[Pkg-clamav-devel] Bug#1011746: bullseye-pu: package clamav/0.103.6+dfsg-0+deb11u1
Sebastian Andrzej Siewior
sebastian at breakpoint.cc
Thu May 26 09:47:52 BST 2022
Package: release.debian.org
User: release.debian.org at packages.debian.org
Usertags: pu
Tags: bullseye
Severity: normal
This is an long overdue update to the clamav package. It is a stable
update provided by upstream closing CVEs bugs:
- CVE-2022-20770 (Possible infinite loop vulnerability in the CHM file
parser).
- CVE-2022-20796 (Possible NULL-pointer dereference crash in the scan
verdict cache check).
- CVE-2022-20771 (Possible infinite loop vulnerability in the TIFF file
parser).
- CVE-2022-20785 (Possible memory leak in the HTML file parser/
Javascript normalizer).
- CVE-2022-20792 (Possible multi-byte heap buffer overflow write
vulnerability in the signature database load module.
Please find attached the debdiff.
The upload to unstable occurred on 12th May. I'm not aware of any
regressions.
I have the Buster version running on my machine since this morning. I'm
confident and don't expect any surprises.
Sebastian
-------------- next part --------------
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/clamonacc/clamav-clamonacc.service.in clamav-0.103.6+dfsg/clamonacc/clamav-clamonacc.service.in
--- clamav-0.103.5+dfsg/clamonacc/clamav-clamonacc.service.in 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/clamonacc/clamav-clamonacc.service.in 2022-05-02 06:46:41.000000000 +0200
@@ -11,7 +11,7 @@
Type=simple
User=root
ExecStartPre=/bin/bash -c "while [ ! -S /run/clamav/clamd.ctl ]; do sleep 1; done"
-ExecStart=@prefix@/sbin/clamonacc -F --config-file=@APP_CONFIG_DIRECTORY@/clamd.conf --log=/var/log/clamav/clamonacc.log --move=/root/quarantine
+ExecStart=@prefix@/sbin/clamonacc -F --log=/var/log/clamav/clamonacc.log --move=/root/quarantine
[Install]
WantedBy=multi-user.target
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/clamonacc/c-thread-pool/thpool.c clamav-0.103.6+dfsg/clamonacc/c-thread-pool/thpool.c
--- clamav-0.103.5+dfsg/clamonacc/c-thread-pool/thpool.c 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/clamonacc/c-thread-pool/thpool.c 2022-05-02 06:46:41.000000000 +0200
@@ -18,7 +18,9 @@
#include <time.h>
#if defined(__linux__)
#include <sys/prctl.h>
+#include <sys/syscall.h>
#endif
+#include "output.h"
#include "thpool.h"
@@ -282,7 +284,7 @@
static int thread_init (thpool_* thpool_p, struct thread** thread_p, int id){
*thread_p = (struct thread*)malloc(sizeof(struct thread));
- if (thread_p == NULL){
+ if (*thread_p == NULL){
err("thread_init(): Could not allocate memory for thread\n");
return -1;
}
@@ -290,7 +292,7 @@
(*thread_p)->thpool_p = thpool_p;
(*thread_p)->id = id;
- pthread_create(&(*thread_p)->pthread, NULL, (void *)thread_do, (*thread_p));
+ pthread_create(&(*thread_p)->pthread, NULL, (void * (*)(void *)) thread_do, (*thread_p));
pthread_detach((*thread_p)->pthread);
return 0;
}
@@ -317,8 +319,8 @@
static void* thread_do(struct thread* thread_p){
/* Set thread name for profiling and debuging */
- char thread_name[128] = {0};
- sprintf(thread_name, "thread-pool-%d", thread_p->id);
+ char thread_name[32] = {0};
+ snprintf(thread_name, 32, "thread-pool-%d", thread_p->id);
#if defined(__linux__)
/* Use prctl instead to prevent using _GNU_SOURCE flag and implicit declaration */
@@ -456,11 +458,7 @@
/* Get first job from queue(removes it from queue)
-<<<<<<< HEAD
- *
* Notice: Caller MUST hold a mutex
-=======
->>>>>>> da2c0fe45e43ce0937f272c8cd2704bdc0afb490
*/
static struct job* jobqueue_pull(jobqueue* jobqueue_p){
@@ -473,12 +471,14 @@
break;
case 1: /* if one job in queue */
+ logg("*jobqueue_pull: Thread %d pulled last job from queue.\n", syscall(SYS_gettid));
jobqueue_p->front = NULL;
jobqueue_p->rear = NULL;
jobqueue_p->len = 0;
break;
default: /* if >1 jobs in queue */
+ logg("*jobqueue_pull: Thread %d pulled a job from queue.\n", syscall(SYS_gettid));
jobqueue_p->front = job_p->prev;
jobqueue_p->len--;
/* more than one job in queue -> post it */
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/clamonacc/c-thread-pool/thpool.h clamav-0.103.6+dfsg/clamonacc/c-thread-pool/thpool.h
--- clamav-0.103.5+dfsg/clamonacc/c-thread-pool/thpool.h 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/clamonacc/c-thread-pool/thpool.h 2022-05-02 06:46:41.000000000 +0200
@@ -20,7 +20,7 @@
/**
* @brief Initialize threadpool
*
- * Initializes a threadpool. This function will not return untill all
+ * Initializes a threadpool. This function will not return until all
* threads have initialized successfully.
*
* @example
@@ -62,7 +62,7 @@
* @param threadpool threadpool to which the work will be added
* @param function_p pointer to function to add as work
* @param arg_p pointer to an argument
- * @return 0 on successs, -1 otherwise.
+ * @return 0 on success, -1 otherwise.
*/
int thpool_add_work(threadpool, void (*function_p)(void*), void* arg_p);
@@ -77,7 +77,7 @@
* Smart polling is used in wait. The polling is initially 0 - meaning that
* there is virtually no polling at all. If after 1 seconds the threads
* haven't finished, the polling interval starts growing exponentially
- * untill it reaches max_secs seconds. Then it jumps down to a maximum polling
+ * until it reaches max_secs seconds. Then it jumps down to a maximum polling
* interval assuming that heavy processing is being used in the threadpool.
*
* @example
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/clamonacc/inotif/inotif.c clamav-0.103.6+dfsg/clamonacc/inotif/inotif.c
--- clamav-0.103.5+dfsg/clamonacc/inotif/inotif.c 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/clamonacc/inotif/inotif.c 2022-05-02 06:46:41.000000000 +0200
@@ -30,6 +30,9 @@
#include <fcntl.h>
#include <signal.h>
#include <pthread.h>
+#if defined(__linux__)
+#include <sys/prctl.h>
+#endif
#include <string.h>
#include <errno.h>
#include <stdbool.h>
@@ -293,7 +296,7 @@
if (type & ONAS_IN) {
wd = hnode->wd;
- if (!inotify_rm_watch(fd, wd)) return CL_EARG;
+ if (!inotify_rm_watch(fd, wd) && errno != ENOENT) return CL_EARG;
/* Unlink the hash node from the watch descriptor lookup table */
hnode->wd = 0;
@@ -359,6 +362,18 @@
void *onas_ddd_th(void *arg)
{
+ /* Set thread name for profiling and debuging */
+ const char thread_name[] = "clamonacc-ddd";
+
+#if defined(__linux__)
+ /* Use prctl instead to prevent using _GNU_SOURCE flag and implicit declaration */
+ prctl(PR_SET_NAME, thread_name);
+#elif defined(__APPLE__) && defined(__MACH__)
+ pthread_setname_np(thread_name);
+#else
+ logg("^ClamInotif: Setting of the thread name is currently not supported on this system\n");
+#endif
+
struct onas_context *ctx = (struct onas_context *)arg;
sigset_t sigset;
const struct optstruct *pt;
@@ -381,14 +396,16 @@
sigdelset(&sigset, SIGUSR1);
sigdelset(&sigset, SIGUSR2);
/* The behavior of a process is undefined after it ignores a
- * SIGFPE, SIGILL, SIGSEGV, or SIGBUS signal */
+ * SIGFPE, SIGILL, SIGSEGV, or SIGBUS signal */
sigdelset(&sigset, SIGFPE);
sigdelset(&sigset, SIGILL);
+ sigdelset(&sigset, SIGSEGV);
sigdelset(&sigset, SIGTERM);
sigdelset(&sigset, SIGINT);
#ifdef SIGBUS
sigdelset(&sigset, SIGBUS);
#endif
+ pthread_sigmask(SIG_SETMASK, &sigset, NULL);
logg("*ClamInotif: starting inotify event loop ...\n");
@@ -629,46 +646,57 @@
event = (const struct inotify_event *)p;
wd = event->wd;
- path = wdlt[wd];
+ if (wd >= 0)
+ path = wdlt[wd];
+ else
+ path = NULL;
child = event->name;
if (path == NULL) {
- logg("*ClamInotif: watch descriptor not found in lookup table ... skipping\n");
+ logg("*ClamInotif: watch descriptor (wd:%d) not found in lookup table ... skipping\n", wd);
continue;
}
- len = strlen(path);
- size_t size = strlen(child) + len + 2;
- char *child_path = (char *)cli_malloc(size);
- if (child_path == NULL) {
- logg("*ClamInotif: could not allocate space for child path ... aborting\n");
- return NULL;
- }
-
- if (path[len - 1] == '/') {
- snprintf(child_path, --size, "%s%s", path, child);
+ if (event->mask & IN_UNMOUNT) {
+ logg("!ClamInotif: inofify event IN_UNMOUNT (mask:%d) occured, clamonacc should be restartet because a filesystem monitored by inotify was umounted.\n", event->mask);
+ } else if (event->mask & IN_Q_OVERFLOW) {
+ logg("!ClamInotif: inotify event IN_Q_OVERFLOW (mask:%d) occured, clamonacc should be restartet because a inotify events were dropped by the kernel and the internal clamonacc inotify data structures are likely invalid.\n", event->mask);
+ } else if (event->mask & IN_IGNORED) {
+ // Ignore for debugging purposes
} else {
- snprintf(child_path, size, "%s/%s", path, child);
- }
+ len = strlen(path);
+ size_t size = strlen(child) + len + 2;
+ char *child_path = (char *)cli_malloc(size);
+ if (child_path == NULL) {
+ logg("*ClamInotif: could not allocate space for child path ... aborting\n");
+ return NULL;
+ }
- if (event->mask & IN_DELETE) {
- onas_ddd_handle_in_delete(ctx, path, child_path, event, wd);
+ if (path[len - 1] == '/') {
+ snprintf(child_path, --size, "%s%s", path, child);
+ } else {
+ snprintf(child_path, size, "%s/%s", path, child);
+ }
- } else if (event->mask & IN_MOVED_FROM) {
- onas_ddd_handle_in_moved_from(ctx, path, child_path, event, wd);
+ if (event->mask & IN_DELETE) {
+ onas_ddd_handle_in_delete(ctx, path, child_path, event, wd);
- } else if (event->mask & IN_CREATE) {
- onas_ddd_handle_in_create(ctx, path, child_path, event, wd, in_mask);
+ } else if (event->mask & IN_MOVED_FROM) {
+ onas_ddd_handle_in_moved_from(ctx, path, child_path, event, wd);
- } else if (event->mask & IN_CLOSE_WRITE) {
- onas_ddd_handle_in_close_write(ctx, child_path);
+ } else if (event->mask & IN_CREATE) {
+ onas_ddd_handle_in_create(ctx, path, child_path, event, wd, in_mask);
- } else if (event->mask & IN_MOVED_TO) {
- onas_ddd_handle_in_moved_to(ctx, path, child_path, event, wd, in_mask);
- }
+ } else if (event->mask & IN_CLOSE_WRITE) {
+ onas_ddd_handle_in_close_write(ctx, child_path);
- free(child_path);
- child_path = NULL;
+ } else if (event->mask & IN_MOVED_TO) {
+ onas_ddd_handle_in_moved_to(ctx, path, child_path, event, wd, in_mask);
+ }
+
+ free(child_path);
+ child_path = NULL;
+ }
}
}
}
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/clamonacc/scan/onas_queue.c clamav-0.103.6+dfsg/clamonacc/scan/onas_queue.c
--- clamav-0.103.5+dfsg/clamonacc/scan/onas_queue.c 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/clamonacc/scan/onas_queue.c 2022-05-02 06:46:41.000000000 +0200
@@ -30,6 +30,9 @@
#include <fcntl.h>
#include <signal.h>
#include <pthread.h>
+#if defined(__linux__)
+#include <sys/prctl.h>
+#endif
#include <string.h>
// libclamav
@@ -142,6 +145,17 @@
void *onas_scan_queue_th(void *arg)
{
+ /* Set thread name for profiling and debuging */
+ const char thread_name[] = "clamonacc-sq";
+
+#if defined(__linux__)
+ /* Use prctl instead to prevent using _GNU_SOURCE flag and implicit declaration */
+ prctl(PR_SET_NAME, thread_name);
+#elif defined(__APPLE__) && defined(__MACH__)
+ pthread_setname_np(thread_name);
+#else
+ logg("^ClamScanQueue: Setting of the thread name is currently not supported on this system\n");
+#endif
/* not a ton of use for context right now, but perhaps in the future we can pass in more options */
struct onas_context *ctx = (struct onas_context *)arg;
@@ -152,7 +166,7 @@
sigfillset(&sigset);
sigdelset(&sigset, SIGUSR2);
/* The behavior of a process is undefined after it ignores a
- * SIGFPE, SIGILL, SIGSEGV, or SIGBUS signal */
+ * SIGFPE, SIGILL, SIGSEGV, or SIGBUS signal */
sigdelset(&sigset, SIGFPE);
sigdelset(&sigset, SIGILL);
sigdelset(&sigset, SIGSEGV);
@@ -161,6 +175,7 @@
#ifdef SIGBUS
sigdelset(&sigset, SIGBUS);
#endif
+ pthread_sigmask(SIG_SETMASK, &sigset, NULL);
logg("*ClamScanQueue: initializing event queue consumer ... (%d) threads in thread pool\n", ctx->maxthreads);
onas_init_event_queue();
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/CMakeLists.txt clamav-0.103.6+dfsg/CMakeLists.txt
--- clamav-0.103.5+dfsg/CMakeLists.txt 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/CMakeLists.txt 2022-05-02 06:46:41.000000000 +0200
@@ -15,7 +15,7 @@
set(VERSION_SUFFIX "")
project( ClamAV
- VERSION "0.103.5"
+ VERSION "0.103.6"
DESCRIPTION "ClamAV open source email, web, and end-point anti-virus toolkit." )
set(CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake" ${CMAKE_MODULE_PATH})
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/configure clamav-0.103.6+dfsg/configure
--- clamav-0.103.5+dfsg/configure 2022-01-11 00:18:10.000000000 +0100
+++ clamav-0.103.6+dfsg/configure 2022-05-02 06:47:06.000000000 +0200
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for ClamAV 0.103.5.
+# Generated by GNU Autoconf 2.69 for ClamAV 0.103.6.
#
# Report bugs to <https://github.com/Cisco-Talos/clamav/issues>.
#
@@ -592,8 +592,8 @@
# Identity of this package.
PACKAGE_NAME='ClamAV'
PACKAGE_TARNAME='clamav'
-PACKAGE_VERSION='0.103.5'
-PACKAGE_STRING='ClamAV 0.103.5'
+PACKAGE_VERSION='0.103.6'
+PACKAGE_STRING='ClamAV 0.103.6'
PACKAGE_BUGREPORT='https://github.com/Cisco-Talos/clamav/issues'
PACKAGE_URL='https://www.clamav.net/'
@@ -1606,7 +1606,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures ClamAV 0.103.5 to adapt to many kinds of systems.
