Package: release.debian.org
User: release.debian....@packages.debian.org
Usertags: pu
Tags: bullseye
Severity: normal
This is an long overdue update to the clamav package. It is a stable
update provided by upstream closing CVEs bugs:
- CVE-2022-20770 (Possible infinite loop vulnerability in the CHM file
parser).
- CVE-2022-20796 (Possible NULL-pointer dereference crash in the scan
verdict cache check).
- CVE-2022-20771 (Possible infinite loop vulnerability in the TIFF file
parser).
- CVE-2022-20785 (Possible memory leak in the HTML file parser/
Javascript normalizer).
- CVE-2022-20792 (Possible multi-byte heap buffer overflow write
vulnerability in the signature database load module.
Please find attached the debdiff.
The upload to unstable occurred on 12th May. I'm not aware of any
regressions.
I have the Buster version running on my machine since this morning. I'm
confident and don't expect any surprises.
Sebastian
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/clamonacc/clamav-clamonacc.service.in
clamav-0.103.6+dfsg/clamonacc/clamav-clamonacc.service.in
--- clamav-0.103.5+dfsg/clamonacc/clamav-clamonacc.service.in 2022-01-11
00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/clamonacc/clamav-clamonacc.service.in 2022-05-02
06:46:41.000000000 +0200
@@ -11,7 +11,7 @@
Type=simple
User=root
ExecStartPre=/bin/bash -c "while [ ! -S /run/clamav/clamd.ctl ]; do sleep 1;
done"
-ExecStart=@prefix@/sbin/clamonacc -F
--config-file=@APP_CONFIG_DIRECTORY@/clamd.conf
--log=/var/log/clamav/clamonacc.log --move=/root/quarantine
+ExecStart=@prefix@/sbin/clamonacc -F --log=/var/log/clamav/clamonacc.log
--move=/root/quarantine
[Install]
WantedBy=multi-user.target
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/clamonacc/c-thread-pool/thpool.c
clamav-0.103.6+dfsg/clamonacc/c-thread-pool/thpool.c
--- clamav-0.103.5+dfsg/clamonacc/c-thread-pool/thpool.c 2022-01-11
00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/clamonacc/c-thread-pool/thpool.c 2022-05-02
06:46:41.000000000 +0200
@@ -18,7 +18,9 @@
#include <time.h>
#if defined(__linux__)
#include <sys/prctl.h>
+#include <sys/syscall.h>
#endif
+#include "output.h"
#include "thpool.h"
@@ -282,7 +284,7 @@
static int thread_init (thpool_* thpool_p, struct thread** thread_p, int id){
*thread_p = (struct thread*)malloc(sizeof(struct thread));
- if (thread_p == NULL){
+ if (*thread_p == NULL){
err("thread_init(): Could not allocate memory for thread\n");
return -1;
}
@@ -290,7 +292,7 @@
(*thread_p)->thpool_p = thpool_p;
(*thread_p)->id = id;
- pthread_create(&(*thread_p)->pthread, NULL, (void *)thread_do,
(*thread_p));
+ pthread_create(&(*thread_p)->pthread, NULL, (void * (*)(void *))
thread_do, (*thread_p));
pthread_detach((*thread_p)->pthread);
return 0;
}
@@ -317,8 +319,8 @@
static void* thread_do(struct thread* thread_p){
/* Set thread name for profiling and debuging */
- char thread_name[128] = {0};
- sprintf(thread_name, "thread-pool-%d", thread_p->id);
+ char thread_name[32] = {0};
+ snprintf(thread_name, 32, "thread-pool-%d", thread_p->id);
#if defined(__linux__)
/* Use prctl instead to prevent using _GNU_SOURCE flag and implicit
declaration */
@@ -456,11 +458,7 @@
/* Get first job from queue(removes it from queue)
-<<<<<<< HEAD
- *
* Notice: Caller MUST hold a mutex
-=======
->>>>>>> da2c0fe45e43ce0937f272c8cd2704bdc0afb490
*/
static struct job* jobqueue_pull(jobqueue* jobqueue_p){
@@ -473,12 +471,14 @@
break;
case 1: /* if one job in queue */
+ logg("*jobqueue_pull: Thread %d pulled
last job from queue.\n", syscall(SYS_gettid));
jobqueue_p->front = NULL;
jobqueue_p->rear = NULL;
jobqueue_p->len = 0;
break;
default: /* if >1 jobs in queue */
+ logg("*jobqueue_pull: Thread %d pulled
a job from queue.\n", syscall(SYS_gettid));
jobqueue_p->front = job_p->prev;
jobqueue_p->len--;
/* more than one job in queue -> post
it */
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/clamonacc/c-thread-pool/thpool.h
clamav-0.103.6+dfsg/clamonacc/c-thread-pool/thpool.h
--- clamav-0.103.5+dfsg/clamonacc/c-thread-pool/thpool.h 2022-01-11
00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/clamonacc/c-thread-pool/thpool.h 2022-05-02
06:46:41.000000000 +0200
@@ -20,7 +20,7 @@
/**
* @brief Initialize threadpool
*
- * Initializes a threadpool. This function will not return untill all
+ * Initializes a threadpool. This function will not return until all
* threads have initialized successfully.
*
* @example
@@ -62,7 +62,7 @@
* @param threadpool threadpool to which the work will be added
* @param function_p pointer to function to add as work
* @param arg_p pointer to an argument
- * @return 0 on successs, -1 otherwise.
+ * @return 0 on success, -1 otherwise.
*/
int thpool_add_work(threadpool, void (*function_p)(void*), void* arg_p);
@@ -77,7 +77,7 @@
* Smart polling is used in wait. The polling is initially 0 - meaning that
* there is virtually no polling at all. If after 1 seconds the threads
* haven't finished, the polling interval starts growing exponentially
- * untill it reaches max_secs seconds. Then it jumps down to a maximum polling
+ * until it reaches max_secs seconds. Then it jumps down to a maximum polling
* interval assuming that heavy processing is being used in the threadpool.
*
* @example
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/clamonacc/inotif/inotif.c
clamav-0.103.6+dfsg/clamonacc/inotif/inotif.c
--- clamav-0.103.5+dfsg/clamonacc/inotif/inotif.c 2022-01-11
00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/clamonacc/inotif/inotif.c 2022-05-02
06:46:41.000000000 +0200
@@ -30,6 +30,9 @@
#include <fcntl.h>
#include <signal.h>
#include <pthread.h>
+#if defined(__linux__)
+#include <sys/prctl.h>
+#endif
#include <string.h>
#include <errno.h>
#include <stdbool.h>
@@ -293,7 +296,7 @@
if (type & ONAS_IN) {
wd = hnode->wd;
- if (!inotify_rm_watch(fd, wd)) return CL_EARG;
+ if (!inotify_rm_watch(fd, wd) && errno != ENOENT) return CL_EARG;
/* Unlink the hash node from the watch descriptor lookup table */
hnode->wd = 0;
@@ -359,6 +362,18 @@
void *onas_ddd_th(void *arg)
{
+ /* Set thread name for profiling and debuging */
+ const char thread_name[] = "clamonacc-ddd";
+
+#if defined(__linux__)
+ /* Use prctl instead to prevent using _GNU_SOURCE flag and implicit
declaration */
+ prctl(PR_SET_NAME, thread_name);
+#elif defined(__APPLE__) && defined(__MACH__)
+ pthread_setname_np(thread_name);
+#else
+ logg("^ClamInotif: Setting of the thread name is currently not supported
on this system\n");
+#endif
+
struct onas_context *ctx = (struct onas_context *)arg;
sigset_t sigset;
const struct optstruct *pt;
@@ -381,14 +396,16 @@
sigdelset(&sigset, SIGUSR1);
sigdelset(&sigset, SIGUSR2);
/* The behavior of a process is undefined after it ignores a
- * SIGFPE, SIGILL, SIGSEGV, or SIGBUS signal */
+ * SIGFPE, SIGILL, SIGSEGV, or SIGBUS signal */
sigdelset(&sigset, SIGFPE);
sigdelset(&sigset, SIGILL);
+ sigdelset(&sigset, SIGSEGV);
sigdelset(&sigset, SIGTERM);
sigdelset(&sigset, SIGINT);
#ifdef SIGBUS
sigdelset(&sigset, SIGBUS);
#endif
+ pthread_sigmask(SIG_SETMASK, &sigset, NULL);
logg("*ClamInotif: starting inotify event loop ...\n");
@@ -629,46 +646,57 @@
event = (const struct inotify_event *)p;
wd = event->wd;
- path = wdlt[wd];
+ if (wd >= 0)
+ path = wdlt[wd];
+ else
+ path = NULL;
child = event->name;
if (path == NULL) {
- logg("*ClamInotif: watch descriptor not found in lookup
table ... skipping\n");
+ logg("*ClamInotif: watch descriptor (wd:%d) not found in
lookup table ... skipping\n", wd);
continue;
}
- len = strlen(path);
- size_t size = strlen(child) + len + 2;
- char *child_path = (char *)cli_malloc(size);
- if (child_path == NULL) {
- logg("*ClamInotif: could not allocate space for child path
... aborting\n");
- return NULL;
- }
-
- if (path[len - 1] == '/') {
- snprintf(child_path, --size, "%s%s", path, child);
+ if (event->mask & IN_UNMOUNT) {
+ logg("!ClamInotif: inofify event IN_UNMOUNT (mask:%d)
occured, clamonacc should be restartet because a filesystem monitored by
inotify was umounted.\n", event->mask);
+ } else if (event->mask & IN_Q_OVERFLOW) {
+ logg("!ClamInotif: inotify event IN_Q_OVERFLOW (mask:%d)
occured, clamonacc should be restartet because a inotify events were dropped by
the kernel and the internal clamonacc inotify data structures are likely
invalid.\n", event->mask);
+ } else if (event->mask & IN_IGNORED) {
+ // Ignore for debugging purposes
} else {
- snprintf(child_path, size, "%s/%s", path, child);
- }
+ len = strlen(path);
+ size_t size = strlen(child) + len + 2;
+ char *child_path = (char *)cli_malloc(size);
+ if (child_path == NULL) {
+ logg("*ClamInotif: could not allocate space for child
path ... aborting\n");
+ return NULL;
+ }
- if (event->mask & IN_DELETE) {
- onas_ddd_handle_in_delete(ctx, path, child_path, event,
wd);
+ if (path[len - 1] == '/') {
+ snprintf(child_path, --size, "%s%s", path, child);
+ } else {
+ snprintf(child_path, size, "%s/%s", path, child);
+ }
- } else if (event->mask & IN_MOVED_FROM) {
- onas_ddd_handle_in_moved_from(ctx, path, child_path,
event, wd);
+ if (event->mask & IN_DELETE) {
+ onas_ddd_handle_in_delete(ctx, path, child_path,
event, wd);
- } else if (event->mask & IN_CREATE) {
- onas_ddd_handle_in_create(ctx, path, child_path, event,
wd, in_mask);
+ } else if (event->mask & IN_MOVED_FROM) {
+ onas_ddd_handle_in_moved_from(ctx, path, child_path,
event, wd);
- } else if (event->mask & IN_CLOSE_WRITE) {
- onas_ddd_handle_in_close_write(ctx, child_path);
+ } else if (event->mask & IN_CREATE) {
+ onas_ddd_handle_in_create(ctx, path, child_path,
event, wd, in_mask);
- } else if (event->mask & IN_MOVED_TO) {
- onas_ddd_handle_in_moved_to(ctx, path, child_path, event,
wd, in_mask);
- }
+ } else if (event->mask & IN_CLOSE_WRITE) {
+ onas_ddd_handle_in_close_write(ctx, child_path);
- free(child_path);
- child_path = NULL;
+ } else if (event->mask & IN_MOVED_TO) {
+ onas_ddd_handle_in_moved_to(ctx, path, child_path,
event, wd, in_mask);
+ }
+
+ free(child_path);
+ child_path = NULL;
+ }
}
}
}
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/clamonacc/scan/onas_queue.c
clamav-0.103.6+dfsg/clamonacc/scan/onas_queue.c
--- clamav-0.103.5+dfsg/clamonacc/scan/onas_queue.c 2022-01-11
00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/clamonacc/scan/onas_queue.c 2022-05-02
06:46:41.000000000 +0200
@@ -30,6 +30,9 @@
#include <fcntl.h>
#include <signal.h>
#include <pthread.h>
+#if defined(__linux__)
+#include <sys/prctl.h>
+#endif
#include <string.h>
// libclamav
@@ -142,6 +145,17 @@
void *onas_scan_queue_th(void *arg)
{
+ /* Set thread name for profiling and debuging */
+ const char thread_name[] = "clamonacc-sq";
+
+#if defined(__linux__)
+ /* Use prctl instead to prevent using _GNU_SOURCE flag and implicit
declaration */
+ prctl(PR_SET_NAME, thread_name);
+#elif defined(__APPLE__) && defined(__MACH__)
+ pthread_setname_np(thread_name);
+#else
+ logg("^ClamScanQueue: Setting of the thread name is currently not
supported on this system\n");
+#endif
/* not a ton of use for context right now, but perhaps in the future we
can pass in more options */
struct onas_context *ctx = (struct onas_context *)arg;
@@ -152,7 +166,7 @@
sigfillset(&sigset);
sigdelset(&sigset, SIGUSR2);
/* The behavior of a process is undefined after it ignores a
- * SIGFPE, SIGILL, SIGSEGV, or SIGBUS signal */
+ * SIGFPE, SIGILL, SIGSEGV, or SIGBUS signal */
sigdelset(&sigset, SIGFPE);
sigdelset(&sigset, SIGILL);
sigdelset(&sigset, SIGSEGV);
@@ -161,6 +175,7 @@
#ifdef SIGBUS
sigdelset(&sigset, SIGBUS);
#endif
+ pthread_sigmask(SIG_SETMASK, &sigset, NULL);
logg("*ClamScanQueue: initializing event queue consumer ... (%d) threads
in thread pool\n", ctx->maxthreads);
onas_init_event_queue();
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/CMakeLists.txt
clamav-0.103.6+dfsg/CMakeLists.txt
--- clamav-0.103.5+dfsg/CMakeLists.txt 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/CMakeLists.txt 2022-05-02 06:46:41.000000000 +0200
@@ -15,7 +15,7 @@
set(VERSION_SUFFIX "")
project( ClamAV
- VERSION "0.103.5"
+ VERSION "0.103.6"
DESCRIPTION "ClamAV open source email, web, and end-point anti-virus
toolkit." )
set(CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake" ${CMAKE_MODULE_PATH})
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/configure clamav-0.103.6+dfsg/configure
--- clamav-0.103.5+dfsg/configure 2022-01-11 00:18:10.000000000 +0100
+++ clamav-0.103.6+dfsg/configure 2022-05-02 06:47:06.000000000 +0200
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for ClamAV 0.103.5.
+# Generated by GNU Autoconf 2.69 for ClamAV 0.103.6.
#
# Report bugs to <https://github.com/Cisco-Talos/clamav/issues>.
#
@@ -592,8 +592,8 @@
# Identity of this package.
PACKAGE_NAME='ClamAV'
PACKAGE_TARNAME='clamav'
-PACKAGE_VERSION='0.103.5'
-PACKAGE_STRING='ClamAV 0.103.5'
+PACKAGE_VERSION='0.103.6'
+PACKAGE_STRING='ClamAV 0.103.6'
PACKAGE_BUGREPORT='https://github.com/Cisco-Talos/clamav/issues'
PACKAGE_URL='https://www.clamav.net/'
@@ -1606,7 +1606,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures ClamAV 0.103.5 to adapt to many kinds of systems.
+\`configure' configures ClamAV 0.103.6 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1687,7 +1687,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of ClamAV 0.103.5:";;
+ short | recursive ) echo "Configuration of ClamAV 0.103.6:";;
esac
cat <<\_ACEOF
--enable-dependency-tracking
@@ -1922,7 +1922,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-ClamAV configure 0.103.5
+ClamAV configure 0.103.6
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2550,7 +2550,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by ClamAV $as_me 0.103.5, which was
+It was created by ClamAV $as_me 0.103.6, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -4308,7 +4308,7 @@
# Define the identity of the package.
PACKAGE='clamav'
- VERSION='0.103.5'
+ VERSION='0.103.6'
# Some tools Automake needs.
@@ -6036,7 +6036,7 @@
$as_echo "#define PACKAGE PACKAGE_NAME" >>confdefs.h
-VERSION="0.103.5"
+VERSION="0.103.6"
major=`echo $PACKAGE_VERSION |cut -d. -f1 | sed -e "s/^0-9//g"`
minor=`echo $PACKAGE_VERSION |cut -d. -f2 | sed -e "s/^0-9//g"`
@@ -31896,7 +31896,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by ClamAV $as_me 0.103.5, which was
+This file was extended by ClamAV $as_me 0.103.6, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -31963,7 +31963,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //;
s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-ClamAV config.status 0.103.5
+ClamAV config.status 0.103.6
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
@@ -34813,7 +34813,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by ClamAV $as_me 0.103.5, which was
+This file was extended by ClamAV $as_me 0.103.6, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -34880,7 +34880,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //;
s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-ClamAV config.status 0.103.5
+ClamAV config.status 0.103.6
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/configure.ac clamav-0.103.6+dfsg/configure.ac
--- clamav-0.103.5+dfsg/configure.ac 2022-01-12 20:53:22.000000000 +0100
+++ clamav-0.103.6+dfsg/configure.ac 2022-05-12 18:34:19.000000000 +0200
@@ -22,7 +22,7 @@
dnl For a release change [devel] to the real version [0.xy]
dnl also change VERSION below
-AC_INIT([ClamAV], [0.103.5], [https://github.com/Cisco-Talos/clamav/issues],
[clamav], [https://www.clamav.net/])
+AC_INIT([ClamAV], [0.103.6], [https://github.com/Cisco-Talos/clamav/issues],
[clamav], [https://www.clamav.net/])
dnl put configure auxiliary into config
AC_CONFIG_AUX_DIR([config])
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/debian/changelog
clamav-0.103.6+dfsg/debian/changelog
--- clamav-0.103.5+dfsg/debian/changelog 2022-01-13 21:49:00.000000000
+0100
+++ clamav-0.103.6+dfsg/debian/changelog 2022-05-26 10:17:16.000000000
+0200
@@ -1,3 +1,20 @@
+clamav (0.103.6+dfsg-0+deb11u1) bullseye; urgency=medium
+
+ * Import 0.103.6
+ - CVE-2022-20770 (Possible infinite loop vulnerability in the CHM file
+ parser).
+ - CVE-2022-20796 (Possible NULL-pointer dereference crash in the scan
+ verdict cache check).
+ - CVE-2022-20771 (Possible infinite loop vulnerability in the TIFF file
+ parser).
+ - CVE-2022-20785 (Possible memory leak in the HTML file parser/
+ Javascript normalizer).
+ - CVE-2022-20792 (Possible multi-byte heap buffer overflow write
+ vulnerability in the signature database load module.
+ - Update symbol file.
