This case is for unhandled graphics types such as BMP, JPEG 2000, etc. + * + * Note: JPEG 2000 is a very different format from JPEG, JPEG/JFIF, JPEG/Exif, JPEG/SPIFF (1994, 1997) + * JPEG 2000 is not handled by cli_scanjpeg or cli_parsejpeg. + */ break; case CL_TYPE_GIF: - if (SCAN_HEURISTICS && (DCONF_OTHER & OTHER_CONF_GIF)) + if (SCAN_HEURISTICS && SCAN_HEURISTIC_BROKEN_MEDIA && (DCONF_OTHER & OTHER_CONF_GIF)) ret = cli_parsegif(ctx); break; case CL_TYPE_PNG: if (SCAN_HEURISTICS && (DCONF_OTHER & OTHER_CONF_PNG)) - ret = cli_parsepng(ctx); + ret = cli_parsepng(ctx); /* PNG parser detects a couple CVE's as well as Broken.Media */ + break; + + case CL_TYPE_JPEG: + if (SCAN_HEURISTICS && (DCONF_OTHER & OTHER_CONF_JPEG)) + ret = cli_parsejpeg(ctx); /* JPG parser detects MS04-028 exploits as well as Broken.Media */ + break; + + case CL_TYPE_TIFF: + if (SCAN_HEURISTICS && SCAN_HEURISTIC_BROKEN_MEDIA && (DCONF_OTHER & OTHER_CONF_TIFF) && ret != CL_VIRUS) + ret = cli_parsetiff(ctx); break; case CL_TYPE_PDF: /* FIXMELIMITS: pdf should be an archive! */ @@ -4258,12 +4275,16 @@ perf_nested_stop(ctx, PERFT_CONTAINER, PERFT_SCAN); ctx->recursion--; + /* + * Perform the raw scan, which may include file type recognition signatures. + */ if (ret == CL_VIRUS && !SCAN_ALLMATCHES) { cli_bitset_free(ctx->hook_lsig_matches); ctx->hook_lsig_matches = old_hook_lsig_matches; goto done; } + /* Disable type recognition for the raw scan for zip files larger than maxziptypercg */ if (type == CL_TYPE_ZIP && SCAN_PARSE_ARCHIVE && (DCONF_ARCH & ARCH_CONF_ZIP)) { /* CL_ENGINE_MAX_ZIPTYPERCG */ uint64_t curr_len = (*ctx->fmap)->len; @@ -4337,6 +4358,9 @@ } } + /* + * Now run the rest of the file type parsers. + */ ctx->recursion++; switch (type) { /* bytecode hooks triggered by a lsig must be a hook @@ -4346,8 +4370,6 @@ case CL_TYPE_TEXT_UTF16LE: case CL_TYPE_TEXT_UTF8: perf_nested_start(ctx, PERFT_SCRIPT, PERFT_SCAN); - if (SCAN_PARSE_HTML && (DCONF_DOC & DOC_CONF_HTML)) - ret = cli_scanhtml(ctx); if ((DCONF_DOC & DOC_CONF_SCRIPT) && dettype != CL_TYPE_HTML && (ret != CL_VIRUS || SCAN_ALLMATCHES) && SCAN_PARSE_HTML) ret = cli_scanscript(ctx); if (SCAN_PARSE_MAIL && (DCONF_MAIL & MAIL_CONF_MBOX) && ret != CL_VIRUS && (cli_get_container(ctx, -1) == CL_TYPE_MAIL || dettype == CL_TYPE_MAIL)) { @@ -4562,15 +4584,15 @@ * @param name (optional) Original name of the file (to set fmap name metadata) * @return int CL_SUCCESS, or an error code. */ -static cl_error_t magic_scan_nested_fmap_type(cl_fmap_t *map, off_t offset, size_t length, cli_ctx *ctx, cli_file_t type, const char *name) +static cl_error_t magic_scan_nested_fmap_type(cl_fmap_t *map, size_t offset, size_t length, cli_ctx *ctx, cli_file_t type, const char *name) { cl_error_t ret = CL_CLEAN; cli_dbgmsg("magic_scan_nested_fmap_type: [%zu, +%zu), [" STDi64 ", +%zu)\n", map->nested_offset, map->len, (int64_t)offset, length); - if (offset < 0 || (size_t)offset >= map->len) { - cli_dbgmsg("Invalid offset: %ld\n", (long)offset); + if (offset >= map->len) { + cli_dbgmsg("Invalid offset: %zu\n", offset); return CL_CLEAN; } @@ -4578,8 +4600,8 @@ length = map->len - offset; if (length > map->len - offset) { cli_dbgmsg("Data truncated: %zu -> %zu\n", - length, map->len - (size_t)offset); - length = map->len - (size_t)offset; + length, map->len - offset); + length = map->len - offset; } if (length <= 5) { @@ -4604,16 +4626,15 @@ } /* For map scans that may be forced to disk */ -cl_error_t cli_magic_scan_nested_fmap_type(cl_fmap_t *map, off_t offset, size_t length, cli_ctx *ctx, cli_file_t type, const char *name) +cl_error_t cli_magic_scan_nested_fmap_type(cl_fmap_t *map, size_t offset, size_t length, cli_ctx *ctx, cli_file_t type, const char *name) { - off_t old_off = map->nested_offset; + size_t old_off = map->nested_offset; size_t old_len = map->len; cl_error_t ret = CL_CLEAN; - cli_dbgmsg("cli_magic_scan_nested_fmap_type: [%ld, +%lu)\n", - (long)offset, (unsigned long)length); - if (offset < 0 || (size_t)offset >= old_len) { - cli_dbgmsg("Invalid offset: %ld\n", (long)offset); + cli_dbgmsg("cli_magic_scan_nested_fmap_type: [%zu, +%zu)\n", offset, length); + if (offset >= old_len) { + cli_dbgmsg("Invalid offset: %zu\n", offset); return CL_CLEAN; } @@ -4628,8 +4649,7 @@ if (!length) length = old_len - offset; if (length > old_len - offset) { - cli_dbgmsg("cli_magic_scan_nested_fmap_type: Data truncated: %lu -> %lu\n", - (unsigned long)length, (unsigned long)(old_len - offset)); + cli_dbgmsg("cli_magic_scan_nested_fmap_type: Data truncated: %zu -> %zu\n", length, old_len - offset); length = old_len - offset; } if (length <= 5) { @@ -4637,8 +4657,7 @@ return CL_CLEAN; } if (!CLI_ISCONTAINED(old_off, old_len, old_off + offset, length)) { - cli_dbgmsg("cli_magic_scan_nested_fmap_type: map error occurred [%ld, %zu]\n", - (long)old_off, old_len); + cli_dbgmsg("cli_magic_scan_nested_fmap_type: map error occurred [%zu, %zu]\n", old_off, old_len); return CL_CLEAN; } @@ -4728,7 +4747,12 @@ return CL_ENULLARG; } - /* We have a limit of around 2.17GB (INT_MAX - 2). Enforce it here. */ + /* We have a limit of around 2GB (INT_MAX - 2). Enforce it here. */ + /* TODO: Large file support is large-ly untested. Remove this restriction + * and test with a large set of large files of various types. libclamav's + * integer type safety has come a long way since 2014, so it's possible + * we could lift this restriction, but at least one of the parsers is + * bound to behave badly with large files. */ if ((size_t)(map->real_len) > (size_t)(INT_MAX - 2)) return CL_CLEAN; @@ -5005,10 +5029,20 @@ goto done; } if (sb.st_size <= 5) { - cli_dbgmsg("cl_scandesc_callback: File too small (%u bytes), ignoring\n", (unsigned int)sb.st_size); + cli_dbgmsg("cl_scandesc_callback: File too small (" STDu64 " bytes), ignoring\n", (uint64_t)sb.st_size); status = CL_CLEAN; goto done; } + if ((uint64_t)sb.st_size > engine->maxfilesize) { + cli_dbgmsg("cl_scandesc_callback: File too large (" STDu64 " bytes), ignoring\n", (uint64_t)sb.st_size); + if (scanoptions->heuristic & CL_SCAN_HEURISTIC_EXCEEDS_MAX) { + engine->cb_virus_found(desc, "Heuristics.Limits.Exceeded", context); + status = CL_VIRUS; + } else { + status = CL_CLEAN; + } + goto done; + } if (NULL != filename) { (void)cli_basename(filename, strlen(filename), &filename_base); @@ -5035,6 +5069,15 @@ cl_error_t cl_scanmap_callback(cl_fmap_t *map, const char *filename, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, struct cl_scan_options *scanoptions, void *context) { + if (map->real_len > engine->maxfilesize) { + cli_dbgmsg("cl_scandesc_callback: File too large (%zu bytes), ignoring\n", map->real_len); + if (scanoptions->heuristic & CL_SCAN_HEURISTIC_EXCEEDS_MAX) { + engine->cb_virus_found(fmap_fd(map), "Heuristics.Limits.Exceeded", context); + return CL_VIRUS; + } + return CL_CLEAN; + } + return scan_common(map, filename, virname, scanned, engine, scanoptions, context); } diff -Nru clamav-0.103.0+dfsg/libclamav/scanners.h clamav-0.103.2+dfsg/libclamav/scanners.h --- clamav-0.103.0+dfsg/libclamav/scanners.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/scanners.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm @@ -77,7 +77,7 @@ * @param name (optional) Original name of the file (to set fmap name metadata) * @return int CL_SUCCESS, or an error code. */ -cl_error_t cli_magic_scan_nested_fmap_type(cl_fmap_t *map, off_t offset, size_t length, cli_ctx *ctx, cli_file_t type, const char *name); +cl_error_t cli_magic_scan_nested_fmap_type(cl_fmap_t *map, size_t offset, size_t length, cli_ctx *ctx, cli_file_t type, const char *name); /** * @brief Convenience wrapper for cli_magic_scan_nested_fmap_type(). diff -Nru clamav-0.103.0+dfsg/libclamav/sf_base64decode.c clamav-0.103.2+dfsg/libclamav/sf_base64decode.c --- clamav-0.103.0+dfsg/libclamav/sf_base64decode.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/sf_base64decode.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - ** Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + ** Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. ** Copyright (C) 1998-2013 Sourcefire, Inc. ** ** Written by Patrick Mullen diff -Nru clamav-0.103.0+dfsg/libclamav/sf_base64decode.h clamav-0.103.2+dfsg/libclamav/sf_base64decode.h --- clamav-0.103.0+dfsg/libclamav/sf_base64decode.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/sf_base64decode.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - ** Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + ** Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. ** Copyright (C) 1998-2013 Sourcefire, Inc. ** ** Written by Patrick Mullen diff -Nru clamav-0.103.0+dfsg/libclamav/sis.c clamav-0.103.2+dfsg/libclamav/sis.c --- clamav-0.103.0+dfsg/libclamav/sis.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/sis.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Alberto Wu diff -Nru clamav-0.103.0+dfsg/libclamav/sis.h clamav-0.103.2+dfsg/libclamav/sis.h --- clamav-0.103.0+dfsg/libclamav/sis.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/sis.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Alberto Wu diff -Nru clamav-0.103.0+dfsg/libclamav/special.c clamav-0.103.2+dfsg/libclamav/special.c --- clamav-0.103.0+dfsg/libclamav/special.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/special.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Trog, Török Edvin @@ -92,154 +92,6 @@ return cli_append_virus(ctx, "Heuristics.Worm.Mydoom.M.log"); } -static int jpeg_check_photoshop_8bim(cli_ctx *ctx, off_t *off) -{ - const unsigned char *buf; - uint16_t ntmp; - uint8_t nlength, id[2]; - uint32_t size; - off_t offset = *off; - int retval; - fmap_t *map = *ctx->fmap; - - if (!(buf = fmap_need_off_once(map, offset, 4 + 2 + 1))) { - cli_dbgmsg("read bim failed\n"); - return -1; - } - if (memcmp(buf, "8BIM", 4) != 0) { - cli_dbgmsg("missed 8bim\n"); - return -1; - } - - id[0] = (uint8_t)buf[4]; - id[1] = (uint8_t)buf[5]; - cli_dbgmsg("ID: 0x%.2x%.2x\n", id[0], id[1]); - nlength = buf[6]; - ntmp = nlength + ((((uint16_t)nlength) + 1) & 0x01); - offset += 4 + 2 + 1 + ntmp; - - if (fmap_readn(map, &size, offset, 4) != 4) { - return -1; - } - size = special_endian_convert_32(size); - if (size == 0) { - return -1; - } - if ((size & 0x01) == 1) { - size++; - } - - *off = offset + 4 + size; - /* Is it a thumbnail image: 0x0409 or 0x040c */ - if ((id[0] == 0x04) && ((id[1] == 0x09) || (id[1] == 0x0c))) { - /* Yes */ - cli_dbgmsg("found thumbnail\n"); - } else { - /* No - Seek past record */ - return 0; - } - - /* Jump past header */ - offset += 4 + 28; - - retval = cli_check_jpeg_exploit(ctx, offset); - if (retval == 1) { - cli_dbgmsg("Exploit found in thumbnail\n"); - } - return retval; -} - -static int jpeg_check_photoshop(cli_ctx *ctx, off_t offset) -{ - int retval; - const unsigned char *buffer; - off_t old; - fmap_t *map = *ctx->fmap; - - if (!(buffer = fmap_need_off_once(map, offset, 14))) { - return 0; - } - - if (memcmp(buffer, "Photoshop 3.0", 14) != 0) { - return 0; - } - offset += 14; - - cli_dbgmsg("Found Photoshop segment\n"); - do { - old = offset; - retval = jpeg_check_photoshop_8bim(ctx, &offset); - if (offset <= old) - break; - } while (retval == 0); - - if (retval == -1) { - retval = 0; - } - return retval; -} - -int cli_check_jpeg_exploit(cli_ctx *ctx, off_t offset) -{ - const unsigned char *buffer; - int retval; - fmap_t *map = *ctx->fmap; - - cli_dbgmsg("in cli_check_jpeg_exploit()\n"); - if (ctx->recursion > ctx->engine->maxreclevel) - return CL_EMAXREC; - - if (!(buffer = fmap_need_off_once(map, offset, 2))) - return 0; - if ((buffer[0] != 0xff) || (buffer[1] != 0xd8)) { - return 0; - } - offset += 2; - for (;;) { - off_t new_off; - if (!(buffer = fmap_need_off_once(map, offset, 4))) { - return 0; - } - /* Check for multiple 0xFF values, we need to skip them */ - if ((buffer[0] == 0xff) && (buffer[1] == 0xff)) { - offset++; - continue; - } - offset += 4; - if ((buffer[0] == 0xff) && (buffer[1] == 0xfe)) { - if (buffer[2] == 0x00) { - if ((buffer[3] == 0x00) || (buffer[3] == 0x01)) { - return 1; - } - } - } - if (buffer[0] != 0xff) { - return -1; - } - if (buffer[1] == 0xda) { - /* End of Image marker */ - return 0; - } - - new_off = ((unsigned int)buffer[2] << 8) + buffer[3]; - if (new_off < 2) { - return -1; - } - new_off -= 2; - new_off += offset; - - if (buffer[1] == 0xed) { - /* Possible Photoshop file */ - ctx->recursion++; - retval = jpeg_check_photoshop(ctx, offset); - ctx->recursion--; - if (retval != 0) - return retval; - } - offset = new_off; - } -} - static uint32_t riff_endian_convert_32(uint32_t value, int big_endian) { if (big_endian) diff -Nru clamav-0.103.0+dfsg/libclamav/special.h clamav-0.103.2+dfsg/libclamav/special.h --- clamav-0.103.0+dfsg/libclamav/special.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/special.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Trog @@ -35,7 +35,6 @@ }; int cli_check_mydoom_log(cli_ctx *ctx); -int cli_check_jpeg_exploit(cli_ctx *ctx, off_t offset); int cli_check_riff_exploit(cli_ctx *ctx); void cli_detect_swizz_str(const unsigned char *str, uint32_t len, struct swizz_stats *stats, int blob); int cli_detect_swizz(struct swizz_stats *stats); diff -Nru clamav-0.103.0+dfsg/libclamav/spin.c clamav-0.103.2+dfsg/libclamav/spin.c --- clamav-0.103.0+dfsg/libclamav/spin.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/spin.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Alberto Wu diff -Nru clamav-0.103.0+dfsg/libclamav/spin.h clamav-0.103.2+dfsg/libclamav/spin.h --- clamav-0.103.0+dfsg/libclamav/spin.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/spin.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Alberto Wu diff -Nru clamav-0.103.0+dfsg/libclamav/str.c clamav-0.103.2+dfsg/libclamav/str.c --- clamav-0.103.0+dfsg/libclamav/str.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/str.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm, Nigel Horne, Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/str.h clamav-0.103.2+dfsg/libclamav/str.h --- clamav-0.103.0+dfsg/libclamav/str.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/str.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm, Nigel Horne, Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/swf.c clamav-0.103.2+dfsg/libclamav/swf.c --- clamav-0.103.0+dfsg/libclamav/swf.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/swf.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2011-2013 Sourcefire, Inc. * * The code is based on Flasm, command line assembler & disassembler of Flash diff -Nru clamav-0.103.0+dfsg/libclamav/swf.h clamav-0.103.2+dfsg/libclamav/swf.h --- clamav-0.103.0+dfsg/libclamav/swf.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/swf.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2011-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/libclamav/table.c clamav-0.103.2+dfsg/libclamav/table.c --- clamav-0.103.0+dfsg/libclamav/table.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/table.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Nigel Horne diff -Nru clamav-0.103.0+dfsg/libclamav/table.h clamav-0.103.2+dfsg/libclamav/table.h --- clamav-0.103.0+dfsg/libclamav/table.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/table.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Nigel Horne diff -Nru clamav-0.103.0+dfsg/libclamav/text.c clamav-0.103.2+dfsg/libclamav/text.c --- clamav-0.103.0+dfsg/libclamav/text.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/text.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Nigel Horne diff -Nru clamav-0.103.0+dfsg/libclamav/textdet.c clamav-0.103.2+dfsg/libclamav/textdet.c --- clamav-0.103.0+dfsg/libclamav/textdet.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/textdet.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Text detection based on ascmagic.c from the file(1) utility. * - * Portions Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Portions Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Portions Copyright (C) 2008-2013 Sourcefire, Inc. * * Copyright (c) Ian F. Darwin 1986-1995. @@ -82,14 +82,6 @@ { unsigned int i; - /* Check for the Byte-Order-Mark for UTF-8 */ - if ((len >= 3) && - (buf[0] == 0xEF) && - (buf[1] == 0xBB) && - (buf[2] == 0xBF)) { - return 0; - } - /* Validate that the data all falls within the bounds of * plain ASCII, ISO-8859 text, and non-ISO extended ASCII (Mac, IBM PC) */ @@ -200,6 +192,11 @@ { int ret; + /* + * @TODO: Add UTF8/16/32 BOM Detection to improve text type accuracy. + * Significant regression testing would be needed to ensure that re-typing + * files does not impact efficacy. + */ if (td_isascii(buf, len)) { cli_dbgmsg("Recognized ASCII text\n"); return CL_TYPE_TEXT_ASCII; diff -Nru clamav-0.103.0+dfsg/libclamav/textdet.h clamav-0.103.2+dfsg/libclamav/textdet.h --- clamav-0.103.0+dfsg/libclamav/textdet.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/textdet.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * This program is free software; you can redistribute it and/or modify diff -Nru clamav-0.103.0+dfsg/libclamav/text.h clamav-0.103.2+dfsg/libclamav/text.h --- clamav-0.103.0+dfsg/libclamav/text.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/text.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Nigel Horne diff -Nru clamav-0.103.0+dfsg/libclamav/textnorm.c clamav-0.103.2+dfsg/libclamav/textnorm.c --- clamav-0.103.0+dfsg/libclamav/textnorm.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/textnorm.