+\`configure' configures ClamAV 0.103.6 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1687,7 +1687,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of ClamAV 0.103.5:";;
+ short | recursive ) echo "Configuration of ClamAV 0.103.6:";;
esac
cat <<\_ACEOF
--enable-dependency-tracking
@@ -1922,7 +1922,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-ClamAV configure 0.103.5
+ClamAV configure 0.103.6
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2550,7 +2550,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by ClamAV $as_me 0.103.5, which was
+It was created by ClamAV $as_me 0.103.6, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -4308,7 +4308,7 @@
# Define the identity of the package.
PACKAGE='clamav'
- VERSION='0.103.5'
+ VERSION='0.103.6'
# Some tools Automake needs.
@@ -6036,7 +6036,7 @@
$as_echo "#define PACKAGE PACKAGE_NAME" >>confdefs.h
-VERSION="0.103.5"
+VERSION="0.103.6"
major=`echo $PACKAGE_VERSION |cut -d. -f1 | sed -e "s/^0-9//g"`
minor=`echo $PACKAGE_VERSION |cut -d. -f2 | sed -e "s/^0-9//g"`
@@ -31896,7 +31896,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by ClamAV $as_me 0.103.5, which was
+This file was extended by ClamAV $as_me 0.103.6, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -31963,7 +31963,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-ClamAV config.status 0.103.5
+ClamAV config.status 0.103.6
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
@@ -34813,7 +34813,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by ClamAV $as_me 0.103.5, which was
+This file was extended by ClamAV $as_me 0.103.6, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -34880,7 +34880,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-ClamAV config.status 0.103.5
+ClamAV config.status 0.103.6
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/configure.ac clamav-0.103.6+dfsg/configure.ac
--- clamav-0.103.5+dfsg/configure.ac 2022-01-12 20:53:22.000000000 +0100
+++ clamav-0.103.6+dfsg/configure.ac 2022-05-12 18:34:19.000000000 +0200
@@ -22,7 +22,7 @@
dnl For a release change [devel] to the real version [0.xy]
dnl also change VERSION below
-AC_INIT([ClamAV], [0.103.5], [https://github.com/Cisco-Talos/clamav/issues], [clamav], [https://www.clamav.net/])
+AC_INIT([ClamAV], [0.103.6], [https://github.com/Cisco-Talos/clamav/issues], [clamav], [https://www.clamav.net/])
dnl put configure auxiliary into config
AC_CONFIG_AUX_DIR([config])
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/debian/changelog clamav-0.103.6+dfsg/debian/changelog
--- clamav-0.103.5+dfsg/debian/changelog 2022-01-13 21:49:00.000000000 +0100
+++ clamav-0.103.6+dfsg/debian/changelog 2022-05-26 10:17:16.000000000 +0200
@@ -1,3 +1,20 @@
+clamav (0.103.6+dfsg-0+deb11u1) bullseye; urgency=medium
+
+ * Import 0.103.6
+ - CVE-2022-20770 (Possible infinite loop vulnerability in the CHM file
+ parser).
+ - CVE-2022-20796 (Possible NULL-pointer dereference crash in the scan
+ verdict cache check).
+ - CVE-2022-20771 (Possible infinite loop vulnerability in the TIFF file
+ parser).
+ - CVE-2022-20785 (Possible memory leak in the HTML file parser/
+ Javascript normalizer).
+ - CVE-2022-20792 (Possible multi-byte heap buffer overflow write
+ vulnerability in the signature database load module.
+ - Update symbol file.
+
+ -- Sebastian Andrzej Siewior <sebastian at breakpoint.cc> Thu, 26 May 2022 10:17:16 +0200
+
clamav (0.103.5+dfsg-0+deb11u1) bullseye; urgency=medium
* Import 0.103.5
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/debian/.git-dpm clamav-0.103.6+dfsg/debian/.git-dpm
--- clamav-0.103.5+dfsg/debian/.git-dpm 2022-01-13 21:49:00.000000000 +0100
+++ clamav-0.103.6+dfsg/debian/.git-dpm 2022-05-26 10:14:47.000000000 +0200
@@ -1,8 +1,8 @@
# see git-dpm(1) from git-dpm package
-d98f95bd2562d8205e1e0a209c06c7706b9107fc
-d98f95bd2562d8205e1e0a209c06c7706b9107fc
-857db6f7fe6291d39090c77afdefa94d97161cb2
-857db6f7fe6291d39090c77afdefa94d97161cb2
-clamav_0.103.5+dfsg.orig.tar.xz
-6b767150c6b8cb9c8c6b11a2ae3df961fd65533f
-7121136
+dbab766c81312b2a8cbd37258a5a3510c4e98085
+dbab766c81312b2a8cbd37258a5a3510c4e98085
+75754d0f4c00d0ac0864e2a506bfc1d977d55d00
+75754d0f4c00d0ac0864e2a506bfc1d977d55d00
+clamav_0.103.6+dfsg.orig.tar.xz
+6212705bf2cb168a55f76ae4cab31fa40909aed8
+7135300
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/debian/libclamav9.symbols clamav-0.103.6+dfsg/debian/libclamav9.symbols
--- clamav-0.103.5+dfsg/debian/libclamav9.symbols 2022-01-13 21:49:00.000000000 +0100
+++ clamav-0.103.6+dfsg/debian/libclamav9.symbols 2022-05-26 10:16:58.000000000 +0200
@@ -1,20 +1,20 @@
libclamav.so.9 libclamav9 #MINVER#
* Build-Depends-Package: libclamav-dev
- CLAMAV_PRIVATE at CLAMAV_PRIVATE 0.103.5
+ CLAMAV_PRIVATE at CLAMAV_PRIVATE 0.103.6
CLAMAV_PUBLIC at CLAMAV_PUBLIC 0.101.0
- __cli_strcasestr at CLAMAV_PRIVATE 0.103.5
- __cli_strndup at CLAMAV_PRIVATE 0.103.5
- __cli_strnlen at CLAMAV_PRIVATE 0.103.5
- __cli_strnstr at CLAMAV_PRIVATE 0.103.5
- base64Flush at CLAMAV_PRIVATE 0.103.5
- blobAddData at CLAMAV_PRIVATE 0.103.5
- blobCreate at CLAMAV_PRIVATE 0.103.5
- blobDestroy at CLAMAV_PRIVATE 0.103.5
- cl_ASN1_GetTimeT at CLAMAV_PRIVATE 0.103.5
+ __cli_strcasestr at CLAMAV_PRIVATE 0.103.6
+ __cli_strndup at CLAMAV_PRIVATE 0.103.6
+ __cli_strnlen at CLAMAV_PRIVATE 0.103.6
+ __cli_strnstr at CLAMAV_PRIVATE 0.103.6
+ base64Flush at CLAMAV_PRIVATE 0.103.6
+ blobAddData at CLAMAV_PRIVATE 0.103.6
+ blobCreate at CLAMAV_PRIVATE 0.103.6
+ blobDestroy at CLAMAV_PRIVATE 0.103.6
+ cl_ASN1_GetTimeT at CLAMAV_PRIVATE 0.103.6
cl_always_gen_section_hash at CLAMAV_PUBLIC 0.101.0
- cl_base64_decode at CLAMAV_PRIVATE 0.103.5
- cl_base64_encode at CLAMAV_PRIVATE 0.103.5
- cl_cleanup_crypto at CLAMAV_PRIVATE 0.103.5
+ cl_base64_decode at CLAMAV_PRIVATE 0.103.6
+ cl_base64_encode at CLAMAV_PRIVATE 0.103.6
+ cl_cleanup_crypto at CLAMAV_PRIVATE 0.103.6
cl_countsigs at CLAMAV_PUBLIC 0.101.0
cl_cvdfree at CLAMAV_PUBLIC 0.101.0
cl_cvdhead at CLAMAV_PUBLIC 0.101.0
@@ -54,21 +54,21 @@
cl_fmap_close at CLAMAV_PUBLIC 0.101.0
cl_fmap_open_handle at CLAMAV_PUBLIC 0.101.0
cl_fmap_open_memory at CLAMAV_PUBLIC 0.101.0
- cl_get_pkey_file at CLAMAV_PRIVATE 0.103.5
- cl_get_x509_from_mem at CLAMAV_PRIVATE 0.103.5
- cl_hash_data at CLAMAV_PRIVATE 0.103.5
+ cl_get_pkey_file at CLAMAV_PRIVATE 0.103.6
+ cl_get_x509_from_mem at CLAMAV_PRIVATE 0.103.6
+ cl_hash_data at CLAMAV_PRIVATE 0.103.6
cl_hash_destroy at CLAMAV_PUBLIC 0.101.0
- cl_hash_file_fd at CLAMAV_PRIVATE 0.103.5
- cl_hash_file_fd_ctx at CLAMAV_PRIVATE 0.103.5
- cl_hash_file_fp at CLAMAV_PRIVATE 0.103.5
+ cl_hash_file_fd at CLAMAV_PRIVATE 0.103.6
+ cl_hash_file_fd_ctx at CLAMAV_PRIVATE 0.103.6
+ cl_hash_file_fp at CLAMAV_PRIVATE 0.103.6
cl_hash_init at CLAMAV_PUBLIC 0.101.0
cl_init at CLAMAV_PUBLIC 0.101.0
- cl_initialize_crypto at CLAMAV_PRIVATE 0.103.5
+ cl_initialize_crypto at CLAMAV_PRIVATE 0.103.6
cl_load at CLAMAV_PUBLIC 0.101.0
- cl_load_cert at CLAMAV_PRIVATE 0.103.5
- cl_load_crl at CLAMAV_PRIVATE 0.103.5
+ cl_load_cert at CLAMAV_PRIVATE 0.103.6
+ cl_load_crl at CLAMAV_PRIVATE 0.103.6
cl_retdbdir at CLAMAV_PUBLIC 0.101.0
- cl_retflevel at CLAMAV_PUBLIC 0.103.5
+ cl_retflevel at CLAMAV_PUBLIC 0.103.6
cl_retver at CLAMAV_PUBLIC 0.101.0
cl_scandesc at CLAMAV_PUBLIC 0.101.0
cl_scandesc_callback at CLAMAV_PUBLIC 0.101.0
@@ -76,196 +76,196 @@
cl_scanfile_callback at CLAMAV_PUBLIC 0.101.0
cl_scanmap_callback at CLAMAV_PUBLIC 0.101.0
cl_set_clcb_msg at CLAMAV_PUBLIC 0.101.0
- cl_sha1 at CLAMAV_PRIVATE 0.103.5
- cl_sha256 at CLAMAV_PRIVATE 0.103.5
- cl_sign_data at CLAMAV_PRIVATE 0.103.5
- cl_sign_data_keyfile at CLAMAV_PRIVATE 0.103.5
- cl_sign_file_fd at CLAMAV_PRIVATE 0.103.5
- cl_sign_file_fp at CLAMAV_PRIVATE 0.103.5
+ cl_sha1 at CLAMAV_PRIVATE 0.103.6
+ cl_sha256 at CLAMAV_PRIVATE 0.103.6
+ cl_sign_data at CLAMAV_PRIVATE 0.103.6
+ cl_sign_data_keyfile at CLAMAV_PRIVATE 0.103.6
+ cl_sign_file_fd at CLAMAV_PRIVATE 0.103.6
+ cl_sign_file_fp at CLAMAV_PRIVATE 0.103.6
cl_statchkdir at CLAMAV_PUBLIC 0.101.0
cl_statfree at CLAMAV_PUBLIC 0.101.0
cl_statinidir at CLAMAV_PUBLIC 0.101.0
cl_strerror at CLAMAV_PUBLIC 0.101.0
cl_update_hash at CLAMAV_PUBLIC 0.101.0
- cl_validate_certificate_chain at CLAMAV_PRIVATE 0.103.5
- cl_validate_certificate_chain_ts_dir at CLAMAV_PRIVATE 0.103.5
- cl_verify_signature at CLAMAV_PRIVATE 0.103.5
- cl_verify_signature_fd at CLAMAV_PRIVATE 0.103.5
- cl_verify_signature_fd_x509 at CLAMAV_PRIVATE 0.103.5
- cl_verify_signature_fd_x509_keyfile at CLAMAV_PRIVATE 0.103.5
- cl_verify_signature_hash at CLAMAV_PRIVATE 0.103.5
- cl_verify_signature_hash_x509 at CLAMAV_PRIVATE 0.103.5
- cl_verify_signature_hash_x509_keyfile at CLAMAV_PRIVATE 0.103.5
- cl_verify_signature_x509 at CLAMAV_PRIVATE 0.103.5
- cl_verify_signature_x509_keyfile at CLAMAV_PRIVATE 0.103.5
- cli_ac_buildtrie at CLAMAV_PRIVATE 0.103.5
- cli_ac_chklsig at CLAMAV_PRIVATE 0.103.5
- cli_ac_free at CLAMAV_PRIVATE 0.103.5
- cli_ac_freedata at CLAMAV_PRIVATE 0.103.5
- cli_ac_init at CLAMAV_PRIVATE 0.103.5
- cli_ac_initdata at CLAMAV_PRIVATE 0.103.5
- cli_ac_scanbuff at CLAMAV_PRIVATE 0.103.5
- cli_basename at CLAMAV_PRIVATE 0.103.5
- cli_bm_free at CLAMAV_PRIVATE 0.103.5
- cli_bm_init at CLAMAV_PRIVATE 0.103.5
- cli_bm_scanbuff at CLAMAV_PRIVATE 0.103.5
- cli_build_regex_list at CLAMAV_PRIVATE 0.103.5
- cli_bytecode_context_alloc at CLAMAV_PRIVATE 0.103.5
- cli_bytecode_context_clear at CLAMAV_PRIVATE 0.103.5
- cli_bytecode_context_destroy at CLAMAV_PRIVATE 0.103.5
- cli_bytecode_context_getresult_int at CLAMAV_PRIVATE 0.103.5
- cli_bytecode_context_set_trace at CLAMAV_PRIVATE 0.103.5
- cli_bytecode_context_setfile at CLAMAV_PRIVATE 0.103.5
- cli_bytecode_context_setfuncid at CLAMAV_PRIVATE 0.103.5
- cli_bytecode_context_setparam_int at CLAMAV_PRIVATE 0.103.5
- cli_bytecode_context_setparam_ptr at CLAMAV_PRIVATE 0.103.5
- cli_bytecode_debug at CLAMAV_PRIVATE 0.103.5
- cli_bytecode_debug_printsrc at CLAMAV_PRIVATE 0.103.5
- cli_bytecode_describe at CLAMAV_PRIVATE 0.103.5