+
+ -- Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Thu, 26 May 2022
10:17:16 +0200
+
clamav (0.103.5+dfsg-0+deb11u1) bullseye; urgency=medium
* Import 0.103.5
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/debian/.git-dpm
clamav-0.103.6+dfsg/debian/.git-dpm
--- clamav-0.103.5+dfsg/debian/.git-dpm 2022-01-13 21:49:00.000000000 +0100
+++ clamav-0.103.6+dfsg/debian/.git-dpm 2022-05-26 10:14:47.000000000 +0200
@@ -1,8 +1,8 @@
# see git-dpm(1) from git-dpm package
-d98f95bd2562d8205e1e0a209c06c7706b9107fc
-d98f95bd2562d8205e1e0a209c06c7706b9107fc
-857db6f7fe6291d39090c77afdefa94d97161cb2
-857db6f7fe6291d39090c77afdefa94d97161cb2
-clamav_0.103.5+dfsg.orig.tar.xz
-6b767150c6b8cb9c8c6b11a2ae3df961fd65533f
-7121136
+dbab766c81312b2a8cbd37258a5a3510c4e98085
+dbab766c81312b2a8cbd37258a5a3510c4e98085
+75754d0f4c00d0ac0864e2a506bfc1d977d55d00
+75754d0f4c00d0ac0864e2a506bfc1d977d55d00
+clamav_0.103.6+dfsg.orig.tar.xz
+6212705bf2cb168a55f76ae4cab31fa40909aed8
+7135300
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/debian/libclamav9.symbols
clamav-0.103.6+dfsg/debian/libclamav9.symbols
--- clamav-0.103.5+dfsg/debian/libclamav9.symbols 2022-01-13
21:49:00.000000000 +0100
+++ clamav-0.103.6+dfsg/debian/libclamav9.symbols 2022-05-26
10:16:58.000000000 +0200
@@ -1,20 +1,20 @@
libclamav.so.9 libclamav9 #MINVER#
* Build-Depends-Package: libclamav-dev
- CLAMAV_PRIVATE@CLAMAV_PRIVATE 0.103.5
+ CLAMAV_PRIVATE@CLAMAV_PRIVATE 0.103.6
CLAMAV_PUBLIC@CLAMAV_PUBLIC 0.101.0
- __cli_strcasestr@CLAMAV_PRIVATE 0.103.5
- __cli_strndup@CLAMAV_PRIVATE 0.103.5
- __cli_strnlen@CLAMAV_PRIVATE 0.103.5
- __cli_strnstr@CLAMAV_PRIVATE 0.103.5
- base64Flush@CLAMAV_PRIVATE 0.103.5
- blobAddData@CLAMAV_PRIVATE 0.103.5
- blobCreate@CLAMAV_PRIVATE 0.103.5
- blobDestroy@CLAMAV_PRIVATE 0.103.5
- cl_ASN1_GetTimeT@CLAMAV_PRIVATE 0.103.5
+ __cli_strcasestr@CLAMAV_PRIVATE 0.103.6
+ __cli_strndup@CLAMAV_PRIVATE 0.103.6
+ __cli_strnlen@CLAMAV_PRIVATE 0.103.6
+ __cli_strnstr@CLAMAV_PRIVATE 0.103.6
+ base64Flush@CLAMAV_PRIVATE 0.103.6
+ blobAddData@CLAMAV_PRIVATE 0.103.6
+ blobCreate@CLAMAV_PRIVATE 0.103.6
+ blobDestroy@CLAMAV_PRIVATE 0.103.6
+ cl_ASN1_GetTimeT@CLAMAV_PRIVATE 0.103.6
cl_always_gen_section_hash@CLAMAV_PUBLIC 0.101.0
- cl_base64_decode@CLAMAV_PRIVATE 0.103.5
- cl_base64_encode@CLAMAV_PRIVATE 0.103.5
- cl_cleanup_crypto@CLAMAV_PRIVATE 0.103.5
+ cl_base64_decode@CLAMAV_PRIVATE 0.103.6
+ cl_base64_encode@CLAMAV_PRIVATE 0.103.6
+ cl_cleanup_crypto@CLAMAV_PRIVATE 0.103.6
cl_countsigs@CLAMAV_PUBLIC 0.101.0
cl_cvdfree@CLAMAV_PUBLIC 0.101.0
cl_cvdhead@CLAMAV_PUBLIC 0.101.0
@@ -54,21 +54,21 @@
cl_fmap_close@CLAMAV_PUBLIC 0.101.0
cl_fmap_open_handle@CLAMAV_PUBLIC 0.101.0
cl_fmap_open_memory@CLAMAV_PUBLIC 0.101.0
- cl_get_pkey_file@CLAMAV_PRIVATE 0.103.5
- cl_get_x509_from_mem@CLAMAV_PRIVATE 0.103.5
- cl_hash_data@CLAMAV_PRIVATE 0.103.5
+ cl_get_pkey_file@CLAMAV_PRIVATE 0.103.6
+ cl_get_x509_from_mem@CLAMAV_PRIVATE 0.103.6
+ cl_hash_data@CLAMAV_PRIVATE 0.103.6
cl_hash_destroy@CLAMAV_PUBLIC 0.101.0
- cl_hash_file_fd@CLAMAV_PRIVATE 0.103.5
- cl_hash_file_fd_ctx@CLAMAV_PRIVATE 0.103.5
- cl_hash_file_fp@CLAMAV_PRIVATE 0.103.5
+ cl_hash_file_fd@CLAMAV_PRIVATE 0.103.6
+ cl_hash_file_fd_ctx@CLAMAV_PRIVATE 0.103.6
+ cl_hash_file_fp@CLAMAV_PRIVATE 0.103.6
cl_hash_init@CLAMAV_PUBLIC 0.101.0
cl_init@CLAMAV_PUBLIC 0.101.0
- cl_initialize_crypto@CLAMAV_PRIVATE 0.103.5
+ cl_initialize_crypto@CLAMAV_PRIVATE 0.103.6
cl_load@CLAMAV_PUBLIC 0.101.0
- cl_load_cert@CLAMAV_PRIVATE 0.103.5
- cl_load_crl@CLAMAV_PRIVATE 0.103.5
+ cl_load_cert@CLAMAV_PRIVATE 0.103.6
+ cl_load_crl@CLAMAV_PRIVATE 0.103.6
cl_retdbdir@CLAMAV_PUBLIC 0.101.0
- cl_retflevel@CLAMAV_PUBLIC 0.103.5
+ cl_retflevel@CLAMAV_PUBLIC 0.103.6
cl_retver@CLAMAV_PUBLIC 0.101.0
cl_scandesc@CLAMAV_PUBLIC 0.101.0
cl_scandesc_callback@CLAMAV_PUBLIC 0.101.0
@@ -76,196 +76,196 @@
cl_scanfile_callback@CLAMAV_PUBLIC 0.101.0
cl_scanmap_callback@CLAMAV_PUBLIC 0.101.0
cl_set_clcb_msg@CLAMAV_PUBLIC 0.101.0
- cl_sha1@CLAMAV_PRIVATE 0.103.5
- cl_sha256@CLAMAV_PRIVATE 0.103.5
- cl_sign_data@CLAMAV_PRIVATE 0.103.5
- cl_sign_data_keyfile@CLAMAV_PRIVATE 0.103.5
- cl_sign_file_fd@CLAMAV_PRIVATE 0.103.5
- cl_sign_file_fp@CLAMAV_PRIVATE 0.103.5
+ cl_sha1@CLAMAV_PRIVATE 0.103.6
+ cl_sha256@CLAMAV_PRIVATE 0.103.6
+ cl_sign_data@CLAMAV_PRIVATE 0.103.6
+ cl_sign_data_keyfile@CLAMAV_PRIVATE 0.103.6
+ cl_sign_file_fd@CLAMAV_PRIVATE 0.103.6
+ cl_sign_file_fp@CLAMAV_PRIVATE 0.103.6
cl_statchkdir@CLAMAV_PUBLIC 0.101.0
cl_statfree@CLAMAV_PUBLIC 0.101.0
cl_statinidir@CLAMAV_PUBLIC 0.101.0
cl_strerror@CLAMAV_PUBLIC 0.101.0
cl_update_hash@CLAMAV_PUBLIC 0.101.0
- cl_validate_certificate_chain@CLAMAV_PRIVATE 0.103.5
- cl_validate_certificate_chain_ts_dir@CLAMAV_PRIVATE 0.103.5
- cl_verify_signature@CLAMAV_PRIVATE 0.103.5
- cl_verify_signature_fd@CLAMAV_PRIVATE 0.103.5
- cl_verify_signature_fd_x509@CLAMAV_PRIVATE 0.103.5
- cl_verify_signature_fd_x509_keyfile@CLAMAV_PRIVATE 0.103.5
- cl_verify_signature_hash@CLAMAV_PRIVATE 0.103.5
- cl_verify_signature_hash_x509@CLAMAV_PRIVATE 0.103.5
- cl_verify_signature_hash_x509_keyfile@CLAMAV_PRIVATE 0.103.5
- cl_verify_signature_x509@CLAMAV_PRIVATE 0.103.5
- cl_verify_signature_x509_keyfile@CLAMAV_PRIVATE 0.103.5
- cli_ac_buildtrie@CLAMAV_PRIVATE 0.103.5
- cli_ac_chklsig@CLAMAV_PRIVATE 0.103.5
- cli_ac_free@CLAMAV_PRIVATE 0.103.5
- cli_ac_freedata@CLAMAV_PRIVATE 0.103.5
- cli_ac_init@CLAMAV_PRIVATE 0.103.5
- cli_ac_initdata@CLAMAV_PRIVATE 0.103.5
- cli_ac_scanbuff@CLAMAV_PRIVATE 0.103.5
- cli_basename@CLAMAV_PRIVATE 0.103.5
- cli_bm_free@CLAMAV_PRIVATE 0.103.5
- cli_bm_init@CLAMAV_PRIVATE 0.103.5
- cli_bm_scanbuff@CLAMAV_PRIVATE 0.103.5
- cli_build_regex_list@CLAMAV_PRIVATE 0.103.5
- cli_bytecode_context_alloc@CLAMAV_PRIVATE 0.103.5
- cli_bytecode_context_clear@CLAMAV_PRIVATE 0.103.5
- cli_bytecode_context_destroy@CLAMAV_PRIVATE 0.103.5
- cli_bytecode_context_getresult_int@CLAMAV_PRIVATE 0.103.5
- cli_bytecode_context_set_trace@CLAMAV_PRIVATE 0.103.5
- cli_bytecode_context_setfile@CLAMAV_PRIVATE 0.103.5
- cli_bytecode_context_setfuncid@CLAMAV_PRIVATE 0.103.5
- cli_bytecode_context_setparam_int@CLAMAV_PRIVATE 0.103.5
- cli_bytecode_context_setparam_ptr@CLAMAV_PRIVATE 0.103.5
- cli_bytecode_debug@CLAMAV_PRIVATE 0.103.5
- cli_bytecode_debug_printsrc@CLAMAV_PRIVATE 0.103.5
- cli_bytecode_describe@CLAMAV_PRIVATE 0.103.5
- cli_bytecode_destroy@CLAMAV_PRIVATE 0.103.5
- cli_bytecode_done@CLAMAV_PRIVATE 0.103.5
- cli_bytecode_init@CLAMAV_PRIVATE 0.103.5
- cli_bytecode_load@CLAMAV_PRIVATE 0.103.5
- cli_bytecode_prepare2@CLAMAV_PRIVATE 0.103.5
- cli_bytecode_printversion@CLAMAV_PRIVATE 0.103.5
- cli_bytecode_run@CLAMAV_PRIVATE 0.103.5
- cli_bytefunc_describe@CLAMAV_PRIVATE 0.103.5
- cli_byteinst_describe@CLAMAV_PRIVATE 0.103.5
- cli_bytetype_describe@CLAMAV_PRIVATE 0.103.5
- cli_bytevalue_describe@CLAMAV_PRIVATE 0.103.5
- cli_calloc@CLAMAV_PRIVATE 0.103.5
- cli_check_auth_header@CLAMAV_PRIVATE 0.103.5
- cli_chomp@CLAMAV_PRIVATE 0.103.5
- cli_codepage_to_utf8@CLAMAV_PRIVATE 0.103.5
- cli_ctime@CLAMAV_PRIVATE 0.103.5
- cli_cvdunpack@CLAMAV_PRIVATE 0.103.5
- cli_dbgmsg_internal@CLAMAV_PRIVATE 0.103.5
- cli_dconf_init@CLAMAV_PRIVATE 0.103.5
- cli_debug_flag@CLAMAV_PRIVATE 0.103.5
- cli_detect_environment@CLAMAV_PRIVATE 0.103.5
- cli_disasm_one@CLAMAV_PRIVATE 0.103.5
- cli_errmsg@CLAMAV_PRIVATE 0.103.5
- cli_filecopy@CLAMAV_PRIVATE 0.103.5
- cli_free_vba_project@CLAMAV_PRIVATE 0.103.5
- cli_ftw@CLAMAV_PRIVATE 0.103.5
- cli_genhash_pe@CLAMAV_PRIVATE 0.103.5
- cli_gentemp@CLAMAV_PRIVATE 0.103.5
- cli_gentemp_with_prefix@CLAMAV_PRIVATE 0.103.5
- cli_gentempfd@CLAMAV_PRIVATE 0.103.5
- cli_get_filepath_from_filedesc@CLAMAV_PRIVATE 0.103.5
- cli_gettmpdir@CLAMAV_PRIVATE 0.103.5
- cli_hashfile@CLAMAV_PRIVATE 0.103.5
- cli_hashset_destroy@CLAMAV_PRIVATE 0.103.5
- cli_hashstream@CLAMAV_PRIVATE 0.103.5
- cli_hex2str@CLAMAV_PRIVATE 0.103.5
- cli_hex2ui@CLAMAV_PRIVATE 0.103.5
- cli_initroots@CLAMAV_PRIVATE 0.103.5
- cli_isnumber@CLAMAV_PRIVATE 0.103.5
- cli_js_destroy@CLAMAV_PRIVATE 0.103.5
- cli_js_init@CLAMAV_PRIVATE 0.103.5
- cli_js_output@CLAMAV_PRIVATE 0.103.5
- cli_js_parse_done@CLAMAV_PRIVATE 0.103.5
- cli_js_process_buffer@CLAMAV_PRIVATE 0.103.5
- cli_ldbtokenize@CLAMAV_PRIVATE 0.103.5
- cli_malloc@CLAMAV_PRIVATE 0.103.5
- cli_memstr@CLAMAV_PRIVATE 0.103.5
- cli_ole2_extract@CLAMAV_PRIVATE 0.103.5
- cli_parse_add@CLAMAV_PRIVATE 0.103.5
- cli_pcre_build@CLAMAV_PRIVATE 0.103.5
- cli_pcre_freeoff@CLAMAV_PRIVATE 0.103.5
- cli_pcre_init@CLAMAV_PRIVATE 0.103.5
- cli_pcre_perf_events_destroy@CLAMAV_PRIVATE 0.103.5
- cli_pcre_perf_print@CLAMAV_PRIVATE 0.103.5
- cli_pcre_recaloff@CLAMAV_PRIVATE 0.103.5
- cli_pcre_scanbuf@CLAMAV_PRIVATE 0.103.5
- cli_ppt_vba_read@CLAMAV_PRIVATE 0.103.5
- cli_printcxxver@CLAMAV_PRIVATE 0.103.5
- cli_readn@CLAMAV_PRIVATE 0.103.5
- cli_realloc@CLAMAV_PRIVATE 0.103.5
- cli_realpath@CLAMAV_PRIVATE 0.103.5
- cli_regcomp@CLAMAV_PRIVATE 0.103.5
- cli_regex2suffix@CLAMAV_PRIVATE 0.103.5
- cli_regexec@CLAMAV_PRIVATE 0.103.5
- cli_regfree@CLAMAV_PRIVATE 0.103.5
- cli_rmdirs@CLAMAV_PRIVATE 0.103.5
- cli_rndnum@CLAMAV_PRIVATE 0.103.5
- cli_sanitize_filepath@CLAMAV_PRIVATE 0.103.5
- cli_scan_buff@CLAMAV_PRIVATE 0.103.5
- cli_scan_fmap@CLAMAV_PRIVATE 0.103.5
- cli_sigopts_handler@CLAMAV_PRIVATE 0.103.5
- cli_sigperf_events_destroy@CLAMAV_PRIVATE 0.103.5
- cli_sigperf_print@CLAMAV_PRIVATE 0.103.5
- cli_str2hex@CLAMAV_PRIVATE 0.103.5
- cli_strbcasestr@CLAMAV_PRIVATE 0.103.5
- cli_strdup@CLAMAV_PRIVATE 0.103.5
- cli_strerror@CLAMAV_PRIVATE 0.103.5
- cli_strlcat@CLAMAV_PRIVATE 0.103.5
- cli_strlcpy@CLAMAV_PRIVATE 0.103.5
- cli_strntoul@CLAMAV_PRIVATE 0.103.5
- cli_strrcpy@CLAMAV_PRIVATE 0.103.5
- cli_strtok@CLAMAV_PRIVATE 0.103.5
- cli_strtokbuf@CLAMAV_PRIVATE 0.103.5
- cli_strtokenize@CLAMAV_PRIVATE 0.103.5
- cli_textbuffer_append_normalize@CLAMAV_PRIVATE 0.103.5
- cli_unescape@CLAMAV_PRIVATE 0.103.5
- cli_unlink@CLAMAV_PRIVATE 0.103.5
- cli_url_canon@CLAMAV_PRIVATE 0.103.5
- cli_utf16_to_utf8@CLAMAV_PRIVATE 0.103.5
- cli_utf16toascii@CLAMAV_PRIVATE 0.103.5
- cli_vba_inflate@CLAMAV_PRIVATE 0.103.5
- cli_vba_readdir@CLAMAV_PRIVATE 0.103.5
- cli_versig2@CLAMAV_PRIVATE 0.103.5
- cli_versig@CLAMAV_PRIVATE 0.103.5
- cli_warnmsg@CLAMAV_PRIVATE 0.103.5
- cli_wm_decrypt_macro@CLAMAV_PRIVATE 0.103.5
- cli_wm_readdir@CLAMAV_PRIVATE 0.103.5
- cli_writen@CLAMAV_PRIVATE 0.103.5
- decodeLine@CLAMAV_PRIVATE 0.103.5
- disasmbuf@CLAMAV_PRIVATE 0.103.5
- fmap@CLAMAV_PRIVATE 0.103.5
- fmap_dump_to_file@CLAMAV_PRIVATE 0.103.5
- fmap_duplicate@CLAMAV_PRIVATE 0.103.5
- free_duplicate_fmap@CLAMAV_PRIVATE 0.103.5
- get_fpu_endian@CLAMAV_PRIVATE 0.103.5
- have_clamjit@CLAMAV_PRIVATE 0.103.5
- have_rar@CLAMAV_PRIVATE 0.103.5
- html_normalise_map@CLAMAV_PRIVATE 0.103.5
- html_normalise_mem@CLAMAV_PRIVATE 0.103.5
- html_screnc_decode@CLAMAV_PRIVATE 0.103.5
- html_tag_arg_free@CLAMAV_PRIVATE 0.103.5
- init_domainlist@CLAMAV_PRIVATE 0.103.5
- init_regex_list@CLAMAV_PRIVATE 0.103.5
- init_whitelist@CLAMAV_PRIVATE 0.103.5
- is_regex_ok@CLAMAV_PRIVATE 0.103.5
- load_regex_matcher@CLAMAV_PRIVATE 0.103.5
+ cl_validate_certificate_chain@CLAMAV_PRIVATE 0.103.6
+ cl_validate_certificate_chain_ts_dir@CLAMAV_PRIVATE 0.103.6
+ cl_verify_signature@CLAMAV_PRIVATE 0.103.6
+ cl_verify_signature_fd@CLAMAV_PRIVATE 0.103.6
+ cl_verify_signature_fd_x509@CLAMAV_PRIVATE 0.103.6
+ cl_verify_signature_fd_x509_keyfile@CLAMAV_PRIVATE 0.103.6
+ cl_verify_signature_hash@CLAMAV_PRIVATE 0.103.6
+ cl_verify_signature_hash_x509@CLAMAV_PRIVATE 0.103.6
+ cl_verify_signature_hash_x509_keyfile@CLAMAV_PRIVATE 0.103.6
+ cl_verify_signature_x509@CLAMAV_PRIVATE 0.103.6
+ cl_verify_signature_x509_keyfile@CLAMAV_PRIVATE 0.103.6
+ cli_ac_buildtrie@CLAMAV_PRIVATE 0.103.6
+ cli_ac_chklsig@CLAMAV_PRIVATE 0.103.6
+ cli_ac_free@CLAMAV_PRIVATE 0.103.6
+ cli_ac_freedata@CLAMAV_PRIVATE 0.103.6
+ cli_ac_init@CLAMAV_PRIVATE 0.103.6
+ cli_ac_initdata@CLAMAV_PRIVATE 0.103.6
+ cli_ac_scanbuff@CLAMAV_PRIVATE 0.103.6
+ cli_basename@CLAMAV_PRIVATE 0.103.6
+ cli_bm_free@CLAMAV_PRIVATE 0.103.6
+ cli_bm_init@CLAMAV_PRIVATE 0.103.6
+ cli_bm_scanbuff@CLAMAV_PRIVATE 0.103.6