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Generic text normalizer. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/textnorm.h clamav-0.103.2+dfsg/libclamav/textnorm.h --- clamav-0.103.0+dfsg/libclamav/textnorm.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/textnorm.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Generic text normalizer. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/tiff.c clamav-0.103.2+dfsg/libclamav/tiff.c --- clamav-0.103.0+dfsg/libclamav/tiff.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/tiff.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2015-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2015-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Kevin Lin * @@ -37,7 +37,9 @@ cl_error_t cli_parsetiff(cli_ctx *ctx) { - fmap_t *map = *ctx->fmap; + cl_error_t status = CL_ERROR; + + fmap_t *map = NULL; unsigned char magic[4]; int big_endian; uint32_t offset = 0, ifd_count = 0; @@ -47,37 +49,58 @@ cli_dbgmsg("in cli_parsetiff()\n"); + if (NULL == ctx) { + cli_dbgmsg("TIFF: passed context was NULL\n"); + status = CL_EARG; + goto done; + } + map = *ctx->fmap; + /* check the magic */ - if (fmap_readn(map, magic, offset, 4) != 4) - return CL_SUCCESS; + if (fmap_readn(map, magic, offset, 4) != 4) { + status = CL_CLEAN; + goto done; + } offset += 4; if (!memcmp(magic, "\x4d\x4d\x00\x2a", 4)) big_endian = 1; else if (!memcmp(magic, "\x49\x49\x2a\x00", 4)) big_endian = 0; - else - return CL_SUCCESS; /* Not a TIFF file */ + else { + status = CL_CLEAN; /* Not a TIFF file */ + goto done; + } cli_dbgmsg("cli_parsetiff: %s-endian tiff file\n", big_endian ? "big" : "little"); /* acquire offset of first IFD */ - if (fmap_readn(map, &offset, offset, 4) != 4) - return CL_EPARSE; + if (fmap_readn(map, &offset, offset, 4) != 4) { + cli_dbgmsg("cli_parsetiff: Failed to acquire offset of first IFD, file appears to be truncated.\n"); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.TIFF.EOFReadingFirstIFDOffset"); + status = CL_EPARSE; + goto done; + } offset = tiff32_to_host(big_endian, offset); cli_dbgmsg("cli_parsetiff: first IFD located @ offset %u\n", offset); if (!offset) { - cli_errmsg("cli_parsetiff: invalid offset for first IFD\n"); - return CL_EPARSE; + cli_errmsg("cli_parsetiff: Invalid offset for first IFD\n"); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.TIFF.InvalidIFDOffset"); + status = CL_EPARSE; + goto done; } /* each IFD represents a subfile, though only the first one normally matters */ do { /* acquire number of directory entries in current IFD */ - if (fmap_readn(map, &num_entries, offset, 2) != 2) - return CL_EPARSE; + if (fmap_readn(map, &num_entries, offset, 2) != 2) { + cli_dbgmsg("cli_parsetiff: Failed to acquire number of directory entries in current IFD, file appears to be truncated.\n"); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.TIFF.EOFReadingNumIFDDirectoryEntries"); + status = CL_EPARSE; + goto done; + } offset += 2; num_entries = tiff16_to_host(big_endian, num_entries); @@ -85,8 +108,12 @@ /* transverse IFD entries */ for (i = 0; i < num_entries; i++) { - if (fmap_readn(map, &entry, offset, sizeof(entry)) != sizeof(entry)) - return CL_EPARSE; + if (fmap_readn(map, &entry, offset, sizeof(entry)) != sizeof(entry)) { + cli_dbgmsg("cli_parsetiff: Failed to read next IFD entry, file appears to be truncated.\n"); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.TIFF.EOFReadingIFDEntry"); + status = CL_EPARSE; + goto done; + } offset += sizeof(entry); entry.tag = tiff16_to_host(big_endian, entry.tag); @@ -146,7 +173,8 @@ if (entry.value + value_size > map->len) { cli_warnmsg("cli_parsetiff: TFD entry field %u exceeds bounds of TIFF file [%llu > %llu]\n", i, (long long unsigned)(entry.value + value_size), (long long unsigned)map->len); - return cli_append_virus(ctx, "Heuristics.TIFF.OutOfBoundsAccess"); + status = cli_append_virus(ctx, "Heuristics.Broken.Media.TIFF.OutOfBoundsAccess"); + goto done; } } } @@ -154,12 +182,24 @@ ifd_count++; /* acquire next IFD location, gets 0 if last IFD */ - if (fmap_readn(map, &offset, offset, sizeof(offset)) != sizeof(offset)) - return CL_EPARSE; + if (fmap_readn(map, &offset, offset, sizeof(offset)) != sizeof(offset)) { + cli_dbgmsg("cli_parsetiff: Failed to aquire next IFD location, file appears to be truncated.\n"); + cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.TIFF.EOFReadingChunkCRC"); + status = CL_EPARSE; + goto done; + } offset = tiff32_to_host(big_endian, offset); } while (offset); cli_dbgmsg("cli_parsetiff: examined %u IFD(s)\n", ifd_count); - return CL_SUCCESS; + status = CL_CLEAN; + +done: + if (status == CL_EPARSE) { + /* We added with cli_append_possibly_unwanted so it will alert at the end if nothing else matches. */ + status = CL_CLEAN; + } + + return status; } diff -Nru clamav-0.103.0+dfsg/libclamav/tiff.h clamav-0.103.2+dfsg/libclamav/tiff.h --- clamav-0.103.0+dfsg/libclamav/tiff.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/tiff.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2015-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2015-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Kevin Lin * diff -Nru clamav-0.103.0+dfsg/libclamav/tnef.c clamav-0.103.2+dfsg/libclamav/tnef.c --- clamav-0.103.0+dfsg/libclamav/tnef.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/tnef.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Nigel Horne @@ -266,7 +266,7 @@ /*cli_dbgmsg("%lu %lu\n", (long)(offset + length), ftell(fp));*/ - if (!CLI_ISCONTAINED2(0, fsize, offset, (off_t)length)) { + if (!CLI_ISCONTAINED2(0, fsize, offset, length)) { cli_dbgmsg("TNEF: Incorrect length field in tnef_message\n"); return -1; } diff -Nru clamav-0.103.0+dfsg/libclamav/tnef.h clamav-0.103.2+dfsg/libclamav/tnef.h --- clamav-0.103.0+dfsg/libclamav/tnef.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/tnef.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Nigel Horne diff -Nru clamav-0.103.0+dfsg/libclamav/type_desc.h clamav-0.103.2+dfsg/libclamav/type_desc.h --- clamav-0.103.0+dfsg/libclamav/type_desc.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/type_desc.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * ClamAV bytecode internal API * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/libclamav/unarj.c clamav-0.103.2+dfsg/libclamav/unarj.c --- clamav-0.103.0+dfsg/libclamav/unarj.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/unarj.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Extract component parts of ARJ archives. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Trog diff -Nru clamav-0.103.0+dfsg/libclamav/unarj.h clamav-0.103.2+dfsg/libclamav/unarj.h --- clamav-0.103.0+dfsg/libclamav/unarj.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/unarj.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Extract component parts of ARJ archives * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Nigel Horne diff -Nru clamav-0.103.0+dfsg/libclamav/uniq.c clamav-0.103.2+dfsg/libclamav/uniq.c --- clamav-0.103.0+dfsg/libclamav/uniq.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/uniq.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * md5 based hashtab * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Authors: aCaB diff -Nru clamav-0.103.0+dfsg/libclamav/uniq.h clamav-0.103.2+dfsg/libclamav/uniq.h --- clamav-0.103.0+dfsg/libclamav/uniq.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/uniq.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * md5 based hashtab * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Authors: aCaB diff -Nru clamav-0.103.0+dfsg/libclamav/unsp.c clamav-0.103.2+dfsg/libclamav/unsp.c --- clamav-0.103.0+dfsg/libclamav/unsp.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/unsp.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Alberto Wu diff -Nru clamav-0.103.0+dfsg/libclamav/unsp.h clamav-0.103.2+dfsg/libclamav/unsp.h --- clamav-0.103.0+dfsg/libclamav/unsp.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/unsp.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Alberto Wu diff -Nru clamav-0.103.0+dfsg/libclamav/untar.c clamav-0.103.2+dfsg/libclamav/untar.c --- clamav-0.103.0+dfsg/libclamav/untar.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/untar.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Nigel Horne diff -Nru clamav-0.103.0+dfsg/libclamav/untar.h clamav-0.103.2+dfsg/libclamav/untar.h --- clamav-0.103.0+dfsg/libclamav/untar.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/untar.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Nigel Horne diff -Nru clamav-0.103.0+dfsg/libclamav/unzip.c clamav-0.103.2+dfsg/libclamav/unzip.c --- clamav-0.103.0+dfsg/libclamav/unzip.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/unzip.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Alberto Wu diff -Nru clamav-0.103.0+dfsg/libclamav/unzip.h clamav-0.103.2+dfsg/libclamav/unzip.h --- clamav-0.103.0+dfsg/libclamav/unzip.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/unzip.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Alberto Wu diff -Nru clamav-0.103.0+dfsg/libclamav/upack.c clamav-0.103.2+dfsg/libclamav/upack.c --- clamav-0.103.0+dfsg/libclamav/upack.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/upack.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Michal 'GiM' Spadlinski diff -Nru clamav-0.103.0+dfsg/libclamav/upack.h clamav-0.103.2+dfsg/libclamav/upack.h --- clamav-0.103.0+dfsg/libclamav/upack.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/upack.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Michal 'GiM' Spadlinski diff -Nru clamav-0.103.0+dfsg/libclamav/upx.c clamav-0.103.2+dfsg/libclamav/upx.c --- clamav-0.103.0+dfsg/libclamav/upx.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/upx.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Alberto Wu diff -Nru clamav-0.103.0+dfsg/libclamav/upx.h clamav-0.103.2+dfsg/libclamav/upx.h --- clamav-0.103.0+dfsg/libclamav/upx.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/upx.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Alberto Wu diff -Nru clamav-0.103.0+dfsg/libclamav/uuencode.c clamav-0.103.2+dfsg/libclamav/uuencode.c --- clamav-0.103.0+dfsg/libclamav/uuencode.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/uuencode.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Nigel Horne diff -Nru clamav-0.103.0+dfsg/libclamav/uuencode.h clamav-0.103.2+dfsg/libclamav/uuencode.h --- clamav-0.103.0+dfsg/libclamav/uuencode.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/uuencode.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Nigel Horne diff -Nru clamav-0.103.0+dfsg/libclamav/vba_extract.c clamav-0.103.2+dfsg/libclamav/vba_extract.c --- clamav-0.103.0+dfsg/libclamav/vba_extract.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/vba_extract.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Extract VBA source code for component MS Office Documents * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Trog, Nigel Horne diff -Nru clamav-0.103.0+dfsg/libclamav/vba_extract.h clamav-0.103.2+dfsg/libclamav/vba_extract.h --- clamav-0.103.0+dfsg/libclamav/vba_extract.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/vba_extract.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Extract VBA source code for component MS Office Documents * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Trog, Nigel Horne diff -Nru clamav-0.103.0+dfsg/libclamav/wwunpack.c clamav-0.103.2+dfsg/libclamav/wwunpack.c --- clamav-0.103.0+dfsg/libclamav/wwunpack.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/wwunpack.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Alberto Wu diff -Nru clamav-0.103.0+dfsg/libclamav/wwunpack.h clamav-0.103.2+dfsg/libclamav/wwunpack.h --- clamav-0.103.0+dfsg/libclamav/wwunpack.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/wwunpack.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Alberto Wu diff -Nru clamav-0.103.0+dfsg/libclamav/xar.c clamav-0.103.2+dfsg/libclamav/xar.c --- clamav-0.103.0+dfsg/libclamav/xar.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/xar.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2013 Sourcefire, Inc. * * Authors: Steven Morgan diff -Nru clamav-0.103.0+dfsg/libclamav/xar.h clamav-0.103.2+dfsg/libclamav/xar.h --- clamav-0.103.0+dfsg/libclamav/xar.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/xar.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2013 Sourcefire, Inc. * * Authors: David Raynor diff -Nru clamav-0.103.0+dfsg/libclamav/xlm_extract.c clamav-0.103.2+dfsg/libclamav/xlm_extract.c --- clamav-0.103.0+dfsg/libclamav/xlm_extract.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/xlm_extract.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Extract XLM (Excel 4.0) macro source code for component MS Office Documents * - * Copyright (C) 2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2020-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Jonas Zaddach * @@ -3804,6 +3804,9 @@ } } data_pos += 3 + str_len; + } else { + cli_dbgmsg("[cli_xlm_extract_macros] Invalid or truncated string record!\n"); + goto done; } break; case ptgAttr: diff -Nru clamav-0.103.0+dfsg/libclamav/xlm_extract.h clamav-0.103.2+dfsg/libclamav/xlm_extract.h --- clamav-0.103.0+dfsg/libclamav/xlm_extract.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/xlm_extract.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Extract XLM (Excel 4.0) macro source code for component MS Office Documents * - * Copyright (C) 2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2020-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Jonas Zaddach * @@ -21,7 +21,7 @@ */ /** - * Throughout this file, I refer to the Microsoft Office Excel 97 - 2007 Binary File Format (.xls) Specification, which can be found + * Throughout this file, I refer to the Microsoft Office Excel 97 - 2007 Binary File Format (.xls) Specification, which can be found * here: http://download.microsoft.com/download/5/0/1/501ED102-E53F-4CE0-AA6B-B0F93629DDC6/Office/Excel97-2007BinaryFileFormat(xls)Specification.pdf */ diff -Nru clamav-0.103.0+dfsg/libclamav/xz_iface.c clamav-0.103.2+dfsg/libclamav/xz_iface.c --- clamav-0.103.0+dfsg/libclamav/xz_iface.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/xz_iface.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2013 Sourcefire, Inc. * * Authors: Steven Morgan (smorgan@sourcefire.com) diff -Nru clamav-0.103.0+dfsg/libclamav/xz_iface.h clamav-0.103.2+dfsg/libclamav/xz_iface.h --- clamav-0.103.0+dfsg/libclamav/xz_iface.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/xz_iface.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2013 Sourcefire, Inc. * * Authors: Steven Morgan (smorgan@sourcefire.com) diff -Nru clamav-0.103.0+dfsg/libclamav/yara_clam.h clamav-0.103.2+dfsg/libclamav/yara_clam.h --- clamav-0.103.0+dfsg/libclamav/yara_clam.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/yara_clam.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Main YARA header file for ClamAV * - * Copyright (C) 2014-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2014-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Steven Morgan * diff -Nru clamav-0.103.0+dfsg/libclamav/yara_grammar.y clamav-0.103.2+dfsg/libclamav/yara_grammar.y --- clamav-0.103.0+dfsg/libclamav/yara_grammar.y 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/yara_grammar.y 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * YARA rule parser for ClamAV * - * Copyright (C) 2014-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2014-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Steven Morgan * diff -Nru clamav-0.103.0+dfsg/libclamav/yara_lexer.c clamav-0.103.2+dfsg/libclamav/yara_lexer.c --- clamav-0.103.0+dfsg/libclamav/yara_lexer.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/yara_lexer.c 2021-04-06 19:03:43.000000000 +0000 @@ -46,7 +46,7 @@ #if defined (__STDC_VERSION__) && __STDC_VERSION__ >= 199901L /* C99 says to define __STDC_LIMIT_MACROS before including stdint.h, - * if you want the limit (max/min) macros for int types. + * if you want the limit (max/min) macros for int types. */ #ifndef __STDC_LIMIT_MACROS #define __STDC_LIMIT_MACROS 1 @@ -63,7 +63,7 @@ typedef signed char flex_int8_t; typedef short int flex_int16_t; typedef int flex_int32_t; -typedef unsigned char flex_uint8_t; +typedef unsigned char flex_uint8_t; typedef unsigned short int flex_uint16_t; typedef unsigned int flex_uint32_t; @@ -187,7 +187,7 @@ #define EOB_ACT_CONTINUE_SCAN 0 #define EOB_ACT_END_OF_FILE 1 #define EOB_ACT_LAST_MATCH 2 - + /* Note: We specifically omit the test for yy_rule_can_match_eol because it requires * access to the local variable yy_act. Since yyless() is a macro, it would break * existing scanners that call yyless() from OUTSIDE yylex. @@ -209,7 +209,7 @@ if ( *p == '\n' )\ --yylineno;\ }while(0) - + /* Return all but the first "n" matched characters back to the input stream. */ #define yyless(n) \ do \ @@ -612,9 +612,9 @@ /* Table of booleans, true if rule could match eol. */ static const flex_int32_t yy_rule_can_match_eol[76] = { 0, -0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 0, 0, 0, 1, 0, 0, 1, 1, 0, 0, }; /* The intent behind this definition is that it'll catch @@ -628,7 +628,7 @@ /* * YARA rule lexer for ClamAV * - * Copyright (C) 2014-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2014-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Steven Morgan * @@ -777,7 +777,7 @@ /* This must go here because YYSTYPE and YYLTYPE are included * from bison output in section 1.