- cli_bytecode_destroy at CLAMAV_PRIVATE 0.103.5
- cli_bytecode_done at CLAMAV_PRIVATE 0.103.5
- cli_bytecode_init at CLAMAV_PRIVATE 0.103.5
- cli_bytecode_load at CLAMAV_PRIVATE 0.103.5
- cli_bytecode_prepare2 at CLAMAV_PRIVATE 0.103.5
- cli_bytecode_printversion at CLAMAV_PRIVATE 0.103.5
- cli_bytecode_run at CLAMAV_PRIVATE 0.103.5
- cli_bytefunc_describe at CLAMAV_PRIVATE 0.103.5
- cli_byteinst_describe at CLAMAV_PRIVATE 0.103.5
- cli_bytetype_describe at CLAMAV_PRIVATE 0.103.5
- cli_bytevalue_describe at CLAMAV_PRIVATE 0.103.5
- cli_calloc at CLAMAV_PRIVATE 0.103.5
- cli_check_auth_header at CLAMAV_PRIVATE 0.103.5
- cli_chomp at CLAMAV_PRIVATE 0.103.5
- cli_codepage_to_utf8 at CLAMAV_PRIVATE 0.103.5
- cli_ctime at CLAMAV_PRIVATE 0.103.5
- cli_cvdunpack at CLAMAV_PRIVATE 0.103.5
- cli_dbgmsg_internal at CLAMAV_PRIVATE 0.103.5
- cli_dconf_init at CLAMAV_PRIVATE 0.103.5
- cli_debug_flag at CLAMAV_PRIVATE 0.103.5
- cli_detect_environment at CLAMAV_PRIVATE 0.103.5
- cli_disasm_one at CLAMAV_PRIVATE 0.103.5
- cli_errmsg at CLAMAV_PRIVATE 0.103.5
- cli_filecopy at CLAMAV_PRIVATE 0.103.5
- cli_free_vba_project at CLAMAV_PRIVATE 0.103.5
- cli_ftw at CLAMAV_PRIVATE 0.103.5
- cli_genhash_pe at CLAMAV_PRIVATE 0.103.5
- cli_gentemp at CLAMAV_PRIVATE 0.103.5
- cli_gentemp_with_prefix at CLAMAV_PRIVATE 0.103.5
- cli_gentempfd at CLAMAV_PRIVATE 0.103.5
- cli_get_filepath_from_filedesc at CLAMAV_PRIVATE 0.103.5
- cli_gettmpdir at CLAMAV_PRIVATE 0.103.5
- cli_hashfile at CLAMAV_PRIVATE 0.103.5
- cli_hashset_destroy at CLAMAV_PRIVATE 0.103.5
- cli_hashstream at CLAMAV_PRIVATE 0.103.5
- cli_hex2str at CLAMAV_PRIVATE 0.103.5
- cli_hex2ui at CLAMAV_PRIVATE 0.103.5
- cli_initroots at CLAMAV_PRIVATE 0.103.5
- cli_isnumber at CLAMAV_PRIVATE 0.103.5
- cli_js_destroy at CLAMAV_PRIVATE 0.103.5
- cli_js_init at CLAMAV_PRIVATE 0.103.5
- cli_js_output at CLAMAV_PRIVATE 0.103.5
- cli_js_parse_done at CLAMAV_PRIVATE 0.103.5
- cli_js_process_buffer at CLAMAV_PRIVATE 0.103.5
- cli_ldbtokenize at CLAMAV_PRIVATE 0.103.5
- cli_malloc at CLAMAV_PRIVATE 0.103.5
- cli_memstr at CLAMAV_PRIVATE 0.103.5
- cli_ole2_extract at CLAMAV_PRIVATE 0.103.5
- cli_parse_add at CLAMAV_PRIVATE 0.103.5
- cli_pcre_build at CLAMAV_PRIVATE 0.103.5
- cli_pcre_freeoff at CLAMAV_PRIVATE 0.103.5
- cli_pcre_init at CLAMAV_PRIVATE 0.103.5
- cli_pcre_perf_events_destroy at CLAMAV_PRIVATE 0.103.5
- cli_pcre_perf_print at CLAMAV_PRIVATE 0.103.5
- cli_pcre_recaloff at CLAMAV_PRIVATE 0.103.5
- cli_pcre_scanbuf at CLAMAV_PRIVATE 0.103.5
- cli_ppt_vba_read at CLAMAV_PRIVATE 0.103.5
- cli_printcxxver at CLAMAV_PRIVATE 0.103.5
- cli_readn at CLAMAV_PRIVATE 0.103.5
- cli_realloc at CLAMAV_PRIVATE 0.103.5
- cli_realpath at CLAMAV_PRIVATE 0.103.5
- cli_regcomp at CLAMAV_PRIVATE 0.103.5
- cli_regex2suffix at CLAMAV_PRIVATE 0.103.5
- cli_regexec at CLAMAV_PRIVATE 0.103.5
- cli_regfree at CLAMAV_PRIVATE 0.103.5
- cli_rmdirs at CLAMAV_PRIVATE 0.103.5
- cli_rndnum at CLAMAV_PRIVATE 0.103.5
- cli_sanitize_filepath at CLAMAV_PRIVATE 0.103.5
- cli_scan_buff at CLAMAV_PRIVATE 0.103.5
- cli_scan_fmap at CLAMAV_PRIVATE 0.103.5
- cli_sigopts_handler at CLAMAV_PRIVATE 0.103.5
- cli_sigperf_events_destroy at CLAMAV_PRIVATE 0.103.5
- cli_sigperf_print at CLAMAV_PRIVATE 0.103.5
- cli_str2hex at CLAMAV_PRIVATE 0.103.5
- cli_strbcasestr at CLAMAV_PRIVATE 0.103.5
- cli_strdup at CLAMAV_PRIVATE 0.103.5
- cli_strerror at CLAMAV_PRIVATE 0.103.5
- cli_strlcat at CLAMAV_PRIVATE 0.103.5
- cli_strlcpy at CLAMAV_PRIVATE 0.103.5
- cli_strntoul at CLAMAV_PRIVATE 0.103.5
- cli_strrcpy at CLAMAV_PRIVATE 0.103.5
- cli_strtok at CLAMAV_PRIVATE 0.103.5
- cli_strtokbuf at CLAMAV_PRIVATE 0.103.5
- cli_strtokenize at CLAMAV_PRIVATE 0.103.5
- cli_textbuffer_append_normalize at CLAMAV_PRIVATE 0.103.5
- cli_unescape at CLAMAV_PRIVATE 0.103.5
- cli_unlink at CLAMAV_PRIVATE 0.103.5
- cli_url_canon at CLAMAV_PRIVATE 0.103.5
- cli_utf16_to_utf8 at CLAMAV_PRIVATE 0.103.5
- cli_utf16toascii at CLAMAV_PRIVATE 0.103.5
- cli_vba_inflate at CLAMAV_PRIVATE 0.103.5
- cli_vba_readdir at CLAMAV_PRIVATE 0.103.5
- cli_versig2 at CLAMAV_PRIVATE 0.103.5
- cli_versig at CLAMAV_PRIVATE 0.103.5
- cli_warnmsg at CLAMAV_PRIVATE 0.103.5
- cli_wm_decrypt_macro at CLAMAV_PRIVATE 0.103.5
- cli_wm_readdir at CLAMAV_PRIVATE 0.103.5
- cli_writen at CLAMAV_PRIVATE 0.103.5
- decodeLine at CLAMAV_PRIVATE 0.103.5
- disasmbuf at CLAMAV_PRIVATE 0.103.5
- fmap at CLAMAV_PRIVATE 0.103.5
- fmap_dump_to_file at CLAMAV_PRIVATE 0.103.5
- fmap_duplicate at CLAMAV_PRIVATE 0.103.5
- free_duplicate_fmap at CLAMAV_PRIVATE 0.103.5
- get_fpu_endian at CLAMAV_PRIVATE 0.103.5
- have_clamjit at CLAMAV_PRIVATE 0.103.5
- have_rar at CLAMAV_PRIVATE 0.103.5
- html_normalise_map at CLAMAV_PRIVATE 0.103.5
- html_normalise_mem at CLAMAV_PRIVATE 0.103.5
- html_screnc_decode at CLAMAV_PRIVATE 0.103.5
- html_tag_arg_free at CLAMAV_PRIVATE 0.103.5
- init_domainlist at CLAMAV_PRIVATE 0.103.5
- init_regex_list at CLAMAV_PRIVATE 0.103.5
- init_whitelist at CLAMAV_PRIVATE 0.103.5
- is_regex_ok at CLAMAV_PRIVATE 0.103.5
- load_regex_matcher at CLAMAV_PRIVATE 0.103.5
+ cl_validate_certificate_chain at CLAMAV_PRIVATE 0.103.6
+ cl_validate_certificate_chain_ts_dir at CLAMAV_PRIVATE 0.103.6
+ cl_verify_signature at CLAMAV_PRIVATE 0.103.6
+ cl_verify_signature_fd at CLAMAV_PRIVATE 0.103.6
+ cl_verify_signature_fd_x509 at CLAMAV_PRIVATE 0.103.6
+ cl_verify_signature_fd_x509_keyfile at CLAMAV_PRIVATE 0.103.6
+ cl_verify_signature_hash at CLAMAV_PRIVATE 0.103.6
+ cl_verify_signature_hash_x509 at CLAMAV_PRIVATE 0.103.6
+ cl_verify_signature_hash_x509_keyfile at CLAMAV_PRIVATE 0.103.6
+ cl_verify_signature_x509 at CLAMAV_PRIVATE 0.103.6
+ cl_verify_signature_x509_keyfile at CLAMAV_PRIVATE 0.103.6
+ cli_ac_buildtrie at CLAMAV_PRIVATE 0.103.6
+ cli_ac_chklsig at CLAMAV_PRIVATE 0.103.6
+ cli_ac_free at CLAMAV_PRIVATE 0.103.6
+ cli_ac_freedata at CLAMAV_PRIVATE 0.103.6
+ cli_ac_init at CLAMAV_PRIVATE 0.103.6
+ cli_ac_initdata at CLAMAV_PRIVATE 0.103.6
+ cli_ac_scanbuff at CLAMAV_PRIVATE 0.103.6
+ cli_basename at CLAMAV_PRIVATE 0.103.6
+ cli_bm_free at CLAMAV_PRIVATE 0.103.6
+ cli_bm_init at CLAMAV_PRIVATE 0.103.6
+ cli_bm_scanbuff at CLAMAV_PRIVATE 0.103.6
+ cli_build_regex_list at CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_context_alloc at CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_context_clear at CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_context_destroy at CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_context_getresult_int at CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_context_set_trace at CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_context_setfile at CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_context_setfuncid at CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_context_setparam_int at CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_context_setparam_ptr at CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_debug at CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_debug_printsrc at CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_describe at CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_destroy at CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_done at CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_init at CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_load at CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_prepare2 at CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_printversion at CLAMAV_PRIVATE 0.103.6
+ cli_bytecode_run at CLAMAV_PRIVATE 0.103.6
+ cli_bytefunc_describe at CLAMAV_PRIVATE 0.103.6
+ cli_byteinst_describe at CLAMAV_PRIVATE 0.103.6
+ cli_bytetype_describe at CLAMAV_PRIVATE 0.103.6
+ cli_bytevalue_describe at CLAMAV_PRIVATE 0.103.6
+ cli_calloc at CLAMAV_PRIVATE 0.103.6
+ cli_check_auth_header at CLAMAV_PRIVATE 0.103.6
+ cli_chomp at CLAMAV_PRIVATE 0.103.6
+ cli_codepage_to_utf8 at CLAMAV_PRIVATE 0.103.6
+ cli_ctime at CLAMAV_PRIVATE 0.103.6
+ cli_cvdunpack at CLAMAV_PRIVATE 0.103.6
+ cli_dbgmsg_internal at CLAMAV_PRIVATE 0.103.6
+ cli_dconf_init at CLAMAV_PRIVATE 0.103.6
+ cli_debug_flag at CLAMAV_PRIVATE 0.103.6
+ cli_detect_environment at CLAMAV_PRIVATE 0.103.6
+ cli_disasm_one at CLAMAV_PRIVATE 0.103.6
+ cli_errmsg at CLAMAV_PRIVATE 0.103.6
+ cli_filecopy at CLAMAV_PRIVATE 0.103.6
+ cli_free_vba_project at CLAMAV_PRIVATE 0.103.6
+ cli_ftw at CLAMAV_PRIVATE 0.103.6
+ cli_genhash_pe at CLAMAV_PRIVATE 0.103.6
+ cli_gentemp at CLAMAV_PRIVATE 0.103.6
+ cli_gentemp_with_prefix at CLAMAV_PRIVATE 0.103.6
+ cli_gentempfd at CLAMAV_PRIVATE 0.103.6
+ cli_get_filepath_from_filedesc at CLAMAV_PRIVATE 0.103.6
+ cli_gettmpdir at CLAMAV_PRIVATE 0.103.6
+ cli_hashfile at CLAMAV_PRIVATE 0.103.6
+ cli_hashset_destroy at CLAMAV_PRIVATE 0.103.6
+ cli_hashstream at CLAMAV_PRIVATE 0.103.6
+ cli_hex2str at CLAMAV_PRIVATE 0.103.6
+ cli_hex2ui at CLAMAV_PRIVATE 0.103.6
+ cli_initroots at CLAMAV_PRIVATE 0.103.6
+ cli_isnumber at CLAMAV_PRIVATE 0.103.6
+ cli_js_destroy at CLAMAV_PRIVATE 0.103.6
+ cli_js_init at CLAMAV_PRIVATE 0.103.6
+ cli_js_output at CLAMAV_PRIVATE 0.103.6
+ cli_js_parse_done at CLAMAV_PRIVATE 0.103.6
+ cli_js_process_buffer at CLAMAV_PRIVATE 0.103.6
+ cli_ldbtokenize at CLAMAV_PRIVATE 0.103.6
+ cli_malloc at CLAMAV_PRIVATE 0.103.6
+ cli_memstr at CLAMAV_PRIVATE 0.103.6
+ cli_ole2_extract at CLAMAV_PRIVATE 0.103.6
+ cli_parse_add at CLAMAV_PRIVATE 0.103.6
+ cli_pcre_build at CLAMAV_PRIVATE 0.103.6
+ cli_pcre_freeoff at CLAMAV_PRIVATE 0.103.6
+ cli_pcre_init at CLAMAV_PRIVATE 0.103.6
+ cli_pcre_perf_events_destroy at CLAMAV_PRIVATE 0.103.6
+ cli_pcre_perf_print at CLAMAV_PRIVATE 0.103.6
+ cli_pcre_recaloff at CLAMAV_PRIVATE 0.103.6
+ cli_pcre_scanbuf at CLAMAV_PRIVATE 0.103.6
+ cli_ppt_vba_read at CLAMAV_PRIVATE 0.103.6
+ cli_printcxxver at CLAMAV_PRIVATE 0.103.6
+ cli_readn at CLAMAV_PRIVATE 0.103.6
+ cli_realloc at CLAMAV_PRIVATE 0.103.6
+ cli_realpath at CLAMAV_PRIVATE 0.103.6
+ cli_regcomp at CLAMAV_PRIVATE 0.103.6