+ cli_build_regex_list@CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_context_alloc@CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_context_clear@CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_context_destroy@CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_context_getresult_int@CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_context_set_trace@CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_context_setfile@CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_context_setfuncid@CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_context_setparam_int@CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_context_setparam_ptr@CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_debug@CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_debug_printsrc@CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_describe@CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_destroy@CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_done@CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_init@CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_load@CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_prepare2@CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_printversion@CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_run@CLAMAV_PRIVATE 0.103.6
+ cli_bytefunc_describe@CLAMAV_PRIVATE 0.103.6
+ cli_byteinst_describe@CLAMAV_PRIVATE 0.103.6
+ cli_bytetype_describe@CLAMAV_PRIVATE 0.103.6
+ cli_bytevalue_describe@CLAMAV_PRIVATE 0.103.6
+ cli_calloc@CLAMAV_PRIVATE 0.103.6
+ cli_check_auth_header@CLAMAV_PRIVATE 0.103.6
+ cli_chomp@CLAMAV_PRIVATE 0.103.6
+ cli_codepage_to_utf8@CLAMAV_PRIVATE 0.103.6
+ cli_ctime@CLAMAV_PRIVATE 0.103.6
+ cli_cvdunpack@CLAMAV_PRIVATE 0.103.6
+ cli_dbgmsg_internal@CLAMAV_PRIVATE 0.103.6
+ cli_dconf_init@CLAMAV_PRIVATE 0.103.6
+ cli_debug_flag@CLAMAV_PRIVATE 0.103.6
+ cli_detect_environment@CLAMAV_PRIVATE 0.103.6
+ cli_disasm_one@CLAMAV_PRIVATE 0.103.6
+ cli_errmsg@CLAMAV_PRIVATE 0.103.6
+ cli_filecopy@CLAMAV_PRIVATE 0.103.6
+ cli_free_vba_project@CLAMAV_PRIVATE 0.103.6
+ cli_ftw@CLAMAV_PRIVATE 0.103.6
+ cli_genhash_pe@CLAMAV_PRIVATE 0.103.6
+ cli_gentemp@CLAMAV_PRIVATE 0.103.6
+ cli_gentemp_with_prefix@CLAMAV_PRIVATE 0.103.6
+ cli_gentempfd@CLAMAV_PRIVATE 0.103.6
+ cli_get_filepath_from_filedesc@CLAMAV_PRIVATE 0.103.6
+ cli_gettmpdir@CLAMAV_PRIVATE 0.103.6
+ cli_hashfile@CLAMAV_PRIVATE 0.103.6
+ cli_hashset_destroy@CLAMAV_PRIVATE 0.103.6
+ cli_hashstream@CLAMAV_PRIVATE 0.103.6
+ cli_hex2str@CLAMAV_PRIVATE 0.103.6
+ cli_hex2ui@CLAMAV_PRIVATE 0.103.6
+ cli_initroots@CLAMAV_PRIVATE 0.103.6
+ cli_isnumber@CLAMAV_PRIVATE 0.103.6
+ cli_js_destroy@CLAMAV_PRIVATE 0.103.6
+ cli_js_init@CLAMAV_PRIVATE 0.103.6
+ cli_js_output@CLAMAV_PRIVATE 0.103.6
+ cli_js_parse_done@CLAMAV_PRIVATE 0.103.6
+ cli_js_process_buffer@CLAMAV_PRIVATE 0.103.6
+ cli_ldbtokenize@CLAMAV_PRIVATE 0.103.6
+ cli_malloc@CLAMAV_PRIVATE 0.103.6
+ cli_memstr@CLAMAV_PRIVATE 0.103.6
+ cli_ole2_extract@CLAMAV_PRIVATE 0.103.6
+ cli_parse_add@CLAMAV_PRIVATE 0.103.6
+ cli_pcre_build@CLAMAV_PRIVATE 0.103.6
+ cli_pcre_freeoff@CLAMAV_PRIVATE 0.103.6
+ cli_pcre_init@CLAMAV_PRIVATE 0.103.6
+ cli_pcre_perf_events_destroy@CLAMAV_PRIVATE 0.103.6
+ cli_pcre_perf_print@CLAMAV_PRIVATE 0.103.6
+ cli_pcre_recaloff@CLAMAV_PRIVATE 0.103.6
+ cli_pcre_scanbuf@CLAMAV_PRIVATE 0.103.6
+ cli_ppt_vba_read@CLAMAV_PRIVATE 0.103.6
+ cli_printcxxver@CLAMAV_PRIVATE 0.103.6
+ cli_readn@CLAMAV_PRIVATE 0.103.6
+ cli_realloc@CLAMAV_PRIVATE 0.103.6
+ cli_realpath@CLAMAV_PRIVATE 0.103.6
+ cli_regcomp@CLAMAV_PRIVATE 0.103.6
+ cli_regex2suffix@CLAMAV_PRIVATE 0.103.6
+ cli_regexec@CLAMAV_PRIVATE 0.103.6
+ cli_regfree@CLAMAV_PRIVATE 0.103.6
+ cli_rmdirs@CLAMAV_PRIVATE 0.103.6
+ cli_rndnum@CLAMAV_PRIVATE 0.103.6
+ cli_sanitize_filepath@CLAMAV_PRIVATE 0.103.6
+ cli_scan_buff@CLAMAV_PRIVATE 0.103.6
+ cli_scan_fmap@CLAMAV_PRIVATE 0.103.6
+ cli_sigopts_handler@CLAMAV_PRIVATE 0.103.6
+ cli_sigperf_events_destroy@CLAMAV_PRIVATE 0.103.6
+ cli_sigperf_print@CLAMAV_PRIVATE 0.103.6
+ cli_str2hex@CLAMAV_PRIVATE 0.103.6
+ cli_strbcasestr@CLAMAV_PRIVATE 0.103.6
+ cli_strdup@CLAMAV_PRIVATE 0.103.6
+ cli_strerror@CLAMAV_PRIVATE 0.103.6
+ cli_strlcat@CLAMAV_PRIVATE 0.103.6
+ cli_strlcpy@CLAMAV_PRIVATE 0.103.6
+ cli_strntoul@CLAMAV_PRIVATE 0.103.6
+ cli_strrcpy@CLAMAV_PRIVATE 0.103.6
+ cli_strtok@CLAMAV_PRIVATE 0.103.6
+ cli_strtokbuf@CLAMAV_PRIVATE 0.103.6
+ cli_strtokenize@CLAMAV_PRIVATE 0.103.6
+ cli_textbuffer_append_normalize@CLAMAV_PRIVATE 0.103.6
+ cli_unescape@CLAMAV_PRIVATE 0.103.6
+ cli_unlink@CLAMAV_PRIVATE 0.103.6
+ cli_url_canon@CLAMAV_PRIVATE 0.103.6
+ cli_utf16_to_utf8@CLAMAV_PRIVATE 0.103.6
+ cli_utf16toascii@CLAMAV_PRIVATE 0.103.6
+ cli_vba_inflate@CLAMAV_PRIVATE 0.103.6
+ cli_vba_readdir@CLAMAV_PRIVATE 0.103.6
+ cli_versig2@CLAMAV_PRIVATE 0.103.6
+ cli_versig@CLAMAV_PRIVATE 0.103.6
+ cli_warnmsg@CLAMAV_PRIVATE 0.103.6
+ cli_wm_decrypt_macro@CLAMAV_PRIVATE 0.103.6
+ cli_wm_readdir@CLAMAV_PRIVATE 0.103.6
+ cli_writen@CLAMAV_PRIVATE 0.103.6
+ decodeLine@CLAMAV_PRIVATE 0.103.6
+ disasmbuf@CLAMAV_PRIVATE 0.103.6
+ fmap@CLAMAV_PRIVATE 0.103.6
+ fmap_dump_to_file@CLAMAV_PRIVATE 0.103.6
+ fmap_duplicate@CLAMAV_PRIVATE 0.103.6
+ free_duplicate_fmap@CLAMAV_PRIVATE 0.103.6
+ get_fpu_endian@CLAMAV_PRIVATE 0.103.6
+ have_clamjit@CLAMAV_PRIVATE 0.103.6
+ have_rar@CLAMAV_PRIVATE 0.103.6
+ html_normalise_map@CLAMAV_PRIVATE 0.103.6
+ html_normalise_mem@CLAMAV_PRIVATE 0.103.6
+ html_screnc_decode@CLAMAV_PRIVATE 0.103.6
+ html_tag_arg_free@CLAMAV_PRIVATE 0.103.6
+ init_domainlist@CLAMAV_PRIVATE 0.103.6
+ init_regex_list@CLAMAV_PRIVATE 0.103.6
+ init_whitelist@CLAMAV_PRIVATE 0.103.6
+ is_regex_ok@CLAMAV_PRIVATE 0.103.6
+ load_regex_matcher@CLAMAV_PRIVATE 0.103.6
lsig_sub_matched@CLAMAV_PUBLIC 0.101.0
- messageCreate@CLAMAV_PRIVATE 0.103.5
- messageDestroy@CLAMAV_PRIVATE 0.103.5
- mpool_calloc@CLAMAV_PRIVATE 0.103.5
- mpool_create@CLAMAV_PRIVATE 0.103.5
- mpool_destroy@CLAMAV_PRIVATE 0.103.5
- mpool_free@CLAMAV_PRIVATE 0.103.5
- mpool_getstats@CLAMAV_PRIVATE 0.103.5
- phishingScan@CLAMAV_PRIVATE 0.103.5
- phishing_done@CLAMAV_PRIVATE 0.103.5
- phishing_init@CLAMAV_PRIVATE 0.103.5
- regex_list_add_pattern@CLAMAV_PRIVATE 0.103.5
- regex_list_done@CLAMAV_PRIVATE 0.103.5
- regex_list_match@CLAMAV_PRIVATE 0.103.5
- tableCreate@CLAMAV_PRIVATE 0.103.5
- tableDestroy@CLAMAV_PRIVATE 0.103.5
- tableFind@CLAMAV_PRIVATE 0.103.5
- tableInsert@CLAMAV_PRIVATE 0.103.5
- tableIterate@CLAMAV_PRIVATE 0.103.5
- tableRemove@CLAMAV_PRIVATE 0.103.5
- tableUpdate@CLAMAV_PRIVATE 0.103.5
- text_normalize_init@CLAMAV_PRIVATE 0.103.5
- text_normalize_map@CLAMAV_PRIVATE 0.103.5
- text_normalize_reset@CLAMAV_PRIVATE 0.103.5
- uniq_add@CLAMAV_PRIVATE 0.103.5
- uniq_free@CLAMAV_PRIVATE 0.103.5
- uniq_get@CLAMAV_PRIVATE 0.103.5
- uniq_init@CLAMAV_PRIVATE 0.103.5
+ messageCreate@CLAMAV_PRIVATE 0.103.6
+ messageDestroy@CLAMAV_PRIVATE 0.103.6
+ mpool_calloc@CLAMAV_PRIVATE 0.103.6
+ mpool_create@CLAMAV_PRIVATE 0.103.6
+ mpool_destroy@CLAMAV_PRIVATE 0.103.6
+ mpool_free@CLAMAV_PRIVATE 0.103.6
+ mpool_getstats@CLAMAV_PRIVATE 0.103.6
+ phishingScan@CLAMAV_PRIVATE 0.103.6
+ phishing_done@CLAMAV_PRIVATE 0.103.6
+ phishing_init@CLAMAV_PRIVATE 0.103.6
+ regex_list_add_pattern@CLAMAV_PRIVATE 0.103.6
+ regex_list_done@CLAMAV_PRIVATE 0.103.6
+ regex_list_match@CLAMAV_PRIVATE 0.103.6
+ tableCreate@CLAMAV_PRIVATE 0.103.6
+ tableDestroy@CLAMAV_PRIVATE 0.103.6
+ tableFind@CLAMAV_PRIVATE 0.103.6
+ tableInsert@CLAMAV_PRIVATE 0.103.6
+ tableIterate@CLAMAV_PRIVATE 0.103.6
+ tableRemove@CLAMAV_PRIVATE 0.103.6
+ tableUpdate@CLAMAV_PRIVATE 0.103.6
+ text_normalize_init@CLAMAV_PRIVATE 0.103.6
+ text_normalize_map@CLAMAV_PRIVATE 0.103.6
+ text_normalize_reset@CLAMAV_PRIVATE 0.103.6
+ uniq_add@CLAMAV_PRIVATE 0.103.6
+ uniq_free@CLAMAV_PRIVATE 0.103.6
+ uniq_get@CLAMAV_PRIVATE 0.103.6
+ uniq_init@CLAMAV_PRIVATE 0.103.6
libfreshclam.so.2 libclamav9 #MINVER#
FRESHCLAM_PRIVATE@FRESHCLAM_PRIVATE 0.103.0
FRESHCLAM_PUBLIC@FRESHCLAM_PUBLIC 0.102.1
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js
clamav-0.103.5+dfsg/debian/patches/Add-support-for-LLVM-3.7.patch
clamav-0.103.6+dfsg/debian/patches/Add-support-for-LLVM-3.7.patch
--- clamav-0.103.5+dfsg/debian/patches/Add-support-for-LLVM-3.7.patch
2022-01-13 21:49:00.000000000 +0100
+++ clamav-0.103.6+dfsg/debian/patches/Add-support-for-LLVM-3.7.patch
2022-05-26 10:14:47.000000000 +0200
@@ -1,4 +1,4 @@
-From ca1a543796d95c62bf4c4b9ec15ad94bfcf08077 Mon Sep 17 00:00:00 2001
+From 2d58c75f1f386b3adbd2fe28022522d45d04e8c6 Mon Sep 17 00:00:00 2001
From: Andreas Cadhalpun <andreas.cadhal...@googlemail.com>
Date: Fri, 14 Oct 2016 20:24:39 +0200
Subject: Add support for LLVM 3.7
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js
clamav-0.103.5+dfsg/debian/patches/Add-support-for-LLVM-3.8.patch
clamav-0.103.6+dfsg/debian/patches/Add-support-for-LLVM-3.8.patch
--- clamav-0.103.5+dfsg/debian/patches/Add-support-for-LLVM-3.8.patch
2022-01-13 21:49:00.000000000 +0100
+++ clamav-0.103.6+dfsg/debian/patches/Add-support-for-LLVM-3.8.patch
2022-05-26 10:14:47.000000000 +0200
@@ -1,4 +1,4 @@
-From f1ea5523cdfa2b0cda73d7afeff871cf6a27ef68 Mon Sep 17 00:00:00 2001
+From fd59841c7269e0f0df27e9fe615de63ab8b05e0b Mon Sep 17 00:00:00 2001
From: Andreas Cadhalpun <andreas.cadhal...@googlemail.com>
Date: Fri, 14 Oct 2016 20:24:48 +0200
Subject: Add support for LLVM 3.8
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js
clamav-0.103.5+dfsg/debian/patches/Add-support-for-LLVM-3.9.patch
clamav-0.103.6+dfsg/debian/patches/Add-support-for-LLVM-3.9.patch
--- clamav-0.103.5+dfsg/debian/patches/Add-support-for-LLVM-3.9.patch
2022-01-13 21:49:00.000000000 +0100
+++ clamav-0.103.6+dfsg/debian/patches/Add-support-for-LLVM-3.9.patch
2022-05-26 10:14:47.000000000 +0200
@@ -1,4 +1,4 @@
-From db2466aa2494f16f5552b2b277af66bee4b087f4 Mon Sep 17 00:00:00 2001
+From dbab766c81312b2a8cbd37258a5a3510c4e98085 Mon Sep 17 00:00:00 2001
From: Andreas Cadhalpun <andreas.cadhal...@googlemail.com>
Date: Fri, 14 Oct 2016 20:24:56 +0200
Subject: Add support for LLVM 3.9
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js
clamav-0.103.5+dfsg/debian/patches/add-support-for-system-tomsfastmath.patch
clamav-0.103.6+dfsg/debian/patches/add-support-for-system-tomsfastmath.patch
---
clamav-0.103.5+dfsg/debian/patches/add-support-for-system-tomsfastmath.patch
2022-01-13 21:49:00.000000000 +0100
+++
clamav-0.103.6+dfsg/debian/patches/add-support-for-system-tomsfastmath.patch
2022-05-26 10:14:47.000000000 +0200
@@ -1,4 +1,4 @@
-From c2db4e1f887e84773dcacbbf175eab292cf8aace Mon Sep 17 00:00:00 2001
+From 0827b641063cdca6a13cf4e4f6ea6f546ec327cb Mon Sep 17 00:00:00 2001
From: Andreas Cadhalpun <andreas.cadhal...@googlemail.com>
Date: Wed, 11 Mar 2015 20:03:15 +0100
Subject: add support for system tomsfastmath
@@ -14,7 +14,7 @@
create mode 100644 m4/reorganization/libs/tomsfastmath.m4
diff --git a/configure.ac b/configure.ac
-index 514a967..32be9e5 100644
+index d418ee9..9829ea3 100644
--- a/configure.ac
+++ b/configure.ac
@@ -98,6 +98,7 @@ m4_include([m4/reorganization/libs/libmspack.m4])
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js
clamav-0.103.5+dfsg/debian/patches/Change-paths-in-sample-conf-file-to-match-Debian.patch
clamav-0.103.6+dfsg/debian/patches/Change-paths-in-sample-conf-file-to-match-Debian.patch
---
clamav-0.103.5+dfsg/debian/patches/Change-paths-in-sample-conf-file-to-match-Debian.patch
2022-01-13 21:49:00.000000000 +0100
+++
clamav-0.103.6+dfsg/debian/patches/Change-paths-in-sample-conf-file-to-match-Debian.patch
2022-05-26 10:14:47.000000000 +0200
@@ -1,4 +1,4 @@
-From 2e6262965ecae28f1880620661d352e0ff8e68b3 Mon Sep 17 00:00:00 2001
+From cf08cd90568253de1932a8e125b00ff2ffc26e3a Mon Sep 17 00:00:00 2001
From: Scott Kitterman <sc...@kitterman.com>
Date: Mon, 10 Mar 2014 19:20:18 -0400
Subject: Change paths in sample conf file to match Debian
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js
clamav-0.103.5+dfsg/debian/patches/clamd_dont_depend_on_clamav_demon_socket.patch
clamav-0.103.6+dfsg/debian/patches/clamd_dont_depend_on_clamav_demon_socket.patch
---
clamav-0.103.5+dfsg/debian/patches/clamd_dont_depend_on_clamav_demon_socket.patch
2022-01-13 21:49:00.000000000 +0100
+++
clamav-0.103.6+dfsg/debian/patches/clamd_dont_depend_on_clamav_demon_socket.patch
2022-05-26 10:14:47.000000000 +0200
@@ -1,4 +1,4 @@
-From 1fcbdac3d389676f930f06292a3f5ebcf58db2d0 Mon Sep 17 00:00:00 2001
+From e9ff8d69c35916f759e726c02aadbd2cd5e68678 Mon Sep 17 00:00:00 2001
From: Sebastian Andrzej Siewior <sebast...@breakpoint.cc>
Date: Thu, 11 Aug 2016 21:54:10 +0200
Subject: clamd: don't depend on clamav-demon.socket
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/debian/patches/Fix-ck_assert_msg-call.patch
clamav-0.103.6+dfsg/debian/patches/Fix-ck_assert_msg-call.patch
--- clamav-0.103.5+dfsg/debian/patches/Fix-ck_assert_msg-call.patch
2022-01-13 21:49:00.000000000 +0100
+++ clamav-0.103.6+dfsg/debian/patches/Fix-ck_assert_msg-call.patch
1970-01-01 01:00:00.000000000 +0100
@@ -1,25 +0,0 @@
-From d98f95bd2562d8205e1e0a209c06c7706b9107fc Mon Sep 17 00:00:00 2001
-From: Orion Poplawski <or...@nwra.com>
-Date: Thu, 17 Sep 2020 22:26:04 -0600
-Subject: unit tests: Fix ck_assert_msg() call
-
-The first argument to ck_assert_msg() should be a logical condition.