*/ # define yylval yyg->yylval_r - + int yylex_init (yyscan_t* scanner); int yylex_init_extra ( YY_EXTRA_TYPE user_defined, yyscan_t* scanner); @@ -832,7 +832,7 @@ #endif #ifndef YY_NO_UNPUT - + #endif #ifndef yytext_ptr @@ -1046,7 +1046,7 @@ int yyl; for ( yyl = 0; yyl < yyleng; ++yyl ) if ( yytext[yyl] == '\n' ) - + do{ yylineno++; yycolumn=0; }while(0) @@ -2196,7 +2196,7 @@ yyg->yy_hold_char = *++yyg->yy_c_buf_p; if ( c == '\n' ) - + do{ yylineno++; yycolumn=0; }while(0) @@ -2279,7 +2279,7 @@ YY_BUFFER_STATE yy_create_buffer (FILE * file, int size , yyscan_t yyscanner) { YY_BUFFER_STATE b; - + b = (YY_BUFFER_STATE) yyalloc( sizeof( struct yy_buffer_state ) , yyscanner ); if ( ! b ) YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" ); @@ -2345,7 +2345,7 @@ } b->yy_is_interactive = file ? (isatty( fileno(file) ) > 0) : 0; - + errno = oerrno; } @@ -2487,7 +2487,7 @@ YY_BUFFER_STATE yy_scan_buffer (char * base, yy_size_t size , yyscan_t yyscanner) { YY_BUFFER_STATE b; - + if ( size < 2 || base[size-2] != YY_END_OF_BUFFER_CHAR || base[size-1] != YY_END_OF_BUFFER_CHAR ) @@ -2523,7 +2523,7 @@ */ YY_BUFFER_STATE yy_scan_string (const char * yystr , yyscan_t yyscanner) { - + return yy_scan_bytes( yystr, (int) strlen(yystr) , yyscanner); } @@ -2540,7 +2540,7 @@ char *buf; yy_size_t n; int i; - + /* Get memory for full buffer, including space for trailing EOB's. */ n = (yy_size_t) (_yybytes_len + 2); buf = (char *) yyalloc( n , yyscanner ); @@ -2613,7 +2613,7 @@ if (! YY_CURRENT_BUFFER) return 0; - + return yylineno; } @@ -2626,7 +2626,7 @@ if (! YY_CURRENT_BUFFER) return 0; - + return yycolumn; } @@ -2688,7 +2688,7 @@ /* lineno is only valid if an input buffer exists. */ if (! YY_CURRENT_BUFFER ) YY_FATAL_ERROR( "yyset_lineno called with no buffer" ); - + yylineno = _line_number; } @@ -2703,7 +2703,7 @@ /* column is only valid if an input buffer exists. */ if (! YY_CURRENT_BUFFER ) YY_FATAL_ERROR( "yyset_column called with no buffer" ); - + yycolumn = _column_no; } @@ -3108,4 +3108,3 @@ return compiler->errors; } - diff -Nru clamav-0.103.0+dfsg/libclamav/yara_lexer.l clamav-0.103.2+dfsg/libclamav/yara_lexer.l --- clamav-0.103.0+dfsg/libclamav/yara_lexer.l 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/yara_lexer.l 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * YARA rule lexer for ClamAV * - * Copyright (C) 2014-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2014-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Steven Morgan * diff -Nru clamav-0.103.0+dfsg/libclamav/yara_parser.c clamav-0.103.2+dfsg/libclamav/yara_parser.c --- clamav-0.103.0+dfsg/libclamav/yara_parser.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/yara_parser.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * YARA parser for ClamAV: back-end functions * - * Copyright (C) 2014-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2014-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Steven Morgan * diff -Nru clamav-0.103.0+dfsg/libclamav/yc.c clamav-0.103.2+dfsg/libclamav/yc.c --- clamav-0.103.0+dfsg/libclamav/yc.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/yc.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Ivan Zlatev diff -Nru clamav-0.103.0+dfsg/libclamav/yc.h clamav-0.103.2+dfsg/libclamav/yc.h --- clamav-0.103.0+dfsg/libclamav/yc.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamav/yc.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Alberto Wu diff -Nru clamav-0.103.0+dfsg/libclamunrar_iface/unrar_iface.cpp clamav-0.103.2+dfsg/libclamunrar_iface/unrar_iface.cpp --- clamav-0.103.0+dfsg/libclamunrar_iface/unrar_iface.cpp 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamunrar_iface/unrar_iface.cpp 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Interface to libclamunrar * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Trog, Torok Edvin, Tomasz Kojm, Micah Snyder diff -Nru clamav-0.103.0+dfsg/libclamunrar_iface/unrar_iface.h clamav-0.103.2+dfsg/libclamunrar_iface/unrar_iface.h --- clamav-0.103.0+dfsg/libclamunrar_iface/unrar_iface.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libclamunrar_iface/unrar_iface.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Interface to libclamunrar * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Trog, Torok Edvin, Tomasz Kojm, Micah Snyder diff -Nru clamav-0.103.0+dfsg/libfreshclam/CMakeLists.txt clamav-0.103.2+dfsg/libfreshclam/CMakeLists.txt --- clamav-0.103.0+dfsg/libfreshclam/CMakeLists.txt 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libfreshclam/CMakeLists.txt 2021-04-06 19:03:43.000000000 +0000 @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2020-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. cmake_minimum_required( VERSION 3.12...3.13 ) diff -Nru clamav-0.103.0+dfsg/libfreshclam/dns.c clamav-0.103.2+dfsg/libfreshclam/dns.c --- clamav-0.103.0+dfsg/libfreshclam/dns.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libfreshclam/dns.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * Copyright (C) 2004-2007 Tomasz Kojm 2004 Tomasz Kojm * diff -Nru clamav-0.103.0+dfsg/libfreshclam/dns.h clamav-0.103.2+dfsg/libfreshclam/dns.h --- clamav-0.103.0+dfsg/libfreshclam/dns.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libfreshclam/dns.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * Copyright (C) 2004-2007 Tomasz Kojm * diff -Nru clamav-0.103.0+dfsg/libfreshclam/libfreshclam.c clamav-0.103.2+dfsg/libfreshclam/libfreshclam.c --- clamav-0.103.0+dfsg/libfreshclam/libfreshclam.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libfreshclam/libfreshclam.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * Copyright (C) 2002-2007 Tomasz Kojm * @@ -113,6 +113,10 @@ return "Memory allocation error"; case FC_EARG: return "Invalid argument(s)"; + case FC_EFORBIDDEN: + return "Forbidden; Blocked by CDN"; + case FC_ERETRYLATER: + return "Too many requests; Retry later"; default: return "Unknown libfreshclam error code!"; } @@ -246,6 +250,17 @@ g_bCompressLocalDatabase = fcConfig->bCompressLocalDatabase; + /* Load or create mirrors.dat */ + if (FC_SUCCESS != load_mirrors_dat()) { + logg("*Failed to load mirrors.dat; will create a new mirrors.dat\n"); + + if (FC_SUCCESS != new_mirrors_dat()) { + logg("^Failed to create a new mirrors.dat!\n"); + status = FC_EINIT; + goto done; + } + } + status = FC_SUCCESS; done: @@ -293,6 +308,10 @@ free(g_tempDirectory); g_tempDirectory = NULL; } + if (NULL != g_mirrorsDat) { + free(g_mirrorsDat); + g_mirrorsDat = NULL; + } } fc_error_t fc_prune_database_directory(char **databaseList, uint32_t nDatabases) @@ -627,8 +646,7 @@ } case FC_ECONNECTION: case FC_EBADCVD: - case FC_EFAILEDGET: - case FC_EMIRRORNOTSYNC: { + case FC_EFAILEDGET: { if (attempt < g_maxAttempts) { logg("Trying again in 5 secs...\n"); sleep(5); @@ -642,8 +660,52 @@ } break; } + case FC_EMIRRORNOTSYNC: { + logg("Received an older %s CVD than was advertised. We'll retry so the incremental update will ensure we're up-to-date.\n", database); + break; + } + case FC_EFORBIDDEN: { + logg("^FreshClam received error code 403 from the ClamAV Content Delivery Network (CDN).\n"); + logg("This could mean several things:\n"); + logg(" 1. You are running an out-of-date version of ClamAV / FreshClam.\n"); + logg(" Ensure you are the most updated version by visiting https://www.clamav.net/downloads\n"); + logg(" 2. Your network is explicitly denied by the FreshClam CDN.\n"); + logg(" In order to rectify this please check that you are:\n"); + logg(" a. Running an up-to-date version of FreshClam\n"); + logg(" b. Running FreshClam no more than once an hour\n"); + logg(" c. If you have checked (a) and (b), please open a ticket at\n"); + logg(" https://bugzilla.clamav.net under the 'Mirrors' component\n"); + logg(" and we will investigate why your network is blocked.\n"); + status = ret; + goto done; + break; + } + case FC_ERETRYLATER: { + char retry_after_string[26]; + struct tm *tm_info; + tm_info = localtime(&g_mirrorsDat->retry_after); + if (NULL == tm_info) { + logg("!Failed to query the local time for the retry-after date!\n"); + status = FC_ERROR; + goto done; + } + strftime(retry_after_string, 26, "%Y-%m-%d %H:%M:%S", tm_info); + logg("^FreshClam received error code 429 from the ClamAV Content Delivery Network (CDN).\n"); + logg("This means that you have been rate limited by the CDN.\n"); + logg(" 1. Run FreshClam no more than once an hour to check for updates.\n"); + logg(" FreshClam should check DNS first to see if an update is needed.\n"); + logg(" 2. If you have more than 10 hosts on your network attempting to download,\n"); + logg(" it is recommended that you set up a private mirror on your network using\n"); + logg(" cvdupdate (https://pypi.org/project/cvdupdate/) to save bandwidth on the\n"); + logg(" CDN and your own network.\n"); + logg(" 3. Please do not open a ticket asking for an exemption from the rate limit,\n"); + logg(" it will not be granted.\n"); + logg("^You are on cool-down until after: %s\n", retry_after_string); + goto success; + break; + } default: { - logg("!Unexpected error when attempting to update database: %s\n", database); + logg("!Unexpected error when attempting to update %s: %s\n", database, fc_strerror(ret)); status = ret; goto done; } @@ -688,6 +750,38 @@ *nUpdated = 0; + if (g_mirrorsDat->retry_after > 0) { + if (g_mirrorsDat->retry_after > time(NULL)) { + /* We're on cool-down, try again later. */ + char retry_after_string[26]; + struct tm *tm_info; + tm_info = localtime(&g_mirrorsDat->retry_after); + if (NULL == tm_info) { + logg("!Failed to query the local time for the retry-after date!\n"); + status = FC_ERROR; + goto done; + } + strftime(retry_after_string, 26, "%Y-%m-%d %H:%M:%S", tm_info); + logg("^FreshClam previously received error code 429 from the ClamAV Content Delivery Network (CDN).\n"); + logg("This means that you have been rate limited by the CDN.\n"); + logg(" 1. Run FreshClam no more than once an hour to check for updates.\n"); + logg(" FreshClam should check DNS first to see if an update is needed.\n"); + logg(" 2. If you have more than 10 hosts on your network attempting to download,\n"); + logg(" it is recommended that you set up a private mirror on your network using\n"); + logg(" cvdupdate (https://pypi.org/project/cvdupdate/) to save bandwidth on the\n"); + logg(" CDN and your own network.\n"); + logg(" 3. Please do not open a ticket asking for an exemption from the rate limit,\n"); + logg(" it will not be granted.\n"); + logg("^You are still on cool-down until after: %s\n", retry_after_string); + status = FC_SUCCESS; + goto done; + } else { + g_mirrorsDat->retry_after = 0; + logg("^Cool-down expired, ok to try again.\n"); + save_mirrors_dat(); + } + } + for (i = 0; i < nDatabases; i++) { if (FC_SUCCESS != (ret = fc_update_database( databaseList[i], @@ -698,7 +792,6 @@ bScriptedUpdates, context, &bUpdated))) { - logg("^fc_update_databases: fc_update_database failed: %s (%d)\n", fc_strerror(ret), ret); status = ret; goto done; } @@ -777,6 +870,46 @@ } break; } + case FC_EFORBIDDEN: { + logg("^FreshClam received error code 403 from the ClamAV Content Delivery Network (CDN).\n"); + logg("This could mean several things:\n"); + logg(" 1. You are running an out-of-date version of ClamAV / FreshClam.\n"); + logg(" Ensure you are the most updated version by visiting https://www.clamav.net/downloads\n"); + logg(" 2. Your network is explicitly denied by the FreshClam CDN.\n"); + logg(" In order to rectify this please check that you are:\n"); + logg(" a. Running an up-to-date version of FreshClam\n"); + logg(" b. Running FreshClam no more than once an hour\n"); + logg(" c. If you have checked (a) and (b), please open a ticket at\n"); + logg(" https://bugzilla.clamav.net under the 'Mirrors' component\n"); + logg(" and we will investigate why your network is blocked.\n"); + status = ret; + goto done; + break; + } + case FC_ERETRYLATER: { + char retry_after_string[26]; + struct tm *tm_info; + tm_info = localtime(&g_mirrorsDat->retry_after); + if (NULL == tm_info) { + logg("!Failed to query the local time for the retry-after date!\n"); + status = FC_ERROR; + goto done; + } + strftime(retry_after_string, 26, "%Y-%m-%d %H:%M:%S", tm_info); + logg("^FreshClam received error code 429 from the ClamAV Content Delivery Network (CDN).\n"); + logg("This means that you have been rate limited by the CDN.\n"); + logg(" 1. Run FreshClam no more than once an hour to check for updates.\n"); + logg(" FreshClam should check DNS first to see if an update is needed.\n"); + logg(" 2. If you have more than 10 hosts on your network attempting to download,\n"); + logg(" it is recommended that you set up a private mirror on your network using\n"); + logg(" cvdupdate (https://pypi.org/project/cvdupdate/) to save bandwidth on the\n"); + logg(" CDN and your own network.\n"); + logg(" 3. Please do not open a ticket asking for an exemption from the rate limit,\n"); + logg(" it will not be granted.\n"); + logg("^You are on cool-down until after: %s\n", retry_after_string); + goto success; + break; + } default: { logg("Unexpected error when attempting to update from custom database URL: %s\n", urlDatabase); status = ret; diff -Nru clamav-0.103.0+dfsg/libfreshclam/libfreshclam.h clamav-0.103.2+dfsg/libfreshclam/libfreshclam.h --- clamav-0.103.0+dfsg/libfreshclam/libfreshclam.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libfreshclam/libfreshclam.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * Copyright (C) 2002-2007 Tomasz Kojm * @@ -24,7 +24,7 @@ #include "clamav-types.h" /* - * Freshclam configuration flag options. + * FreshClam configuration flag options. */ // clang-format off #define FC_CONFIG_MSG_DEBUG 0x1 // Enable debug messages. @@ -79,7 +79,10 @@ FC_ELOGGING, FC_EFAILEDUPDATE, FC_EMEM, - FC_EARG + FC_EARG, + FC_EFORBIDDEN, + FC_ERETRYLATER, + FC_ERROR } fc_error_t; /** @@ -240,7 +243,7 @@ */ /** - * @brief Freshclam callback Download Complete + * @brief FreshClam callback Download Complete * * Called after each database has been downloaded or updated. * diff -Nru clamav-0.103.0+dfsg/libfreshclam/libfreshclam_internal.c clamav-0.103.2+dfsg/libfreshclam/libfreshclam_internal.c --- clamav-0.103.0+dfsg/libfreshclam/libfreshclam_internal.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libfreshclam/libfreshclam_internal.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * Copyright (C) 2002-2007 Tomasz Kojm * @@ -66,6 +66,7 @@ #include #include +#include #include "target.h" @@ -115,6 +116,263 @@ uint32_t g_bCompressLocalDatabase = 0; +mirrors_dat_v1_t *g_mirrorsDat = NULL; + +/** @brief Generate a Version 4 UUID according to RFC-4122 + * + * Uses the openssl RAND_bytes function to generate a Version 4 UUID. + * + * Copyright 2021 Karthik Velakur with some modifications by the ClamAV team. + * License: MIT + * From: https://gist.github.com/kvelakur/9069c9896577c3040030 + * + * @param buffer A buffer that is SIZEOF_UUID_V4 + */ +static void uuid_v4_gen(char *buffer) +{ + union { + struct + { + uint32_t time_low; + uint16_t time_mid; + uint16_t time_hi_and_version; + uint8_t clk_seq_hi_res; + uint8_t clk_seq_low; + uint8_t node[6]; + }; + uint8_t __rnd[16]; + } uuid; + + if (0 >= RAND_bytes(uuid.__rnd, sizeof(uuid.__rnd))) { + /* Failed to generate random bytes for new UUID */ + memset(uuid.__rnd, 0, sizeof(uuid.__rnd)); + uuid.time_low = (uint32_t)time(NULL); + } + + // Refer Section 4.2 of RFC-4122 + // https://tools.ietf.org/html/rfc4122#section-4.2 + uuid.clk_seq_hi_res = (uint8_t)((uuid.clk_seq_hi_res & 0x3F) | 0x80); + uuid.time_hi_and_version = (uint16_t)((uuid.time_hi_and_version & 0x0FFF) | 0x4000); + + snprintf(buffer, SIZEOF_UUID_V4, "%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x", + uuid.time_low, uuid.time_mid, uuid.time_hi_and_version, + uuid.clk_seq_hi_res, uuid.clk_seq_low, + uuid.node[0], uuid.node[1], uuid.node[2], + uuid.node[3], uuid.node[4], uuid.node[5]); + buffer[SIZEOF_UUID_V4 - 1] = 0; + + return; +} + +fc_error_t load_mirrors_dat(void) +{ + fc_error_t status = FC_EINIT; + int handle = -1; + ssize_t bread = 0; + mirrors_dat_v1_t *mdat = NULL; + uint32_t version = 0; + char magic[13] = {0}; + + /* Change directory to database directory */ + if (chdir(g_databaseDirectory)) { + logg("!Can't change dir to %s\n", g_databaseDirectory); + status = FC_EDIRECTORY; + goto done; + } + logg("*Current working dir is %s\n", g_databaseDirectory); + + if (-1 == (handle = open("mirrors.dat", O_RDONLY | O_BINARY))) { + char currdir[PATH_MAX]; + + if (getcwd(currdir, sizeof(currdir))) + logg("*Can't open mirrors.dat in %s\n", currdir); + else + logg("*Can't open mirrors.dat in the current directory\n"); + + logg("*It probably doesn't exist yet. That's ok.\n"); + status = FC_EFILE; + goto done; + } + + if (strlen(MIRRORS_DAT_MAGIC) != (bread = read(handle, &magic, strlen(MIRRORS_DAT_MAGIC)))) { + char error_message[260]; + cli_strerror(errno, error_message, 260); + logg("!Can't read magic from mirrors.dat. Bytes read: %zi, error: %s\n", bread, error_message); + goto done; + } + if (0 != strncmp(magic, MIRRORS_DAT_MAGIC, strlen(MIRRORS_DAT_MAGIC))) { + logg("*Magic bytes for mirrors.dat did not match expectations.