+ cli_regex2suffix at CLAMAV_PRIVATE 0.103.6
+ cli_regexec at CLAMAV_PRIVATE 0.103.6
+ cli_regfree at CLAMAV_PRIVATE 0.103.6
+ cli_rmdirs at CLAMAV_PRIVATE 0.103.6
+ cli_rndnum at CLAMAV_PRIVATE 0.103.6
+ cli_sanitize_filepath at CLAMAV_PRIVATE 0.103.6
+ cli_scan_buff at CLAMAV_PRIVATE 0.103.6
+ cli_scan_fmap at CLAMAV_PRIVATE 0.103.6
+ cli_sigopts_handler at CLAMAV_PRIVATE 0.103.6
+ cli_sigperf_events_destroy at CLAMAV_PRIVATE 0.103.6
+ cli_sigperf_print at CLAMAV_PRIVATE 0.103.6
+ cli_str2hex at CLAMAV_PRIVATE 0.103.6
+ cli_strbcasestr at CLAMAV_PRIVATE 0.103.6
+ cli_strdup at CLAMAV_PRIVATE 0.103.6
+ cli_strerror at CLAMAV_PRIVATE 0.103.6
+ cli_strlcat at CLAMAV_PRIVATE 0.103.6
+ cli_strlcpy at CLAMAV_PRIVATE 0.103.6
+ cli_strntoul at CLAMAV_PRIVATE 0.103.6
+ cli_strrcpy at CLAMAV_PRIVATE 0.103.6
+ cli_strtok at CLAMAV_PRIVATE 0.103.6
+ cli_strtokbuf at CLAMAV_PRIVATE 0.103.6
+ cli_strtokenize at CLAMAV_PRIVATE 0.103.6
+ cli_textbuffer_append_normalize at CLAMAV_PRIVATE 0.103.6
+ cli_unescape at CLAMAV_PRIVATE 0.103.6
+ cli_unlink at CLAMAV_PRIVATE 0.103.6
+ cli_url_canon at CLAMAV_PRIVATE 0.103.6
+ cli_utf16_to_utf8 at CLAMAV_PRIVATE 0.103.6
+ cli_utf16toascii at CLAMAV_PRIVATE 0.103.6
+ cli_vba_inflate at CLAMAV_PRIVATE 0.103.6
+ cli_vba_readdir at CLAMAV_PRIVATE 0.103.6
+ cli_versig2 at CLAMAV_PRIVATE 0.103.6
+ cli_versig at CLAMAV_PRIVATE 0.103.6
+ cli_warnmsg at CLAMAV_PRIVATE 0.103.6
+ cli_wm_decrypt_macro at CLAMAV_PRIVATE 0.103.6
+ cli_wm_readdir at CLAMAV_PRIVATE 0.103.6
+ cli_writen at CLAMAV_PRIVATE 0.103.6
+ decodeLine at CLAMAV_PRIVATE 0.103.6
+ disasmbuf at CLAMAV_PRIVATE 0.103.6
+ fmap at CLAMAV_PRIVATE 0.103.6
+ fmap_dump_to_file at CLAMAV_PRIVATE 0.103.6
+ fmap_duplicate at CLAMAV_PRIVATE 0.103.6
+ free_duplicate_fmap at CLAMAV_PRIVATE 0.103.6
+ get_fpu_endian at CLAMAV_PRIVATE 0.103.6
+ have_clamjit at CLAMAV_PRIVATE 0.103.6
+ have_rar at CLAMAV_PRIVATE 0.103.6
+ html_normalise_map at CLAMAV_PRIVATE 0.103.6
+ html_normalise_mem at CLAMAV_PRIVATE 0.103.6
+ html_screnc_decode at CLAMAV_PRIVATE 0.103.6
+ html_tag_arg_free at CLAMAV_PRIVATE 0.103.6
+ init_domainlist at CLAMAV_PRIVATE 0.103.6
+ init_regex_list at CLAMAV_PRIVATE 0.103.6
+ init_whitelist at CLAMAV_PRIVATE 0.103.6
+ is_regex_ok at CLAMAV_PRIVATE 0.103.6
+ load_regex_matcher at CLAMAV_PRIVATE 0.103.6
lsig_sub_matched at CLAMAV_PUBLIC 0.101.0
- messageCreate at CLAMAV_PRIVATE 0.103.5
- messageDestroy at CLAMAV_PRIVATE 0.103.5
- mpool_calloc at CLAMAV_PRIVATE 0.103.5
- mpool_create at CLAMAV_PRIVATE 0.103.5
- mpool_destroy at CLAMAV_PRIVATE 0.103.5
- mpool_free at CLAMAV_PRIVATE 0.103.5
- mpool_getstats at CLAMAV_PRIVATE 0.103.5
- phishingScan at CLAMAV_PRIVATE 0.103.5
- phishing_done at CLAMAV_PRIVATE 0.103.5
- phishing_init at CLAMAV_PRIVATE 0.103.5
- regex_list_add_pattern at CLAMAV_PRIVATE 0.103.5
- regex_list_done at CLAMAV_PRIVATE 0.103.5
- regex_list_match at CLAMAV_PRIVATE 0.103.5
- tableCreate at CLAMAV_PRIVATE 0.103.5
- tableDestroy at CLAMAV_PRIVATE 0.103.5
- tableFind at CLAMAV_PRIVATE 0.103.5
- tableInsert at CLAMAV_PRIVATE 0.103.5
- tableIterate at CLAMAV_PRIVATE 0.103.5
- tableRemove at CLAMAV_PRIVATE 0.103.5
- tableUpdate at CLAMAV_PRIVATE 0.103.5
- text_normalize_init at CLAMAV_PRIVATE 0.103.5
- text_normalize_map at CLAMAV_PRIVATE 0.103.5
- text_normalize_reset at CLAMAV_PRIVATE 0.103.5
- uniq_add at CLAMAV_PRIVATE 0.103.5
- uniq_free at CLAMAV_PRIVATE 0.103.5
- uniq_get at CLAMAV_PRIVATE 0.103.5
- uniq_init at CLAMAV_PRIVATE 0.103.5
+ messageCreate at CLAMAV_PRIVATE 0.103.6
+ messageDestroy at CLAMAV_PRIVATE 0.103.6
+ mpool_calloc at CLAMAV_PRIVATE 0.103.6
+ mpool_create at CLAMAV_PRIVATE 0.103.6
+ mpool_destroy at CLAMAV_PRIVATE 0.103.6
+ mpool_free at CLAMAV_PRIVATE 0.103.6
+ mpool_getstats at CLAMAV_PRIVATE 0.103.6
+ phishingScan at CLAMAV_PRIVATE 0.103.6
+ phishing_done at CLAMAV_PRIVATE 0.103.6
+ phishing_init at CLAMAV_PRIVATE 0.103.6
+ regex_list_add_pattern at CLAMAV_PRIVATE 0.103.6
+ regex_list_done at CLAMAV_PRIVATE 0.103.6
+ regex_list_match at CLAMAV_PRIVATE 0.103.6
+ tableCreate at CLAMAV_PRIVATE 0.103.6
+ tableDestroy at CLAMAV_PRIVATE 0.103.6
+ tableFind at CLAMAV_PRIVATE 0.103.6
+ tableInsert at CLAMAV_PRIVATE 0.103.6
+ tableIterate at CLAMAV_PRIVATE 0.103.6
+ tableRemove at CLAMAV_PRIVATE 0.103.6
+ tableUpdate at CLAMAV_PRIVATE 0.103.6
+ text_normalize_init at CLAMAV_PRIVATE 0.103.6
+ text_normalize_map at CLAMAV_PRIVATE 0.103.6
+ text_normalize_reset at CLAMAV_PRIVATE 0.103.6
+ uniq_add at CLAMAV_PRIVATE 0.103.6
+ uniq_free at CLAMAV_PRIVATE 0.103.6
+ uniq_get at CLAMAV_PRIVATE 0.103.6
+ uniq_init at CLAMAV_PRIVATE 0.103.6
libfreshclam.so.2 libclamav9 #MINVER#
FRESHCLAM_PRIVATE at FRESHCLAM_PRIVATE 0.103.0
FRESHCLAM_PUBLIC at FRESHCLAM_PUBLIC 0.102.1
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/debian/patches/Add-support-for-LLVM-3.7.patch clamav-0.103.6+dfsg/debian/patches/Add-support-for-LLVM-3.7.patch
--- clamav-0.103.5+dfsg/debian/patches/Add-support-for-LLVM-3.7.patch 2022-01-13 21:49:00.000000000 +0100
+++ clamav-0.103.6+dfsg/debian/patches/Add-support-for-LLVM-3.7.patch 2022-05-26 10:14:47.000000000 +0200
@@ -1,4 +1,4 @@
-From ca1a543796d95c62bf4c4b9ec15ad94bfcf08077 Mon Sep 17 00:00:00 2001
+From 2d58c75f1f386b3adbd2fe28022522d45d04e8c6 Mon Sep 17 00:00:00 2001
From: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
Date: Fri, 14 Oct 2016 20:24:39 +0200
Subject: Add support for LLVM 3.7
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/debian/patches/Add-support-for-LLVM-3.8.patch clamav-0.103.6+dfsg/debian/patches/Add-support-for-LLVM-3.8.patch
--- clamav-0.103.5+dfsg/debian/patches/Add-support-for-LLVM-3.8.patch 2022-01-13 21:49:00.000000000 +0100
+++ clamav-0.103.6+dfsg/debian/patches/Add-support-for-LLVM-3.8.patch 2022-05-26 10:14:47.000000000 +0200
@@ -1,4 +1,4 @@
-From f1ea5523cdfa2b0cda73d7afeff871cf6a27ef68 Mon Sep 17 00:00:00 2001
+From fd59841c7269e0f0df27e9fe615de63ab8b05e0b Mon Sep 17 00:00:00 2001
From: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
Date: Fri, 14 Oct 2016 20:24:48 +0200
Subject: Add support for LLVM 3.8
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/debian/patches/Add-support-for-LLVM-3.9.patch clamav-0.103.6+dfsg/debian/patches/Add-support-for-LLVM-3.9.patch
--- clamav-0.103.5+dfsg/debian/patches/Add-support-for-LLVM-3.9.patch 2022-01-13 21:49:00.000000000 +0100
+++ clamav-0.103.6+dfsg/debian/patches/Add-support-for-LLVM-3.9.patch 2022-05-26 10:14:47.000000000 +0200
@@ -1,4 +1,4 @@
-From db2466aa2494f16f5552b2b277af66bee4b087f4 Mon Sep 17 00:00:00 2001
+From dbab766c81312b2a8cbd37258a5a3510c4e98085 Mon Sep 17 00:00:00 2001
From: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
Date: Fri, 14 Oct 2016 20:24:56 +0200
Subject: Add support for LLVM 3.9
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/debian/patches/add-support-for-system-tomsfastmath.patch clamav-0.103.6+dfsg/debian/patches/add-support-for-system-tomsfastmath.patch
--- clamav-0.103.5+dfsg/debian/patches/add-support-for-system-tomsfastmath.patch 2022-01-13 21:49:00.000000000 +0100
+++ clamav-0.103.6+dfsg/debian/patches/add-support-for-system-tomsfastmath.patch 2022-05-26 10:14:47.000000000 +0200
@@ -1,4 +1,4 @@
-From c2db4e1f887e84773dcacbbf175eab292cf8aace Mon Sep 17 00:00:00 2001
+From 0827b641063cdca6a13cf4e4f6ea6f546ec327cb Mon Sep 17 00:00:00 2001
From: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
Date: Wed, 11 Mar 2015 20:03:15 +0100
Subject: add support for system tomsfastmath
@@ -14,7 +14,7 @@
create mode 100644 m4/reorganization/libs/tomsfastmath.m4
diff --git a/configure.ac b/configure.ac
-index 514a967..32be9e5 100644
+index d418ee9..9829ea3 100644
--- a/configure.ac
+++ b/configure.ac
@@ -98,6 +98,7 @@ m4_include([m4/reorganization/libs/libmspack.m4])
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/debian/patches/Change-paths-in-sample-conf-file-to-match-Debian.patch clamav-0.103.6+dfsg/debian/patches/Change-paths-in-sample-conf-file-to-match-Debian.patch
--- clamav-0.103.5+dfsg/debian/patches/Change-paths-in-sample-conf-file-to-match-Debian.patch 2022-01-13 21:49:00.000000000 +0100
+++ clamav-0.103.6+dfsg/debian/patches/Change-paths-in-sample-conf-file-to-match-Debian.patch 2022-05-26 10:14:47.000000000 +0200
@@ -1,4 +1,4 @@
-From 2e6262965ecae28f1880620661d352e0ff8e68b3 Mon Sep 17 00:00:00 2001
+From cf08cd90568253de1932a8e125b00ff2ffc26e3a Mon Sep 17 00:00:00 2001
From: Scott Kitterman <scott at kitterman.com>
Date: Mon, 10 Mar 2014 19:20:18 -0400
Subject: Change paths in sample conf file to match Debian
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/debian/patches/clamd_dont_depend_on_clamav_demon_socket.patch clamav-0.103.6+dfsg/debian/patches/clamd_dont_depend_on_clamav_demon_socket.patch
--- clamav-0.103.5+dfsg/debian/patches/clamd_dont_depend_on_clamav_demon_socket.patch 2022-01-13 21:49:00.000000000 +0100
+++ clamav-0.103.6+dfsg/debian/patches/clamd_dont_depend_on_clamav_demon_socket.patch 2022-05-26 10:14:47.000000000 +0200
@@ -1,4 +1,4 @@
-From 1fcbdac3d389676f930f06292a3f5ebcf58db2d0 Mon Sep 17 00:00:00 2001
+From e9ff8d69c35916f759e726c02aadbd2cd5e68678 Mon Sep 17 00:00:00 2001
From: Sebastian Andrzej Siewior <sebastian at breakpoint.cc>
Date: Thu, 11 Aug 2016 21:54:10 +0200
Subject: clamd: don't depend on clamav-demon.socket
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/debian/patches/Fix-ck_assert_msg-call.patch clamav-0.103.6+dfsg/debian/patches/Fix-ck_assert_msg-call.patch
--- clamav-0.103.5+dfsg/debian/patches/Fix-ck_assert_msg-call.patch 2022-01-13 21:49:00.000000000 +0100
+++ clamav-0.103.6+dfsg/debian/patches/Fix-ck_assert_msg-call.patch 1970-01-01 01:00:00.000000000 +0100
@@ -1,25 +0,0 @@
-From d98f95bd2562d8205e1e0a209c06c7706b9107fc Mon Sep 17 00:00:00 2001
-From: Orion Poplawski <orion at nwra.com>
-Date: Thu, 17 Sep 2020 22:26:04 -0600
-Subject: unit tests: Fix ck_assert_msg() call
-
-The first argument to ck_assert_msg() should be a logical condition.