-
-Patch-Name: Fix-ck_assert_msg-call.patch
----
- unit_tests/check_jsnorm.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/unit_tests/check_jsnorm.c b/unit_tests/check_jsnorm.c
-index 114f052..9b2f4eb 100644
---- a/unit_tests/check_jsnorm.c
-+++ b/unit_tests/check_jsnorm.c
-@@ -247,7 +247,7 @@ static void tokenizer_test(const char *in, const char
*expected, int split)
- fd = open(filename, O_RDONLY);
- if (fd < 0) {
- jstest_teardown();
-- ck_assert_msg("failed to open output file: %s", filename);
-+ ck_assert_msg(0, "failed to open output file: %s", filename);
- }
-
- diff_file_mem(fd, expected, len);
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/debian/patches/series
clamav-0.103.6+dfsg/debian/patches/series
--- clamav-0.103.5+dfsg/debian/patches/series 2022-01-13 21:49:00.000000000
+0100
+++ clamav-0.103.6+dfsg/debian/patches/series 2022-05-26 10:14:43.000000000
+0200
@@ -4,4 +4,3 @@
Add-support-for-LLVM-3.7.patch
Add-support-for-LLVM-3.8.patch
Add-support-for-LLVM-3.9.patch
-Fix-ck_assert_msg-call.patch
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/debian/rules clamav-0.103.6+dfsg/debian/rules
--- clamav-0.103.5+dfsg/debian/rules 2022-01-13 21:49:00.000000000 +0100
+++ clamav-0.103.6+dfsg/debian/rules 2022-05-26 10:16:58.000000000 +0200
@@ -88,7 +88,7 @@
fi;\
done; \
# Check for library features which may have been upgraded.
- if ! grep -q "CL_FLEVEL 126" libclamav/others.h ; then \
+ if ! grep -q "CL_FLEVEL 127" libclamav/others.h ; then \
echo "cl_retflevel needs boosting in symbol file"; \
touch debian/exit; \
fi;
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/libclamav/bytecode_api.h
clamav-0.103.6+dfsg/libclamav/bytecode_api.h
--- clamav-0.103.5+dfsg/libclamav/bytecode_api.h 2022-01-11
00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/bytecode_api.h 2022-05-02
06:46:41.000000000 +0200
@@ -150,7 +150,8 @@
FUNC_LEVEL_0103_2 = 123, /**< LibClamAV release 0.103.2 */
FUNC_LEVEL_0103_3 = 124, /**< LibClamAV release 0.103.3 */
FUNC_LEVEL_0103_4 = 125, /**< LibClamAV release 0.103.4 */
- FUNC_LEVEL_0103_5 = 126, /**< LibClamAV release 0.103.4 */
+ FUNC_LEVEL_0103_5 = 126, /**< LibClamAV release 0.103.5 */
+ FUNC_LEVEL_0103_6 = 127, /**< LibClamAV release 0.103.6 */
};
/**
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/libclamav/cache.c
clamav-0.103.6+dfsg/libclamav/cache.c
--- clamav-0.103.5+dfsg/libclamav/cache.c 2022-01-11 00:17:45.000000000
+0100
+++ clamav-0.103.6+dfsg/libclamav/cache.c 2022-05-02 06:46:41.000000000
+0200
@@ -47,7 +47,11 @@
#define TREES 256
static inline unsigned int getkey(uint8_t *hash)
{
- return *hash;
+ if (hash) {
+ return *hash;
+ }
+
+ return 0;
}
/* #define TREES 4096 */
/* static inline unsigned int getkey(uint8_t *hash) { return hash[0] |
((unsigned int)(hash[1] & 0xf)<<8) ; } */
@@ -836,10 +840,17 @@
/* Looks up an hash in the proper tree */
static int cache_lookup_hash(unsigned char *md5, size_t len, struct CACHE
*cache, uint32_t recursion_level)
{
- unsigned int key = getkey(md5);
+ unsigned int key = 0;
int ret = CL_VIRUS;
struct CACHE *c;
+ if (!md5) {
+ cli_dbgmsg("cache_lookup: No hash available. Nothing to look up.\n");
+ return ret;
+ }
+
+ key = getkey(md5);
+
c = &cache[key];
#ifdef CL_THREAD_SAFE
if (pthread_mutex_lock(&c->mutex)) {
@@ -861,7 +872,8 @@
/* Adds an hash to the cache */
void cache_add(unsigned char *md5, size_t size, cli_ctx *ctx)
{
- unsigned int key = getkey(md5);
+
+ unsigned int key = 0;
uint32_t level;
struct CACHE *c;
@@ -873,6 +885,12 @@
return;
}
+ if (!md5) {
+ cli_dbgmsg("cache_add: No hash available. Nothing to add to cache.\n");
+ return;
+ }
+
+ key = getkey(md5);
level = (ctx->fmap && ctx->fmap->dont_cache_flag) ? ctx->recursion_level :
0;
if (ctx->found_possibly_unwanted && (level || 0 == ctx->recursion_level))
return;
@@ -910,7 +928,7 @@
/* Removes a hash from the cache */
void cache_remove(unsigned char *md5, size_t size, const struct cl_engine
*engine)
{
- unsigned int key = getkey(md5);
+ unsigned int key = 0;
struct CACHE *c;
if (!engine || !engine->cache)
@@ -921,7 +939,12 @@
return;
}
- /* cli_warnmsg("cache_remove: key is %u\n", key); */
+ if (!md5) {
+ cli_dbgmsg("cache_remove: No hash available. Nothing to remove from
cache.\n");
+ return;
+ }
+
+ key = getkey(md5);
c = &engine->cache[key];
#ifdef CL_THREAD_SAFE
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/libclamav/jsparse/js-norm.c
clamav-0.103.6+dfsg/libclamav/jsparse/js-norm.c
--- clamav-0.103.5+dfsg/libclamav/jsparse/js-norm.c 2022-01-11
00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/jsparse/js-norm.c 2022-05-02
06:46:41.000000000 +0200
@@ -248,7 +248,7 @@
static const char *scope_declare(struct scope *s, const char *token, const
size_t len, struct parser_state *state)
{
- const struct cli_element *el = cli_hashtab_insert(&s->id_map, token, len,
state->var_uniq++);
+ const struct cli_element *el = cli_hashtab_insert(&s->id_map, token, len,
(const cli_element_data)(state->var_uniq++));
/* cli_hashtab_insert either finds an already existing entry, or allocates
a
* new one, we return the allocated string */
return el ? el->key : NULL;
@@ -266,21 +266,21 @@
* Later if we find a declaration it will automatically assign a uniq ID
* to it. If not, we'll know that we have to push ID == -1 tokens to an
* outer scope.*/
- el = cli_hashtab_insert(&s->id_map, token, len, -1);
+ el = cli_hashtab_insert(&s->id_map, token, len, (const
cli_element_data)-1);
return el ? el->key : NULL;
}
-static long scope_lookup(struct scope *s, const char *token, const size_t len)
+static size_t scope_lookup(struct scope *s, const char *token, const size_t
len)
{
while (s) {
const struct cli_element *el = cli_hashtab_find(&s->id_map, token,
len);
- if (el && el->data != -1) {
- return el->data;
+ if (el && (size_t)el->data != (size_t)-1) {
+ return (size_t)el->data;
}
/* not found in current scope, try in outer scope */
s = s->parent;
}
- return -1;
+ return (size_t)-1;
}
static cl_error_t tokens_ensure_capacity(struct tokens *tokens, size_t cap)
@@ -381,12 +381,12 @@
case TOK_IDENTIFIER_NAME:
output_space(lastchar, 'a', out);
if (s) {
- long id = scope_lookup(scope, s, strlen(s));
- if (id == -1) {
+ size_t id = scope_lookup(scope, s, strlen(s));
+ if (id == (size_t)-1) {
/* identifier not normalized */
buf_outs(s, out);
} else {
- snprintf(sbuf, sizeof(sbuf), "n%03ld", id);
+ snprintf(sbuf, sizeof(sbuf), "n%03zu", id);
buf_outs(sbuf, out);
}
}
@@ -564,7 +564,6 @@
const char *o;
const char **tokens;
- memset(txtbuf, 0, sizeof(*txtbuf));
if (!p || !k)
return;
for (o = k; *o; o++)
@@ -622,6 +621,8 @@
size_t i, nesting = 1, j;
yystype *parameters[6];
const size_t parameters_cnt = 6;
+ yystype *first = NULL;
+ yystype *last = NULL;
for (i = start; i < cnt; i++) {
if (tokens[i].type == TOK_FUNCTION) {
@@ -654,8 +655,14 @@
while (tokens[i].type != TOK_PAR_CLOSE && i < cnt) i++;
i++;
}
- if (j == parameters_cnt)
+ if (j == parameters_cnt) {
+ if (NULL == first) {
+ first = parameters[0];
+ }
+ last = parameters[parameters_cnt - 1];
+
decode_de(parameters, &res->txtbuf);
+ }
}
}
} else {
@@ -671,12 +678,18 @@
while (tokens[i].type != TOK_PAR_CLOSE && i < cnt) i++;
i++;
}
- if (j == parameters_cnt)
+ if (j == parameters_cnt) {
+ if (NULL == first) {
+ first = parameters[0];
+ }
+ last = parameters[parameters_cnt - 1];
+
decode_de(parameters, &res->txtbuf);
+ }
}
- if (parameters[0] && parameters[parameters_cnt - 1]) {
- res->pos_begin = parameters[0] - tokens;
- res->pos_end = parameters[parameters_cnt - 1] - tokens + 1;
+ if (first && last) {
+ res->pos_begin = first - tokens;
+ res->pos_end = last - tokens + 1;
if (tokens[res->pos_end].type == TOK_BRACKET_OPEN &&
tokens[res->pos_end + 1].type == TOK_BRACKET_CLOSE &&
tokens[res->pos_end + 2].type == TOK_PAR_CLOSE)
@@ -800,6 +813,7 @@
for (i = 0; i < tokens->cnt; i++) {
const char *cstring = TOKEN_GET(&tokens->data[i], cstring);
struct decode_result res;
+ memset(&(res.txtbuf), 0, sizeof(res.txtbuf));
res.pos_begin = res.pos_end = 0;
res.append = 0;
if (tokens->data[i].type == TOK_FUNCTION && i + 13 < tokens->cnt) {
@@ -839,7 +853,7 @@
cli_js_process_buffer(state, res.txtbuf.data, res.txtbuf.pos);
--state->rec;
}
- free(res.txtbuf.data);
+ FREE(res.txtbuf.data);
/* state->tokens still refers to the embedded/nested context here
*/
if (!res.append) {
if (CL_EARG == replace_token_range(&parent_tokens,
res.pos_begin, res.pos_end, &state->tokens)) {
@@ -919,7 +933,7 @@
snprintf(filename, 1024, "%s" PATHSEP "javascript", tempdir);
buf.pos = 0;
- buf.outfd = open(filename, O_CREAT | O_WRONLY, 0600);
+ buf.outfd = open(filename, O_CREAT | O_WRONLY | O_BINARY, 0600);
if (buf.outfd < 0) {
cli_errmsg(MODULE "cannot open output file for writing: %s\n",
filename);
return;
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/libclamav/libmspack.c
clamav-0.103.6+dfsg/libclamav/libmspack.c
--- clamav-0.103.5+dfsg/libclamav/libmspack.c 2022-01-11 00:17:45.000000000
+0100
+++ clamav-0.103.6+dfsg/libclamav/libmspack.c 2022-05-02 06:46:41.000000000
+0200
@@ -147,23 +147,32 @@
}
if (mspack_handle->type == FILETYPE_FMAP) {
+ /* Use fmap */
offset = mspack_handle->offset + mspack_handle->org;
- ret = fmap_readn(mspack_handle->fmap, buffer, offset, bytes);
- if (ret != bytes) {
- cli_dbgmsg("%s() %d %d, %d\n", __func__, __LINE__, bytes, ret);
- return ret;
+ count = fmap_readn(mspack_handle->fmap, buffer, (size_t)offset,
(size_t)bytes);
+ if (count == (size_t)-1) {
+ cli_dbgmsg("%s() %d requested %d bytes, read failed (-1)\n",
__func__, __LINE__, bytes);
+ return -1;
+ } else if ((int)count < bytes) {
+ cli_dbgmsg("%s() %d requested %d bytes, read %zu bytes\n",
__func__, __LINE__, bytes, count);
}
- mspack_handle->offset += bytes;
- return bytes;
- }
- count = fread(buffer, bytes, 1, mspack_handle->f);
- if (count < 1) {
- cli_dbgmsg("%s() %d %d, %zu\n", __func__, __LINE__, bytes, count);
- return -1;
+ mspack_handle->offset += (off_t)count;
+
+ return (int)count;
+ } else {
+ /* Use file descriptor */
+ count = fread(buffer, bytes, 1, mspack_handle->f);
+ if (count < 1) {
+ cli_dbgmsg("%s() %d requested %d bytes, read failed (%zu)\n",
__func__, __LINE__, bytes, count);
+ return -1;
+ }
+
+ ret = (int)count;
+
+ return ret;
}
- return bytes;
}
static int mspack_fmap_write(struct mspack_file *file, void *buffer, int bytes)
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/libclamav/matcher-byte-comp.c
clamav-0.103.6+dfsg/libclamav/matcher-byte-comp.c
--- clamav-0.103.5+dfsg/libclamav/matcher-byte-comp.c 2022-01-11
00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/matcher-byte-comp.c 2022-05-02
06:46:41.000000000 +0200
@@ -457,19 +457,20 @@
* @param ctx the clamav context struct
*
*/
-cl_error_t cli_bcomp_scanbuf(const unsigned char *buffer, size_t
buffer_length, const char **virname, struct cli_ac_result **res, const struct
cli_matcher *root, struct cli_ac_data *mdata, cli_ctx *ctx)
+cl_error_t cli_bcomp_scanbuf(const unsigned char *buffer, size_t
buffer_length, struct cli_ac_result **res, const struct cli_matcher *root,
struct cli_ac_data *mdata, cli_ctx *ctx)
{
-
- int64_t i = 0, ret = CL_SUCCESS;
+ size_t i;
+ int val = 0;
+ cl_error_t ret = CL_SUCCESS;
+ cl_error_t bcomp_check = CL_SUCCESS;
uint32_t lsigid, ref_subsigid;
uint32_t offset = 0;
- uint8_t viruses_found = 0;
struct cli_bcomp_meta *bcomp = NULL;
struct cli_ac_result *newres = NULL;
uint32_t evalcnt = 0;
uint64_t evalids = 0;
- char *subsigid = NULL;
+ char subsigid[3];
if (!(root) || !(root->bcomp_metas) || !(root->bcomp_metatable) ||
!(mdata) || !(mdata->offmatrix) || !(ctx)) {
return CL_SUCCESS;
@@ -484,21 +485,15 @@
/* check to see if we are being run in sigtool or not */
if (bcomp->lsigid[0]) {
- subsigid = cli_calloc(3, sizeof(char));
snprintf(subsigid, 3, "%hu", bcomp->ref_subsigid);
/* verify the ref_subsigid */
- if (cli_ac_chklsig(subsigid, subsigid + strlen(subsigid),
- mdata->lsigcnt[bcomp->lsigid[1]], &evalcnt,
&evalids, 0) != 1) {
+ val = cli_ac_chklsig(subsigid, subsigid + strlen(subsigid),
mdata->lsigcnt[bcomp->lsigid[1]], &evalcnt, &evalids, 0);
+ if (val != 1) {
bcm_dbgmsg("cli_bcomp_scanbuf: could not verify a match for
lsig reference subsigid (%s)\n", subsigid);
continue;
}
- /* ensures the referenced subsig matches as expected, and also
ensures mdata has the needed offset */
- if ((ret = lsig_sub_matched(root, mdata, lsigid, ref_subsigid,
CLI_OFF_NONE, 0))) {
- break;
- }
-
/* grab the needed offset using from the last matched subsig
offset matrix, i.e. the match performed above */
if (mdata->lsigsuboff_last[lsigid]) {
offset = mdata->lsigsuboff_last[lsigid][ref_subsigid];
@@ -507,7 +502,7 @@
continue;
}
} else {
- /* can't run lsig_sub_matched in sigtool, and mdata isn't
populated so run the raw matcher stuffs */
+ /* mdata isn't populated in sigtool so run the raw matcher stuffs
*/
if (res) {
newres = (struct cli_ac_result *)cli_calloc(1, sizeof(struct
cli_ac_result));
if (!newres) {
@@ -528,32 +523,16 @@
}
/* now we have all the pieces of the puzzle, so lets do our byte
compare check */
- ret = cli_bcomp_compare_check(buffer, buffer_length, offset, bcomp);
+ bcomp_check = cli_bcomp_compare_check(buffer, buffer_length, offset,
bcomp);
- /* set and append our lsig's virus name if the comparison came back
positive */
- if (CL_VIRUS == ret) {
- viruses_found = 1;
-
- if (virname) {
- *virname = bcomp->virname;
- }
- /* if we aren't scanning all, let's just exit here */
- if (!SCAN_ALLMATCHES) {
- break;
- } else {
- ret = cli_append_virus(ctx, (const char *)bcomp->virname);
- }
+ /* Increase the lsig count for our subsig if the comparison came back
positive.
+ * Later, the lsig-eval will evaluate the logical condition, based on
these counts
+ * and will append the virus alert if the whole logical signature
matches. */
+ if (CL_VIRUS == bcomp_check) {
+ mdata->lsigcnt[bcomp->lsigid[1]][bcomp->lsigid[2]]++;
}
}
- if (subsigid) {
- free(subsigid);
- subsigid = NULL;
- }
-
- if (ret == CL_SUCCESS && viruses_found) {
- return CL_VIRUS;
- }
return ret;
}
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/libclamav/matcher-byte-comp.h
clamav-0.103.6+dfsg/libclamav/matcher-byte-comp.h
--- clamav-0.103.5+dfsg/libclamav/matcher-byte-comp.h 2022-01-11
00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/matcher-byte-comp.h 2022-05-02
06:46:41.000000000 +0200
@@ -62,7 +62,7 @@
};
cl_error_t cli_bcomp_addpatt(struct cli_matcher *root, const char *virname,
const char *hexsig, const uint32_t *lsigid, unsigned int options);
-cl_error_t cli_bcomp_scanbuf(const unsigned char *buffer, size_t
buffer_length, const char **virname, struct cli_ac_result **res, const struct
cli_matcher *root, struct cli_ac_data *mdata, cli_ctx *ctx);
+cl_error_t cli_bcomp_scanbuf(const unsigned char *buffer, size_t
buffer_length, struct cli_ac_result **res, const struct cli_matcher *root,
struct cli_ac_data *mdata, cli_ctx *ctx);
cl_error_t cli_bcomp_compare_check(const unsigned char *f_buffer, size_t
buffer_length, int offset, struct cli_bcomp_meta *bm);
void cli_bcomp_freemeta(struct cli_matcher *root, struct cli_bcomp_meta *bm);
uint16_t cli_bcomp_chk_hex(const unsigned char *buffer, uint16_t opt, uint32_t
len, uint32_t check_only);
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/libclamav/matcher.c
clamav-0.103.6+dfsg/libclamav/matcher.c
--- clamav-0.103.5+dfsg/libclamav/matcher.c 2022-01-11 00:17:45.000000000
+0100
+++ clamav-0.103.6+dfsg/libclamav/matcher.c 2022-05-02 06:46:41.000000000
+0200
@@ -182,17 +182,9 @@
}
if (root->bcomp_metas) {
- ret = cli_bcomp_scanbuf(orig_buffer, orig_length, virname, acres,
root, mdata, ctx);
+ ret = cli_bcomp_scanbuf(orig_buffer, orig_length, acres, root, mdata,
ctx);
if (ret != CL_CLEAN) {
- if (ret == CL_VIRUS) {
- if (SCAN_ALLMATCHES)
- viruses_found = 1;
- else {
- ret = cli_append_virus(ctx, *virname);
- if (ret != CL_CLEAN)
- return ret;
- }
- } else if (ret > CL_TYPENO && acmode & AC_SCAN_VIR)
+ if (ret > CL_TYPENO && acmode & AC_SCAN_VIR)
saved_ret = ret;
else
return ret;
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/libclamav/others.h
clamav-0.103.6+dfsg/libclamav/others.h
--- clamav-0.103.5+dfsg/libclamav/others.h 2022-01-11 00:17:45.000000000
+0100
+++ clamav-0.103.6+dfsg/libclamav/others.h 2022-05-02 06:46:41.000000000
+0200
@@ -73,7 +73,7 @@
* in re-enabling affected modules.
*/
-#define CL_FLEVEL 126
+#define CL_FLEVEL 127
#define CL_FLEVEL_DCONF CL_FLEVEL
#define CL_FLEVEL_SIGTOOL CL_FLEVEL
@@ -130,6 +130,22 @@
(size_t)(sb) + (size_t)(sb_size) >= (size_t)(bb) && \
(size_t)(sb) <= (size_t)(bb) + (size_t)(bb_size))
+/*
+ * CLI_ISCONTAINED_2(bb, bb_size, sb, sb_size) checks if sb (small buffer) is
+ * within bb (big buffer).
+ *
+ * CLI_ISCONTAINED_2 is the same as CLI_ISCONTAINED except that it allows for
+ * small-buffers with sb_size == 0.
+ *
+ * CLI_ISCONTAINED_2_0_TO is the same as CLI_ISCONTAINED_2 except that `bb` is
gone
+ * and assumed ot be zero.