\n"); + goto done; + } + + if (sizeof(uint32_t) != (bread = read(handle, &version, sizeof(uint32_t)))) { + char error_message[260]; + cli_strerror(errno, error_message, 260); + logg("!Can't read version from mirrors.dat. Bytes read: %zi, error: %s\n", bread, error_message); + goto done; + } + + switch (version) { + case 1: { + /* Verify that file size is as expected. */ + off_t file_size = lseek(handle, 0L, SEEK_END); + + if (strlen(MIRRORS_DAT_MAGIC) + sizeof(mirrors_dat_v1_t) != (size_t)file_size) { + logg("*mirrors.dat is bigger than expected: %zu != %ld\n", sizeof(mirrors_dat_v1_t), file_size); + goto done; + } + + /* Rewind to just after the magic bytes and read data struct */ + lseek(handle, strlen(MIRRORS_DAT_MAGIC), SEEK_SET); + + mdat = malloc(sizeof(mirrors_dat_v1_t)); + if (NULL == mdat) { + logg("!Failed to allocate memory for mirrors.dat\n"); + status = FC_EMEM; + goto done; + } + + if (sizeof(mirrors_dat_v1_t) != (bread = read(handle, mdat, sizeof(mirrors_dat_v1_t)))) { + char error_message[260]; + cli_strerror(errno, error_message, 260); + logg("!Can't read from mirrors.dat. Bytes read: %zi, error: %s\n", bread, error_message); + goto done; + } + + /* Got it. */ + close(handle); + handle = -1; + + /* This is the latest version. + If we change the format in the future, we may wish to create a new + mirrors dat struct, import the relevant bits to the new format, + and then save (overwrite) mirrors.dat with the new data. */ + if (NULL != g_mirrorsDat) { + free(g_mirrorsDat); + } + g_mirrorsDat = mdat; + mdat = NULL; + break; + } + default: { + logg("*mirrors.dat version is different than expected: %u != %u\n", 1, version); + goto done; + } + } + + logg("*Loaded mirrors.dat:\n"); + logg("* version: %d\n", g_mirrorsDat->version); + logg("* uuid: %s\n", g_mirrorsDat->uuid); + if (g_mirrorsDat->retry_after > 0) { + char retry_after_string[26]; + struct tm *tm_info = localtime(&g_mirrorsDat->retry_after); + if (NULL == tm_info) { + logg("!Failed to query the local time for the retry-after date!\n"); + goto done; + } + strftime(retry_after_string, 26, "%Y-%m-%d %H:%M:%S", tm_info); + logg("* retry-after: %s\n", retry_after_string); + } + + status = FC_SUCCESS; + +done: + if (-1 != handle) { + close(handle); + } + if (FC_SUCCESS != status) { + if (NULL != mdat) { + free(mdat); + } + if (NULL != g_mirrorsDat) { + free(g_mirrorsDat); + g_mirrorsDat = NULL; + } + } + + return status; +} + +fc_error_t save_mirrors_dat(void) +{ + fc_error_t status = FC_EINIT; + int handle = -1; + + if (NULL == g_mirrorsDat) { + logg("!Attempted to save mirrors data to mirrors.dat before initializing it!\n"); + goto done; + } + + if (-1 == (handle = open("mirrors.dat", O_WRONLY | O_CREAT | O_TRUNC | O_BINARY, 0644))) { + char currdir[PATH_MAX]; + + if (getcwd(currdir, sizeof(currdir))) + logg("!Can't create mirrors.dat in %s\n", currdir); + else + logg("!Can't create mirrors.dat in the current directory\n"); + + logg("Hint: The database directory must be writable for UID %d or GID %d\n", getuid(), getgid()); + status = FC_EDBDIRACCESS; + goto done; + } + if (-1 == write(handle, MIRRORS_DAT_MAGIC, strlen(MIRRORS_DAT_MAGIC))) { + logg("!Can't write to mirrors.dat\n"); + } + if (-1 == write(handle, g_mirrorsDat, sizeof(mirrors_dat_v1_t))) { + logg("!Can't write to mirrors.dat\n"); + } + + logg("*Saved mirrors.dat\n"); + + status = FC_SUCCESS; +done: + if (-1 != handle) { + close(handle); + } + + return status; +} + +fc_error_t new_mirrors_dat(void) +{ + fc_error_t status = FC_EINIT; + + mirrors_dat_v1_t *mdat = calloc(1, sizeof(mirrors_dat_v1_t)); + if (NULL == mdat) { + logg("!Failed to allocate memory for mirrors.dat\n"); + status = FC_EMEM; + goto done; + } + + mdat->version = 1; + mdat->retry_after = 0; + uuid_v4_gen(mdat->uuid); + + if (NULL != g_mirrorsDat) { + free(g_mirrorsDat); + } + g_mirrorsDat = mdat; + + logg("*Creating new mirrors.dat\n"); + + if (FC_SUCCESS != save_mirrors_dat()) { + logg("!Failed to save mirrors.dat!\n"); + status = FC_EFILE; + goto done; + } + + status = FC_SUCCESS; + +done: + if (FC_SUCCESS != status) { + if (NULL != mdat) { + free(mdat); + } + g_mirrorsDat = NULL; + } + return status; +} + /** * @brief Get DNS text record field # for official databases. * @@ -135,7 +393,7 @@ return 0; } -#if LIBCURL_VERSION_NUM >= 0x073d00 +#if (LIBCURL_VERSION_MAJOR > 7) || ((LIBCURL_VERSION_MAJOR == 7) && (LIBCURL_VERSION_MINOR >= 61)) /* In libcurl 7.61.0, support was added for extracting the time in plain microseconds. Older libcurl versions are stuck in using 'double' for this information so we complicate this example a bit by supporting either @@ -282,7 +540,7 @@ return 0; } -#if LIBCURL_VERSION_NUM < 0x072000 +#if (LIBCURL_VERSION_MAJOR < 7) || ((LIBCURL_VERSION_MAJOR == 7) && (LIBCURL_VERSION_MINOR < 32)) /** * Function from curl example code, Copyright (C) 1998 - 2018, Daniel Stenberg, see COPYING.curl for license details * Older style progress bar callback shim; for libcurl older than 7.32.0 ( CURLOPT_PROGRESSFUNCTION ). @@ -328,12 +586,19 @@ goto done; } - if (g_userAgent) + if (g_userAgent) { strncpy(userAgent, g_userAgent, sizeof(userAgent)); - else + } else { + /* + * Use a randomly generated UUID in the User-Agent + * We'll try to load it from a file in the database directory. + * If none exists, we'll create a new one and save it to said file. + */ snprintf(userAgent, sizeof(userAgent), - PACKAGE "/%s (OS: " TARGET_OS_TYPE ", ARCH: " TARGET_ARCH_TYPE ", CPU: " TARGET_CPU_TYPE ")", - get_version()); + PACKAGE "/%s (OS: " TARGET_OS_TYPE ", ARCH: " TARGET_ARCH_TYPE ", CPU: " TARGET_CPU_TYPE ", UUID: %s)", + get_version(), + g_mirrorsDat->uuid); + } userAgent[sizeof(userAgent) - 1] = 0; if (mprintf_verbose) { @@ -575,13 +840,11 @@ /* * Request CVD header. */ - logg("Reading CVD header (%s): ", cvdfile); - urlLen = strlen(server) + strlen("/") + strlen(cvdfile); url = malloc(urlLen + 1); snprintf(url, urlLen + 1, "%s/%s", server, cvdfile); - logg("*Trying to retrieve CVD header from %s\n", url); + logg("Trying to retrieve CVD header from %s\n", url); if (FC_SUCCESS != (ret = create_curl_handle( bHttpServer, // Set extra HTTP-specific headers. @@ -602,7 +865,7 @@ prog.curl = curl; prog.bComplete = 0; -#if LIBCURL_VERSION_NUM >= 0x072000 +#if (LIBCURL_VERSION_MAJOR > 7) || ((LIBCURL_VERSION_MAJOR == 7) && (LIBCURL_VERSION_MINOR >= 32)) /* xferinfo was introduced in 7.32.0, no earlier libcurl versions will compile as they won't have the symbols around. @@ -732,6 +995,34 @@ status = FC_UPTODATE; goto done; } + case 403: { + status = FC_EFORBIDDEN; + break; + } + case 429: { + status = FC_ERETRYLATER; + + curl_off_t retry_after = 0; + +#if (LIBCURL_VERSION_MAJOR > 7) || ((LIBCURL_VERSION_MAJOR == 7) && (LIBCURL_VERSION_MINOR >= 66)) + /* CURLINFO_RETRY_AFTER was introduced in libcurl 7.66 */ + + /* Find out how long we should wait before allowing a retry. */ + curl_easy_getinfo(curl, CURLINFO_RETRY_AFTER, &retry_after); +#endif + + if (retry_after > 0) { + /* The response gave us a Retry-After date. Use that. */ + g_mirrorsDat->retry_after = time(NULL) + (time_t)retry_after; + } else { + /* Try again in no less than 4 hours if the response didn't specify + or if CURLINFO_RETRY_AFTER is not supported. */ + g_mirrorsDat->retry_after = time(NULL) + 60 * 60 * 4; + } + (void)save_mirrors_dat(); + + break; + } case 404: { if (g_proxyServer) logg("^remote_cvdhead: file not found: %s (Proxy: %s:%u)\n", url, g_proxyServer, g_proxyPort); @@ -865,7 +1156,7 @@ prog.curl = curl; prog.bComplete = 0; -#if LIBCURL_VERSION_NUM >= 0x072000 +#if (LIBCURL_VERSION_MAJOR > 7) || ((LIBCURL_VERSION_MAJOR == 7) && (LIBCURL_VERSION_MINOR >= 32)) /* xferinfo was introduced in 7.32.0, no earlier libcurl versions will compile as they won't have the symbols around. @@ -1000,6 +1291,34 @@ status = FC_UPTODATE; break; } + case 403: { + status = FC_EFORBIDDEN; + break; + } + case 429: { + status = FC_ERETRYLATER; + + curl_off_t retry_after = 0; + +#if (LIBCURL_VERSION_MAJOR > 7) || ((LIBCURL_VERSION_MAJOR == 7) && (LIBCURL_VERSION_MINOR >= 66)) + /* CURLINFO_RETRY_AFTER was introduced in libcurl 7.66 */ + + /* Find out how long we should wait before allowing a retry. */ + curl_easy_getinfo(curl, CURLINFO_RETRY_AFTER, &retry_after); +#endif + + if (retry_after > 0) { + /* The response gave us a Retry-After date. Use that. */ + g_mirrorsDat->retry_after = time(NULL) + (time_t)retry_after; + } else { + /* Try again in no less than 4 hours if the response didn't specify + or if CURLINFO_RETRY_AFTER is not supported. */ + g_mirrorsDat->retry_after = time(NULL) + 60 * 60 * 4; + } + (void)save_mirrors_dat(); + + break; + } case 404: { if (g_proxyServer) logg("^downloadFile: file not found: %s (Proxy: %s:%u)\n", url, g_proxyServer, g_proxyPort); @@ -1050,6 +1369,7 @@ const char *cvdfile, const char *tmpfile, char *server, + uint32_t ifModifiedSince, unsigned int remoteVersion, int logerr) { @@ -1071,8 +1391,13 @@ url = malloc(urlLen + 1); snprintf(url, urlLen + 1, "%s/%s", server, cvdfile); - if (FC_SUCCESS != (ret = downloadFile(url, tmpfile, 1, logerr, 0))) { - logg("%cgetcvd: Can't download %s from %s\n", logerr ? '!' : '^', cvdfile, url); + ret = downloadFile(url, tmpfile, 1, logerr, ifModifiedSince); + if (ret == FC_UPTODATE) { + logg("%s is up-to-date.\n", cvdfile); + status = ret; + goto done; + } else if (ret > FC_UPTODATE) { + logg("%cCan't download %s from %s\n", logerr ? '!' : '^', cvdfile, url); status = ret; goto done; } @@ -1080,55 +1405,42 @@ /* Temporarily rename file to correct extension for verification. */ tmpfile_with_extension = strdup(tmpfile); if (!tmpfile_with_extension) { - logg("!getcvd: Can't allocate memory for temp file with extension!\n"); + logg("!Can't allocate memory for temp file with extension!\n"); status = FC_EMEM; goto done; } strncpy(tmpfile_with_extension + strlen(tmpfile_with_extension) - 4, cvdfile + strlen(cvdfile) - 4, 4); if (rename(tmpfile, tmpfile_with_extension) == -1) { - logg("!getcvd: Can't rename %s to %s: %s\n", tmpfile, tmpfile_with_extension, strerror(errno)); + logg("!Can't rename %s to %s: %s\n", tmpfile, tmpfile_with_extension, strerror(errno)); status = FC_EDBDIRACCESS; goto done; } if (CL_SUCCESS != (cl_ret = cl_cvdverify(tmpfile_with_extension))) { - logg("!getcvd: Verification: %s\n", cl_strerror(cl_ret)); + logg("!Verification: %s\n", cl_strerror(cl_ret)); status = FC_EBADCVD; goto done; } if (NULL == (cvd = cl_cvdhead(tmpfile_with_extension))) { - logg("!getcvd: Can't read CVD header of new %s database.\n", cvdfile); + logg("!Can't read CVD header of new %s database.\n", cvdfile); status = FC_EBADCVD; goto done; } /* Rename the file back to the original, since verification passed. */ if (rename(tmpfile_with_extension, tmpfile) == -1) { - logg("!getcvd: Can't rename %s to %s: %s\n", tmpfile_with_extension, tmpfile, strerror(errno)); + logg("!Can't rename %s to %s: %s\n", tmpfile_with_extension, tmpfile, strerror(errno)); status = FC_EDBDIRACCESS; goto done; } if (cvd->version < remoteVersion) { - if (cvd->version == remoteVersion - 1) { - logg("*The %s database downloaded from %s is one version older than advertised in the DNS TXT record.\n", - cvdfile, - server); - - /* - * Tolerate an off-by-one version mismatch. - * Chances are the new version was just published and the CDN is still updating. - */ - status = FC_SUCCESS; - goto done; - } else { - logg("!The %s database downloaded from %s is more than one version older than the version advertised in the DNS TXT record.\n", - cvdfile, - server); - status = FC_EMIRRORNOTSYNC; - goto done; - } + logg("*The %s database downloaded from %s is older than the version advertised in the DNS TXT record.\n", + cvdfile, + server); + status = FC_EMIRRORNOTSYNC; + goto done; } status = FC_SUCCESS; @@ -1144,7 +1456,10 @@ if (NULL != url) { free(url); } - if (FC_SUCCESS != status) { + if ( + (FC_SUCCESS != status) && + (FC_EMIRRORNOTSYNC != status) /* Keep older version, it's better than nothing. */ + ) { if (NULL != tmpfile) { unlink(tmpfile); } @@ -1281,7 +1596,7 @@ if (ret == FC_EEMPTYFILE) { logg("Empty script %s, need to download entire database\n", patch); } else { - logg("%cgetpatch: Can't download %s from %s\n", logerr ? '!' : '^', patch, url); + logg("%cdownloadPatch: Can't download %s from %s\n", logerr ? '!' : '^', patch, url); } status = ret; goto done; @@ -1719,7 +2034,8 @@ uint32_t *localVersion, uint32_t *remoteVersion, char **localFilename, - char **remoteFilename) + char **remoteFilename, + uint32_t *localTimestamp) { fc_error_t ret; fc_error_t status = FC_EARG; @@ -1728,13 +2044,13 @@ struct cl_cvd *local_database = NULL; char *remotename = NULL; - uint32_t localver = 0; - uint32_t localTimestamp = 0; - uint32_t remotever = 0; + uint32_t localver = 0; + uint32_t remotever = 0; if ((NULL == database) || (NULL == server) || (NULL == localVersion) || (NULL == remoteVersion) || - (NULL == localFilename) || (NULL == remoteFilename)) { + (NULL == localFilename) || (NULL == remoteFilename) || + (NULL == localTimestamp)) { logg("!check_for_new_database_version: Invalid args!\n"); goto done; } @@ -1743,6 +2059,7 @@ *remoteVersion = 0; *localFilename = NULL; *remoteFilename = NULL; + *localTimestamp = 0; /* * Check local database version (if exists) @@ -1751,8 +2068,8 @@ logg("*check_for_new_database_version: No local copy of \"%s\" database.\n", database); } else { logg("*check_for_new_database_version: Local copy of %s found: %s.\n", database, localname); - localTimestamp = local_database->stime; - localver = local_database->version; + *localTimestamp = local_database->stime; + localver = local_database->version; } /* @@ -1760,7 +2077,7 @@ */ ret = query_remote_database_version( database, - localTimestamp, + *localTimestamp, dnsUpdateInfo, server, bPrivateMirror, @@ -1778,15 +2095,15 @@ database, localver, remotever); break; } - // else: Fall-through to Up-to-date case. + /* fall-through */ } case FC_UPTODATE: { if (NULL == local_database) { - logg("!check_for_new_database_version: server claims we're up to date, but we don't have a local database!\n"); + logg("!check_for_new_database_version: server claims we're up-to-date, but we don't have a local database!\n"); status = FC_EFAILEDGET; goto done; } - logg("%s database is up to date (version: %d, sigs: %d, f-level: %d, builder: %s)\n", + logg("%s database is up-to-date (version: %d, sigs: %d, f-level: %d, builder: %s)\n", localname, local_database->version, local_database->sigs, @@ -1798,6 +2115,12 @@ remotever = localver; break; } + case FC_EFORBIDDEN: { + /* We tried to look up the version using HTTP and were actively blocked. */ + logg("!check_for_new_database_version: Blocked from using server %s.\n", server); + status = FC_EFORBIDDEN; + goto done; + } default: { logg("!check_for_new_database_version: Failed to find %s database using server %s.\n", database, server); status = FC_EFAILEDGET; @@ -1858,11 +2181,12 @@ struct cl_cvd *cvd = NULL; - uint32_t localVersion = 0; - uint32_t remoteVersion = 0; - char *localFilename = NULL; - char *remoteFilename = NULL; - char *newLocalFilename = NULL; + uint32_t localTimestamp = 0; + uint32_t localVersion = 0; + uint32_t remoteVersion = 0; + char *localFilename = NULL; + char *remoteFilename = NULL; + char *newLocalFilename = NULL; char *tmpdir = NULL; char *tmpfile = NULL; @@ -1892,7 +2216,8 @@ &localVersion, &remoteVersion, &localFilename, - &remoteFilename))) { + &remoteFilename, + &localTimestamp))) { logg("*updatedb: %s database update failed.\n", database); status = ret; goto done; @@ -1914,8 +2239,21 @@ /* * Download entire file. */ - ret = getcvd(remoteFilename, tmpfile, server, remoteVersion, logerr); - if (FC_SUCCESS != ret) { + ret = getcvd(remoteFilename, tmpfile, server, localTimestamp, remoteVersion, logerr); + if (FC_UPTODATE == ret) { + logg("^Expected newer version of %s database but the server's copy is not newer than our local file (version %d).\n", database, localVersion); + if (NULL != localFilename) { + /* Received a 304 (not modified), must be up-to-date after all */ + *dbFilename = cli_strdup(localFilename); + } + goto up_to_date; + } else if (FC_EMIRRORNOTSYNC == ret) { + /* Let's accept this older version, but keep the error code. + * We'll have fc_update_database() retry using CDIFFs. + */ + logg("*Received an older %s CVD than was advertised. We'll keep it and try updating to the latest version with CDIFFs.\n", database); + status = ret; + } else if (FC_SUCCESS != ret) { status = ret; goto done; } @@ -1925,7 +2263,8 @@ /* * Attempt scripted/CDIFF incremental update. */ - ret = FC_SUCCESS; + ret = FC_SUCCESS; + uint32_t numPatchesReceived = 0; tmpdir = cli_gentemp(g_tempDirectory); if (!tmpdir) { @@ -1966,11 +2305,19 @@ break; } } - if (FC_SUCCESS != ret) + if (FC_SUCCESS == ret) { + numPatchesReceived += 1; + } else { break; + } } - if (FC_SUCCESS != ret) { + if ( + (FC_EEMPTYFILE == ret) || /* Request a new CVD if we got an empty CDIFF. */ + (FC_SUCCESS != ret && ( /* Or if the incremental update failed: */ + (0 == numPatchesReceived) && /* 1. Ask for the CVD if we didn't get any patches, */ + (localVersion < remoteVersion - 1) /* 2. AND if we're more than 1 version out of date. */ + ))) { /* * Incremental update failed or intentionally disabled. */ @@ -1980,17 +2327,34 @@ logg("^Incremental update failed, trying to download %s\n", remoteFilename); } - ret = getcvd(remoteFilename, tmpfile, server, remoteVersion, logerr); + ret = getcvd(remoteFilename, tmpfile, server, localTimestamp, remoteVersion, logerr); if (FC_SUCCESS != ret) { - status = ret; - goto done; + if (FC_EMIRRORNOTSYNC == status) { + /* Note: We can't retry with CDIFF's if FC_EMIRRORNOTSYNC happened here. + * If we did there could be an infinite loop. + * Best option is to accept the older CVD. + */ + logg("^Received an older %s CVD than was advertised. Incremental updates either failed or are disabled, so we'll have to settle for a slightly out-of-date database.