-
-Patch-Name: Fix-ck_assert_msg-call.patch
----
- unit_tests/check_jsnorm.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/unit_tests/check_jsnorm.c b/unit_tests/check_jsnorm.c
-index 114f052..9b2f4eb 100644
---- a/unit_tests/check_jsnorm.c
-+++ b/unit_tests/check_jsnorm.c
-@@ -247,7 +247,7 @@ static void tokenizer_test(const char *in, const char *expected, int split)
- fd = open(filename, O_RDONLY);
- if (fd < 0) {
- jstest_teardown();
-- ck_assert_msg("failed to open output file: %s", filename);
-+ ck_assert_msg(0, "failed to open output file: %s", filename);
- }
-
- diff_file_mem(fd, expected, len);
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/debian/patches/series clamav-0.103.6+dfsg/debian/patches/series
--- clamav-0.103.5+dfsg/debian/patches/series 2022-01-13 21:49:00.000000000 +0100
+++ clamav-0.103.6+dfsg/debian/patches/series 2022-05-26 10:14:43.000000000 +0200
@@ -4,4 +4,3 @@
Add-support-for-LLVM-3.7.patch
Add-support-for-LLVM-3.8.patch
Add-support-for-LLVM-3.9.patch
-Fix-ck_assert_msg-call.patch
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/debian/rules clamav-0.103.6+dfsg/debian/rules
--- clamav-0.103.5+dfsg/debian/rules 2022-01-13 21:49:00.000000000 +0100
+++ clamav-0.103.6+dfsg/debian/rules 2022-05-26 10:16:58.000000000 +0200
@@ -88,7 +88,7 @@
fi;\
done; \
# Check for library features which may have been upgraded.
- if ! grep -q "CL_FLEVEL 126" libclamav/others.h ; then \
+ if ! grep -q "CL_FLEVEL 127" libclamav/others.h ; then \
echo "cl_retflevel needs boosting in symbol file"; \
touch debian/exit; \
fi;
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/libclamav/bytecode_api.h clamav-0.103.6+dfsg/libclamav/bytecode_api.h
--- clamav-0.103.5+dfsg/libclamav/bytecode_api.h 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/bytecode_api.h 2022-05-02 06:46:41.000000000 +0200
@@ -150,7 +150,8 @@
FUNC_LEVEL_0103_2 = 123, /**< LibClamAV release 0.103.2 */
FUNC_LEVEL_0103_3 = 124, /**< LibClamAV release 0.103.3 */
FUNC_LEVEL_0103_4 = 125, /**< LibClamAV release 0.103.4 */
- FUNC_LEVEL_0103_5 = 126, /**< LibClamAV release 0.103.4 */
+ FUNC_LEVEL_0103_5 = 126, /**< LibClamAV release 0.103.5 */
+ FUNC_LEVEL_0103_6 = 127, /**< LibClamAV release 0.103.6 */
};
/**
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/libclamav/cache.c clamav-0.103.6+dfsg/libclamav/cache.c
--- clamav-0.103.5+dfsg/libclamav/cache.c 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/cache.c 2022-05-02 06:46:41.000000000 +0200
@@ -47,7 +47,11 @@
#define TREES 256
static inline unsigned int getkey(uint8_t *hash)
{
- return *hash;
+ if (hash) {
+ return *hash;
+ }
+
+ return 0;
}
/* #define TREES 4096 */
/* static inline unsigned int getkey(uint8_t *hash) { return hash[0] | ((unsigned int)(hash[1] & 0xf)<<8) ; } */
@@ -836,10 +840,17 @@
/* Looks up an hash in the proper tree */
static int cache_lookup_hash(unsigned char *md5, size_t len, struct CACHE *cache, uint32_t recursion_level)
{
- unsigned int key = getkey(md5);
+ unsigned int key = 0;
int ret = CL_VIRUS;
struct CACHE *c;
+ if (!md5) {
+ cli_dbgmsg("cache_lookup: No hash available. Nothing to look up.\n");
+ return ret;
+ }
+
+ key = getkey(md5);
+
c = &cache[key];
#ifdef CL_THREAD_SAFE
if (pthread_mutex_lock(&c->mutex)) {
@@ -861,7 +872,8 @@
/* Adds an hash to the cache */
void cache_add(unsigned char *md5, size_t size, cli_ctx *ctx)
{
- unsigned int key = getkey(md5);
+
+ unsigned int key = 0;
uint32_t level;
struct CACHE *c;
@@ -873,6 +885,12 @@
return;
}
+ if (!md5) {
+ cli_dbgmsg("cache_add: No hash available. Nothing to add to cache.\n");
+ return;
+ }
+
+ key = getkey(md5);
level = (ctx->fmap && ctx->fmap->dont_cache_flag) ? ctx->recursion_level : 0;
if (ctx->found_possibly_unwanted && (level || 0 == ctx->recursion_level))
return;
@@ -910,7 +928,7 @@
/* Removes a hash from the cache */
void cache_remove(unsigned char *md5, size_t size, const struct cl_engine *engine)
{
- unsigned int key = getkey(md5);
+ unsigned int key = 0;
struct CACHE *c;
if (!engine || !engine->cache)
@@ -921,7 +939,12 @@
return;
}
- /* cli_warnmsg("cache_remove: key is %u\n", key); */
+ if (!md5) {
+ cli_dbgmsg("cache_remove: No hash available. Nothing to remove from cache.\n");
+ return;
+ }
+
+ key = getkey(md5);
c = &engine->cache[key];
#ifdef CL_THREAD_SAFE
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/libclamav/jsparse/js-norm.c clamav-0.103.6+dfsg/libclamav/jsparse/js-norm.c
--- clamav-0.103.5+dfsg/libclamav/jsparse/js-norm.c 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/jsparse/js-norm.c 2022-05-02 06:46:41.000000000 +0200
@@ -248,7 +248,7 @@
static const char *scope_declare(struct scope *s, const char *token, const size_t len, struct parser_state *state)
{
- const struct cli_element *el = cli_hashtab_insert(&s->id_map, token, len, state->var_uniq++);
+ const struct cli_element *el = cli_hashtab_insert(&s->id_map, token, len, (const cli_element_data)(state->var_uniq++));
/* cli_hashtab_insert either finds an already existing entry, or allocates a
* new one, we return the allocated string */
return el ? el->key : NULL;
@@ -266,21 +266,21 @@
* Later if we find a declaration it will automatically assign a uniq ID
* to it. If not, we'll know that we have to push ID == -1 tokens to an
* outer scope.*/
- el = cli_hashtab_insert(&s->id_map, token, len, -1);
+ el = cli_hashtab_insert(&s->id_map, token, len, (const cli_element_data)-1);
return el ? el->key : NULL;
}
-static long scope_lookup(struct scope *s, const char *token, const size_t len)
+static size_t scope_lookup(struct scope *s, const char *token, const size_t len)
{
while (s) {
const struct cli_element *el = cli_hashtab_find(&s->id_map, token, len);
- if (el && el->data != -1) {
- return el->data;
+ if (el && (size_t)el->data != (size_t)-1) {
+ return (size_t)el->data;
}
/* not found in current scope, try in outer scope */
s = s->parent;
}
- return -1;
+ return (size_t)-1;
}
static cl_error_t tokens_ensure_capacity(struct tokens *tokens, size_t cap)
@@ -381,12 +381,12 @@
case TOK_IDENTIFIER_NAME:
output_space(lastchar, 'a', out);
if (s) {
- long id = scope_lookup(scope, s, strlen(s));
- if (id == -1) {
+ size_t id = scope_lookup(scope, s, strlen(s));
+ if (id == (size_t)-1) {
/* identifier not normalized */
buf_outs(s, out);
} else {
- snprintf(sbuf, sizeof(sbuf), "n%03ld", id);
+ snprintf(sbuf, sizeof(sbuf), "n%03zu", id);
buf_outs(sbuf, out);
}
}
@@ -564,7 +564,6 @@
const char *o;
const char **tokens;
- memset(txtbuf, 0, sizeof(*txtbuf));
if (!p || !k)
return;
for (o = k; *o; o++)
@@ -622,6 +621,8 @@
size_t i, nesting = 1, j;
yystype *parameters[6];
const size_t parameters_cnt = 6;
+ yystype *first = NULL;
+ yystype *last = NULL;
for (i = start; i < cnt; i++) {
if (tokens[i].type == TOK_FUNCTION) {
@@ -654,8 +655,14 @@
while (tokens[i].type != TOK_PAR_CLOSE && i < cnt) i++;
i++;
}
- if (j == parameters_cnt)
+ if (j == parameters_cnt) {
+ if (NULL == first) {
+ first = parameters[0];
+ }
+ last = parameters[parameters_cnt - 1];
+
decode_de(parameters, &res->txtbuf);
+ }
}
}
} else {
@@ -671,12 +678,18 @@
while (tokens[i].type != TOK_PAR_CLOSE && i < cnt) i++;
i++;
}
- if (j == parameters_cnt)
+ if (j == parameters_cnt) {
+ if (NULL == first) {
+ first = parameters[0];
+ }
+ last = parameters[parameters_cnt - 1];
+
decode_de(parameters, &res->txtbuf);
+ }
}
- if (parameters[0] && parameters[parameters_cnt - 1]) {
- res->pos_begin = parameters[0] - tokens;
- res->pos_end = parameters[parameters_cnt - 1] - tokens + 1;
+ if (first && last) {
+ res->pos_begin = first - tokens;
+ res->pos_end = last - tokens + 1;
if (tokens[res->pos_end].type == TOK_BRACKET_OPEN &&
tokens[res->pos_end + 1].type == TOK_BRACKET_CLOSE &&
tokens[res->pos_end + 2].type == TOK_PAR_CLOSE)
@@ -800,6 +813,7 @@
for (i = 0; i < tokens->cnt; i++) {
const char *cstring = TOKEN_GET(&tokens->data[i], cstring);
struct decode_result res;
+ memset(&(res.txtbuf), 0, sizeof(res.txtbuf));
res.pos_begin = res.pos_end = 0;
res.append = 0;
if (tokens->data[i].type == TOK_FUNCTION && i + 13 < tokens->cnt) {
@@ -839,7 +853,7 @@
cli_js_process_buffer(state, res.txtbuf.data, res.txtbuf.pos);
--state->rec;
}
- free(res.txtbuf.data);
+ FREE(res.txtbuf.data);
/* state->tokens still refers to the embedded/nested context here */
if (!res.append) {
if (CL_EARG == replace_token_range(&parent_tokens, res.pos_begin, res.pos_end, &state->tokens)) {
@@ -919,7 +933,7 @@
snprintf(filename, 1024, "%s" PATHSEP "javascript", tempdir);
buf.pos = 0;
- buf.outfd = open(filename, O_CREAT | O_WRONLY, 0600);
+ buf.outfd = open(filename, O_CREAT | O_WRONLY | O_BINARY, 0600);
if (buf.outfd < 0) {
cli_errmsg(MODULE "cannot open output file for writing: %s\n", filename);
return;
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/libclamav/libmspack.c clamav-0.103.6+dfsg/libclamav/libmspack.c
--- clamav-0.103.5+dfsg/libclamav/libmspack.c 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/libmspack.c 2022-05-02 06:46:41.000000000 +0200
@@ -147,23 +147,32 @@
}
if (mspack_handle->type == FILETYPE_FMAP) {
+ /* Use fmap */
offset = mspack_handle->offset + mspack_handle->org;
- ret = fmap_readn(mspack_handle->fmap, buffer, offset, bytes);
- if (ret != bytes) {
- cli_dbgmsg("%s() %d %d, %d\n", __func__, __LINE__, bytes, ret);
- return ret;
+ count = fmap_readn(mspack_handle->fmap, buffer, (size_t)offset, (size_t)bytes);
+ if (count == (size_t)-1) {
+ cli_dbgmsg("%s() %d requested %d bytes, read failed (-1)\n", __func__, __LINE__, bytes);
+ return -1;
+ } else if ((int)count < bytes) {
+ cli_dbgmsg("%s() %d requested %d bytes, read %zu bytes\n", __func__, __LINE__, bytes, count);
}
- mspack_handle->offset += bytes;
- return bytes;
- }
- count = fread(buffer, bytes, 1, mspack_handle->f);
- if (count < 1) {
- cli_dbgmsg("%s() %d %d, %zu\n", __func__, __LINE__, bytes, count);
- return -1;
+ mspack_handle->offset += (off_t)count;
+
+ return (int)count;
+ } else {
+ /* Use file descriptor */
+ count = fread(buffer, bytes, 1, mspack_handle->f);
+ if (count < 1) {
+ cli_dbgmsg("%s() %d requested %d bytes, read failed (%zu)\n", __func__, __LINE__, bytes, count);
+ return -1;
+ }
+
+ ret = (int)count;
+
+ return ret;
}
- return bytes;
}
static int mspack_fmap_write(struct mspack_file *file, void *buffer, int bytes)
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/libclamav/matcher-byte-comp.c clamav-0.103.6+dfsg/libclamav/matcher-byte-comp.c
--- clamav-0.103.5+dfsg/libclamav/matcher-byte-comp.c 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/matcher-byte-comp.c 2022-05-02 06:46:41.000000000 +0200
@@ -457,19 +457,20 @@
* @param ctx the clamav context struct
*
*/
-cl_error_t cli_bcomp_scanbuf(const unsigned char *buffer, size_t buffer_length, const char **virname, struct cli_ac_result **res, const struct cli_matcher *root, struct cli_ac_data *mdata, cli_ctx *ctx)
+cl_error_t cli_bcomp_scanbuf(const unsigned char *buffer, size_t buffer_length, struct cli_ac_result **res, const struct cli_matcher *root, struct cli_ac_data *mdata, cli_ctx *ctx)
{
-
- int64_t i = 0, ret = CL_SUCCESS;
+ size_t i;
+ int val = 0;
+ cl_error_t ret = CL_SUCCESS;
+ cl_error_t bcomp_check = CL_SUCCESS;
uint32_t lsigid, ref_subsigid;
uint32_t offset = 0;
- uint8_t viruses_found = 0;
struct cli_bcomp_meta *bcomp = NULL;
struct cli_ac_result *newres = NULL;
uint32_t evalcnt = 0;
uint64_t evalids = 0;
- char *subsigid = NULL;
+ char subsigid[3];
if (!(root) || !(root->bcomp_metas) || !(root->bcomp_metatable) || !(mdata) || !(mdata->offmatrix) || !(ctx)) {
return CL_SUCCESS;
@@ -484,21 +485,15 @@
/* check to see if we are being run in sigtool or not */
if (bcomp->lsigid[0]) {
- subsigid = cli_calloc(3, sizeof(char));
snprintf(subsigid, 3, "%hu", bcomp->ref_subsigid);
/* verify the ref_subsigid */
- if (cli_ac_chklsig(subsigid, subsigid + strlen(subsigid),
- mdata->lsigcnt[bcomp->lsigid[1]], &evalcnt, &evalids, 0) != 1) {
+ val = cli_ac_chklsig(subsigid, subsigid + strlen(subsigid), mdata->lsigcnt[bcomp->lsigid[1]], &evalcnt, &evalids, 0);
+ if (val != 1) {
bcm_dbgmsg("cli_bcomp_scanbuf: could not verify a match for lsig reference subsigid (%s)\n", subsigid);
continue;
}
- /* ensures the referenced subsig matches as expected, and also ensures mdata has the needed offset */
- if ((ret = lsig_sub_matched(root, mdata, lsigid, ref_subsigid, CLI_OFF_NONE, 0))) {
- break;
- }
-
/* grab the needed offset using from the last matched subsig offset matrix, i.e. the match performed above */
if (mdata->lsigsuboff_last[lsigid]) {
offset = mdata->lsigsuboff_last[lsigid][ref_subsigid];
@@ -507,7 +502,7 @@
continue;
}
} else {
- /* can't run lsig_sub_matched in sigtool, and mdata isn't populated so run the raw matcher stuffs */
+ /* mdata isn't populated in sigtool so run the raw matcher stuffs */
if (res) {
newres = (struct cli_ac_result *)cli_calloc(1, sizeof(struct cli_ac_result));
if (!newres) {
@@ -528,32 +523,16 @@
}
/* now we have all the pieces of the puzzle, so lets do our byte compare check */
- ret = cli_bcomp_compare_check(buffer, buffer_length, offset, bcomp);
+ bcomp_check = cli_bcomp_compare_check(buffer, buffer_length, offset, bcomp);
- /* set and append our lsig's virus name if the comparison came back positive */
- if (CL_VIRUS == ret) {
- viruses_found = 1;
-
- if (virname) {
- *virname = bcomp->virname;
- }
- /* if we aren't scanning all, let's just exit here */
- if (!SCAN_ALLMATCHES) {
- break;
- } else {
- ret = cli_append_virus(ctx, (const char *)bcomp->virname);
- }
+ /* Increase the lsig count for our subsig if the comparison came back positive.