+ */
+#define CLI_ISCONTAINED_2_0_TO(bb_size, sb, sb_size) \
+ ((size_t)(bb_size) > 0 && \
+ (size_t)(sb_size) <= (size_t)(bb_size) && \
+ (size_t)(sb) + (size_t)(sb_size) <= (size_t)(bb_size) && \
+ (size_t)(sb) <= (size_t)(bb_size))
+
#define CLI_MAX_ALLOCATION (182 * 1024 * 1024)
#ifdef HAVE_SYS_PARAM_H
@@ -1103,4 +1119,12 @@
*/
cl_error_t cli_realpath(const char *file_name, char **real_filename);
+#ifndef FREE
+#define FREE(VAR) \
+ if (NULL != VAR) { \
+ free(VAR); \
+ VAR = NULL; \
+ }
+#endif /* FREE */
+
#endif
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/libclamav/pe.c
clamav-0.103.6+dfsg/libclamav/pe.c
--- clamav-0.103.5+dfsg/libclamav/pe.c 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/pe.c 2022-05-02 06:46:41.000000000 +0200
@@ -107,9 +107,6 @@
#define PE_MAXNAMESIZE 256
#define PE_MAXIMPORTS 1024
-// TODO On Vista and above, up to 65535 sections are allowed. Make sure
-// that using this lower limit from XP is acceptable in all cases
-#define PE_MAXSECTIONS 96
#define EC64(x) ((uint64_t)cli_readint64(&(x))) /* Convert little endian to
host */
#define EC32(x) ((uint32_t)cli_readint32(&(x)))
@@ -2744,7 +2741,7 @@
{
uint8_t polipos = 0;
char epbuff[4096], *tempfile;
- uint32_t epsize;
+ size_t epsize;
size_t bytes;
unsigned int i, j, found, upx_success = 0, err;
unsigned int ssize = 0, dsize = 0, corrupted_cur;
@@ -2868,6 +2865,11 @@
}
epsize = fmap_readn(map, epbuff, peinfo->ep, 4096);
+ if ((size_t)-1 == epsize) {
+ /* Do not continue, all future logic requires at least a partial read
into epbuff */
+ cli_exe_info_destroy(peinfo);
+ return CL_CLEAN;
+ }
/* Disasm scan disabled since it's now handled by the bytecode */
@@ -3035,6 +3037,7 @@
cli_dbgmsg("cli_scanpe: kriz: using #%d as
size counter\n", kzdsize);
}
opsz = 4;
+ /* fall-through */
case 0x48:
case 0x49:
case 0x4a:
@@ -3048,6 +3051,7 @@
kzlen -= opsz;
break;
}
+ /* fall-through */
default:
kzcode--;
kzlen++;
@@ -3077,8 +3081,10 @@
break;
case KZSXORPRFX:
kzstate++;
- if (op == 0x3e)
+ if (op == 0x3e) {
break;
+ }
+ /* fall-through */
case KZSXOR:
if (op == 0x80 && *kzcode == kzdptr + 0xb0) {
kzxorlen = kzlen;
@@ -4530,7 +4536,7 @@
struct pe_image_optional_hdr32 *opt32;
struct pe_image_optional_hdr64 *opt64;
struct pe_image_section_hdr *section_hdrs = NULL;
- unsigned int i, j, section_pe_idx;
+ size_t i, j, section_pe_idx;
unsigned int err;
uint32_t salign, falign;
size_t fsize;
@@ -4754,7 +4760,7 @@
}
peinfo->nsections = EC16(file_hdr->NumberOfSections);
- if (peinfo->nsections == 0 || peinfo->nsections > PE_MAXSECTIONS) {
+ if (peinfo->nsections == 0) {
#if HAVE_JSON
if (opts & CLI_PEHEADER_OPT_COLLECT_JSON) {
@@ -4767,8 +4773,6 @@
!ctx->corrupted_input) {
if (peinfo->nsections == 0) {
cli_dbgmsg("cli_peheader: Invalid NumberOfSections (0)\n");
- } else {
- cli_dbgmsg("cli_peheader: Invalid NumberOfSections (>%d)\n",
PE_MAXSECTIONS);
}
}
ret = CLI_PEHEADER_RET_BROKEN_PE;
@@ -5118,7 +5122,7 @@
// that PointerToRawData is expected to be a multiple of the file
// alignment. Should we report this is as a PE with an error?
- for (i = 0; falign != 0x200 && i < peinfo->nsections; i++) {
+ for (i = 0; falign != 0x200 && i < (size_t)peinfo->nsections; i++) {
/* file alignment fallback mode - blah */
if (falign && section_hdrs[i].SizeOfRawData &&
EC32(section_hdrs[i].PointerToRawData) % falign &&
!(EC32(section_hdrs[i].PointerToRawData) % 0x200)) {
cli_dbgmsg("cli_peheader: Encountered section with unexpected
alignment - triggering fallback mode\n");
@@ -5150,7 +5154,7 @@
* section from the list or zero out it's size. */
if (section->rsz) { /* Don't bother with virtual only sections */
if (section->raw >= fsize || section->uraw >= fsize) {
- cli_dbgmsg("cli_peheader: Broken PE file - Section %d starts
or exists beyond the end of file (Offset@ %lu, Total filesize %lu)\n",
section_pe_idx, (unsigned long)section->raw, (unsigned long)fsize);
+ cli_dbgmsg("cli_peheader: Broken PE file - Section %zu starts
or exists beyond the end of file (Offset@ %lu, Total filesize %lu)\n",
section_pe_idx, (unsigned long)section->raw, (unsigned long)fsize);
if (opts & CLI_PEHEADER_OPT_REMOVE_MISSING_SECTIONS) {
if (peinfo->nsections == 1) {
@@ -5158,10 +5162,10 @@
goto done;
}
- for (j = i; j < peinfo->nsections - 1; j++)
+ for (j = i; j < (size_t)(peinfo->nsections - 1); j++)
memcpy(&(peinfo->sections[j]), &(peinfo->sections[j +
1]), sizeof(struct cli_exe_section));
- for (j = i; j < peinfo->nsections - 1; j++)
+ for (j = i; j < (size_t)(peinfo->nsections - 1); j++)
memcpy(§ion_hdrs[j], §ion_hdrs[j + 1],
sizeof(struct pe_image_section_hdr));
peinfo->nsections--;
@@ -5178,12 +5182,12 @@
/* If a section is truncated, adjust it's size value */
if (!CLI_ISCONTAINED_0_TO(fsize, section->raw, section->rsz)) {
- cli_dbgmsg("cli_peheader: PE Section %d raw+rsz extends
past the end of the file by %lu bytes\n", section_pe_idx, (section->raw +
section->rsz) - fsize);
+ cli_dbgmsg("cli_peheader: PE Section %zu raw+rsz extends
past the end of the file by %lu bytes\n", section_pe_idx, (section->raw +
section->rsz) - fsize);
section->rsz = fsize - section->raw;
}
if (!CLI_ISCONTAINED_0_TO(fsize, section->uraw,
section->ursz)) {
- cli_dbgmsg("cli_peheader: PE Section %d uraw+ursz extends
past the end of the file by %lu bytes\n", section_pe_idx, (section->uraw +
section->ursz) - fsize);
+ cli_dbgmsg("cli_peheader: PE Section %zu uraw+ursz extends
past the end of the file by %lu bytes\n", section_pe_idx, (section->uraw +
section->ursz) - fsize);
section->ursz = fsize - section->uraw;
}
}
@@ -5209,7 +5213,7 @@
section->vsz = PESALIGN(section->ursz, salign);
if (opts & CLI_PEHEADER_OPT_DBG_PRINT_INFO) {
- cli_dbgmsg("Section %d\n", section_pe_idx);
+ cli_dbgmsg("Section %zu\n", section_pe_idx);
cli_dbgmsg("Section name: %s\n", sname);
cli_dbgmsg("Section data (from headers - in memory)\n");
cli_dbgmsg("VirtualSize: 0x%x 0x%x\n", section->uvsz,
section->vsz);
@@ -5344,7 +5348,7 @@
err = 0;
for (i = 0; i < vlist.count; i++) { /* enum all version_information
res - RESUMABLE */
- cli_dbgmsg("cli_peheader: parsing version info @ rva %x
(%u/%u)\n", vlist.rvas[i], i + 1, vlist.count);
+ cli_dbgmsg("cli_peheader: parsing version info @ rva %x
(%zu/%u)\n", vlist.rvas[i], i + 1, vlist.count);
rva = cli_rawaddr(vlist.rvas[i], peinfo->sections,
peinfo->nsections, &err, fsize, peinfo->hdr_size);
if (err)
continue;
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/libclamav/regex/cclass.h
clamav-0.103.6+dfsg/libclamav/regex/cclass.h
--- clamav-0.103.5+dfsg/libclamav/regex/cclass.h 2022-01-11
00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/regex/cclass.h 2022-05-02
06:46:41.000000000 +0200
@@ -1,6 +1,6 @@
+/* $OpenBSD: cclass.h,v 1.7 2020/12/30 08:54:42 tb Exp $ */
+
/*-
- * This code is derived from OpenBSD's libc/regex, original license follows:
- *
* Copyright (c) 1992, 1993, 1994 Henry Spencer.
* Copyright (c) 1992, 1993, 1994
* The Regents of the University of California. All rights reserved.
@@ -36,33 +36,25 @@
*/
/* character-class table */
-static struct cclass {
+static const struct cclass {
const char *name;
const char *chars;
- const char *multis;
} cclasses[] = {
{ "alnum", "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz\
-0123456789", ""} ,
- { "alpha", "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz",
- ""} ,
- { "blank", " \t", ""} ,
+0123456789" },
+ { "alpha", "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
},
+ { "blank", " \t" },
{ "cntrl", "\007\b\t\n\v\f\r\1\2\3\4\5\6\16\17\20\21\22\23\24\
-\25\26\27\30\31\32\33\34\35\36\37\177", ""} ,
- { "digit", "0123456789", ""} ,
+\25\26\27\30\31\32\33\34\35\36\37\177" },
+ { "digit", "0123456789" },
{ "graph", "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz\
-0123456789!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~",
- ""} ,
- { "lower", "abcdefghijklmnopqrstuvwxyz",
- ""} ,
+0123456789!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~" },
+ { "lower", "abcdefghijklmnopqrstuvwxyz" },
{ "print", "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz\
-0123456789!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~ ",
- ""} ,
- { "punct", "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~",
- ""} ,
- { "space", "\t\n\v\f\r ", ""} ,
- { "upper", "ABCDEFGHIJKLMNOPQRSTUVWXYZ",
- ""} ,
- { "xdigit", "0123456789ABCDEFabcdef",
- ""} ,
- { NULL, 0, "" }
+0123456789!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~ " },
+ { "punct", "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~" },
+ { "space", "\t\n\v\f\r " },
+ { "upper", "ABCDEFGHIJKLMNOPQRSTUVWXYZ" },
+ { "xdigit", "0123456789ABCDEFabcdef" },
+ { NULL, 0 }
};
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/libclamav/regex/cname.h
clamav-0.103.6+dfsg/libclamav/regex/cname.h
--- clamav-0.103.5+dfsg/libclamav/regex/cname.h 2022-01-11 00:17:45.000000000
+0100
+++ clamav-0.103.6+dfsg/libclamav/regex/cname.h 2022-05-02 06:46:41.000000000
+0200
@@ -1,6 +1,6 @@
+/* $OpenBSD: cname.h,v 1.6 2020/12/30 08:53:30 tb Exp $ */
+
/*-
- * This code is derived from OpenBSD's libc/regex, original license follows:
- *
* Copyright (c) 1992, 1993, 1994 Henry Spencer.
* Copyright (c) 1992, 1993, 1994
* The Regents of the University of California. All rights reserved.
@@ -36,7 +36,7 @@
*/
/* character-name table */
-static struct cname {
+static const struct cname {
const char *name;
char code;
} cnames[] = {
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/libclamav/regex/engine.c
clamav-0.103.6+dfsg/libclamav/regex/engine.c
--- clamav-0.103.5+dfsg/libclamav/regex/engine.c 2022-01-11
00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/regex/engine.c 2022-05-02
06:46:41.000000000 +0200
@@ -1,6 +1,6 @@
+/* $OpenBSD: engine.c,v 1.26 2020/12/28 21:41:55 millert Exp $ */
+
/*-
- * This code is derived from OpenBSD's libc/regex, original license follows:
- *
* Copyright (c) 1992, 1993, 1994 Henry Spencer.
* Copyright (c) 1992, 1993, 1994
* The Regents of the University of California. All rights reserved.
@@ -72,11 +72,11 @@
struct re_guts *g;
int eflags;
regmatch_t *pmatch; /* [nsub+1] (0 element unused) */
- char *offp; /* offsets work from here */
- char *beginp; /* start of string -- virtual NUL precedes */
- char *endp; /* end of string -- virtual NUL here */
- char *coldp; /* can be no match starting before here */
- char **lastpos; /* [nplus+1] */
+ const char *offp; /* offsets work from here */
+ const char *beginp; /* start of string -- virtual NUL precedes */
+ const char *endp; /* end of string -- virtual NUL here */
+ const char *coldp; /* can be no match starting before here */
+ const char **lastpos; /* [nplus+1] */
STATEVARS;
states st; /* current states */
states fresh; /* states for a fresh start */
@@ -84,11 +84,15 @@
states empty; /* empty set of states */
};
-static int matcher(struct re_guts *, char *, size_t, regmatch_t[], int);
-static char *dissect(struct match *, char *, char *, sopno, sopno);
-static char *backref(struct match *, char *, char *, sopno, sopno, sopno, int);
-static char *fast(struct match *, char *, char *, sopno, sopno);
-static char *slow(struct match *, char *, char *, sopno, sopno);
+static int matcher(struct re_guts *, const char *, size_t, regmatch_t[], int);
+static const char *dissect(struct match *, const char *, const char *, sopno,
+ sopno);
+static const char *backref(struct match *, const char *, const char *, sopno,
+ sopno, sopno, int);
+static const char *fast(struct match *, const char *, const char *, sopno,
+ sopno);
+static const char *slow(struct match *, const char *, const char *, sopno,
+ sopno);
static states step(struct re_guts *, sopno, sopno, states, int, states);
#define MAX_RECURSION 100
#define BOL (OUT+1)
@@ -97,17 +101,19 @@
#define NOTHING (BOL+3)
#define BOW (BOL+4)
#define EOW (BOL+5)
+/* update nonchars[] array below when adding fake chars here */
#define CODEMAX (BOL+5) /* highest code used */
#define NONCHAR(c) ((c) > CHAR_MAX)
#define NNONCHAR (CODEMAX-CHAR_MAX)
#ifdef REDEBUG
-static void print(struct match *, char *, states, int, FILE *);
+static void print(struct match *, const char *, states, int, FILE *);
#endif
#ifdef REDEBUG
-static void at(struct match *, char *, char *, char *, sopno, sopno);
+static void at(struct match *, const char *, const char *, const char *,
+ sopno, sopno);
#endif
#ifdef REDEBUG
-static char *pchar(int);
+static const char *pchar(int);
#endif
#ifdef REDEBUG
@@ -125,18 +131,18 @@
- matcher - the actual matching engine
*/
static int /* 0 success, REG_NOMATCH failure */
-matcher(struct re_guts *g, char *string, size_t nmatch, regmatch_t pmatch[],
- int eflags)
+matcher(struct re_guts *g, const char *string, size_t nmatch,
+ regmatch_t pmatch[], int eflags)
{
- char *endp;
- size_t i;
+ const char *endp;
+ int i;
struct match mv;
struct match *m = &mv;
- char *dp;
+ const char *dp;
const sopno gf = g->firststate+1; /* +1 for OEND */
const sopno gl = g->laststate;
- char *start;
- char *stop;
+ const char *start;
+ const char *stop;
/* simplify the situation where possible */
if (g->cflags®_NOSUB)
@@ -155,7 +161,7 @@
if (g->must != NULL) {
for (dp = start; dp < stop; dp++)
if (*dp == g->must[0] && stop - dp >= g->mlen &&
- memcmp(dp, g->must, (size_t)g->mlen) == 0)
+ memcmp(dp, g->must, g->mlen) == 0)
break;
if (dp == stop) /* we didn't find g->must */
return(REG_NOMATCH);
@@ -277,10 +283,8 @@
}
}
- if (m->pmatch != NULL)
- free((char *)m->pmatch);
- if (m->lastpos != NULL)
- free((char *)m->lastpos);
+ free(m->pmatch);
+ free(m->lastpos);
STATETEARDOWN(m);
return(0);
}
@@ -288,22 +292,23 @@
/*
- dissect - figure out what matched what, no back references
*/
-static char * /* == stop (success) always */
-dissect(struct match *m, char *start, char *stop, sopno startst, sopno stopst)
+static const char * /* == stop (success) always */
+dissect(struct match *m, const char *start, const char *stop, sopno startst,
+ sopno stopst)
{
int i;
- sopno ss; /* start sop of current subRE */
- sopno es; /* end sop of current subRE */
- char *sp; /* start of string matched by it */
- char *stp; /* string matched by it cannot pass here */
- char *rest; /* start of rest of string */
- char *tail; /* string unmatched by rest of RE */
- sopno ssub; /* start sop of subsubRE */
- sopno esub; /* end sop of subsubRE */
- char *ssp; /* start of string matched by subsubRE */
- char *sep; /* end of string matched by subsubRE */
- char *oldssp; /* previous ssp */
- char *dp;
+ sopno ss; /* start sop of current subRE */
+ sopno es; /* end sop of current subRE */
+ const char *sp; /* start of string matched by it */
+ const char *stp; /* string matched by it cannot pass here */
+ const char *rest; /* start of rest of string */
+ const char *tail; /* string unmatched by rest of RE */
+ sopno ssub; /* start sop of subsubRE */
+ sopno esub; /* end sop of subsubRE */
+ const char *ssp; /* start of string matched by subsubRE */
+ const char *sep; /* end of string matched by subsubRE */
+ const char *oldssp; /* previous ssp */
+ const char *dp;
AT("diss", start, stop, startst, stopst);
sp = start;
@@ -448,12 +453,12 @@
break;
case OLPAREN:
i = OPND(m->g->strip[ss]);
- assert(0 < i && (size_t)i <= m->g->nsub);
+ assert(0 < i && i <= m->g->nsub);
m->pmatch[i].rm_so = sp - m->offp;
break;
case ORPAREN:
i = OPND(m->g->strip[ss]);
- assert(0 < i && (size_t)i <= m->g->nsub);
+ assert(0 < i && i <= m->g->nsub);
m->pmatch[i].rm_eo = sp - m->offp;
break;
default: /* uh oh */
@@ -469,17 +474,17 @@
/*
- backref - figure out what matched what, figuring in back references
*/
-static char * /* == stop (success) or NULL (failure) */
-backref(struct match *m, char *start, char *stop, sopno startst, sopno stopst,
- sopno lev, int rec) /* PLUS nesting level */
+static const char * /* == stop (success) or NULL (failure) */
+backref(struct match *m, const char *start, const char *stop, sopno startst,
+ sopno stopst, sopno lev, int rec) /* PLUS nesting level */
{
int i;
sopno ss; /* start sop of current subRE */
- char *sp; /* start of string matched by it */
+ const char *sp; /* start of string matched by it */
sopno ssub; /* start sop of subsubRE */
sopno esub; /* end sop of subsubRE */
- char *ssp; /* start of string matched by subsubRE */
- char *dp;
+ const char *ssp;/* start of string matched by subsubRE */
+ const char *dp;
size_t len;
int hard;
sop s;
@@ -508,9 +513,9 @@
return(NULL);
break;
case OBOL:
- if ( (sp == m->beginp && !(m->eflags®_NOTBOL)) ||
- (sp < m->endp && *(sp-1) == '\n' &&
- (m->g->cflags®_NEWLINE)) )
+ if ((sp == m->beginp && !(m->eflags®_NOTBOL)) ||
+ (sp > m->offp && sp < m->endp &&
+ *(sp-1) == '\n' && (m->g->cflags®_NEWLINE)))
{ /* yes */ }
else
return(NULL);
@@ -524,12 +529,9 @@
return(NULL);
break;
case OBOW:
- if (( (sp == m->beginp && !(m->eflags®_NOTBOL)) ||
- (sp < m->endp && *(sp-1) == '\n' &&
- (m->g->cflags®_NEWLINE)) ||
- (sp > m->beginp &&
- !ISWORD(*(sp-1))) ) &&
- (sp < m->endp && ISWORD(*sp)) )
+ if (sp < m->endp && ISWORD(*sp) &&
+ ((sp == m->beginp && !(m->eflags®_NOTBOL)) ||
+ (sp > m->offp && !ISWORD(*(sp-1)))))
{ /* yes */ }
else
return(NULL);
@@ -572,14 +574,14 @@
switch (OP(s)) {
case OBACK_: /* the vilest depths */
i = OPND(s);
- assert(0 < i && (size_t)i <= m->g->nsub);
+ assert(0 < i && i <= m->g->nsub);
if (m->pmatch[i].rm_eo == -1)
return(NULL);
assert(m->pmatch[i].rm_so != -1);
len = m->pmatch[i].rm_eo - m->pmatch[i].rm_so;
if (len == 0 && rec++ > MAX_RECURSION)
return(NULL);
- assert((size_t)(stop - m->beginp) >= len);
+ assert(stop - m->beginp >= len);
if (sp > stop - len)
return(NULL); /* not enough left to match */
ssp = m->offp + m->pmatch[i].rm_so;
@@ -635,7 +637,7 @@
break;
case OLPAREN: /* must undo assignment if rest fails */
i = OPND(s);
- assert(0 < i && (size_t)i <= m->g->nsub);
+ assert(0 < i && i <= m->g->nsub);
offsave = m->pmatch[i].rm_so;
m->pmatch[i].rm_so = sp - m->offp;
dp = backref(m, sp, stop, ss+1, stopst, lev, rec);
@@ -646,7 +648,7 @@
break;
case ORPAREN: /* must undo assignment if rest fails */
i = OPND(s);
- assert(0 < i && (size_t)i <= m->g->nsub);
+ assert(0 < i && i <= m->g->nsub);
offsave = m->pmatch[i].rm_eo;
m->pmatch[i].rm_eo = sp - m->offp;
dp = backref(m, sp, stop, ss+1, stopst, lev, rec);
@@ -663,24 +665,30 @@
/* "can't happen" */
assert(nope);
/* NOTREACHED */
- return(NULL);
+ return NULL;
}
/*
- fast - step through the string at top speed
*/
-static char * /* where tentative match ended, or NULL */
-fast(struct match *m, char *start, char *stop, sopno startst, sopno stopst)
+static const char * /* where tentative match ended, or NULL
*/
+fast(struct match *m, const char *start, const char *stop, sopno startst,
+ sopno stopst)
{
states st = m->st;
states fresh = m->fresh;
states tmp = m->tmp;
- char *p = start;
- int c = (start == m->beginp) ? OUT : *(start-1);
- int lastc; /* previous c */
+ const char *p = start;
+ int c;
+ int lastc; /* previous c */
int flagch;