\n", database); + status = FC_SUCCESS; + } else { + status = ret; + goto done; + } } newLocalFilename = cli_strdup(remoteFilename); + } else if (0 == numPatchesReceived) { + logg("The database server doesn't have the latest patch for the %s database (version %u). The server will likely have updated if you check again in a few hours.\n", database, remoteVersion); + goto up_to_date; } else { /* * CDIFFs downloaded; Use CDIFFs to turn old CVD/CLD into new updated CLD. */ + if (numPatchesReceived < remoteVersion - localVersion) { + logg("Downloaded %u patches for %s, which is fewer than the %u expected patches.\n", numPatchesReceived, database, remoteVersion - localVersion); + logg("We'll settle for this partial-update, at least for now.\n"); + } + size_t newLocalFilenameLen = 0; if (FC_SUCCESS != buildcld(tmpdir, database, tmpfile, g_bCompressLocalDatabase)) { logg("!updatedb: Incremental update failed. Failed to build CLD.\n"); @@ -2087,7 +2451,9 @@ up_to_date: - status = FC_SUCCESS; + if (status != FC_EMIRRORNOTSYNC) { + status = FC_SUCCESS; + } done: @@ -2176,7 +2542,7 @@ remote_dbtime = statbuf.st_mtime; dbtime = (CLAMSTAT(databaseName, &statbuf) != -1) ? statbuf.st_mtime : 0; if (dbtime > remote_dbtime) { - logg("%s is up to date (version: custom database)\n", databaseName); + logg("%s is up-to-date (version: custom database)\n", databaseName); goto up_to_date; } @@ -2203,7 +2569,7 @@ ret = downloadFile(url, tmpfile, 1, logerr, dbtime); if (ret == FC_UPTODATE) { - logg("%s is up to date (version: custom database)\n", databaseName); + logg("%s is up-to-date (version: custom database)\n", databaseName); goto up_to_date; } else if (ret > FC_UPTODATE) { logg("%cCan't download %s from %s\n", logerr ? '!' : '^', databaseName, url); diff -Nru clamav-0.103.0+dfsg/libfreshclam/libfreshclam_internal.h clamav-0.103.2+dfsg/libfreshclam/libfreshclam_internal.h --- clamav-0.103.0+dfsg/libfreshclam/libfreshclam_internal.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libfreshclam/libfreshclam_internal.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * Copyright (C) 2002-2007 Tomasz Kojm * @@ -32,6 +32,14 @@ #define DNS_EXTRADBINFO_RECORDTIME 1 // clang-format on +#define SIZEOF_UUID_V4 37 /** For uuid_v4_gen(), includes NULL byte */ +#define MIRRORS_DAT_MAGIC "FreshClamData" /** Magic bytes for mirrors.dat found before mirrors_dat_v1_t */ +typedef struct _mirrors_dat_v1 { + uint32_t version; /** version of this dat format */ + char uuid[SIZEOF_UUID_V4]; /** uuid to be used in user-agent */ + time_t retry_after; /** retry date. If > 0, don't update until after this date */ +} mirrors_dat_v1_t; + /* ---------------------------------------------------------------------------- * Internal libfreshclam globals */ @@ -55,6 +63,12 @@ extern uint32_t g_bCompressLocalDatabase; +extern mirrors_dat_v1_t *g_mirrorsDat; + +fc_error_t load_mirrors_dat(void); +fc_error_t save_mirrors_dat(void); +fc_error_t new_mirrors_dat(void); + fc_error_t updatedb( const char *database, const char *dnsUpdateInfo, diff -Nru clamav-0.103.0+dfsg/libfreshclam/libfreshclam_main.c clamav-0.103.2+dfsg/libfreshclam/libfreshclam_main.c --- clamav-0.103.0+dfsg/libfreshclam/libfreshclam_main.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libfreshclam/libfreshclam_main.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2010-2013 Sourcefire, Inc. * * Authors: aCaB diff -Nru clamav-0.103.0+dfsg/libfreshclam/Makefile.am clamav-0.103.2+dfsg/libfreshclam/Makefile.am --- clamav-0.103.0+dfsg/libfreshclam/Makefile.am 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/libfreshclam/Makefile.am 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ # -# Copyright (C) 2015-2020 Cisco Systems +# Copyright (C) 2015-2021 Cisco Systems # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by diff -Nru clamav-0.103.0+dfsg/libfreshclam/Makefile.in clamav-0.103.2+dfsg/libfreshclam/Makefile.in --- clamav-0.103.0+dfsg/libfreshclam/Makefile.in 2020-09-13 00:27:51.000000000 +0000 +++ clamav-0.103.2+dfsg/libfreshclam/Makefile.in 2021-04-06 19:04:44.000000000 +0000 @@ -15,7 +15,7 @@ @SET_MAKE@ # -# Copyright (C) 2015-2020 Cisco Systems +# Copyright (C) 2015-2021 Cisco Systems # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by diff -Nru clamav-0.103.0+dfsg/m4/reorganization/version.m4 clamav-0.103.2+dfsg/m4/reorganization/version.m4 --- clamav-0.103.0+dfsg/m4/reorganization/version.m4 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/m4/reorganization/version.m4 2021-04-06 19:03:43.000000000 +0000 @@ -3,7 +3,7 @@ dnl For beta, set: VERSION="-beta" dnl For release candidate, set: VERSION="-rc" dnl For release, set: VERSION="" -VERSION="0.103.0" +VERSION="0.103.2" major=`echo $PACKAGE_VERSION |cut -d. -f1 | sed -e "s/[^0-9]//g"` minor=`echo $PACKAGE_VERSION |cut -d. -f2 | sed -e "s/[^0-9]//g"` diff -Nru clamav-0.103.0+dfsg/Makefile.am clamav-0.103.2+dfsg/Makefile.am --- clamav-0.103.0+dfsg/Makefile.am 2020-10-22 18:07:47.000000000 +0000 +++ clamav-0.103.2+dfsg/Makefile.am 2021-04-12 18:43:41.000000000 +0000 @@ -1,5 +1,5 @@ # -# Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. # Copyright (C) 2007-2013 Sourcefire, Inc. # Copyright (C) 2002-2007 Tomasz Kojm # diff -Nru clamav-0.103.0+dfsg/Makefile.in clamav-0.103.2+dfsg/Makefile.in --- clamav-0.103.0+dfsg/Makefile.in 2020-10-22 18:07:47.000000000 +0000 +++ clamav-0.103.2+dfsg/Makefile.in 2021-04-12 18:43:41.000000000 +0000 @@ -15,7 +15,7 @@ @SET_MAKE@ # -# Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. # Copyright (C) 2007-2013 Sourcefire, Inc. # Copyright (C) 2002-2007 Tomasz Kojm # diff -Nru clamav-0.103.0+dfsg/NEWS.md clamav-0.103.2+dfsg/NEWS.md --- clamav-0.103.0+dfsg/NEWS.md 2020-09-13 00:27:09.000000000 +0000 +++ clamav-0.103.2+dfsg/NEWS.md 2021-04-06 19:03:42.000000000 +0000 @@ -3,6 +3,150 @@ Note: This file refers to the source tarball. Things described here may differ slightly from the binary packages. +## 0.103.2 + +ClamAV 0.103.2 is a security patch release with the following fixes: + +- [CVE-2021-1386](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1386): + Fix for UnRAR DLL load privilege escalation. + Affects 0.103.1 and prior on Windows only. + +- [CVE-2021-1252](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1252): + Fix for Excel XLM parser infinite loop. + Affects 0.103.0 and 0.103.1 only. + +- [CVE-2021-1404](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1404): + Fix for PDF parser buffer over-read; possible crash. + Affects 0.103.0 and 0.103.1 only. + +- [CVE-2021-1405](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1405): + Fix for mail parser NULL-dereference crash. + Affects 0.103.1 and prior. + +- Fix possible memory leak in PNG parser. + +- Fix ClamOnAcc scan on file-creation race condition so files are scanned after + their contents are written. + +- FreshClam: Deprecate the `SafeBrowsing` config option. + The `SafeBrowsing` option will no longer do anything. + + For more details, see: + https://blog.clamav.net/2020/06/the-future-of-clamav-safebrowsing.html + + > _Tip_: If creating and hosting your own `safebrowing.gdb` database, you can + > use the `DatabaseCustomURL` option in `freshclam.conf` to download it. + +- FreshClam: Improved HTTP 304, 403, & 429 handling. + +- FreshClam: Add back the `mirrors.dat` file to the database directory. + This new `mirrors.dat` file will store: + - A randomly generated UUID for the FreshClam User-Agent. + - A retry-after timestamp that so FreshClam won't try to update after + having received an HTTP 429 response until the Retry-After timeout has + expired. + +- FreshClam will now exit with a failure in daemon mode if an HTTP 403 + (Forbidden) was received, because retrying later won't help any. + The FreshClam user will have to take actions to get unblocked. + +- Fix the FreshClam mirror-sync issue where a downloaded database is "older + than the version advertised." + + If a new CVD download gets a version that is older than advertised, FreshClam + will keep the older version and retry the update so that the incremental + update process (CDIFF patch process) will update to the latest version. + +## 0.103.1 + +ClamAV 0.103.1 is a patch release with the following fixes and improvements. + +### Notable changes + +- Added a new scan option to alert on broken media (graphics) file formats. + This feature mitigates the risk of malformed media files intended to exploit + vulnerabilities in other software. + At present media validation exists for JPEG, TIFF, PNG, and GIF files. + To enable this feature, set `AlertBrokenMedia yes` in clamd.conf, or use + the `--alert-broken-media` option when using `clamscan`. + These options are disabled by default in this patch release, but may be + enabled in a subsequent release. + Application developers may enable this scan option by enabling + `CL_SCAN_HEURISTIC_BROKEN_MEDIA` for the `heuristic` scan option bit field. + +- Added CL_TYPE_TIFF, CL_TYPE_JPEG types to match GIF, PNG typing behavior. + BMP and JPEG 2000 files will continue to detect as CL_TYPE_GRAPHICS because + ClamAV does not yet have BMP or JPEG 2000 format checking capabilities. + +### Bug fixes + +- Fixed PNG parser logic bugs that caused an excess of parsing errors and fixed + a stack exhaustion issue affecting some systems when scanning PNG files. + PNG file type detection was disabled via signature database update for + ClamAV version 0.103.0 to mitigate the effects from these bugs. + +- Fixed an issue where PNG and GIF files no longer work with Target:5 graphics + signatures if detected as CL_TYPE_PNG/GIF rather than as CL_TYPE_GRAPHICS. + Target types now support up to 10 possible file types to make way for + additional graphics types in future releases. + +- Fixed clamonacc's `--fdpass` option. + + File descriptor passing (or "fd-passing") is a mechanism by which clamonacc + and clamdscan may transfer an open file to clamd to scan, even if clamd is + running as a non-privileged user and wouldn't otherwise have read-access to + the file. This enables clamd to scan all files without having to run clamd as + root. If possible, clamd should never be run as root so as to mitigate the + risk in case clamd is somehow compromised while scanning malware. + + Interprocess file descriptor passing for clamonacc was broken since version + 0.102.0 due to a bug introduced by the switch to curl for communicating with + clamd. On Linux, passing file descriptors from one process to another is + handled by the kernel, so we reverted clamonacc to use standard system calls + for socket communication when fd passing is enabled. + +- Fixed a clamonacc stack corruption issue on some systems when using an older + version of libcurl. Patch courtesy of Emilio Pozuelo Monfort. + +- Allow clamscan and clamdscan scans to proceed even if the realpath lookup + failed. This alleviates an issue on Windows scanning files hosted on file- + systems that do not support the GetMappedFileNameW() API such as on ImDisk + RAM-disks. + +- Fixed freshclam --on-update-execute=EXIT_1 temporary directory cleanup issue. + +- `clamd`'s log output and VirusEvent now provide the scan target's file path + instead of a file descriptor. The clamd socket API for submitting a scan by + FD-passing doesn't include a file path, this feature works by looking up the + file path by file descriptor. This feature works on Mac and Linux but is not + yet implemented for other UNIX operating systems. + FD-passing is not available for Windows. + +- Fixed an issue where freshclam database validation didn't work correctly when + run in daemon mode on Linux/Unix. + +### Other improvements + +- Scanning JPEG, TIFF, PNG, and GIF files will no longer return "parse" errors + when file format validation fails. Instead, the scan will alert with the + "Heuristics.Broken.Media" signature prefix and a descriptive suffix to + indicate the issue, provided that the "alert broken media" feature is enabled. + +- GIF format validation will no longer fail if the GIF image is missing the + trailer byte, as this appears to be a relatively common issue in otherwise + functional GIF files. + +- Added a TIFF dynamic configuration (DCONF) option, which was missing. + This will allow us to disable TIFF format validation via signature database + update in the event that it proves to be problematic. + This feature already exists for many other file types. + +### Acknowledgements + +The ClamAV team thanks the following individuals for their code submissions: + +- Emilio Pozuelo Monfort + ## 0.103.0 ClamAV 0.103.0 includes the following improvements and changes. @@ -312,7 +456,7 @@ - Fixed an issue where running freshclam manually causes a daemonized freshclam process to fail when it updates because the manual instance deletes the - temporary download directory. Freshclam temporary files will now download to a + temporary download directory. FreshClam temporary files will now download to a unique directory created at the time of an update instead of using a hardcoded directory created/destroyed at the program start/exit. @@ -801,7 +945,7 @@ numeric value. You can read more about this feature, see how it works, and look over examples in [our documentation](docs/UserManual/Signatures.md). - Backwards compatibility improvements for detecting the OpenSSL dependency. -- Freshclam updated to match exit codes defined in the freshclam.1 man page. +- FreshClam updated to match exit codes defined in the freshclam.1 man page. - Upgrade from libmspack 0.5alpha to libmspack 0.7.1alpha. As a reminder, we support system-installed versions of libmspack. _However_, at this time the ClamAV-provided version of libmspack provides additional abilities to parse @@ -1376,7 +1520,7 @@ - Crashes of clamd on Windows and Mac OS X platforms when reloading the virus signature database. - Infinite loop in clamdscan when clamd is not running. -- Freshclam failure on Solaris 10. +- FreshClam failure on Solaris 10. - Buffer underruns when handling multi-part MIME email attachments. - Configuration of OpenSSL on various platforms. - Name collisions on Ubuntu 14.04, Debian sid, and Slackware 14.1. @@ -1836,7 +1980,7 @@ Numbers and credit card numbers (clamd: StructuredDataDetection, clamscan: --detect-structured; additional fine-tuning options are available) -- IPv6 Support: Freshclam now supports IPv6 +- IPv6 Support: FreshClam now supports IPv6 - Improved Scanning of Scripts: The normalization of scripts now covers JavaScript @@ -3125,7 +3269,7 @@ - clamav.linux-sxs.org: database mirror - rsync from clamav.ozforces.com (thanks to Douglas J Hunley ) - Freshclam will automatically use them when the main server is not + FreshClam will automatically use them when the main server is not accessible. - Official port in FreeBSD available ! (maintained by Masahiro Teramoto diff -Nru clamav-0.103.0+dfsg/shared/actions.c clamav-0.103.2+dfsg/shared/actions.c --- clamav-0.103.0+dfsg/shared/actions.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/shared/actions.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Author: aCaB, Micah Snyder diff -Nru clamav-0.103.0+dfsg/shared/actions.h clamav-0.103.2+dfsg/shared/actions.h --- clamav-0.103.0+dfsg/shared/actions.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/shared/actions.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Authors: aCaB diff -Nru clamav-0.103.0+dfsg/shared/cert_util.c clamav-0.103.2+dfsg/shared/cert_util.c --- clamav-0.103.0+dfsg/shared/cert_util.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/shared/cert_util.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * OpenSSL certificate caching. * - * Copyright (C) 2016-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2016-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Russ Kubik * diff -Nru clamav-0.103.0+dfsg/shared/cert_util_internal.h clamav-0.103.2+dfsg/shared/cert_util_internal.h --- clamav-0.103.0+dfsg/shared/cert_util_internal.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/shared/cert_util_internal.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Internal certificate utility methods and data structures. * - * Copyright (C) 2016-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2016-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Russ Kubik * diff -Nru clamav-0.103.0+dfsg/shared/clamdcom.c clamav-0.103.2+dfsg/shared/clamdcom.c --- clamav-0.103.0+dfsg/shared/clamdcom.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/shared/clamdcom.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Author: aCaB diff -Nru clamav-0.103.0+dfsg/shared/clamdcom.h clamav-0.103.2+dfsg/shared/clamdcom.h --- clamav-0.103.0+dfsg/shared/clamdcom.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/shared/clamdcom.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Author: aCaB diff -Nru clamav-0.103.0+dfsg/shared/CMakeLists.txt clamav-0.103.2+dfsg/shared/CMakeLists.txt --- clamav-0.103.0+dfsg/shared/CMakeLists.txt 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/shared/CMakeLists.txt 2021-04-06 19:03:43.000000000 +0000 @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2020-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. cmake_minimum_required( VERSION 3.12...3.13 ) diff -Nru clamav-0.103.0+dfsg/shared/fdpassing.h clamav-0.103.2+dfsg/shared/fdpassing.h --- clamav-0.103.0+dfsg/shared/fdpassing.