+ * Later, the lsig-eval will evaluate the logical condition, based on these counts
+ * and will append the virus alert if the whole logical signature matches. */
+ if (CL_VIRUS == bcomp_check) {
+ mdata->lsigcnt[bcomp->lsigid[1]][bcomp->lsigid[2]]++;
}
}
- if (subsigid) {
- free(subsigid);
- subsigid = NULL;
- }
-
- if (ret == CL_SUCCESS && viruses_found) {
- return CL_VIRUS;
- }
return ret;
}
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/libclamav/matcher-byte-comp.h clamav-0.103.6+dfsg/libclamav/matcher-byte-comp.h
--- clamav-0.103.5+dfsg/libclamav/matcher-byte-comp.h 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/matcher-byte-comp.h 2022-05-02 06:46:41.000000000 +0200
@@ -62,7 +62,7 @@
};
cl_error_t cli_bcomp_addpatt(struct cli_matcher *root, const char *virname, const char *hexsig, const uint32_t *lsigid, unsigned int options);
-cl_error_t cli_bcomp_scanbuf(const unsigned char *buffer, size_t buffer_length, const char **virname, struct cli_ac_result **res, const struct cli_matcher *root, struct cli_ac_data *mdata, cli_ctx *ctx);
+cl_error_t cli_bcomp_scanbuf(const unsigned char *buffer, size_t buffer_length, struct cli_ac_result **res, const struct cli_matcher *root, struct cli_ac_data *mdata, cli_ctx *ctx);
cl_error_t cli_bcomp_compare_check(const unsigned char *f_buffer, size_t buffer_length, int offset, struct cli_bcomp_meta *bm);
void cli_bcomp_freemeta(struct cli_matcher *root, struct cli_bcomp_meta *bm);
uint16_t cli_bcomp_chk_hex(const unsigned char *buffer, uint16_t opt, uint32_t len, uint32_t check_only);
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/libclamav/matcher.c clamav-0.103.6+dfsg/libclamav/matcher.c
--- clamav-0.103.5+dfsg/libclamav/matcher.c 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/matcher.c 2022-05-02 06:46:41.000000000 +0200
@@ -182,17 +182,9 @@
}
if (root->bcomp_metas) {
- ret = cli_bcomp_scanbuf(orig_buffer, orig_length, virname, acres, root, mdata, ctx);
+ ret = cli_bcomp_scanbuf(orig_buffer, orig_length, acres, root, mdata, ctx);
if (ret != CL_CLEAN) {
- if (ret == CL_VIRUS) {
- if (SCAN_ALLMATCHES)
- viruses_found = 1;
- else {
- ret = cli_append_virus(ctx, *virname);
- if (ret != CL_CLEAN)
- return ret;
- }
- } else if (ret > CL_TYPENO && acmode & AC_SCAN_VIR)
+ if (ret > CL_TYPENO && acmode & AC_SCAN_VIR)
saved_ret = ret;
else
return ret;
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/libclamav/others.h clamav-0.103.6+dfsg/libclamav/others.h
--- clamav-0.103.5+dfsg/libclamav/others.h 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/others.h 2022-05-02 06:46:41.000000000 +0200
@@ -73,7 +73,7 @@
* in re-enabling affected modules.
*/
-#define CL_FLEVEL 126
+#define CL_FLEVEL 127
#define CL_FLEVEL_DCONF CL_FLEVEL
#define CL_FLEVEL_SIGTOOL CL_FLEVEL
@@ -130,6 +130,22 @@
(size_t)(sb) + (size_t)(sb_size) >= (size_t)(bb) && \
(size_t)(sb) <= (size_t)(bb) + (size_t)(bb_size))
+/*
+ * CLI_ISCONTAINED_2(bb, bb_size, sb, sb_size) checks if sb (small buffer) is
+ * within bb (big buffer).
+ *
+ * CLI_ISCONTAINED_2 is the same as CLI_ISCONTAINED except that it allows for
+ * small-buffers with sb_size == 0.
+ *
+ * CLI_ISCONTAINED_2_0_TO is the same as CLI_ISCONTAINED_2 except that `bb` is gone
+ * and assumed ot be zero.
+ */
+#define CLI_ISCONTAINED_2_0_TO(bb_size, sb, sb_size) \
+ ((size_t)(bb_size) > 0 && \
+ (size_t)(sb_size) <= (size_t)(bb_size) && \
+ (size_t)(sb) + (size_t)(sb_size) <= (size_t)(bb_size) && \
+ (size_t)(sb) <= (size_t)(bb_size))
+
#define CLI_MAX_ALLOCATION (182 * 1024 * 1024)
#ifdef HAVE_SYS_PARAM_H
@@ -1103,4 +1119,12 @@
*/
cl_error_t cli_realpath(const char *file_name, char **real_filename);
+#ifndef FREE
+#define FREE(VAR) \
+ if (NULL != VAR) { \
+ free(VAR); \
+ VAR = NULL; \
+ }
+#endif /* FREE */
+
#endif
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/libclamav/pe.c clamav-0.103.6+dfsg/libclamav/pe.c
--- clamav-0.103.5+dfsg/libclamav/pe.c 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/pe.c 2022-05-02 06:46:41.000000000 +0200
@@ -107,9 +107,6 @@
#define PE_MAXNAMESIZE 256
#define PE_MAXIMPORTS 1024
-// TODO On Vista and above, up to 65535 sections are allowed. Make sure
-// that using this lower limit from XP is acceptable in all cases
-#define PE_MAXSECTIONS 96
#define EC64(x) ((uint64_t)cli_readint64(&(x))) /* Convert little endian to host */
#define EC32(x) ((uint32_t)cli_readint32(&(x)))
@@ -2744,7 +2741,7 @@
{
uint8_t polipos = 0;
char epbuff[4096], *tempfile;
- uint32_t epsize;
+ size_t epsize;
size_t bytes;
unsigned int i, j, found, upx_success = 0, err;
unsigned int ssize = 0, dsize = 0, corrupted_cur;
@@ -2868,6 +2865,11 @@
}
epsize = fmap_readn(map, epbuff, peinfo->ep, 4096);
+ if ((size_t)-1 == epsize) {
+ /* Do not continue, all future logic requires at least a partial read into epbuff */
+ cli_exe_info_destroy(peinfo);
+ return CL_CLEAN;
+ }
/* Disasm scan disabled since it's now handled by the bytecode */
@@ -3035,6 +3037,7 @@
cli_dbgmsg("cli_scanpe: kriz: using #%d as size counter\n", kzdsize);
}
opsz = 4;
+ /* fall-through */
case 0x48:
case 0x49:
case 0x4a:
@@ -3048,6 +3051,7 @@
kzlen -= opsz;
break;
}
+ /* fall-through */
default:
kzcode--;
kzlen++;
@@ -3077,8 +3081,10 @@
break;
case KZSXORPRFX:
kzstate++;
- if (op == 0x3e)
+ if (op == 0x3e) {
break;
+ }
+ /* fall-through */
case KZSXOR:
if (op == 0x80 && *kzcode == kzdptr + 0xb0) {
kzxorlen = kzlen;
@@ -4530,7 +4536,7 @@
struct pe_image_optional_hdr32 *opt32;
struct pe_image_optional_hdr64 *opt64;
struct pe_image_section_hdr *section_hdrs = NULL;
- unsigned int i, j, section_pe_idx;
+ size_t i, j, section_pe_idx;
unsigned int err;
uint32_t salign, falign;
size_t fsize;
@@ -4754,7 +4760,7 @@
}
peinfo->nsections = EC16(file_hdr->NumberOfSections);
- if (peinfo->nsections == 0 || peinfo->nsections > PE_MAXSECTIONS) {
+ if (peinfo->nsections == 0) {
#if HAVE_JSON
if (opts & CLI_PEHEADER_OPT_COLLECT_JSON) {
@@ -4767,8 +4773,6 @@
!ctx->corrupted_input) {
if (peinfo->nsections == 0) {
cli_dbgmsg("cli_peheader: Invalid NumberOfSections (0)\n");
- } else {
- cli_dbgmsg("cli_peheader: Invalid NumberOfSections (>%d)\n", PE_MAXSECTIONS);
}
}
ret = CLI_PEHEADER_RET_BROKEN_PE;
@@ -5118,7 +5122,7 @@
// that PointerToRawData is expected to be a multiple of the file
// alignment. Should we report this is as a PE with an error?
- for (i = 0; falign != 0x200 && i < peinfo->nsections; i++) {
+ for (i = 0; falign != 0x200 && i < (size_t)peinfo->nsections; i++) {
/* file alignment fallback mode - blah */
if (falign && section_hdrs[i].SizeOfRawData && EC32(section_hdrs[i].PointerToRawData) % falign && !(EC32(section_hdrs[i].PointerToRawData) % 0x200)) {
cli_dbgmsg("cli_peheader: Encountered section with unexpected alignment - triggering fallback mode\n");
@@ -5150,7 +5154,7 @@
* section from the list or zero out it's size. */
if (section->rsz) { /* Don't bother with virtual only sections */
if (section->raw >= fsize || section->uraw >= fsize) {
- cli_dbgmsg("cli_peheader: Broken PE file - Section %d starts or exists beyond the end of file (Offset@ %lu, Total filesize %lu)\n", section_pe_idx, (unsigned long)section->raw, (unsigned long)fsize);
+ cli_dbgmsg("cli_peheader: Broken PE file - Section %zu starts or exists beyond the end of file (Offset@ %lu, Total filesize %lu)\n", section_pe_idx, (unsigned long)section->raw, (unsigned long)fsize);
if (opts & CLI_PEHEADER_OPT_REMOVE_MISSING_SECTIONS) {
if (peinfo->nsections == 1) {
@@ -5158,10 +5162,10 @@
goto done;
}
- for (j = i; j < peinfo->nsections - 1; j++)
+ for (j = i; j < (size_t)(peinfo->nsections - 1); j++)
memcpy(&(peinfo->sections[j]), &(peinfo->sections[j + 1]), sizeof(struct cli_exe_section));
- for (j = i; j < peinfo->nsections - 1; j++)
+ for (j = i; j < (size_t)(peinfo->nsections - 1); j++)
memcpy(§ion_hdrs[j], §ion_hdrs[j + 1], sizeof(struct pe_image_section_hdr));
peinfo->nsections--;
@@ -5178,12 +5182,12 @@
/* If a section is truncated, adjust it's size value */
if (!CLI_ISCONTAINED_0_TO(fsize, section->raw, section->rsz)) {
- cli_dbgmsg("cli_peheader: PE Section %d raw+rsz extends past the end of the file by %lu bytes\n", section_pe_idx, (section->raw + section->rsz) - fsize);
+ cli_dbgmsg("cli_peheader: PE Section %zu raw+rsz extends past the end of the file by %lu bytes\n", section_pe_idx, (section->raw + section->rsz) - fsize);
section->rsz = fsize - section->raw;
}
if (!CLI_ISCONTAINED_0_TO(fsize, section->uraw, section->ursz)) {
- cli_dbgmsg("cli_peheader: PE Section %d uraw+ursz extends past the end of the file by %lu bytes\n", section_pe_idx, (section->uraw + section->ursz) - fsize);
+ cli_dbgmsg("cli_peheader: PE Section %zu uraw+ursz extends past the end of the file by %lu bytes\n", section_pe_idx, (section->uraw + section->ursz) - fsize);
section->ursz = fsize - section->uraw;
}
}
@@ -5209,7 +5213,7 @@
section->vsz = PESALIGN(section->ursz, salign);
if (opts & CLI_PEHEADER_OPT_DBG_PRINT_INFO) {
- cli_dbgmsg("Section %d\n", section_pe_idx);
+ cli_dbgmsg("Section %zu\n", section_pe_idx);
cli_dbgmsg("Section name: %s\n", sname);
cli_dbgmsg("Section data (from headers - in memory)\n");
cli_dbgmsg("VirtualSize: 0x%x 0x%x\n", section->uvsz, section->vsz);
@@ -5344,7 +5348,7 @@
err = 0;
for (i = 0; i < vlist.count; i++) { /* enum all version_information res - RESUMABLE */
- cli_dbgmsg("cli_peheader: parsing version info @ rva %x (%u/%u)\n", vlist.rvas[i], i + 1, vlist.count);
+ cli_dbgmsg("cli_peheader: parsing version info @ rva %x (%zu/%u)\n", vlist.rvas[i], i + 1, vlist.count);
rva = cli_rawaddr(vlist.rvas[i], peinfo->sections, peinfo->nsections, &err, fsize, peinfo->hdr_size);
if (err)
continue;
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/libclamav/regex/cclass.h clamav-0.103.6+dfsg/libclamav/regex/cclass.h
--- clamav-0.103.5+dfsg/libclamav/regex/cclass.h 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/regex/cclass.h 2022-05-02 06:46:41.000000000 +0200
@@ -1,6 +1,6 @@
+/* $OpenBSD: cclass.h,v 1.7 2020/12/30 08:54:42 tb Exp $ */
+
/*-
- * This code is derived from OpenBSD's libc/regex, original license follows:
- *
* Copyright (c) 1992, 1993, 1994 Henry Spencer.
* Copyright (c) 1992, 1993, 1994
* The Regents of the University of California. All rights reserved.
@@ -36,33 +36,25 @@
*/
/* character-class table */
-static struct cclass {
+static const struct cclass {
const char *name;
const char *chars;
- const char *multis;
} cclasses[] = {
{ "alnum", "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz\
-0123456789", ""} ,
- { "alpha", "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz",
- ""} ,
- { "blank", " \t", ""} ,
+0123456789" },
+ { "alpha", "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz" },
+ { "blank", " \t" },
{ "cntrl", "\007\b\t\n\v\f\r\1\2\3\4\5\6\16\17\20\21\22\23\24\
-\25\26\27\30\31\32\33\34\35\36\37\177", ""} ,
- { "digit", "0123456789", ""} ,
+\25\26\27\30\31\32\33\34\35\36\37\177" },
+ { "digit", "0123456789" },
{ "graph", "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz\
-0123456789!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~",
- ""} ,
- { "lower", "abcdefghijklmnopqrstuvwxyz",
- ""} ,
+0123456789!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~" },
+ { "lower", "abcdefghijklmnopqrstuvwxyz" },
{ "print", "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz\
-0123456789!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~ ",
- ""} ,
- { "punct", "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~",
- ""} ,
- { "space", "\t\n\v\f\r ", ""} ,
- { "upper", "ABCDEFGHIJKLMNOPQRSTUVWXYZ",
- ""} ,
- { "xdigit", "0123456789ABCDEFabcdef",
- ""} ,
- { NULL, 0, "" }
+0123456789!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~ " },
+ { "punct", "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~" },
+ { "space", "\t\n\v\f\r " },
+ { "upper", "ABCDEFGHIJKLMNOPQRSTUVWXYZ" },
+ { "xdigit", "0123456789ABCDEFabcdef" },
+ { NULL, 0 }
};
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/libclamav/regex/cname.h clamav-0.103.6+dfsg/libclamav/regex/cname.h
--- clamav-0.103.5+dfsg/libclamav/regex/cname.h 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/regex/cname.h 2022-05-02 06:46:41.000000000 +0200
@@ -1,6 +1,6 @@
+/* $OpenBSD: cname.h,v 1.6 2020/12/30 08:53:30 tb Exp $ */
+
/*-
- * This code is derived from OpenBSD's libc/regex, original license follows:
- *
* Copyright (c) 1992, 1993, 1994 Henry Spencer.