int i;
- char *coldp; /* last p after which no match was underway */
+ const char *coldp; /* last p after which no match was underway */
+
+ if (start == m->offp || (start == m->beginp && !(m->eflags®_NOTBOL)))
+ c = OUT;
+ else
+ c = *(start-1);
CLEAR(st);
SET1(st, startst);
@@ -698,31 +706,30 @@
/* is there an EOL and/or BOL between lastc and c? */
flagch = '\0';
i = 0;
- if ( (lastc == '\n' && m->g->cflags®_NEWLINE) ||
- (lastc == OUT && !(m->eflags®_NOTBOL)) ) {
+ if ((lastc == '\n' && m->g->cflags®_NEWLINE) ||
+ (lastc == OUT && !(m->eflags®_NOTBOL))) {
flagch = BOL;
i = m->g->nbol;
}
- if ( (c == '\n' && m->g->cflags®_NEWLINE) ||
- (c == OUT && !(m->eflags®_NOTEOL)) ) {
+ if ((c == '\n' && m->g->cflags®_NEWLINE) ||
+ (c == OUT && !(m->eflags®_NOTEOL)) ) {
flagch = (flagch == BOL) ? BOLEOL : EOL;
i += m->g->neol;
}
if (i != 0) {
for (; i > 0; i--)
- st = step(m->g, startst, stopst, st, flagch,
st);
+ st = step(m->g, startst, stopst,
+ st, flagch, st);
SP("boleol", st, c);
}
/* how about a word boundary? */
- if ( (flagch == BOL || (lastc != OUT && !ISWORD(lastc))) &&
- (c != OUT && ISWORD(c)) ) {
+ if ((flagch == BOL || (lastc != OUT && !ISWORD(lastc))) &&
+ (c != OUT && ISWORD(c)))
flagch = BOW;
- }
- if ( (lastc != OUT && ISWORD(lastc)) &&
- (flagch == EOL || (c != OUT && !ISWORD(c))) ) {
+ if ((lastc != OUT && ISWORD(lastc)) &&
+ (flagch == EOL || (c != OUT && !ISWORD(c))))
flagch = EOW;
- }
if (flagch == BOW || flagch == EOW) {
st = step(m->g, startst, stopst, st, flagch, st);
SP("boweow", st, c);
@@ -753,18 +760,24 @@
/*
- slow - step through the string more deliberately
*/
-static char * /* where it ended */
-slow(struct match *m, char *start, char *stop, sopno startst, sopno stopst)
+static const char * /* where it ended */
+slow(struct match *m, const char *start, const char *stop, sopno startst,
+ sopno stopst)
{
states st = m->st;
states empty = m->empty;
states tmp = m->tmp;
- char *p = start;
- int c = (start == m->beginp) ? OUT : *(start-1);
- int lastc; /* previous c */
+ const char *p = start;
+ int c;
+ int lastc; /* previous c */
int flagch;
int i;
- char *matchp; /* last p at which a match ended */
+ const char *matchp; /* last p at which a match ended */
+
+ if (start == m->offp || (start == m->beginp && !(m->eflags®_NOTBOL)))
+ c = OUT;
+ else
+ c = *(start-1);
AT("slow", start, stop, startst, stopst);
CLEAR(st);
@@ -780,31 +793,30 @@
/* is there an EOL and/or BOL between lastc and c? */
flagch = '\0';
i = 0;
- if ( (lastc == '\n' && m->g->cflags®_NEWLINE) ||
- (lastc == OUT && !(m->eflags®_NOTBOL)) ) {
+ if ((lastc == '\n' && m->g->cflags®_NEWLINE) ||
+ (lastc == OUT && !(m->eflags®_NOTBOL))) {
flagch = BOL;
i = m->g->nbol;
}
- if ( (c == '\n' && m->g->cflags®_NEWLINE) ||
- (c == OUT && !(m->eflags®_NOTEOL)) ) {
+ if ((c == '\n' && m->g->cflags®_NEWLINE) ||
+ (c == OUT && !(m->eflags®_NOTEOL))) {
flagch = (flagch == BOL) ? BOLEOL : EOL;
i += m->g->neol;
}
if (i != 0) {
for (; i > 0; i--)
- st = step(m->g, startst, stopst, st, flagch,
st);
+ st = step(m->g, startst, stopst,
+ st, flagch, st);
SP("sboleol", st, c);
}
/* how about a word boundary? */
- if ( (flagch == BOL || (lastc != OUT && !ISWORD(lastc))) &&
- (c != OUT && ISWORD(c)) ) {
+ if ((flagch == BOL || (lastc != OUT && !ISWORD(lastc))) &&
+ (c != OUT && ISWORD(c)))
flagch = BOW;
- }
- if ( (lastc != OUT && ISWORD(lastc)) &&
- (flagch == EOL || (c != OUT && !ISWORD(c))) ) {
+ if ((lastc != OUT && ISWORD(lastc)) &&
+ (flagch == EOL || (c != OUT && !ISWORD(c))))
flagch = EOW;
- }
if (flagch == BOW || flagch == EOW) {
st = step(m->g, startst, stopst, st, flagch, st);
SP("sboweow", st, c);
@@ -921,10 +933,10 @@
case OOR1: /* done a branch, find the O_CH */
if (ISSTATEIN(aft, here)) {
for (look = 1;
- OP(s = g->strip[pc+look]) !=
O_CH;
- look += OPND(s))
+ OP(s = g->strip[pc+look]) != O_CH;
+ look += OPND(s))
assert(OP(s) == OOR2);
- FWD(aft, aft, look);
+ FWD(aft, aft, look + 1);
}
break;
case OOR2: /* propagate OCH_'s marking */
@@ -951,7 +963,7 @@
- print - print a set of states
*/
static void
-print(struct match *m, char *caption, states st, int ch, FILE *d)
+print(struct match *m, const char *caption, states st, int ch, FILE *d)
{
struct re_guts *g = m->g;
int i;
@@ -961,13 +973,13 @@
return;
(void)fprintf(d, "%s", caption);
- if (ch != '\0')
- (void)fprintf(d, " %s", pchar(ch));
- for (i = 0; i < g->nstates; i++)
+ (void)fprintf(d, " %s", pchar(ch));
+ for (i = 0; i < g->nstates; i++) {
if (ISSET(st, i)) {
(void)fprintf(d, "%s%d", (first) ? "\t" : ", ", i);
first = 0;
}
+ }
(void)fprintf(d, "\n");
}
@@ -975,8 +987,8 @@
- at - print current situation
*/
static void
-at(struct match *m, char *title, char *start, char *stop, sopno startst,
- sopno stopst)
+at(struct match *m, const char *title, const char *start, const char *stop,
+ sopno startst, sopno stopst)
{
if (!(m->eflags®_TRACE))
return;
@@ -988,6 +1000,12 @@
#ifndef PCHARDONE
#define PCHARDONE /* never again */
+static const char *nonchars[] =
+ { "OUT", "BOL", "EOL", "BOLEOL", "NOTHING", "BOW", "EOW" };
+#define PNONCHAR(c) \
+ ((c) - OUT < (sizeof(nonchars)/sizeof(nonchars[0])) \
+ ? nonchars[(c) - OUT] : "invalid")
+
/*
- pchar - make a character printable
*
@@ -996,12 +1014,17 @@
* a matching debug.o, and this is convenient. It all disappears in
* the non-debug compilation anyway, so it doesn't matter much.
*/
-static char * /* -> representation */
+static const char * /* -> representation */
pchar(int ch)
{
static char pbuf[10];
- if (isprint(ch) || ch == ' ')
+ if (NONCHAR(ch)) {
+ if (ch - OUT < (sizeof(nonchars)/sizeof(nonchars[0])))
+ return nonchars[ch - OUT];
+ return "invalid";
+ }
+ if (isprint((unsigned char)ch) || ch == ' ')
(void)snprintf(pbuf, sizeof pbuf, "%c", ch);
else
(void)snprintf(pbuf, sizeof pbuf, "\\%o", ch);
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/libclamav/regex/regcomp.c
clamav-0.103.6+dfsg/libclamav/regex/regcomp.c
--- clamav-0.103.5+dfsg/libclamav/regex/regcomp.c 2022-01-11
00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/regex/regcomp.c 2022-05-02
06:46:41.000000000 +0200
@@ -1,6 +1,5 @@
+/* $OpenBSD: regcomp.c,v 1.43 2021/01/03 17:07:57 tb Exp $ */
/*-
- * This code is derived from OpenBSD's libc/regex, original license follows:
- *
* Copyright (c) 1992, 1993, 1994 Henry Spencer.
* Copyright (c) 1992, 1993, 1994
* The Regents of the University of California. All rights reserved.
@@ -41,8 +40,6 @@
#include <ctype.h>
#include <limits.h>
#include <stdlib.h>
-
-#include "clamav.h"
#include "others.h"
#include "regex.h"
@@ -57,8 +54,8 @@
* other clumsinesses
*/
struct parse {
- char *next; /* next character in RE */
- char *end; /* end of string (-> NUL normally) */
+ const char *next; /* next character in RE */
+ const char *end; /* end of string (-> NUL normally) */
int error; /* has an error been seen? */
sop *strip; /* malloced strip */
sopno ssize; /* malloced strip size (allocated) */
@@ -85,25 +82,20 @@
static char othercase(int);
static void bothcases(struct parse *, int);
static void ordinary(struct parse *, int);
+static void backslash(struct parse *, int);
static void nonnewline(struct parse *);
static void repeat(struct parse *, sopno, int, int);
-static int seterr(struct parse *, int);
+static void seterr(struct parse *, int);
static cset *allocset(struct parse *);
static void freeset(struct parse *, cset *);
static int freezeset(struct parse *, cset *);
static int firstch(struct parse *, cset *);
static int nch(struct parse *, cset *);
-static void mcadd(struct parse *, cset *, const char *);
-static void mcinvert(struct parse *, cset *);
-static void mccase(struct parse *, cset *);
-static int isinsets(struct re_guts *, int);
-static int samesets(struct re_guts *, int, int);
-static void categorize(struct parse *, struct re_guts *);
static sopno dupl(struct parse *, sopno, sopno);
static void doemit(struct parse *, sop, size_t);
static void doinsert(struct parse *, sop, size_t, sopno);
static void dofwd(struct parse *, sopno, sop);
-static void enlarge(struct parse *, sopno);
+static int enlarge(struct parse *, sopno);
static void stripsnug(struct parse *, struct re_guts *);
static void findmust(struct parse *, struct re_guts *);
static sopno pluscount(struct parse *, struct re_guts *);
@@ -116,10 +108,10 @@
*/
#define PEEK() (*p->next)
#define PEEK2() (*(p->next+1))
-#define MORE() (p->next < p->end)
-#define MORE2() (p->next+1 < p->end)
+#define MORE() (p->end - p->next > 0)
+#define MORE2() (p->end - p->next > 1)
#define SEE(c) (MORE() && PEEK() == (c))
-#define SEETWO(a, b) (MORE() && MORE2() && PEEK() == (a) && PEEK2()
== (b))
+#define SEETWO(a, b) (MORE2() && PEEK() == (a) && PEEK2() == (b))
#define EAT(c) ((SEE(c)) ? (NEXT(), 1) : 0)
#define EATTWO(a, b) ((SEETWO(a, b)) ? (NEXT2(), 1) : 0)
#define NEXT() (p->next++)
@@ -127,10 +119,7 @@
#define NEXTn(n) (p->next += (n))
#define GETNEXT() (*p->next++)
#define SETERROR(e) seterr(p, (e))
-#define REQUIRE(co, e) (void)((co) || SETERROR(e))
-#define MUSTSEE(c, e) (REQUIRE(MORE() && PEEK() == (c), e))
-#define MUSTEAT(c, e) (REQUIRE(MORE() && GETNEXT() == (c), e))
-#define MUSTNOTSEE(c, e) (REQUIRE(!MORE() || PEEK() != (c), e))
+#define REQUIRE(co, e) do { if (!(co)) SETERROR(e); } while (0)
#define EMIT(op, sopnd) doemit(p, (sop)(op), (size_t)(sopnd))
#define INSERT(op, pos) doinsert(p, (sop)(op), HERE()-(pos)+1, pos)
#define AHEAD(pos) dofwd(p, pos, HERE()-(pos))
@@ -147,7 +136,7 @@
#endif
/*
- - cli_regcomp_real - interface for parser and compilation
+ - regcomp - interface for parser and compilation
*/
int /* 0 success, otherwise REG_something */
cli_regcomp_real(regex_t *preg, const char *pattern, int cflags)
@@ -173,11 +162,11 @@
return(REG_INVARG);
len = preg->re_endp - pattern;
} else
- len = strlen((const char *)pattern);
+ len = strlen((char *)pattern);
/* do the mallocs early so failure handling is easy */
g = (struct re_guts *)cli_malloc(sizeof(struct re_guts) +
- (NC-1)*sizeof(cat_t));
+ (NC-1)*sizeof(unsigned char));
if (g == NULL)
return(REG_ESPACE);
/* Patch for bb11264 submitted by the Debian team: */
@@ -196,18 +185,21 @@
return(REG_ESPACE);
}
p->ssize = len/(size_t)2*(size_t)3 + (size_t)1; /* ugh */
- assert((size_t)p->ssize >= len);
+ if (p->ssize < len) {
+ free((char *)g);
+ return(REG_ESPACE);
+ }
p->strip = (sop *)cli_calloc(p->ssize, sizeof(sop));
p->slen = 0;
if (p->strip == NULL) {
- free((char *)g);
+ free(g);
return(REG_ESPACE);
}
/* set things up */
p->g = g;
- p->next = (char *)pattern; /* convenience; we do not modify it */
+ p->next = pattern;
p->end = p->next + len;
p->error = 0;
p->ncsalloc = 0;
@@ -226,9 +218,6 @@
g->must = NULL;
g->mlen = 0;
g->nsub = 0;
- g->ncategories = 1; /* category 0 is "everything else" */
- g->categories = &g->catspace[-(CHAR_MIN)];
- (void) memset((char *)g->catspace, 0, NC*sizeof(cat_t));
g->backrefs = 0;
/* do it */
@@ -244,7 +233,6 @@
g->laststate = THERE();
/* tidy up loose ends and fill things in */
- categorize(p, g);
stripsnug(p, g);
findmust(p, g);
g->nplus = pluscount(p, g);
@@ -253,7 +241,7 @@
preg->re_g = g;
preg->re_magic = MAGIC1;
#ifndef REDEBUG
- /* not debugging, so can't rely on the assert() in cli_regexec() */
+ /* not debugging, so can't rely on the assert() in regexec() */
if (g->iflags®EX_BAD)
SETERROR(REG_ASSERT);
#endif
@@ -339,20 +327,8 @@
assert(p->pend[subno] != 0);
}
EMIT(ORPAREN, subno);
- MUSTEAT(')', REG_EPAREN);
+ REQUIRE(MORE() && GETNEXT() == ')', REG_EPAREN);
break;
-#ifndef POSIX_MISTAKE
- case ')': /* happens only if no current unmatched ( */
- /*
- * You may ask, why the ifndef? Because I didn't notice
- * this until slightly too late for 1003.2, and none of the
- * other 1003.2 regular-expression reviewers noticed it at
- * all. So an unmatched ) is legal POSIX, at least until
- * we can get it fixed.
- */
- SETERROR(REG_EPAREN);
- break;
-#endif
case '^':
EMIT(OBOL, 0);
p->g->iflags |= USEBOL;
@@ -384,12 +360,14 @@
case '\\':
REQUIRE(MORE(), REG_EESCAPE);
c = GETNEXT();
- ordinary(p, c);
+ backslash(p, c);
break;
case '{': /* okay as ordinary except if digit follows */
REQUIRE(!MORE() || !isdigit((uch)PEEK()), REG_BADRPT);
/* FALLTHROUGH */
default:
+ if (p->error != 0)
+ return;
ordinary(p, c);
break;
}
@@ -536,6 +514,12 @@
case '[':
p_bracket(p);
break;
+ case BACKSL|'<':
+ EMIT(OBOW, 0);
+ break;
+ case BACKSL|'>':
+ EMIT(OEOW, 0);
+ break;
case BACKSL|'{':
SETERROR(REG_BADRPT);
break;
@@ -571,7 +555,7 @@
i = (c&~BACKSL) - '0';
assert(i < NPAREN);
if (p->pend[i] != 0) {
- assert((size_t)i <= p->g->nsub);
+ assert(i <= p->g->nsub);
EMIT(OBACK_, i);
assert(p->pbegin[i] != 0);
assert(OP(p->strip[p->pbegin[i]]) == OLPAREN);
@@ -586,6 +570,8 @@
REQUIRE(starordinary, REG_BADRPT);
/* FALLTHROUGH */
default:
+ if (p->error != 0)
+ return(0); /* Definitely not $... */
ordinary(p, (char)c);
break;
}
@@ -650,15 +636,17 @@
int invert = 0;
/* Dept of Truly Sickening Special-Case Kludges */
- if (p->next + 5 < p->end && strncmp(p->next, "[:<:]]", 6) == 0) {
- EMIT(OBOW, 0);
- NEXTn(6);
- return;
- }
- if (p->next + 5 < p->end && strncmp(p->next, "[:>:]]", 6) == 0) {
- EMIT(OEOW, 0);
- NEXTn(6);
- return;
+ if (p->end - p->next > 5) {
+ if (strncmp(p->next, "[:<:]]", 6) == 0) {
+ EMIT(OBOW, 0);
+ NEXTn(6);
+ return;
+ }
+ if (strncmp(p->next, "[:>:]]", 6) == 0) {
+ EMIT(OEOW, 0);
+ NEXTn(6);
+ return;
+ }
}
if ((cs = allocset(p)) == NULL) {
@@ -676,7 +664,7 @@
p_b_term(p, cs);
if (EAT('-'))
CHadd(cs, '-');
- MUSTEAT(']', REG_EBRACK);
+ REQUIRE(MORE() && GETNEXT() == ']', REG_EBRACK);
if (p->error != 0) { /* don't mess things up further */
freeset(p, cs);
@@ -693,8 +681,6 @@
if (ci != i)
CHadd(cs, ci);
}
- if (cs->multis != NULL)
- mccase(p, cs);
}
if (invert) {
int i;
@@ -706,12 +692,8 @@
CHadd(cs, i);
if (p->g->cflags®_NEWLINE)
CHsub(cs, '\n');
- if (cs->multis != NULL)
- mcinvert(p, cs);
}
- assert(cs->multis == NULL); /* xxx */
-
if (nch(p, cs) == 1) { /* optimize singleton sets */
ordinary(p, firstch(p, cs));
freeset(p, cs);
@@ -788,13 +770,13 @@
static void
p_b_cclass(struct parse *p, cset *cs)
{
- char *sp = p->next;
- struct cclass *cp;
+ const char *sp = p->next;
+ const struct cclass *cp;
size_t len;
const char *u;
char c;
- while (MORE() && isalpha(PEEK()))
+ while (MORE() && isalpha((uch)PEEK()))
NEXT();
len = p->next - sp;
for (cp = cclasses; cp->name != NULL; cp++)
@@ -809,8 +791,6 @@
u = cp->chars;
while ((c = *u++) != '\0')
CHadd(cs, c);
- for (u = cp->multis; *u != '\0'; u += strlen(u) + 1)
- MCadd(p, cs, u);
}
/*
@@ -852,9 +832,9 @@
p_b_coll_elem(struct parse *p,
int endc) /* name ended by endc,']' */
{
- char *sp = p->next;
- struct cname *cp;
- int len;
+ const char *sp = p->next;
+ const struct cname *cp;
+ size_t len;
while (MORE() && !SEETWO(endc, ']'))
NEXT();
@@ -864,7 +844,7 @@
}
len = p->next - sp;
for (cp = cnames; cp->name != NULL; cp++)
- if (strncmp(cp->name, sp, len) == 0 && cp->name[len] == '\0')
+ if (strncmp(cp->name, sp, len) == 0 && strlen(cp->name) == len)
return(cp->code); /* known name */
if (len == 1)
return(*sp); /* single character */
@@ -896,8 +876,8 @@
static void
bothcases(struct parse *p, int ch)
{
- char *oldnext = p->next;
- char *oldend = p->end;
+ const char *oldnext = p->next;
+ const char *oldend = p->end;
char bracket[3];
ch = (uch)ch;
@@ -919,14 +899,28 @@
static void
ordinary(struct parse *p, int ch)
{
- cat_t *cap = p->g->categories;
-
if ((p->g->cflags®_ICASE) && isalpha((uch)ch) && othercase(ch) != ch)
bothcases(p, ch);
- else {
+ else
EMIT(OCHAR, (uch)ch);
- if (cap[ch] == 0)
- cap[ch] = p->g->ncategories++;
+}
+
+/*
+ * do something magic with this character, but only if it's extra magic
+ */
+static void
+backslash(struct parse *p, int ch)
+{
+ switch (ch) {
+ case '<':
+ EMIT(OBOW, 0);
+ break;
+ case '>':
+ EMIT(OEOW, 0);
+ break;
+ default:
+ ordinary(p, ch);
+ break;
}
}
@@ -938,16 +932,12 @@
static void
nonnewline(struct parse *p)
{
- char *oldnext = p->next;
- char *oldend = p->end;
- char bracket[4];
+ const char *oldnext = p->next;
+ const char *oldend = p->end;
+ static const char bracket[4] = { '^', '\n', ']', '\0' };
p->next = bracket;
p->end = bracket+3;
- bracket[0] = '^';
- bracket[1] = '\n';
- bracket[2] = ']';
- bracket[3] = '\0';
p_bracket(p);
assert(p->next == bracket+3);
p->next = oldnext;
@@ -1027,14 +1017,13 @@
/*
- seterr - set an error condition
*/
-static int /* useless but makes type checking happy */
+static void
seterr(struct parse *p, int e)
{
if (p->error == 0) /* keep earliest error condition */
p->error = e;
p->next = nuls; /* try to bring things to a halt */
p->end = nuls;
- return(0); /* make the return value well-defined */
}
/*
@@ -1056,16 +1045,17 @@
p->ncsalloc += CHAR_BIT;
nc = p->ncsalloc;
assert(nc % CHAR_BIT == 0);
- nbytes = nc / CHAR_BIT * css;
+ nbytes = nc / CHAR_BIT *css;
- ptr = (cset *)cli_realloc((char *)p->g->sets, nc *
sizeof(cset));
+ ptr = (cset *)cli_realloc((char*)p->g->sets, nc * sizeof(cset));
if (ptr == NULL)
goto nomem;
p->g->sets = ptr;
- ptr = (uch *)cli_realloc((char *)p->g->setbits, nbytes);
+ ptr = (uch *)cli_realloc((char*)p->g->setbits, nbytes);
if (ptr == NULL)
goto nomem;
+ nbytes = (nc / CHAR_BIT) * css;
p->g->setbits = ptr;
for (i = 0; i < no; i++)
@@ -1081,8 +1071,6 @@
cs->ptr = p->g->setbits + css*((no)/CHAR_BIT);
cs->mask = 1 << ((no) % CHAR_BIT);
cs->hash = 0;
- cs->smultis = 0;
- cs->multis = NULL;
return(cs);
nomem:
@@ -1102,7 +1090,7 @@
static void
freeset(struct parse *p, cset *cs)
{
- size_t i;
+ int i;
cset *top = &p->g->sets[p->g->ncsets];
size_t css = (size_t)p->g->csetsize;
@@ -1125,7 +1113,7 @@
freezeset(struct parse *p, cset *cs)
{
uch h = cs->hash;
- size_t i;
+ int i;
cset *top = &p->g->sets[p->g->ncsets];
cset *cs2;
size_t css = (size_t)p->g->csetsize;
@@ -1135,7 +1123,7 @@
if (cs2->hash == h && cs2 != cs) {
/* maybe */
for (i = 0; i < css; i++)
- if (!!CHIN(cs2, i) != !!CHIN(cs, i))
+ if (CHIN(cs2, i) != CHIN(cs, i))
break; /* no */
if (i == css)
break; /* yes */
@@ -1155,7 +1143,7 @@
static int /* character; there is no "none" value */
firstch(struct parse *p, cset *cs)
{
- size_t i;
+ int i;
size_t css = (size_t)p->g->csetsize;
for (i = 0; i < css; i++)
@@ -1171,7 +1159,7 @@
static int
nch(struct parse *p, cset *cs)
{
- size_t i;
+ int i;
size_t css = (size_t)p->g->csetsize;
int n = 0;
@@ -1182,117 +1170,6 @@
}
/*
- - mcadd - add a collating element to a cset
- */
-static void
-mcadd( struct parse *p, cset *cs, const char *cp)
-{
- size_t oldend = cs->smultis;
- void *np;
-
- cs->smultis += strlen(cp) + 1;
- np = cli_realloc(cs->multis, cs->smultis);
- if (np == NULL) {
- if (cs->multis)
- free(cs->multis);
- cs->multis = NULL;
- SETERROR(REG_ESPACE);
- return;
- }
- cs->multis = np;
-
- cli_strlcpy(cs->multis + oldend - 1, cp, cs->smultis - oldend + 1);
-}
-
-/*
- - mcinvert - invert the list of collating elements in a cset
- *
- * This would have to know the set of possibilities. Implementation
- * is deferred.