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/shared/fdpassing.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/shared/linux/cert_util_linux.c clamav-0.103.2+dfsg/shared/linux/cert_util_linux.c --- clamav-0.103.0+dfsg/shared/linux/cert_util_linux.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/shared/linux/cert_util_linux.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * OpenSSL certificate verification for Linux. * - * Copyright (C) 2016-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2016-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Russ Kubik * diff -Nru clamav-0.103.0+dfsg/shared/mac/cert_util_mac.m clamav-0.103.2+dfsg/shared/mac/cert_util_mac.m --- clamav-0.103.0+dfsg/shared/mac/cert_util_mac.m 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/shared/mac/cert_util_mac.m 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * OpenSSL certificate verification for macOS. * - * Copyright (C) 2016-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2016-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Russ Kubik * diff -Nru clamav-0.103.0+dfsg/shared/misc.c clamav-0.103.2+dfsg/shared/misc.c --- clamav-0.103.0+dfsg/shared/misc.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/shared/misc.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm @@ -410,7 +410,7 @@ fprintf(stderr, "ERROR: lchown to user '%s' failed on\n", user->pw_name); fprintf(stderr, "log file '%s'.\n", log_file); fprintf(stderr, "Error was '%s'\n", strerror(errno)); - logg("^lchown to user '%s' failed on log file '%s'. Error was '%s'\n", + logg("^lchown to user '%s' failed on log file '%s'. Error was '%s'\n", user->pw_name, log_file, strerror(errno)); goto done; } diff -Nru clamav-0.103.0+dfsg/shared/misc.h clamav-0.103.2+dfsg/shared/misc.h --- clamav-0.103.0+dfsg/shared/misc.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/shared/misc.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm @@ -93,7 +93,7 @@ */ int daemonize_parent_wait(const char * const user, const char * const log_file); -/*Sends a SIGINT to the parent process. It also closes stdin, stdout, +/*Sends a SIGINT to the parent process. It also closes stdin, stdout, * and stderr.*/ void daemonize_signal_parent(pid_t parentPid); diff -Nru clamav-0.103.0+dfsg/shared/optparser.c clamav-0.103.2+dfsg/shared/optparser.c --- clamav-0.103.0+dfsg/shared/optparser.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/shared/optparser.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Author: Tomasz Kojm @@ -54,6 +54,8 @@ #include "libgen.h" #endif +/* clang-format off */ + #ifdef _WIN32 #define CLAMKEY "Software\\ClamAV" #endif @@ -61,12 +63,12 @@ #define MAXCMDOPTS 150 #define MATCH_NUMBER "^[0-9]+$" -#define MATCH_SIZE "^[0-9]+[KM]?$" -#define MATCH_BOOL "^(yes|true|1|no|false|0)$" +#define MATCH_SIZE "^[0-9]+[KM]?$" +#define MATCH_BOOL "^(yes|true|1|no|false|0)$" #define FLAG_MULTIPLE 1 /* option can be used multiple times */ #define FLAG_REQUIRED 2 /* arg is required, even if there's a default value */ -#define FLAG_HIDDEN 4 /* don't print in clamconf --generate-config */ +#define FLAG_HIDDEN 4 /* don't print in clamconf --generate-config */ #define FLAG_REG_CASE 8 /* case-sensitive regex matching */ #ifdef _WIN32 @@ -84,22 +86,24 @@ char _CONFDIR_FRESHCLAM[MAX_PATH] = BACKUP_CONFDIR "\\freshclam.conf"; char _CONFDIR_MILTER[MAX_PATH] = BACKUP_CONFDIR "\\clamav-milter.conf"; -#define CONST_DATADIR _DATADIR -#define CONST_CONFDIR _CONFDIR -#define CONST_CONFDIR_CLAMD _CONFDIR_CLAMD +#define CONST_DATADIR _DATADIR +#define CONST_CONFDIR _CONFDIR +#define CONST_CONFDIR_CLAMD _CONFDIR_CLAMD #define CONST_CONFDIR_FRESHCLAM _CONFDIR_FRESHCLAM -#define CONST_CONFDIR_MILTER _CONFDIR_MILTER +#define CONST_CONFDIR_MILTER _CONFDIR_MILTER #else -#define CONST_DATADIR DATADIR -#define CONST_CONFDIR CONFDIR -#define CONST_CONFDIR_CLAMD CONFDIR_CLAMD +#define CONST_DATADIR DATADIR +#define CONST_CONFDIR CONFDIR +#define CONST_CONFDIR_CLAMD CONFDIR_CLAMD #define CONST_CONFDIR_FRESHCLAM CONFDIR_FRESHCLAM -#define CONST_CONFDIR_MILTER CONFDIR_MILTER +#define CONST_CONFDIR_MILTER CONFDIR_MILTER #endif +/* clang-format on */ + const struct clam_option __clam_options[] = { /* name, longopt, sopt, argtype, regex, num, str, flags, owner, description, suggested */ @@ -275,7 +279,7 @@ {"TCPSocket", NULL, 0, CLOPT_TYPE_NUMBER, MATCH_NUMBER, -1, NULL, 0, OPT_CLAMD, "A TCP port number the daemon will listen on.", "3310"}, /* FIXME: add a regex for IP addr */ - {"TCPAddr", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, FLAG_MULTIPLE, OPT_CLAMD, "By default clamd binds to INADDR_ANY.\nThis option allows you to restrict the TCP address and provide\nsome degree of protection from the outside world.", "127.0.0.1"}, + {"TCPAddr", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, FLAG_MULTIPLE, OPT_CLAMD, "By default clamd binds to INADDR_ANY.\nThis option allows you to restrict the TCP address and provide\nsome degree of protection from the outside world.", "localhost"}, {"MaxConnectionQueueLength", NULL, 0, CLOPT_TYPE_NUMBER, MATCH_NUMBER, 200, NULL, 0, OPT_CLAMD, "Maximum length the queue of pending connections may grow to.", "30"}, @@ -335,8 +339,8 @@ {"BytecodeSecurity", NULL, 0, CLOPT_TYPE_STRING, "^(TrustSigned|Paranoid)$", -1, "TrustSigned", 0, OPT_CLAMD, "Set bytecode security level.\nPossible values:\n\tTrustSigned - trust bytecode loaded from signed .c[lv]d files,\n\t\t insert runtime safety checks for bytecode loaded from other sources\n\tParanoid - don't trust any bytecode, insert runtime checks for all\nRecommended: TrustSigned, because bytecode in .cvd files already has these checks.", "TrustSigned"}, - {"BytecodeTimeout", "bytecode-timeout", 0, CLOPT_TYPE_NUMBER, MATCH_NUMBER, 5000, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN, - "Set bytecode timeout in milliseconds.", "5000"}, + {"BytecodeTimeout", "bytecode-timeout", 0, CLOPT_TYPE_NUMBER, MATCH_NUMBER, 10000, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN, + "Set bytecode timeout in milliseconds.", "10000"}, {"BytecodeUnsigned", "bytecode-unsigned", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN, "Allow loading bytecode from outside digitally signed .c[lv]d files.", "no"}, @@ -382,7 +386,9 @@ {"ScanOLE2", "scan-ole2", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 1, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN, "This option enables scanning of OLE2 files, such as Microsoft Office\ndocuments and .msi files.\nIf you turn off this option, the original files will still be scanned, but\nwithout additional processing.", "yes"}, - {"AlertBrokenExecutables", "alert-broken", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN, "With this option enabled clamav will try to detect broken executables\n(both PE and ELF) and alert on them with the Broken.Executable heuristic signature.", "yes"}, + {"AlertBrokenExecutables", "alert-broken", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN, "With this option enabled clamav will try to detect broken executables\n(PE, ELF, & Mach-O) and alert on them with a Broken.Executable heuristic signature.", "yes"}, + + {"AlertBrokenMedia", "alert-broken-media", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN, "With this option enabled clamav will try to detect broken media files\n(JPEG, TIFF, PNG, GIF) and alert on them with a Broken.Media heuristic signature.", "yes"}, {"AlertEncrypted", "alert-encrypted", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN, "Alert on encrypted archives and documents (encrypted .zip, .7zip, .rar, .pdf).", "no"}, @@ -476,7 +482,7 @@ /* clamonacc cmdline options */ - {NULL, "watch-list", 'w', CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_CLAMONACC, "", ""}, + {NULL, "watch-list", 'W', CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_CLAMONACC, "", ""}, {NULL, "exclude-list", 'e', CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_CLAMONACC, "", ""}, /* FIXME: mark these as private and don't output into clamd.conf/man */ @@ -490,7 +496,7 @@ {"DevPerformance", "dev-performance", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, -1, NULL, FLAG_HIDDEN, OPT_CLAMD | OPT_CLAMSCAN, "", ""}, {"DevLiblog", "dev-liblog", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, -1, NULL, FLAG_HIDDEN, OPT_CLAMD, "", ""}, - /* Freshclam-only entries */ + /* FreshClam-only entries */ /* FIXME: drop this entry and use LogFile */ {"UpdateLogFile", "log", 'l', CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_FRESHCLAM, "Save all reports to a log file.", "/var/log/freshclam.log"}, @@ -499,7 +505,7 @@ {"Checks", "checks", 'c', CLOPT_TYPE_NUMBER, MATCH_NUMBER, 12, NULL, 0, OPT_FRESHCLAM, "This option defined how many times daily freshclam should check for\na database update.", "24"}, - {"DNSDatabaseInfo", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, "current.cvd.clamav.net", FLAG_REQUIRED, OPT_FRESHCLAM, "Use DNS to verify the virus database version. Freshclam uses DNS TXT records\nto verify the versions of the database and software itself. With this\ndirective you can change the database verification domain.\nWARNING: Please don't change it unless you're configuring freshclam to use\nyour own database verification domain.", "current.cvd.clamav.net"}, + {"DNSDatabaseInfo", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, "current.cvd.clamav.net", FLAG_REQUIRED, OPT_FRESHCLAM, "Use DNS to verify the virus database version. FreshClam uses DNS TXT records\nto verify the versions of the database and software itself. With this\ndirective you can change the database verification domain.\nWARNING: Please don't change it unless you're configuring freshclam to use\nyour own database verification domain.", "current.cvd.clamav.net"}, {"DatabaseMirror", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, FLAG_MULTIPLE, OPT_FRESHCLAM, "DatabaseMirror specifies to which mirror(s) freshclam should connect.\nYou should have at least one entry: database.clamav.net.", "database.clamav.net"}, @@ -509,7 +515,7 @@ {"ScriptedUpdates", NULL, 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 1, NULL, 0, OPT_FRESHCLAM, "With this option you can control scripted updates. It's highly recommended to keep them enabled.", "yes"}, - {"TestDatabases", NULL, 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 1, NULL, 0, OPT_FRESHCLAM, "With this option enabled, freshclam will attempt to load new\ndatabases into memory to make sure they are properly handled\nby libclamav before replacing the old ones.", "yes"}, + {"TestDatabases", NULL, 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 1, NULL, 0, OPT_FRESHCLAM, "With this option enabled, freshclam will attempt to load new\ndatabases into memory to make sure they are properly handled\nby libclamav before replacing the old ones. Tip: This feature uses a lot of RAM. If your system has limited RAM and you are actively running ClamD or ClamScan during the update, then you may need to set `TestDatabases no`.", "yes"}, {"CompressLocalDatabase", NULL, 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_FRESHCLAM, "By default freshclam will keep the local databases (.cld) uncompressed to\nmake their handling faster. With this option you can enable the compression.\nThe change will take effect with the next database update.", ""}, @@ -531,7 +537,7 @@ {"NotifyClamd", "daemon-notify", 0, CLOPT_TYPE_STRING, NULL, -1, CONST_CONFDIR_CLAMD, 0, OPT_FRESHCLAM, "Send the RELOAD command to clamd after a successful update.", "yes"}, - {"OnUpdateExecute", "on-update-execute", 0, CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_FRESHCLAM, "Run a command after a successful database update.", "command"}, + {"OnUpdateExecute", "on-update-execute", 0, CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_FRESHCLAM, "Run a command after a successful database update. Use EXIT_1 to return 1 after successful database update.", "command"}, {"OnErrorExecute", "on-error-execute", 0, CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_FRESHCLAM, "Run a command when a database update error occurs.", "command"}, @@ -544,14 +550,13 @@ {"ReceiveTimeout", NULL, 0, CLOPT_TYPE_NUMBER, MATCH_NUMBER, 0, NULL, 0, OPT_FRESHCLAM, "Maximum time in seconds for each download operation. 0 means no timeout.", "0"}, - {"SafeBrowsing", NULL, 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_FRESHCLAM, "This option enables support for Google Safe Browsing. When activated for\nthe first time, freshclam will download a new database file (safebrowsing.cvd)\nwhich will be automatically loaded by clamd and clamscan during the next\nreload, provided that the heuristic phishing detection is turned on. This\ndatabase includes information about websites that may be phishing sites or\npossible sources of malware. When using this option, it's mandatory to run\nfreshclam at least every 30 minutes.\nFreshclam uses the ClamAV's mirror infrastructure to distribute the\ndatabase and its updates but all the contents are provided under Google's\nterms of use. See https://transparencyreport.google.com/safe-browsing/overview \n and https://www.clamav.net/documents/safebrowsing for more information.", "yes"}, - {"Bytecode", NULL, 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 1, NULL, 0, OPT_FRESHCLAM, "This option enables downloading of bytecode.cvd, which includes additional\ndetection mechanisms and improvements to the ClamAV engine.", "yes"}, {"DisableCertCheck", "nocerts", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN, "Disable authenticode certificate chain verification in PE files.", "no"}, /* Deprecated options */ + {"SafeBrowsing", NULL, 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_FRESHCLAM | OPT_DEPRECATED, "Deprecated option to download signatures derived from the Google Safe Browsing API. See https://blog.clamav.net/2020/06/the-future-of-clamav-safebrowsing.html for more details.", "no"}, {"TimeLimit", "timelimit", 0, CLOPT_TYPE_NUMBER, MATCH_NUMBER, 0, NULL, 0, OPT_CLAMSCAN | OPT_DEPRECATED, "Deprecated option to set the max-scantime.\nThe value is in milliseconds.", "120000"}, {"DetectBrokenExecutables", "detect-broken", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN | OPT_DEPRECATED, "Deprecated option to alert on broken PE and ELF executable files.", "no"}, {"AlgorithmicDetection", "algorithmic-detection", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 1, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN, "Deprecated option to enable heuristic alerts (e.g. \"Heuristics.\")", "no"}, diff -Nru clamav-0.103.0+dfsg/shared/optparser.h clamav-0.103.2+dfsg/shared/optparser.h --- clamav-0.103.0+dfsg/shared/optparser.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/shared/optparser.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Author: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/shared/output.c clamav-0.103.2+dfsg/shared/output.c --- clamav-0.103.0+dfsg/shared/output.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/shared/output.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/shared/output.h clamav-0.103.2+dfsg/shared/output.h --- clamav-0.103.0+dfsg/shared/output.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/shared/output.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/shared/tar.c clamav-0.103.2+dfsg/shared/tar.c --- clamav-0.103.0+dfsg/shared/tar.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/shared/tar.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * A minimalistic tar archiver for sigtool and freshclam. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Author: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/shared/tar.h clamav-0.103.2+dfsg/shared/tar.h --- clamav-0.103.0+dfsg/shared/tar.h 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/shared/tar.h 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * A minimalistic tar archiver for sigtool and freshclam. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * * Author: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/shared/win/cert_util_win.c clamav-0.103.2+dfsg/shared/win/cert_util_win.c --- clamav-0.103.0+dfsg/shared/win/cert_util_win.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/shared/win/cert_util_win.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * OpenSSL certificate verification for Windows. * - * Copyright (C) 2019-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2019-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * * Authors: Micah Snyder * diff -Nru clamav-0.103.0+dfsg/sigtool/CMakeLists.txt clamav-0.103.2+dfsg/sigtool/CMakeLists.txt --- clamav-0.103.0+dfsg/sigtool/CMakeLists.txt 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/sigtool/CMakeLists.txt 2021-04-06 19:03:43.000000000 +0000 @@ -1,4 +1,4 @@ -# Copyright (C) 2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2020-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. cmake_minimum_required( VERSION 3.12...3.13 ) diff -Nru clamav-0.103.0+dfsg/sigtool/Makefile.am clamav-0.103.2+dfsg/sigtool/Makefile.am --- clamav-0.103.0+dfsg/sigtool/Makefile.am 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/sigtool/Makefile.am 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ # -# Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. # Copyright (C) 2007-2013 Sourcefire, Inc. # Copyright (C) 2002-2007 Tomasz Kojm # diff -Nru clamav-0.103.0+dfsg/sigtool/Makefile.in clamav-0.103.2+dfsg/sigtool/Makefile.in --- clamav-0.103.0+dfsg/sigtool/Makefile.in 2020-09-13 00:27:52.000000000 +0000 +++ clamav-0.103.2+dfsg/sigtool/Makefile.in 2021-04-06 19:04:44.000000000 +0000 @@ -15,7 +15,7 @@ @SET_MAKE@ # -# Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. +# Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. # Copyright (C) 2007-2013 Sourcefire, Inc. # Copyright (C) 2002-2007 Tomasz Kojm # diff -Nru clamav-0.103.0+dfsg/sigtool/sigtool.c clamav-0.103.2+dfsg/sigtool/sigtool.c --- clamav-0.103.0+dfsg/sigtool/sigtool.