* Copyright (c) 1992, 1993, 1994
* The Regents of the University of California. All rights reserved.
@@ -36,7 +36,7 @@
*/
/* character-name table */
-static struct cname {
+static const struct cname {
const char *name;
char code;
} cnames[] = {
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/libclamav/regex/engine.c clamav-0.103.6+dfsg/libclamav/regex/engine.c
--- clamav-0.103.5+dfsg/libclamav/regex/engine.c 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/regex/engine.c 2022-05-02 06:46:41.000000000 +0200
@@ -1,6 +1,6 @@
+/* $OpenBSD: engine.c,v 1.26 2020/12/28 21:41:55 millert Exp $ */
+
/*-
- * This code is derived from OpenBSD's libc/regex, original license follows:
- *
* Copyright (c) 1992, 1993, 1994 Henry Spencer.
* Copyright (c) 1992, 1993, 1994
* The Regents of the University of California. All rights reserved.
@@ -72,11 +72,11 @@
struct re_guts *g;
int eflags;
regmatch_t *pmatch; /* [nsub+1] (0 element unused) */
- char *offp; /* offsets work from here */
- char *beginp; /* start of string -- virtual NUL precedes */
- char *endp; /* end of string -- virtual NUL here */
- char *coldp; /* can be no match starting before here */
- char **lastpos; /* [nplus+1] */
+ const char *offp; /* offsets work from here */
+ const char *beginp; /* start of string -- virtual NUL precedes */
+ const char *endp; /* end of string -- virtual NUL here */
+ const char *coldp; /* can be no match starting before here */
+ const char **lastpos; /* [nplus+1] */
STATEVARS;
states st; /* current states */
states fresh; /* states for a fresh start */
@@ -84,11 +84,15 @@
states empty; /* empty set of states */
};
-static int matcher(struct re_guts *, char *, size_t, regmatch_t[], int);
-static char *dissect(struct match *, char *, char *, sopno, sopno);
-static char *backref(struct match *, char *, char *, sopno, sopno, sopno, int);
-static char *fast(struct match *, char *, char *, sopno, sopno);
-static char *slow(struct match *, char *, char *, sopno, sopno);
+static int matcher(struct re_guts *, const char *, size_t, regmatch_t[], int);
+static const char *dissect(struct match *, const char *, const char *, sopno,
+ sopno);
+static const char *backref(struct match *, const char *, const char *, sopno,
+ sopno, sopno, int);
+static const char *fast(struct match *, const char *, const char *, sopno,
+ sopno);
+static const char *slow(struct match *, const char *, const char *, sopno,
+ sopno);
static states step(struct re_guts *, sopno, sopno, states, int, states);
#define MAX_RECURSION 100
#define BOL (OUT+1)
@@ -97,17 +101,19 @@
#define NOTHING (BOL+3)
#define BOW (BOL+4)
#define EOW (BOL+5)
+/* update nonchars[] array below when adding fake chars here */
#define CODEMAX (BOL+5) /* highest code used */
#define NONCHAR(c) ((c) > CHAR_MAX)
#define NNONCHAR (CODEMAX-CHAR_MAX)
#ifdef REDEBUG
-static void print(struct match *, char *, states, int, FILE *);
+static void print(struct match *, const char *, states, int, FILE *);
#endif
#ifdef REDEBUG
-static void at(struct match *, char *, char *, char *, sopno, sopno);
+static void at(struct match *, const char *, const char *, const char *,
+ sopno, sopno);
#endif
#ifdef REDEBUG
-static char *pchar(int);
+static const char *pchar(int);
#endif
#ifdef REDEBUG
@@ -125,18 +131,18 @@
- matcher - the actual matching engine
*/
static int /* 0 success, REG_NOMATCH failure */
-matcher(struct re_guts *g, char *string, size_t nmatch, regmatch_t pmatch[],
- int eflags)
+matcher(struct re_guts *g, const char *string, size_t nmatch,
+ regmatch_t pmatch[], int eflags)
{
- char *endp;
- size_t i;
+ const char *endp;
+ int i;
struct match mv;
struct match *m = &mv;
- char *dp;
+ const char *dp;
const sopno gf = g->firststate+1; /* +1 for OEND */
const sopno gl = g->laststate;
- char *start;
- char *stop;
+ const char *start;
+ const char *stop;
/* simplify the situation where possible */
if (g->cflags®_NOSUB)
@@ -155,7 +161,7 @@
if (g->must != NULL) {
for (dp = start; dp < stop; dp++)
if (*dp == g->must[0] && stop - dp >= g->mlen &&
- memcmp(dp, g->must, (size_t)g->mlen) == 0)
+ memcmp(dp, g->must, g->mlen) == 0)
break;
if (dp == stop) /* we didn't find g->must */
return(REG_NOMATCH);
@@ -277,10 +283,8 @@
}
}
- if (m->pmatch != NULL)
- free((char *)m->pmatch);
- if (m->lastpos != NULL)
- free((char *)m->lastpos);
+ free(m->pmatch);
+ free(m->lastpos);
STATETEARDOWN(m);
return(0);
}
@@ -288,22 +292,23 @@
/*
- dissect - figure out what matched what, no back references
*/
-static char * /* == stop (success) always */
-dissect(struct match *m, char *start, char *stop, sopno startst, sopno stopst)
+static const char * /* == stop (success) always */
+dissect(struct match *m, const char *start, const char *stop, sopno startst,
+ sopno stopst)
{
int i;
- sopno ss; /* start sop of current subRE */
- sopno es; /* end sop of current subRE */
- char *sp; /* start of string matched by it */
- char *stp; /* string matched by it cannot pass here */
- char *rest; /* start of rest of string */
- char *tail; /* string unmatched by rest of RE */
- sopno ssub; /* start sop of subsubRE */
- sopno esub; /* end sop of subsubRE */
- char *ssp; /* start of string matched by subsubRE */
- char *sep; /* end of string matched by subsubRE */
- char *oldssp; /* previous ssp */
- char *dp;
+ sopno ss; /* start sop of current subRE */
+ sopno es; /* end sop of current subRE */
+ const char *sp; /* start of string matched by it */
+ const char *stp; /* string matched by it cannot pass here */
+ const char *rest; /* start of rest of string */
+ const char *tail; /* string unmatched by rest of RE */
+ sopno ssub; /* start sop of subsubRE */
+ sopno esub; /* end sop of subsubRE */
+ const char *ssp; /* start of string matched by subsubRE */
+ const char *sep; /* end of string matched by subsubRE */
+ const char *oldssp; /* previous ssp */
+ const char *dp;
AT("diss", start, stop, startst, stopst);
sp = start;
@@ -448,12 +453,12 @@
break;
case OLPAREN:
i = OPND(m->g->strip[ss]);
- assert(0 < i && (size_t)i <= m->g->nsub);
+ assert(0 < i && i <= m->g->nsub);
m->pmatch[i].rm_so = sp - m->offp;
break;
case ORPAREN:
i = OPND(m->g->strip[ss]);
- assert(0 < i && (size_t)i <= m->g->nsub);
+ assert(0 < i && i <= m->g->nsub);
m->pmatch[i].rm_eo = sp - m->offp;
break;
default: /* uh oh */
@@ -469,17 +474,17 @@
/*
- backref - figure out what matched what, figuring in back references
*/
-static char * /* == stop (success) or NULL (failure) */
-backref(struct match *m, char *start, char *stop, sopno startst, sopno stopst,
- sopno lev, int rec) /* PLUS nesting level */
+static const char * /* == stop (success) or NULL (failure) */
+backref(struct match *m, const char *start, const char *stop, sopno startst,
+ sopno stopst, sopno lev, int rec) /* PLUS nesting level */
{
int i;
sopno ss; /* start sop of current subRE */
- char *sp; /* start of string matched by it */
+ const char *sp; /* start of string matched by it */
sopno ssub; /* start sop of subsubRE */
sopno esub; /* end sop of subsubRE */
- char *ssp; /* start of string matched by subsubRE */
- char *dp;
+ const char *ssp;/* start of string matched by subsubRE */
+ const char *dp;
size_t len;
int hard;
sop s;
@@ -508,9 +513,9 @@
return(NULL);
break;
case OBOL:
- if ( (sp == m->beginp && !(m->eflags®_NOTBOL)) ||
- (sp < m->endp && *(sp-1) == '\n' &&
- (m->g->cflags®_NEWLINE)) )
+ if ((sp == m->beginp && !(m->eflags®_NOTBOL)) ||
+ (sp > m->offp && sp < m->endp &&
+ *(sp-1) == '\n' && (m->g->cflags®_NEWLINE)))
{ /* yes */ }
else
return(NULL);
@@ -524,12 +529,9 @@
return(NULL);
break;
case OBOW:
- if (( (sp == m->beginp && !(m->eflags®_NOTBOL)) ||
- (sp < m->endp && *(sp-1) == '\n' &&
- (m->g->cflags®_NEWLINE)) ||
- (sp > m->beginp &&
- !ISWORD(*(sp-1))) ) &&
- (sp < m->endp && ISWORD(*sp)) )
+ if (sp < m->endp && ISWORD(*sp) &&
+ ((sp == m->beginp && !(m->eflags®_NOTBOL)) ||
+ (sp > m->offp && !ISWORD(*(sp-1)))))
{ /* yes */ }
else
return(NULL);
@@ -572,14 +574,14 @@
switch (OP(s)) {
case OBACK_: /* the vilest depths */
i = OPND(s);
- assert(0 < i && (size_t)i <= m->g->nsub);
+ assert(0 < i && i <= m->g->nsub);
if (m->pmatch[i].rm_eo == -1)
return(NULL);
assert(m->pmatch[i].rm_so != -1);
len = m->pmatch[i].rm_eo - m->pmatch[i].rm_so;
if (len == 0 && rec++ > MAX_RECURSION)
return(NULL);
- assert((size_t)(stop - m->beginp) >= len);
+ assert(stop - m->beginp >= len);
if (sp > stop - len)
return(NULL); /* not enough left to match */
ssp = m->offp + m->pmatch[i].rm_so;
@@ -635,7 +637,7 @@
break;
case OLPAREN: /* must undo assignment if rest fails */
i = OPND(s);
- assert(0 < i && (size_t)i <= m->g->nsub);
+ assert(0 < i && i <= m->g->nsub);
offsave = m->pmatch[i].rm_so;
m->pmatch[i].rm_so = sp - m->offp;
dp = backref(m, sp, stop, ss+1, stopst, lev, rec);
@@ -646,7 +648,7 @@
break;
case ORPAREN: /* must undo assignment if rest fails */
i = OPND(s);
- assert(0 < i && (size_t)i <= m->g->nsub);
+ assert(0 < i && i <= m->g->nsub);
offsave = m->pmatch[i].rm_eo;
m->pmatch[i].rm_eo = sp - m->offp;
dp = backref(m, sp, stop, ss+1, stopst, lev, rec);
@@ -663,24 +665,30 @@
/* "can't happen" */
assert(nope);
/* NOTREACHED */
- return(NULL);
+ return NULL;
}
/*
- fast - step through the string at top speed
*/
-static char * /* where tentative match ended, or NULL */
-fast(struct match *m, char *start, char *stop, sopno startst, sopno stopst)
+static const char * /* where tentative match ended, or NULL */
+fast(struct match *m, const char *start, const char *stop, sopno startst,
+ sopno stopst)
{
states st = m->st;
states fresh = m->fresh;
states tmp = m->tmp;
- char *p = start;
- int c = (start == m->beginp) ? OUT : *(start-1);
- int lastc; /* previous c */
+ const char *p = start;
+ int c;
+ int lastc; /* previous c */
int flagch;
int i;
- char *coldp; /* last p after which no match was underway */
+ const char *coldp; /* last p after which no match was underway */
+
+ if (start == m->offp || (start == m->beginp && !(m->eflags®_NOTBOL)))
+ c = OUT;
+ else
+ c = *(start-1);
CLEAR(st);
SET1(st, startst);
@@ -698,31 +706,30 @@
/* is there an EOL and/or BOL between lastc and c? */
flagch = '\0';
i = 0;
- if ( (lastc == '\n' && m->g->cflags®_NEWLINE) ||
- (lastc == OUT && !(m->eflags®_NOTBOL)) ) {
+ if ((lastc == '\n' && m->g->cflags®_NEWLINE) ||
+ (lastc == OUT && !(m->eflags®_NOTBOL))) {
flagch = BOL;
i = m->g->nbol;
}
- if ( (c == '\n' && m->g->cflags®_NEWLINE) ||
- (c == OUT && !(m->eflags®_NOTEOL)) ) {
+ if ((c == '\n' && m->g->cflags®_NEWLINE) ||
+ (c == OUT && !(m->eflags®_NOTEOL)) ) {
flagch = (flagch == BOL) ? BOLEOL : EOL;
i += m->g->neol;
}
if (i != 0) {
for (; i > 0; i--)
- st = step(m->g, startst, stopst, st, flagch, st);
+ st = step(m->g, startst, stopst,
+ st, flagch, st);
SP("boleol", st, c);
}
/* how about a word boundary? */
- if ( (flagch == BOL || (lastc != OUT && !ISWORD(lastc))) &&
- (c != OUT && ISWORD(c)) ) {
+ if ((flagch == BOL || (lastc != OUT && !ISWORD(lastc))) &&
+ (c != OUT && ISWORD(c)))
flagch = BOW;
- }
- if ( (lastc != OUT && ISWORD(lastc)) &&
- (flagch == EOL || (c != OUT && !ISWORD(c))) ) {
+ if ((lastc != OUT && ISWORD(lastc)) &&
+ (flagch == EOL || (c != OUT && !ISWORD(c))))
flagch = EOW;
- }
if (flagch == BOW || flagch == EOW) {
st = step(m->g, startst, stopst, st, flagch, st);
SP("boweow", st, c);
@@ -753,18 +760,24 @@
/*
- slow - step through the string more deliberately
*/
-static char * /* where it ended */
-slow(struct match *m, char *start, char *stop, sopno startst, sopno stopst)
+static const char * /* where it ended */
+slow(struct match *m, const char *start, const char *stop, sopno startst,
+ sopno stopst)
{
states st = m->st;
states empty = m->empty;
states tmp = m->tmp;
- char *p = start;
- int c = (start == m->beginp) ? OUT : *(start-1);
- int lastc; /* previous c */
+ const char *p = start;
+ int c;
+ int lastc; /* previous c */
int flagch;
int i;
- char *matchp; /* last p at which a match ended */
+ const char *matchp; /* last p at which a match ended */
+
+ if (start == m->offp || (start == m->beginp && !(m->eflags®_NOTBOL)))
+ c = OUT;
+ else
+ c = *(start-1);
AT("slow", start, stop, startst, stopst);
CLEAR(st);
@@ -780,31 +793,30 @@
/* is there an EOL and/or BOL between lastc and c? */
flagch = '\0';
i = 0;
- if ( (lastc == '\n' && m->g->cflags®_NEWLINE) ||
- (lastc == OUT && !(m->eflags®_NOTBOL)) ) {
+ if ((lastc == '\n' && m->g->cflags®_NEWLINE) ||
+ (lastc == OUT && !(m->eflags®_NOTBOL))) {
flagch = BOL;
i = m->g->nbol;
}
- if ( (c == '\n' && m->g->cflags®_NEWLINE) ||
- (c == OUT && !(m->eflags®_NOTEOL)) ) {
+ if ((c == '\n' && m->g->cflags®_NEWLINE) ||
+ (c == OUT && !(m->eflags®_NOTEOL))) {
flagch = (flagch == BOL) ? BOLEOL : EOL;
i += m->g->neol;
}
if (i != 0) {
for (; i > 0; i--)
- st = step(m->g, startst, stopst, st, flagch, st);
+ st = step(m->g, startst, stopst,
+ st, flagch, st);
SP("sboleol", st, c);
}
/* how about a word boundary? */
- if ( (flagch == BOL || (lastc != OUT && !ISWORD(lastc))) &&
- (c != OUT && ISWORD(c)) ) {
+ if ((flagch == BOL || (lastc != OUT && !ISWORD(lastc))) &&
+ (c != OUT && ISWORD(c)))
flagch = BOW;
- }
- if ( (lastc != OUT && ISWORD(lastc)) &&
- (flagch == EOL || (c != OUT && !ISWORD(c))) ) {
+ if ((lastc != OUT && ISWORD(lastc)) &&
+ (flagch == EOL || (c != OUT && !ISWORD(c))))
flagch = EOW;
- }
if (flagch == BOW || flagch == EOW) {
st = step(m->g, startst, stopst, st, flagch, st);
SP("sboweow", st, c);
@@ -921,10 +933,10 @@
case OOR1: /* done a branch, find the O_CH */
if (ISSTATEIN(aft, here)) {
for (look = 1;
- OP(s = g->strip[pc+look]) != O_CH;
- look += OPND(s))
+ OP(s = g->strip[pc+look]) != O_CH;
+ look += OPND(s))
assert(OP(s) == OOR2);
- FWD(aft, aft, look);
+ FWD(aft, aft, look + 1);
}
break;
case OOR2: /* propagate OCH_'s marking */
@@ -951,7 +963,7 @@
- print - print a set of states
*/
static void
-print(struct match *m, char *caption, states st, int ch, FILE *d)
+print(struct match *m, const char *caption, states st, int ch, FILE *d)
{
struct re_guts *g = m->g;
int i;
@@ -961,13 +973,13 @@
return;
(void)fprintf(d, "%s", caption);
- if (ch != '\0')
- (void)fprintf(d, " %s", pchar(ch));
- for (i = 0; i < g->nstates; i++)
+ (void)fprintf(d, " %s", pchar(ch));
+ for (i = 0; i < g->nstates; i++) {
if (ISSET(st, i)) {
(void)fprintf(d, "%s%d", (first) ? "\t" : ", ", i);
first = 0;
}
+ }
(void)fprintf(d, "\n");
}
@@ -975,8 +987,8 @@
- at - print current situation
*/
static void
-at(struct match *m, char *title, char *start, char *stop, sopno startst,
- sopno stopst)
+at(struct match *m, const char *title, const char *start, const char *stop,
+ sopno startst, sopno stopst)
{
if (!(m->eflags®_TRACE))
return;
@@ -988,6 +1000,12 @@
#ifndef PCHARDONE
#define PCHARDONE /* never again */
+static const char *nonchars[] =
+ { "OUT", "BOL", "EOL", "BOLEOL", "NOTHING", "BOW", "EOW" };
+#define PNONCHAR(c) \
+ ((c) - OUT < (sizeof(nonchars)/sizeof(nonchars[0])) \
+ ? nonchars[(c) - OUT] : "invalid")
+
/*
- pchar - make a character printable
*
@@ -996,12 +1014,17 @@
* a matching debug.o, and this is convenient. It all disappears in
* the non-debug compilation anyway, so it doesn't matter much.