- */
-/* ARGSUSED */
-static void
-mcinvert(struct parse *p, cset *cs)
-{
- UNUSEDPARAM(p);
- assert(cs->multis == NULL); /* xxx */
-}
-
-/*
- - mccase - add case counterparts of the list of collating elements in a cset
- *
- * This would have to know the set of possibilities. Implementation
- * is deferred.
- */
-/* ARGSUSED */
-static void
-mccase(struct parse *p, cset *cs)
-{
- UNUSEDPARAM(p);
- assert(cs->multis == NULL); /* xxx */
-}
-
-/*
- - isinsets - is this character in any sets?
- */
-static int /* predicate */
-isinsets(struct re_guts *g, int c)
-{
- uch *col;
- int i;
- int ncols = (g->ncsets+(CHAR_BIT-1)) / CHAR_BIT;
- unsigned uc = (uch)c;
-
- for (i = 0, col = g->setbits; i < ncols; i++, col += g->csetsize)
- if (col[uc] != 0)
- return(1);
- return(0);
-}
-
-/*
- - samesets - are these two characters in exactly the same sets?
- */
-static int /* predicate */
-samesets(struct re_guts *g, int c1, int c2)
-{
- uch *col;
- int i;
- int ncols = (g->ncsets+(CHAR_BIT-1)) / CHAR_BIT;
- unsigned uc1 = (uch)c1;
- unsigned uc2 = (uch)c2;
-
- for (i = 0, col = g->setbits; i < ncols; i++, col += g->csetsize)
- if (col[uc1] != col[uc2])
- return(0);
- return(1);
-}
-
-/*
- - categorize - sort out character categories
- */
-static void
-categorize(struct parse *p, struct re_guts *g)
-{
- cat_t *cats = g->categories;
- int c;
- int c2;
- cat_t cat;
-
- /* avoid making error situations worse */
- if (p->error != 0)
- return;
-
- for (c = CHAR_MIN; c <= CHAR_MAX; c++)
- if (cats[c] == 0 && isinsets(g, c)) {
- cat = g->ncategories++;
- cats[c] = cat;
- for (c2 = c+1; c2 <= CHAR_MAX; c2++)
- if (cats[c2] == 0 && samesets(g, c, c2))
- cats[c2] = cat;
- }
-}
-
-/*
- dupl - emit a duplicate of a bunch of sops
*/
static sopno /* start of duplicate */
@@ -1306,10 +1183,9 @@
assert(finish >= start);
if (len == 0)
return(ret);
- enlarge(p, p->ssize + len); /* this many unexpected additions */
- assert(p->ssize >= p->slen + len);
- (void) memmove((char *)(p->strip + p->slen),
- (char *)(p->strip + start), (size_t)len*sizeof(sop));
+ if (!enlarge(p, p->ssize + len)) /* this many unexpected additions */
+ return(ret);
+ (void) memcpy(p->strip + p->slen, p->strip + start, len * sizeof(sop));
p->slen += len;
return(ret);
}
@@ -1333,8 +1209,8 @@
/* deal with undersized strip */
if (p->slen >= p->ssize)
- enlarge(p, (p->ssize+1) / 2 * 3); /* +50% */
- assert(p->slen < p->ssize);
+ if (!enlarge(p, (p->ssize+1) / 2 * 3)) /* +50% */
+ return;
/* finally, it's all reduced to the easy case */
p->strip[p->slen++] = SOP(op, opnd);
@@ -1356,7 +1232,10 @@
sn = HERE();
EMIT(op, opnd); /* do checks, ensure space */
- assert(HERE() == sn+1);
+ if (HERE() != sn+1) {
+ SETERROR(REG_ASSERT);
+ return;
+ }
s = p->strip[sn];
/* adjust paren pointers */
@@ -1392,21 +1271,22 @@
/*
- enlarge - enlarge the strip
*/
-static void
+static int
enlarge(struct parse *p, sopno size)
{
sop *sp;
if (p->ssize >= size)
- return;
+ return 1;
- sp = (sop *)cli_realloc(p->strip, size*sizeof(sop));
+ sp = (sop *)cli_realloc(p->strip, size * sizeof(sop));
if (sp == NULL) {
SETERROR(REG_ESPACE);
- return;
+ return 0;
}
p->strip = sp;
p->ssize = size;
+ return 1;
}
/*
@@ -1508,7 +1388,7 @@
*cp++ = (char)OPND(s);
}
assert(cp == g->must + g->mlen);
- *cp++ = '\0'; /* just on general principles */
+ *cp = '\0'; /* just on general principles */
}
/*
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/libclamav/regex/regerror.c
clamav-0.103.6+dfsg/libclamav/regex/regerror.c
--- clamav-0.103.5+dfsg/libclamav/regex/regerror.c 2022-01-11
00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/regex/regerror.c 2022-05-02
06:46:41.000000000 +0200
@@ -1,6 +1,5 @@
+/* $OpenBSD: regerror.c,v 1.15 2020/12/30 08:56:38 tb Exp $ */
/*-
- * This code is derived from OpenBSD's libc/regex, original license follows:
- *
* Copyright (c) 1992, 1993, 1994 Henry Spencer.
* Copyright (c) 1992, 1993, 1994
* The Regents of the University of California. All rights reserved.
@@ -41,21 +40,18 @@
#include <ctype.h>
#include <limits.h>
#include <stdlib.h>
-
-#include "clamav.h"
-#include "others.h"
#include "regex.h"
#include "utils.h"
static const char *regatoi(const regex_t *, char *, int);
-static struct rerr {
+static const struct rerr {
int code;
const char *name;
const char *explain;
} rerrs[] = {
- { REG_NOMATCH, "REG_NOMATCH", "cli_regexec() failed to match" },
+ { REG_NOMATCH, "REG_NOMATCH", "regexec() failed to match" },
{ REG_BADPAT, "REG_BADPAT", "invalid regular expression" },
{ REG_ECOLLATE, "REG_ECOLLATE", "invalid collating element" },
{ REG_ECTYPE, "REG_ECTYPE", "invalid character class" },
@@ -75,14 +71,13 @@
};
/*
- - cli_regerror - the interface to error numbers
- = extern size_t cli_regerror(int, const regex_t *, char *, size_t);
+ - regerror - the interface to error numbers
+ = extern size_t regerror(int, const regex_t *, char *, size_t);
*/
-/* ARGSUSED */
size_t
cli_regerror(int errcode, const regex_t *preg, char *errbuf, size_t
errbuf_size)
{
- struct rerr *r;
+ const struct rerr *r;
size_t len;
int target = errcode &~ REG_ITOA;
const char *s;
@@ -107,12 +102,12 @@
s = r->explain;
}
- len = strlen(s) + 1;
- if (errbuf_size > 0) {
- cli_strlcpy(errbuf, s, errbuf_size);
- }
+ if (errbuf_size != 0)
+ len = cli_strlcpy(errbuf, s, errbuf_size);
+ else
+ len = strlen(s);
- return(len);
+ return len + 1;
}
/*
@@ -121,7 +116,7 @@
static const char *
regatoi(const regex_t *preg, char *localbuf, int localbufsize)
{
- struct rerr *r;
+ const struct rerr *r;
for (r = rerrs; r->code != 0; r++)
if (strcmp(r->name, preg->re_endp) == 0)
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/libclamav/regex/regex2.h
clamav-0.103.6+dfsg/libclamav/regex/regex2.h
--- clamav-0.103.5+dfsg/libclamav/regex/regex2.h 2022-01-11
00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/regex/regex2.h 2022-05-02
06:46:41.000000000 +0200
@@ -1,6 +1,6 @@
+/* $OpenBSD: regex2.h,v 1.12 2021/01/03 17:07:58 tb Exp $ */
+
/*-
- * This code is derived from OpenBSD's libc/regex, original license follows:
- *
* Copyright (c) 1992, 1993, 1994 Henry Spencer.
* Copyright (c) 1992, 1993, 1994
* The Regents of the University of California. All rights reserved.
@@ -106,19 +106,27 @@
uch *ptr; /* -> uch [csetsize] */
uch mask; /* bit within array */
uch hash; /* hash code */
- size_t smultis;
- char *multis; /* -> char[smulti] ab\0cd\0ef\0\0 */
} cset;
-/* note that CHadd and CHsub are unsafe, and CHIN doesn't yield 0/1 */
-#define CHadd(cs, c) ((cs)->ptr[(uch)(c)] |= (cs)->mask, (cs)->hash
+= (uch)(c))
-#define CHsub(cs, c) ((cs)->ptr[(uch)(c)] &= ~(cs)->mask, (cs)->hash
-= (uch)(c))
-#define CHIN(cs, c) ((cs)->ptr[(uch)(c)] & (cs)->mask)
-#define MCadd(p, cs, cp) mcadd(p, cs, cp) /*
cli_regcomp() internal fns */
-#define MCsub(p, cs, cp) mcsub(p, cs, cp)
-#define MCin(p, cs, cp) mcin(p, cs, cp)
-/* stuff for character categories */
-typedef unsigned char cat_t;
+static inline void
+CHadd(cset *cs, char c)
+{
+ cs->ptr[(uch)c] |= cs->mask;
+ cs->hash += c;
+}
+
+static inline void
+CHsub(cset *cs, char c)
+{
+ cs->ptr[(uch)c] &= ~cs->mask;
+ cs->hash -= c;
+}
+
+static inline int
+CHIN(const cset *cs, char c)
+{
+ return (cs->ptr[(uch)c] & cs->mask) != 0;
+}
/*
* main compiled-expression structure
@@ -131,7 +139,7 @@
int magic;
int csetsize; /* number of bits in a cset vector */
int ncsets; /* number of csets in use */
- int cflags; /* copy of cli_regcomp() cflags argument */
+ int cflags; /* copy of regcomp() cflags argument */
sopno nstates; /* = number of sops */
sopno firststate; /* the initial OEND (normally 0) */
sopno laststate; /* the final OEND */
@@ -141,15 +149,11 @@
# define REGEX_BAD 04 /* something wrong */
int nbol; /* number of ^ used */
int neol; /* number of $ used */
- int ncategories; /* how many character categories */
- cat_t *categories; /* ->catspace[-CHAR_MIN] */
char *must; /* match must contain this string */
int mlen; /* length of must */
int backrefs; /* does it use back references? */
size_t nsub; /* copy of re_nsub */
sopno nplus; /* how deep does it nest +s? */
- /* catspace must be last */
- cat_t catspace[1]; /* actually [NC] */
};
/* misc utilities */
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/libclamav/regex/regexec.c
clamav-0.103.6+dfsg/libclamav/regex/regexec.c
--- clamav-0.103.5+dfsg/libclamav/regex/regexec.c 2022-01-11
00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/regex/regexec.c 2022-05-02
06:46:41.000000000 +0200
@@ -1,6 +1,5 @@
+/* $OpenBSD: regexec.c,v 1.14 2018/07/11 12:38:46 martijn Exp $ */
/*-
- * This code is derived from OpenBSD's libc/regex, original license follows:
- *
* Copyright (c) 1992, 1993, 1994 Henry Spencer.
* Copyright (c) 1992, 1993, 1994
* The Regents of the University of California. All rights reserved.
@@ -36,7 +35,7 @@
*/
/*
- * the outer shell of cli_regexec()
+ * the outer shell of regexec()
*
* This file includes engine.c *twice*, after muchos fiddling with the
* macros that code uses. This lets the same code operate on two different
@@ -48,8 +47,6 @@
#include <string.h>
#include <limits.h>
#include <ctype.h>
-
-#include "clamav.h"
#include "others.h"
#include "regex.h"
@@ -110,7 +107,7 @@
#define SET0(v, n) ((v)[n] = 0)
#define SET1(v, n) ((v)[n] = 1)
#define ISSET(v, n) ((v)[n])
-#define ASSIGN(d, s) memmove(d, s, m->g->nstates)
+#define ASSIGN(d, s) memcpy(d, s, m->g->nstates)
#define EQ(a, b) (memcmp(a, b, m->g->nstates) == 0)
#define STATEVARS long vn; char *space
#define STATESETUP(m, nv) { (m)->space =
cli_malloc((nv)*(m)->g->nstates); \
@@ -133,7 +130,7 @@
#include "engine.c"
/*
- - cli_regexec - interface for matching
+ - regexec - interface for matching
*
* We put this here so we can exploit knowledge of the state representation
* when choosing which matcher to call. Also, by this point the matchers
@@ -144,6 +141,7 @@
regmatch_t pmatch[], int eflags)
{
struct re_guts *g = preg->re_g;
+
#ifdef REDEBUG
# define GOODFLAGS(f) (f)
#else
@@ -157,8 +155,8 @@
return(REG_BADPAT);
eflags = GOODFLAGS(eflags);
- if ((unsigned long)(g->nstates) <= CHAR_BIT*sizeof(states1) &&
!(eflags®_LARGE))
- return(smatcher(g, (char *)string, nmatch, pmatch, eflags));
+ if ((unsigned long)g->nstates <= CHAR_BIT*sizeof(states1) &&
!(eflags®_LARGE))
+ return(smatcher(g, string, nmatch, pmatch, eflags));
else
- return(lmatcher(g, (char *)string, nmatch, pmatch, eflags));
+ return(lmatcher(g, string, nmatch, pmatch, eflags));
}
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/libclamav/regex/regfree.c
clamav-0.103.6+dfsg/libclamav/regex/regfree.c
--- clamav-0.103.5+dfsg/libclamav/regex/regfree.c 2022-01-11
00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/regex/regfree.c 2022-05-02
06:46:41.000000000 +0200
@@ -1,6 +1,5 @@
+/* $OpenBSD: regfree.c,v 1.11 2015/12/28 22:27:03 mmcc Exp $ */
/*-
- * This code is derived from OpenBSD's libc/regex, original license follows:
- *
* Copyright (c) 1992, 1993, 1994 Henry Spencer.
* Copyright (c) 1992, 1993, 1994
* The Regents of the University of California. All rights reserved.
@@ -38,16 +37,14 @@
#include <sys/types.h>
#include <stdio.h>
#include <stdlib.h>
-
-#include "clamav.h"
-#include "others.h"
#include "regex.h"
+#include <limits.h>
#include "utils.h"
#include "regex2.h"
/*
- - cli_regfree - free everything
+ - regfree - free everything
*/
void
cli_regfree(regex_t *preg)
@@ -63,13 +60,9 @@
preg->re_magic = 0; /* mark it invalid */
g->magic = 0; /* mark it invalid */
- if (g->strip != NULL)
- free((char *)g->strip);
- if (g->sets != NULL)
- free((char *)g->sets);
- if (g->setbits != NULL)
- free((char *)g->setbits);
- if (g->must != NULL)
- free(g->must);
- free((char *)g);
+ free(g->strip);
+ free(g->sets);
+ free(g->setbits);
+ free(g->must);
+ free(g);
}
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/libclamav/regex/utils.h
clamav-0.103.6+dfsg/libclamav/regex/utils.h
--- clamav-0.103.5+dfsg/libclamav/regex/utils.h 2022-01-11 00:17:45.000000000
+0100
+++ clamav-0.103.6+dfsg/libclamav/regex/utils.h 2022-05-02 06:46:41.000000000
+0200
@@ -1,6 +1,6 @@
+/* $OpenBSD: utils.h,v 1.4 2003/06/02 20:18:36 millert Exp $ */
+
/*-
- * This code is derived from OpenBSD's libc/regex, original license follows:
- *
* Copyright (c) 1992, 1993, 1994 Henry Spencer.
* Copyright (c) 1992, 1993, 1994
* The Regents of the University of California. All rights reserved.
@@ -46,10 +46,6 @@
typedef unsigned char uch;
/* switch off assertions (if not already off) if no REDEBUG */
-#ifdef CL_DEBUG
-#define REDEBUG
-#endif
-
#ifndef REDEBUG
#ifndef NDEBUG
#define NDEBUG /* no assertions please */
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/libclamav/scanners.c
clamav-0.103.6+dfsg/libclamav/scanners.c
--- clamav-0.103.5+dfsg/libclamav/scanners.c 2022-01-11 00:17:45.000000000
+0100
+++ clamav-0.103.6+dfsg/libclamav/scanners.c 2022-05-02 06:46:41.000000000
+0200
@@ -362,8 +362,8 @@
file_count += 1;
/*
- * Scan the metadata for the file in question since the content was
clean, or we're running in all-match.
- */
+ * Scan the metadata for the file in question since the content
was clean, or we're running in all-match.