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/sigtool/sigtool.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2007-2013 Sourcefire, Inc. * Copyright (C) 2002-2007 Tomasz Kojm * @@ -3502,7 +3502,7 @@ mprintf("\n"); mprintf(" Clam AntiVirus: Signature Tool %s\n", get_version()); mprintf(" By The ClamAV Team: https://www.clamav.net/about.html#credits\n"); - mprintf(" (C) 2020 Cisco Systems, Inc.\n"); + mprintf(" (C) 2021 Cisco Systems, Inc.\n"); mprintf("\n"); mprintf(" sigtool [options]\n"); mprintf("\n"); diff -Nru clamav-0.103.0+dfsg/unit_tests/check_bytecode.c clamav-0.103.2+dfsg/unit_tests/check_bytecode.c --- clamav-0.103.0+dfsg/unit_tests/check_bytecode.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/unit_tests/check_bytecode.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Unit tests for bytecode functions. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/unit_tests/check_clamav.c clamav-0.103.2+dfsg/unit_tests/check_clamav.c --- clamav-0.103.0+dfsg/unit_tests/check_clamav.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/unit_tests/check_clamav.c 2021-04-06 19:03:43.000000000 +0000 @@ -561,6 +561,288 @@ } END_TEST +START_TEST(test_fmap_duplicate) +{ + cl_fmap_t *map; + cl_fmap_t *dup_map = NULL; + cl_fmap_t *dup_dup_map = NULL; + char map_data[6] = {'a', 'b', 'c', 'd', 'e', 'f'}; + char tmp[6]; + size_t bread = 0; + + map = cl_fmap_open_memory(map_data, sizeof(map_data)); + ck_assert_msg(!!map, "cl_fmap_open_handle failed"); + + /* + * Test duplicate of entire map + */ + cli_dbgmsg("duplicating complete map\n"); + dup_map = fmap_duplicate(map, 0, map->len, "complete duplicate"); + ck_assert_msg(!!dup_map, "fmap_duplicate failed"); + ck_assert_msg(dup_map->nested_offset == 0, "dup_map nested_offset is incorrect: %zu", dup_map->nested_offset); + ck_assert_msg(dup_map->len == map->len, "dup_map len is incorrect: %zu", dup_map->len); + ck_assert_msg(dup_map->real_len == map->len, "dup_map real len is incorrect: %zu", dup_map->real_len); + + bread = fmap_readn(dup_map, tmp, 0, 6); + ck_assert(bread == 6); + ck_assert(0 == memcmp(map_data, tmp, 6)); + + cli_dbgmsg("freeing dup_map\n"); + free_duplicate_fmap(dup_map); + dup_map = NULL; + + /* + * Test duplicate of map at offset 2 + */ + cli_dbgmsg("duplicating 2 bytes into map\n"); + dup_map = fmap_duplicate(map, 2, map->len, "offset duplicate"); + ck_assert_msg(!!dup_map, "fmap_duplicate failed"); + ck_assert_msg(dup_map->nested_offset == 2, "dup_map nested_offset is incorrect: %zu", dup_map->nested_offset); + ck_assert_msg(dup_map->len == 4, "dup_map len is incorrect: %zu", dup_map->len); + ck_assert_msg(dup_map->real_len == 6, "dup_map real len is incorrect: %zu", dup_map->real_len); + + bread = fmap_readn(dup_map, tmp, 0, 6); + ck_assert(bread == 4); + ck_assert(0 == memcmp(map_data + 2, tmp, 4)); + + /* + * Test duplicate of duplicate map, also at offset 2 (total 4 bytes in) + */ + cli_dbgmsg("duplicating 2 bytes into dup_map\n"); + dup_dup_map = fmap_duplicate(dup_map, 2, dup_map->len, "double offset duplicate"); + ck_assert_msg(!!dup_dup_map, "fmap_duplicate failed"); + ck_assert_msg(dup_dup_map->nested_offset == 4, "dup_dup_map nested_offset is incorrect: %zu", dup_dup_map->nested_offset); + ck_assert_msg(dup_dup_map->len == 2, "dup_dup_map len is incorrect: %zu", dup_dup_map->len); + ck_assert_msg(dup_dup_map->real_len == 6, "dup_dup_map real len is incorrect: %zu", dup_dup_map->real_len); + + bread = fmap_readn(dup_dup_map, tmp, 0, 6); + ck_assert(bread == 2); + ck_assert(0 == memcmp(map_data + 4, tmp, 2)); + + cli_dbgmsg("freeing dup_dup_map\n"); + free_duplicate_fmap(dup_dup_map); + dup_dup_map = NULL; + cli_dbgmsg("freeing dup_map\n"); + free_duplicate_fmap(dup_map); + dup_map = NULL; + + /* + * Test duplicate of map omiting the last 2 bytes + */ + cli_dbgmsg("duplicating map with shorter len\n"); + dup_map = fmap_duplicate(map, 0, map->len - 2, "short duplicate"); + ck_assert_msg(!!dup_map, "fmap_duplicate failed"); + ck_assert_msg(dup_map->nested_offset == 0, "dup_map nested_offset is incorrect: %zu", dup_map->nested_offset); + ck_assert_msg(dup_map->len == 4, "dup_map len is incorrect: %zu", dup_map->len); + ck_assert_msg(dup_map->real_len == 6, "dup_map real len is incorrect: %zu", dup_map->real_len); + + bread = fmap_readn(dup_map, tmp, 0, 6); + ck_assert(bread == 4); + ck_assert(0 == memcmp(map_data, tmp, 4)); + + /* + * Test duplicate of the duplicate omiting the last 2 bytes again (so just the first 2 bytes) + */ + cli_dbgmsg("duplicating dup_map with shorter len\n"); + dup_dup_map = fmap_duplicate(dup_map, 0, dup_map->len - 2, "double short duplicate"); + ck_assert_msg(!!dup_dup_map, "fmap_duplicate failed"); + ck_assert_msg(dup_dup_map->nested_offset == 0, "dup_dup_map nested_offset is incorrect: %zu", dup_dup_map->nested_offset); + ck_assert_msg(dup_dup_map->len == 2, "dup_dup_map len is incorrect: %zu", dup_dup_map->len); + ck_assert_msg(dup_dup_map->real_len == 6, "dup_dup_map real len is incorrect: %zu", dup_dup_map->real_len); + + bread = fmap_readn(dup_dup_map, tmp, 0, 6); + ck_assert(bread == 2); + ck_assert(0 == memcmp(map_data, tmp, 2)); + + cli_dbgmsg("freeing dup_dup_map\n"); + free_duplicate_fmap(dup_dup_map); + dup_dup_map = NULL; + cli_dbgmsg("freeing dup_map\n"); + free_duplicate_fmap(dup_map); + dup_map = NULL; + + /* + * Test duplicate of map at offset 2 + */ + cli_dbgmsg("duplicating 2 bytes into map\n"); + dup_map = fmap_duplicate(map, 2, map->len, "offset duplicate"); + ck_assert_msg(!!dup_map, "fmap_duplicate failed"); + ck_assert_msg(dup_map->nested_offset == 2, "dup_map nested_offset is incorrect: %zu", dup_map->nested_offset); + ck_assert_msg(dup_map->len == 4, "dup_map len is incorrect: %zu", dup_map->len); + ck_assert_msg(dup_map->real_len == 6, "dup_map real len is incorrect: %zu", dup_map->real_len); + + bread = fmap_readn(dup_map, tmp, 0, 6); + ck_assert(bread == 4); + ck_assert(0 == memcmp(map_data + 2, tmp, 4)); + + /* + * Test duplicate of the duplicate omiting the last 2 bytes again (so just the middle 2 bytes) + */ + cli_dbgmsg("duplicating dup_map with shorter len\n"); + dup_dup_map = fmap_duplicate(dup_map, 0, dup_map->len - 2, "offset short duplicate"); + ck_assert_msg(!!dup_dup_map, "fmap_duplicate failed"); + ck_assert_msg(dup_dup_map->nested_offset == 2, "dup_dup_map nested_offset is incorrect: %zu", dup_map->nested_offset); + ck_assert_msg(dup_dup_map->len == 2, "dup_dup_map len is incorrect: %zu", dup_map->len); + ck_assert_msg(dup_dup_map->real_len == 6, "dup_dup_map real len is incorrect: %zu", dup_map->real_len); + + bread = fmap_readn(dup_dup_map, tmp, 0, 6); + ck_assert(bread == 2); + ck_assert(0 == memcmp(map_data + 2, tmp, 2)); + + cli_dbgmsg("freeing dup_dup_map\n"); + free_duplicate_fmap(dup_dup_map); + dup_dup_map = NULL; + cli_dbgmsg("freeing dup_map\n"); + free_duplicate_fmap(dup_map); + dup_map = NULL; + + cli_dbgmsg("freeing map\n"); + cl_fmap_close(map); +} +END_TEST + +START_TEST(test_fmap_duplicate_out_of_bounds) +{ + cl_fmap_t *map; + cl_fmap_t *dup_map = NULL; + cl_fmap_t *dup_dup_map = NULL; + char map_data[6] = {'a', 'b', 'c', 'd', 'e', 'f'}; + char tmp[6]; + size_t bread = 0; + + map = cl_fmap_open_memory(map_data, sizeof(map_data)); + ck_assert_msg(!!map, "cl_fmap_open_handle failed"); + + /* + * Test 0-byte duplicate + */ + cli_dbgmsg("duplicating 0 bytes of map\n"); + dup_map = fmap_duplicate(map, 0, 0, "zero-byte dup"); + ck_assert_msg(!!dup_map, "fmap_duplicate failed"); + ck_assert_msg(dup_map->nested_offset == 0, "dup_map nested_offset is incorrect: %zu", dup_map->nested_offset); + ck_assert_msg(dup_map->len == 0, "dup_map len is incorrect: %zu", dup_map->len); + ck_assert_msg(dup_map->real_len == map->len, "dup_map real len is incorrect: %zu", dup_map->real_len); + + bread = fmap_readn(dup_map, tmp, 0, 6); + ck_assert(bread == 0); + + cli_dbgmsg("freeing dup_map\n"); + free_duplicate_fmap(dup_map); + dup_map = NULL; + + /* + * Test duplicate of entire map + 1 + */ + cli_dbgmsg("duplicating complete map + 1 byte\n"); + dup_map = fmap_duplicate(map, 0, map->len + 1, "duplicate + 1"); + ck_assert_msg(!!dup_map, "fmap_duplicate failed"); + ck_assert_msg(dup_map->nested_offset == 0, "dup_map nested_offset is incorrect: %zu", dup_map->nested_offset); + ck_assert_msg(dup_map->len == map->len, "dup_map len is incorrect: %zu", dup_map->len); + ck_assert_msg(dup_map->real_len == map->len, "dup_map real len is incorrect: %zu", dup_map->real_len); + + bread = fmap_readn(dup_map, tmp, 0, 6); + ck_assert(bread == 6); + ck_assert(0 == memcmp(map_data, tmp, 6)); + + cli_dbgmsg("freeing dup_map\n"); + free_duplicate_fmap(dup_map); + dup_map = NULL; + + /* + * Test duplicate of map at offset 4 + */ + cli_dbgmsg("duplicating 4 bytes into map\n"); + dup_map = fmap_duplicate(map, 4, map->len, "offset duplicate"); + ck_assert_msg(!!dup_map, "fmap_duplicate failed"); + ck_assert_msg(dup_map->nested_offset == 4, "dup_map nested_offset is incorrect: %zu", dup_map->nested_offset); + ck_assert_msg(dup_map->len == 2, "dup_map len is incorrect: %zu", dup_map->len); + ck_assert_msg(dup_map->real_len == 6, "dup_map real len is incorrect: %zu", dup_map->real_len); + + bread = fmap_readn(dup_map, tmp, 0, 6); + ck_assert(bread == 2); + ck_assert(0 == memcmp(map_data + 4, tmp, 2)); + + /* + * Test duplicate of duplicate map, also at offset 4 (total 8 bytes in, which is 2 bytes too far) + */ + cli_dbgmsg("duplicating 4 bytes into dup_map\n"); + dup_dup_map = fmap_duplicate(dup_map, 4, dup_map->len, "out of bounds offset duplicate"); + ck_assert_msg(NULL == dup_dup_map, "fmap_duplicate should have failed!"); + + cli_dbgmsg("freeing dup_map\n"); + free_duplicate_fmap(dup_map); + dup_map = NULL; + + /* + * Test duplicate just 2 bytes of the original + */ + cli_dbgmsg("duplicating map with shorter len\n"); + dup_map = fmap_duplicate(map, 0, 2, "short duplicate"); + ck_assert_msg(!!dup_map, "fmap_duplicate failed"); + ck_assert_msg(dup_map->nested_offset == 0, "dup_map nested_offset is incorrect: %zu", dup_map->nested_offset); + ck_assert_msg(dup_map->len == 2, "dup_map len is incorrect: %zu", dup_map->len); + ck_assert_msg(dup_map->real_len == 6, "dup_map real len is incorrect: %zu", dup_map->real_len); + + bread = fmap_readn(dup_map, tmp, 0, 6); + ck_assert(bread == 2); + ck_assert(0 == memcmp(map_data, tmp, 2)); + + /* Note: Keeping the previous dup_map around for a sequence of double-dup tests. */ + + /* + * Test duplicate 1 bytes into the 2-byte duplicate, requesting 2 bytes + * This should result in a 1-byte double-dup + */ + cli_dbgmsg("duplicating 1 byte in, 1 too many\n"); + dup_dup_map = fmap_duplicate(dup_map, 1, 2, "1 byte in, 1 too many"); + ck_assert_msg(!!dup_dup_map, "fmap_duplicate failed"); + ck_assert_msg(dup_dup_map->nested_offset == 1, "dup_dup_map nested_offset is incorrect: %zu", dup_dup_map->nested_offset); + ck_assert_msg(dup_dup_map->len == 1, "dup_dup_map len is incorrect: %zu", dup_dup_map->len); + ck_assert_msg(dup_dup_map->real_len == 6, "dup_dup_map real len is incorrect: %zu", dup_dup_map->real_len); + + bread = fmap_readn(dup_dup_map, tmp, 0, 6); + ck_assert(bread == 1); + ck_assert(0 == memcmp(map_data + 1, tmp, 1)); + + cli_dbgmsg("freeing dup_dup_map\n"); + free_duplicate_fmap(dup_dup_map); + dup_dup_map = NULL; + + /* + * Test duplicate 2 bytes into the 2-byte duplicate, requesting 2 bytes + * This should result in a 0-byte double-dup + */ + cli_dbgmsg("duplicating 2 bytes in, 2 bytes too many\n"); + dup_dup_map = fmap_duplicate(dup_map, 2, 2, "2 bytes in, 2 bytes too many"); + ck_assert_msg(!!dup_dup_map, "fmap_duplicate failed"); + ck_assert_msg(dup_dup_map->nested_offset == 2, "dup_dup_map nested_offset is incorrect: %zu", dup_dup_map->nested_offset); + ck_assert_msg(dup_dup_map->len == 0, "dup_dup_map len is incorrect: %zu", dup_dup_map->len); + ck_assert_msg(dup_dup_map->real_len == 6, "dup_dup_map real len is incorrect: %zu", dup_dup_map->real_len); + + bread = fmap_readn(dup_dup_map, tmp, 0, 6); + ck_assert(bread == 0); + + cli_dbgmsg("freeing dup_dup_map\n"); + free_duplicate_fmap(dup_dup_map); + dup_dup_map = NULL; + + /* + * Test duplicate 3 bytes into the 2-byte duplicate, requesting 2 bytes + */ + cli_dbgmsg("duplicating 0-byte of duplicate\n"); + dup_dup_map = fmap_duplicate(dup_map, 3, 2, "2 bytes in, 3 bytes too many"); + ck_assert_msg(NULL == dup_dup_map, "fmap_duplicate should have failed!"); + + /* Ok, we're done with this dup_map */ + cli_dbgmsg("freeing dup_map\n"); + free_duplicate_fmap(dup_map); + dup_map = NULL; + + cli_dbgmsg("freeing map\n"); + cl_fmap_close(map); +} +END_TEST + START_TEST(test_cl_scanmap_callback_handle_allscan) { const char *virname = NULL; @@ -710,6 +992,8 @@ tcase_add_loop_test(tc_cl_scan, test_cl_scanmap_callback_handle_allscan, 0, expect); tcase_add_loop_test(tc_cl_scan, test_cl_scanmap_callback_mem, 0, expect); tcase_add_loop_test(tc_cl_scan, test_cl_scanmap_callback_mem_allscan, 0, expect); + tcase_add_loop_test(tc_cl_scan, test_fmap_duplicate, 0, expect); + tcase_add_loop_test(tc_cl_scan, test_fmap_duplicate_out_of_bounds, 0, expect); user_timeout = getenv("T"); if (user_timeout) { diff -Nru clamav-0.103.0+dfsg/unit_tests/check_clamd.c clamav-0.103.2+dfsg/unit_tests/check_clamd.c --- clamav-0.103.0+dfsg/unit_tests/check_clamd.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/unit_tests/check_clamd.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Unit tests for clamd. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/unit_tests/check_common.sh clamav-0.103.2+dfsg/unit_tests/check_common.sh --- clamav-0.103.0+dfsg/unit_tests/check_common.sh 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/unit_tests/check_common.sh 2021-04-06 19:03:43.000000000 +0000 @@ -77,7 +77,7 @@ PidFile `pwd`/clamd-test.pid DatabaseDirectory `pwd`/test-db LocalSocket clamd-test.socket -TCPAddr 127.0.0.1 +TCPAddr localhost # using different port here to avoid conflicts with system clamd daemon TCPSocket $port ExitOnOOM yes diff -Nru clamav-0.103.0+dfsg/unit_tests/check_disasm.c clamav-0.103.2+dfsg/unit_tests/check_disasm.c --- clamav-0.103.0+dfsg/unit_tests/check_disasm.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/unit_tests/check_disasm.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Unit tests for JS normalizer. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Authors: aCaB diff -Nru clamav-0.103.0+dfsg/unit_tests/check_fpu_endian.c clamav-0.103.2+dfsg/unit_tests/check_fpu_endian.c --- clamav-0.103.0+dfsg/unit_tests/check_fpu_endian.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/unit_tests/check_fpu_endian.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2013 Sourcefire, Inc. * * Authors: Steven Morgan diff -Nru clamav-0.103.0+dfsg/unit_tests/check_htmlnorm.c clamav-0.103.2+dfsg/unit_tests/check_htmlnorm.c --- clamav-0.103.0+dfsg/unit_tests/check_htmlnorm.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/unit_tests/check_htmlnorm.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Unit tests for HTML normalizer; * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/unit_tests/check_jsnorm.c clamav-0.103.2+dfsg/unit_tests/check_jsnorm.c --- clamav-0.103.0+dfsg/unit_tests/check_jsnorm.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/unit_tests/check_jsnorm.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Unit tests for JS normalizer. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/unit_tests/check_matchers.c clamav-0.103.2+dfsg/unit_tests/check_matchers.c --- clamav-0.103.0+dfsg/unit_tests/check_matchers.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/unit_tests/check_matchers.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Authors: Tomasz Kojm diff -Nru clamav-0.103.0+dfsg/unit_tests/check_regex.c clamav-0.103.2+dfsg/unit_tests/check_regex.c --- clamav-0.103.0+dfsg/unit_tests/check_regex.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/unit_tests/check_regex.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Unit tests for regular expression processing. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/unit_tests/check_str.c clamav-0.103.2+dfsg/unit_tests/check_str.c --- clamav-0.103.0+dfsg/unit_tests/check_str.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/unit_tests/check_str.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Unit tests for string functions. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Authors: Török Edvin diff -Nru clamav-0.103.0+dfsg/unit_tests/check_uniq.c clamav-0.103.2+dfsg/unit_tests/check_uniq.c --- clamav-0.103.0+dfsg/unit_tests/check_uniq.c 2020-09-13 00:27:10.000000000 +0000 +++ clamav-0.103.2+dfsg/unit_tests/check_uniq.c 2021-04-06 19:03:43.000000000 +0000 @@ -1,7 +1,7 @@ /* * Unit tests for JS normalizer. * - * Copyright (C) 2013-2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2008-2013 Sourcefire, Inc. * * Authors: aCaB

Contribute

Bugs

Larger Projects

CMake: -DMAINTAINER_MODE=ON

CMake: -DCODE_COVERAGE=ON

Develop New Detection Capabilities for PE/ELF/MachO Executables

Develop Memory Scanning Capabilities for Unix

WebAssembly Runtime

Add Unpacking Support for New Packers

Add Support for Matching on .NET Internals

Extract Macros from OXML docs

Dynamically add new file types simply by adding file type magic (.ftm) signatures

Register scanners for each file type, Write bytecode "signature" scanners.

Limit logical signature alerts based on file type

libclamav Callback Function to Request Additional File

Introduction

Contributing to ClamAV

Building ClamAV for Development

Building ClamAV with CMake

Linux/Unix

Windows

Testing with CTest

Unit Tests

Integration Tests

Feature Tests

Building ClamAV with Autotools

Running ./autogen.sh

Running autogen.sh

Running ./configure

Running configure

Running make

Downloading the Official Ruleset

Running ClamAV with AddressSanitizer (ASAN)

Install using the ClamAV Windows Installer

Install using the ClamAV Portable Install Package

Additional notes about the config files and database directories

Config files path search order

Database files path search order

Next Steps

Download the Signature Databases

Faster a-la-carte Scanning with clamd

Faster a-la-carte Scanning with ClamD

Additional Notes about Windows-specific Issues

Globbing

File paths

Socket and libclamav API Input

Recommended System Requirements

Submitting New or Otherwise Undetected Malware

CMake: `-DMAINTAINER_MODE=ON`

CMake: `-DCODE_COVERAGE=ON`

Faster a-la-carte Scanning with `clamd`