+ */
status = cli_unrar_scanmetadata(&metadata, ctx, file_count);
if ((status == CL_VIRUS) && SCAN_ALLMATCHES) {
status = CL_CLEAN;
@@ -388,7 +388,7 @@
}
} else if (cli_checklimits("RAR", ctx, metadata.unpack_size, 0,
0)) {
/* File size exceeds maxfilesize, must skip extraction.
- * Although we may be able to scan the metadata */
+ * Although we may be able to scan the metadata */
nTooLargeFilesFound += 1;
cli_dbgmsg("RAR: Next file is too large (%" PRIu64 " bytes);
it would exceed max scansize. Skipping to next file.\n", metadata.unpack_size);
@@ -719,8 +719,8 @@
uint32_t i;
for (i = 0; i < nComments; i++) {
/*
- * Drop the comment to a temp file, if requested
- */
+ * Drop the comment to a temp file, if requested
+ */
if (ctx->engine->keeptmp) {
int comment_fd = -1;
size_t prefixLen = strlen("comments_") + 5;
@@ -751,8 +751,8 @@
}
/*
- * Scan the comment.
- */
+ * Scan the comment.
+ */
status = cli_magic_scan_buff(comments[i], strlen(comments[i]),
ctx, NULL);
if ((status == CL_VIRUS) && SCAN_ALLMATCHES) {
@@ -809,8 +809,8 @@
file_count += 1;
/*
- * Scan the metadata for the file in question since the content was
clean, or we're running in all-match.
- */
+ * Scan the metadata for the file in question since the content
was clean, or we're running in all-match.
+ */
status = cli_egg_scanmetadata(&metadata, ctx, file_count);
if ((status == CL_VIRUS) && SCAN_ALLMATCHES) {
status = CL_CLEAN;
@@ -834,7 +834,7 @@
}
} else if (cli_checklimits("EGG", ctx, metadata.unpack_size, 0,
0)) {
/* File size exceeds maxfilesize, must skip extraction.
- * Although we may be able to scan the metadata */
+ * Although we may be able to scan the metadata */
nTooLargeFilesFound += 1;
cli_dbgmsg("EGG: Next file is too large (%" PRIu64 " bytes);
it would exceed max scansize. Skipping to next file.\n", metadata.unpack_size);
@@ -856,8 +856,8 @@
}
} else {
/*
- * Extract the file...
- */
+ * Extract the file...
+ */
char *extract_filename = NULL;
char *extract_buffer = NULL;
size_t extract_buffer_len = 0;
@@ -1465,16 +1465,16 @@
ret = CL_EFORMAT;
goto xz_exit;
}
- //cli_dbgmsg("cli_scanxz: xz decompressed %li of %li available
bytes\n",
- // avail - strm.avail_in, avail);
+ // cli_dbgmsg("cli_scanxz: xz decompressed %li of %li available
bytes\n",
+ // avail - strm.avail_in, avail);
/* write decompress buffer */
if (!strm.avail_out || rc == XZ_STREAM_END) {
size_t towrite = CLI_XZ_OBUF_SIZE - strm.avail_out;
size += towrite;
- //cli_dbgmsg("Writing %li bytes to XZ decompress temp file(%li
byte total)\n",
- // towrite, size);
+ // cli_dbgmsg("Writing %li bytes to XZ decompress temp file(%li
byte total)\n",
+ // towrite, size);
if (cli_writen(fd, buf, towrite) != towrite) {
cli_errmsg("cli_scanxz: Can't write to file.\n");
@@ -1701,19 +1701,19 @@
}
while (hashcnt) {
- //Find the directory containing the extracted dir file. This is
complicated
- //because ClamAV doesn't use the file names from the OLE file, but
temporary names,
- //and we have neither the complete path of the dir file in the OLE
container,
- //nor the mapping of the temporary directory names to their OLE names.
+ // Find the directory containing the extracted dir file. This is
complicated
+ // because ClamAV doesn't use the file names from the OLE file, but
temporary names,
+ // and we have neither the complete path of the dir file in the OLE
container,
+ // nor the mapping of the temporary directory names to their OLE names.
snprintf(filename, sizeof(filename), "%s_%u", hash, hashcnt);
filename[sizeof(filename) - 1] = '\0';
if (CL_SUCCESS == find_file(filename, dirname, path, sizeof(path))) {
cli_dbgmsg("cli_vba_scandir_new: Found dir file: %s\n", path);
if ((ret = cli_vba_readdir_new(ctx, path, U, hash, hashcnt,
&tempfd, has_macros)) != CL_SUCCESS) {
- //FIXME: Since we only know the stream name of the OLE2
stream, but not its path inside the
- // OLE2 archive, we don't know if we have the right
file. The only thing we can do is
- // iterate all of them until one succeeds.
+ // FIXME: Since we only know the stream name of the OLE2
stream, but not its path inside the
+ // OLE2 archive, we don't know if we have the right
file. The only thing we can do is
+ // iterate all of them until one succeeds.
cli_dbgmsg("cli_vba_scandir_new: Failed to read dir from %s,
trying others (error: %s (%d))\n", path, cl_strerror(ret), (int)ret);
ret = CL_SUCCESS;
hashcnt--;
@@ -2600,6 +2600,7 @@
if (has_xlm && files) {
ret = cli_xlm_scandir(dir, ctx, files);
if (CL_VIRUS == ret) {
+ viruses_found++;
if (!SCAN_ALLMATCHES) {
goto done;
}
@@ -2608,6 +2609,7 @@
if ((has_xlm || has_vba) && files) {
if (CL_VIRUS == cli_magic_scan_dir(dir, ctx)) {
+ viruses_found++;
if (!SCAN_ALLMATCHES) {
goto done;
}
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/libclamav/sis.c
clamav-0.103.6+dfsg/libclamav/sis.c
--- clamav-0.103.5+dfsg/libclamav/sis.c 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/sis.c 2022-05-02 06:46:41.000000000 +0200
@@ -136,12 +136,6 @@
FTnotinst = 99
};
-#define FREE(VAR) \
- if (NULL != VAR) { \
- free(VAR); \
- VAR = NULL; \
- }
-
#define GETD2(VAR) \
{ \
/* cli_dbgmsg("GETD2 smax: %d sleft: %d\n", smax, sleft); */ \
@@ -654,10 +648,10 @@
static inline int getd(struct SISTREAM *s, uint32_t *v)
{
if (s->sleft < 4) {
- int nread;
+ size_t nread;
memcpy(s->buff, s->buff + s->smax - s->sleft, s->sleft);
nread = fmap_readn(s->map, &s->buff[s->sleft], s->pos, BUFSIZ -
s->sleft);
- if ((nread < 0) || ((s->sleft = s->smax = nread + s->sleft) < 4)) {
+ if ((nread == (size_t)-1) || ((s->sleft = s->smax = nread + s->sleft)
< 4)) {
return 1;
}
s->pos += nread;
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/libclamav/swf.c
clamav-0.103.6+dfsg/libclamav/swf.c
--- clamav-0.103.5+dfsg/libclamav/swf.c 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/swf.c 2022-05-02 06:46:41.000000000 +0200
@@ -119,19 +119,21 @@
uint32_t filesize;
};
-static int scanzws(cli_ctx *ctx, struct swf_file_hdr *hdr)
+static cl_error_t scanzws(cli_ctx *ctx, struct swf_file_hdr *hdr)
{
struct CLI_LZMA lz;
unsigned char inbuff[FILEBUFF], outbuff[FILEBUFF];
fmap_t *map = ctx->fmap;
/* strip off header */
- off_t offset = 8;
+ size_t offset = 8;
uint32_t d_insize;
size_t outsize = 8;
- int ret, lret;
+ cl_error_t ret;
+ int lret;
size_t count;
char *tmpname;
int fd;
+ size_t n_read;
if ((ret = cli_gentempfd(ctx->sub_tmpdir, &tmpname, &fd)) != CL_SUCCESS) {
cli_errmsg("scanzws: Can't generate temporary file\n");
@@ -174,8 +176,8 @@
}
/* first buffer required for initializing LZMA */
- ret = fmap_readn(map, inbuff, offset, FILEBUFF);
- if (ret < 0) {
+ n_read = fmap_readn(map, inbuff, offset, FILEBUFF);
+ if (n_read == (size_t)-1) {
cli_errmsg("scanzws: Error reading SWF file\n");
close(fd);
if (cli_unlink(tmpname)) {
@@ -186,7 +188,7 @@
return CL_EUNPACK;
}
/* nothing written, likely truncated */
- if (!ret) {
+ if (0 == n_read) {
cli_errmsg("scanzws: possibly truncated file\n");
close(fd);
if (cli_unlink(tmpname)) {
@@ -196,12 +198,12 @@
free(tmpname);
return CL_EFORMAT;
}
- offset += ret;
+ offset += n_read;
memset(&lz, 0, sizeof(lz));
lz.next_in = inbuff;
lz.next_out = outbuff;
- lz.avail_in = ret;
+ lz.avail_in = n_read;
lz.avail_out = FILEBUFF;
lret = cli_LzmaInit(&lz, hdr->filesize);
@@ -220,8 +222,8 @@
if (lz.avail_in == 0) {
lz.next_in = inbuff;
- ret = fmap_readn(map, inbuff, offset, FILEBUFF);
- if (ret < 0) {
+ n_read = fmap_readn(map, inbuff, offset, FILEBUFF);
+ if ((size_t)-1 == n_read) {
cli_errmsg("scanzws: Error reading SWF file\n");
cli_LzmaShutdown(&lz);
close(fd);
@@ -232,10 +234,10 @@
free(tmpname);
return CL_EUNPACK;
}
- if (!ret)
+ if (0 == n_read)
break;
- lz.avail_in = ret;
- offset += ret;
+ lz.avail_in = n_read;
+ offset += n_read;
}
lret = cli_LzmaDecode(&lz);
count = FILEBUFF - lz.avail_out;
@@ -299,14 +301,17 @@
return ret;
}
-static int scancws(cli_ctx *ctx, struct swf_file_hdr *hdr)
+static cl_error_t scancws(cli_ctx *ctx, struct swf_file_hdr *hdr)
{
z_stream stream;
char inbuff[FILEBUFF], outbuff[FILEBUFF];
- fmap_t *map = ctx->fmap;
- int offset = 8, ret, zret, zend;
+ fmap_t *map = ctx->fmap;
+ size_t offset = 8;
+ int zret, zend;
+ cl_error_t ret;
size_t outsize = 8;
size_t count;
+ size_t n_read;
char *tmpname;
int fd;
@@ -350,8 +355,8 @@
do {
if (stream.avail_in == 0) {
stream.next_in = (Bytef *)inbuff;
- ret = fmap_readn(map, inbuff, offset, FILEBUFF);
- if (ret < 0) {
+ n_read = fmap_readn(map, inbuff, offset, FILEBUFF);
+ if (n_read == (size_t)-1) {
cli_errmsg("scancws: Error reading SWF file\n");
close(fd);
inflateEnd(&stream);
@@ -362,10 +367,10 @@
free(tmpname);
return CL_EUNPACK;
}
- if (!ret)
+ if (0 == n_read)
break;
- stream.avail_in = ret;
- offset += ret;
+ stream.avail_in = n_read;
+ offset += n_read;
}
zret = inflate(&stream, Z_SYNC_FLUSH);
count = FILEBUFF - stream.avail_out;
@@ -442,7 +447,7 @@
return NULL;
}
-int cli_scanswf(cli_ctx *ctx)
+cl_error_t cli_scanswf(cli_ctx *ctx)
{
struct swf_file_hdr file_hdr;
fmap_t *map = ctx->fmap;
@@ -495,7 +500,10 @@
cli_dbgmsg("SWF: FrameSize xMin %u xMax %u yMin %u yMax %u\n", xMin,
xMax, yMin, yMax);
}
+ /* We don't need the value from foo, we're just reading to increment the
offset safely. */
GETWORD(foo);
+ UNUSEDPARAM(foo);
+
GETWORD(val);
cli_dbgmsg("SWF: Frames total: %d\n", val);
@@ -520,7 +528,7 @@
cli_dbgmsg("SWF: Invalid tag length.\n");
return CL_EFORMAT;
}
- if ((offset + tag_len) < offset) {
+ if (tag_len > SIZE_MAX - offset) {
cli_warnmsg("SWF: Tag length too large.\n");
break;
}
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/libclamav/swf.h
clamav-0.103.6+dfsg/libclamav/swf.h
--- clamav-0.103.5+dfsg/libclamav/swf.h 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/swf.h 2022-05-02 06:46:41.000000000 +0200
@@ -36,7 +36,7 @@
#include "others.h"
-int cli_scanswf(cli_ctx *ctx);
+cl_error_t cli_scanswf(cli_ctx *ctx);
typedef enum {
TAG_END = 0,
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/libclamav/tiff.c
clamav-0.103.6+dfsg/libclamav/tiff.c
--- clamav-0.103.5+dfsg/libclamav/tiff.c 2022-01-11 00:17:45.000000000
+0100
+++ clamav-0.103.6+dfsg/libclamav/tiff.c 2022-05-02 06:46:41.000000000
+0200
@@ -46,6 +46,7 @@
uint16_t i, num_entries;
struct tiff_ifd entry;
size_t value_size;
+ uint32_t last_offset = 0;
cli_dbgmsg("in cli_parsetiff()\n");
@@ -81,6 +82,7 @@
status = CL_EPARSE;
goto done;
}
+ /* offset of the first IFD */
offset = tiff32_to_host(big_endian, offset);
cli_dbgmsg("cli_parsetiff: first IFD located @ offset %u\n", offset);
@@ -181,6 +183,8 @@
ifd_count++;
+ last_offset = offset;
+
/* acquire next IFD location, gets 0 if last IFD */
if (fmap_readn(map, &offset, offset, sizeof(offset)) !=
sizeof(offset)) {
cli_dbgmsg("cli_parsetiff: Failed to aquire next IFD location,
file appears to be truncated.\n");
@@ -189,6 +193,16 @@
goto done;
}
offset = tiff32_to_host(big_endian, offset);
+
+ if (offset) {
+ /*If the offsets are not in order, that is suspicious.*/
+ if (last_offset >= offset) {
+ cli_dbgmsg("cli_parsetiff: Next offset is before current
offset, file appears to be malformed.\n");
+ cli_append_possibly_unwanted(ctx,
"Heuristics.Broken.Media.TIFF.OutOfOrderIFDOffset");
+ status = CL_EPARSE;
+ goto done;
+ }
+ }
} while (offset);
cli_dbgmsg("cli_parsetiff: examined %u IFD(s)\n", ifd_count);
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/libclamav/tnef.c
clamav-0.103.6+dfsg/libclamav/tnef.c
--- clamav-0.103.5+dfsg/libclamav/tnef.c 2022-01-11 00:17:45.000000000
+0100
+++ clamav-0.103.6+dfsg/libclamav/tnef.c 2022-05-02 06:46:41.000000000
+0200
@@ -268,7 +268,7 @@
/*cli_dbgmsg("%lu %lu\n", (long)(offset + length), ftell(fp));*/
- if (!CLI_ISCONTAINED_2(0, fsize, offset, length)) {
+ if (!CLI_ISCONTAINED_2_0_TO(fsize, offset, length)) {
cli_dbgmsg("TNEF: Incorrect length field in tnef_message\n");
return -1;
}
@@ -327,13 +327,13 @@
todo = length;
while (todo) {
unsigned char buf[BUFSIZ];
- int32_t got = fmap_readn(map, buf, *pos, MIN(sizeof(buf),
todo));
- if (got <= 0)
+ size_t got = fmap_readn(map, buf, *pos, MIN(sizeof(buf),
todo));
+ if (got == 0 || got == (size_t)-1)
break;
- (*pos) += got;
+ (*pos) += (off_t)got;
fileblobAddData(*fbref, buf, got);
- todo -= got;
+ todo -= (uint32_t)got;
}
break;
default:
@@ -344,11 +344,11 @@
/*cli_dbgmsg("%lu %lu\n", (long)(offset + length), ftell(fp));*/
- if (!CLI_ISCONTAINED_2(0, fsize, (off_t)offset, (off_t)length)) {
+ if (!CLI_ISCONTAINED_2_0_TO(fsize, offset, length)) {
cli_dbgmsg("TNEF: Incorrect length field in tnef_attachment\n");
return -1;
}
- (*pos) = (long)(offset + length); /* shouldn't be needed */
+ (*pos) = offset + (off_t)length; /* shouldn't be needed */
(*pos) += 2;
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/libclamav/version.h
clamav-0.103.6+dfsg/libclamav/version.h
--- clamav-0.103.5+dfsg/libclamav/version.h 2022-01-11 00:18:33.000000000
+0100
+++ clamav-0.103.6+dfsg/libclamav/version.h 2022-05-02 06:47:30.000000000
+0200
@@ -1 +1 @@
-#define REPO_VERSION "devel-5faab1937"
+#define REPO_VERSION "devel-a92fbc754"
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/m4/reorganization/version.m4
clamav-0.103.6+dfsg/m4/reorganization/version.m4
--- clamav-0.103.5+dfsg/m4/reorganization/version.m4 2022-01-11
00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/m4/reorganization/version.m4 2022-05-02
06:46:41.000000000 +0200
@@ -3,7 +3,7 @@
dnl For beta, set: VERSION="<version>-beta"
dnl For release candidate, set: VERSION="<version>-rc"
dnl For release, set: VERSION="<version>"
-VERSION="0.103.5"
+VERSION="0.103.6"
major=`echo $PACKAGE_VERSION |cut -d. -f1 | sed -e "s/[^0-9]//g"`
minor=`echo $PACKAGE_VERSION |cut -d. -f2 | sed -e "s/[^0-9]//g"`
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/NEWS.md clamav-0.103.6+dfsg/NEWS.md
--- clamav-0.103.5+dfsg/NEWS.md 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/NEWS.md 2022-05-02 06:46:41.000000000 +0200
@@ -3,6 +3,62 @@
Note: This file refers to the source tarball. Things described here may differ
slightly from the binary packages.
+## 0.103.6
+
+ClamAV 0.103.6 is a critical patch release with the following fixes:
+
+- [CVE-2022-20770](CVE-2022-20770): Fixed a possible infinite loop
vulnerability
+ in the CHM file parser.
+ Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and
+ prior versions.
+ Thank you to Michał Dardas for reporting this issue.
+
+- [CVE-2022-20796](CVE-2022-20796): Fixed a possible NULL-pointer dereference
+ crash in the scan verdict cache check.
+ Issue affects versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2.
+ Thank you to Alexander Patrakov and Antoine Gatineau for reporting this
issue.
+
+- [CVE-2022-20771](CVE-2022-20771): Fixed a possible infinite loop
vulnerability
+ in the TIFF file parser.
+ Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and
+ prior versions.
+ The issue only occurs if the "--alert-broken-media" ClamScan option is
+ enabled. For ClamD, the affected option is "AlertBrokenMedia yes", and for
+ libclamav it is the "CL_SCAN_HEURISTIC_BROKEN_MEDIA" scan option.
+ Thank you to Michał Dardas for reporting this issue.
+
+- [CVE-2022-20785](CVE-2022-20785): Fixed a possible memory leak in the
+ HTML file parser / Javascript normalizer.
+ Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and
+ prior versions.
+ Thank you to Michał Dardas for reporting this issue.
+
+- [CVE-2022-20792](CVE-2022-20792): Fixed a possible multi-byte heap buffer
+ overflow write vulnerability in the signature database load module.
+ The fix was to update the vendored regex library to the latest version.
+ Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and
+ prior versions.
+ Thank you to Michał Dardas for reporting this issue.
+
+- ClamOnAcc: Fixed a number of assorted stability issues and added niceties for
+ debugging ClamOnAcc. Patches courtesy of Frank Fegert.
+
+- Fixed an issue causing byte-compare subsignatures to cause an alert when they
+ match even if other conditions of the given logical signatures were not met.
+
+- Fix memleak when using multiple byte-compare subsignatures.
+ This fix was backported from 0.104.0.
+ Thank you to Andrea De Pasquale for contributing the fix.
+
+- Assorted bug fixes and improvements.
+
+Special thanks to the following people for code contributions and bug reports:
+- Alexander Patrakov
+- Andrea De Pasquale
+- Antoine Gatineau
+- Frank Fegert
+- Michał Dardas
+
## 0.103.5
ClamAV 0.103.5 is a critical patch release with the following fixes:
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude
searchindex.js clamav-0.103.5+dfsg/unit_tests/check_jsnorm.c
clamav-0.103.6+dfsg/unit_tests/check_jsnorm.c
--- clamav-0.103.5+dfsg/unit_tests/check_jsnorm.c 2022-01-11
00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/unit_tests/check_jsnorm.c 2022-05-02
06:46:41.000000000 +0200
@@ -247,7 +247,7 @@
fd = open(filename, O_RDONLY);
if (fd < 0) {
jstest_teardown();
- ck_assert_msg("failed to open output file: %s", filename);
+ ck_assert_msg(0, "failed to open output file: %s", filename);
}
diff_file_mem(fd, expected, len);