*/
-static char * /* -> representation */
+static const char * /* -> representation */
pchar(int ch)
{
static char pbuf[10];
- if (isprint(ch) || ch == ' ')
+ if (NONCHAR(ch)) {
+ if (ch - OUT < (sizeof(nonchars)/sizeof(nonchars[0])))
+ return nonchars[ch - OUT];
+ return "invalid";
+ }
+ if (isprint((unsigned char)ch) || ch == ' ')
(void)snprintf(pbuf, sizeof pbuf, "%c", ch);
else
(void)snprintf(pbuf, sizeof pbuf, "\\%o", ch);
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/libclamav/regex/regcomp.c clamav-0.103.6+dfsg/libclamav/regex/regcomp.c
--- clamav-0.103.5+dfsg/libclamav/regex/regcomp.c 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/regex/regcomp.c 2022-05-02 06:46:41.000000000 +0200
@@ -1,6 +1,5 @@
+/* $OpenBSD: regcomp.c,v 1.43 2021/01/03 17:07:57 tb Exp $ */
/*-
- * This code is derived from OpenBSD's libc/regex, original license follows:
- *
* Copyright (c) 1992, 1993, 1994 Henry Spencer.
* Copyright (c) 1992, 1993, 1994
* The Regents of the University of California. All rights reserved.
@@ -41,8 +40,6 @@
#include <ctype.h>
#include <limits.h>
#include <stdlib.h>
-
-#include "clamav.h"
#include "others.h"
#include "regex.h"
@@ -57,8 +54,8 @@
* other clumsinesses
*/
struct parse {
- char *next; /* next character in RE */
- char *end; /* end of string (-> NUL normally) */
+ const char *next; /* next character in RE */
+ const char *end; /* end of string (-> NUL normally) */
int error; /* has an error been seen? */
sop *strip; /* malloced strip */
sopno ssize; /* malloced strip size (allocated) */
@@ -85,25 +82,20 @@
static char othercase(int);
static void bothcases(struct parse *, int);
static void ordinary(struct parse *, int);
+static void backslash(struct parse *, int);
static void nonnewline(struct parse *);
static void repeat(struct parse *, sopno, int, int);
-static int seterr(struct parse *, int);
+static void seterr(struct parse *, int);
static cset *allocset(struct parse *);
static void freeset(struct parse *, cset *);
static int freezeset(struct parse *, cset *);
static int firstch(struct parse *, cset *);
static int nch(struct parse *, cset *);
-static void mcadd(struct parse *, cset *, const char *);
-static void mcinvert(struct parse *, cset *);
-static void mccase(struct parse *, cset *);
-static int isinsets(struct re_guts *, int);
-static int samesets(struct re_guts *, int, int);
-static void categorize(struct parse *, struct re_guts *);
static sopno dupl(struct parse *, sopno, sopno);
static void doemit(struct parse *, sop, size_t);
static void doinsert(struct parse *, sop, size_t, sopno);
static void dofwd(struct parse *, sopno, sop);
-static void enlarge(struct parse *, sopno);
+static int enlarge(struct parse *, sopno);
static void stripsnug(struct parse *, struct re_guts *);
static void findmust(struct parse *, struct re_guts *);
static sopno pluscount(struct parse *, struct re_guts *);
@@ -116,10 +108,10 @@
*/
#define PEEK() (*p->next)
#define PEEK2() (*(p->next+1))
-#define MORE() (p->next < p->end)
-#define MORE2() (p->next+1 < p->end)
+#define MORE() (p->end - p->next > 0)
+#define MORE2() (p->end - p->next > 1)
#define SEE(c) (MORE() && PEEK() == (c))
-#define SEETWO(a, b) (MORE() && MORE2() && PEEK() == (a) && PEEK2() == (b))
+#define SEETWO(a, b) (MORE2() && PEEK() == (a) && PEEK2() == (b))
#define EAT(c) ((SEE(c)) ? (NEXT(), 1) : 0)
#define EATTWO(a, b) ((SEETWO(a, b)) ? (NEXT2(), 1) : 0)
#define NEXT() (p->next++)
@@ -127,10 +119,7 @@
#define NEXTn(n) (p->next += (n))
#define GETNEXT() (*p->next++)
#define SETERROR(e) seterr(p, (e))
-#define REQUIRE(co, e) (void)((co) || SETERROR(e))
-#define MUSTSEE(c, e) (REQUIRE(MORE() && PEEK() == (c), e))
-#define MUSTEAT(c, e) (REQUIRE(MORE() && GETNEXT() == (c), e))
-#define MUSTNOTSEE(c, e) (REQUIRE(!MORE() || PEEK() != (c), e))
+#define REQUIRE(co, e) do { if (!(co)) SETERROR(e); } while (0)
#define EMIT(op, sopnd) doemit(p, (sop)(op), (size_t)(sopnd))
#define INSERT(op, pos) doinsert(p, (sop)(op), HERE()-(pos)+1, pos)
#define AHEAD(pos) dofwd(p, pos, HERE()-(pos))
@@ -147,7 +136,7 @@
#endif
/*
- - cli_regcomp_real - interface for parser and compilation
+ - regcomp - interface for parser and compilation
*/
int /* 0 success, otherwise REG_something */
cli_regcomp_real(regex_t *preg, const char *pattern, int cflags)
@@ -173,11 +162,11 @@
return(REG_INVARG);
len = preg->re_endp - pattern;
} else
- len = strlen((const char *)pattern);
+ len = strlen((char *)pattern);
/* do the mallocs early so failure handling is easy */
g = (struct re_guts *)cli_malloc(sizeof(struct re_guts) +
- (NC-1)*sizeof(cat_t));
+ (NC-1)*sizeof(unsigned char));
if (g == NULL)
return(REG_ESPACE);
/* Patch for bb11264 submitted by the Debian team: */
@@ -196,18 +185,21 @@
return(REG_ESPACE);
}
p->ssize = len/(size_t)2*(size_t)3 + (size_t)1; /* ugh */
- assert((size_t)p->ssize >= len);
+ if (p->ssize < len) {
+ free((char *)g);
+ return(REG_ESPACE);
+ }
p->strip = (sop *)cli_calloc(p->ssize, sizeof(sop));
p->slen = 0;
if (p->strip == NULL) {
- free((char *)g);
+ free(g);
return(REG_ESPACE);
}
/* set things up */
p->g = g;
- p->next = (char *)pattern; /* convenience; we do not modify it */
+ p->next = pattern;
p->end = p->next + len;
p->error = 0;
p->ncsalloc = 0;
@@ -226,9 +218,6 @@
g->must = NULL;
g->mlen = 0;
g->nsub = 0;
- g->ncategories = 1; /* category 0 is "everything else" */
- g->categories = &g->catspace[-(CHAR_MIN)];
- (void) memset((char *)g->catspace, 0, NC*sizeof(cat_t));
g->backrefs = 0;
/* do it */
@@ -244,7 +233,6 @@
g->laststate = THERE();
/* tidy up loose ends and fill things in */
- categorize(p, g);
stripsnug(p, g);
findmust(p, g);
g->nplus = pluscount(p, g);
@@ -253,7 +241,7 @@
preg->re_g = g;
preg->re_magic = MAGIC1;
#ifndef REDEBUG
- /* not debugging, so can't rely on the assert() in cli_regexec() */
+ /* not debugging, so can't rely on the assert() in regexec() */
if (g->iflags®EX_BAD)
SETERROR(REG_ASSERT);
#endif
@@ -339,20 +327,8 @@
assert(p->pend[subno] != 0);
}
EMIT(ORPAREN, subno);
- MUSTEAT(')', REG_EPAREN);
+ REQUIRE(MORE() && GETNEXT() == ')', REG_EPAREN);
break;
-#ifndef POSIX_MISTAKE
- case ')': /* happens only if no current unmatched ( */
- /*
- * You may ask, why the ifndef? Because I didn't notice
- * this until slightly too late for 1003.2, and none of the
- * other 1003.2 regular-expression reviewers noticed it at
- * all. So an unmatched ) is legal POSIX, at least until
- * we can get it fixed.
- */
- SETERROR(REG_EPAREN);
- break;
-#endif
case '^':
EMIT(OBOL, 0);
p->g->iflags |= USEBOL;
@@ -384,12 +360,14 @@
case '\\':
REQUIRE(MORE(), REG_EESCAPE);
c = GETNEXT();
- ordinary(p, c);
+ backslash(p, c);
break;
case '{': /* okay as ordinary except if digit follows */
REQUIRE(!MORE() || !isdigit((uch)PEEK()), REG_BADRPT);
/* FALLTHROUGH */
default:
+ if (p->error != 0)
+ return;
ordinary(p, c);
break;
}
@@ -536,6 +514,12 @@
case '[':
p_bracket(p);
break;
+ case BACKSL|'<':
+ EMIT(OBOW, 0);
+ break;
+ case BACKSL|'>':
+ EMIT(OEOW, 0);
+ break;
case BACKSL|'{':
SETERROR(REG_BADRPT);
break;
@@ -571,7 +555,7 @@
i = (c&~BACKSL) - '0';
assert(i < NPAREN);
if (p->pend[i] != 0) {
- assert((size_t)i <= p->g->nsub);
+ assert(i <= p->g->nsub);
EMIT(OBACK_, i);
assert(p->pbegin[i] != 0);
assert(OP(p->strip[p->pbegin[i]]) == OLPAREN);
@@ -586,6 +570,8 @@
REQUIRE(starordinary, REG_BADRPT);
/* FALLTHROUGH */
default:
+ if (p->error != 0)
+ return(0); /* Definitely not $... */
ordinary(p, (char)c);
break;
}
@@ -650,15 +636,17 @@
int invert = 0;
/* Dept of Truly Sickening Special-Case Kludges */
- if (p->next + 5 < p->end && strncmp(p->next, "[:<:]]", 6) == 0) {
- EMIT(OBOW, 0);
- NEXTn(6);
- return;
- }
- if (p->next + 5 < p->end && strncmp(p->next, "[:>:]]", 6) == 0) {
- EMIT(OEOW, 0);
- NEXTn(6);
- return;
+ if (p->end - p->next > 5) {
+ if (strncmp(p->next, "[:<:]]", 6) == 0) {
+ EMIT(OBOW, 0);
+ NEXTn(6);
+ return;
+ }
+ if (strncmp(p->next, "[:>:]]", 6) == 0) {
+ EMIT(OEOW, 0);
+ NEXTn(6);
+ return;
+ }
}
if ((cs = allocset(p)) == NULL) {
@@ -676,7 +664,7 @@
p_b_term(p, cs);
if (EAT('-'))
CHadd(cs, '-');
- MUSTEAT(']', REG_EBRACK);
+ REQUIRE(MORE() && GETNEXT() == ']', REG_EBRACK);
if (p->error != 0) { /* don't mess things up further */
freeset(p, cs);
@@ -693,8 +681,6 @@
if (ci != i)
CHadd(cs, ci);
}
- if (cs->multis != NULL)
- mccase(p, cs);
}
if (invert) {
int i;
@@ -706,12 +692,8 @@
CHadd(cs, i);
if (p->g->cflags®_NEWLINE)
CHsub(cs, '\n');
- if (cs->multis != NULL)
- mcinvert(p, cs);
}
- assert(cs->multis == NULL); /* xxx */
-
if (nch(p, cs) == 1) { /* optimize singleton sets */
ordinary(p, firstch(p, cs));
freeset(p, cs);
@@ -788,13 +770,13 @@
static void
p_b_cclass(struct parse *p, cset *cs)
{
- char *sp = p->next;
- struct cclass *cp;
+ const char *sp = p->next;
+ const struct cclass *cp;
size_t len;
const char *u;
char c;
- while (MORE() && isalpha(PEEK()))
+ while (MORE() && isalpha((uch)PEEK()))
NEXT();
len = p->next - sp;
for (cp = cclasses; cp->name != NULL; cp++)
@@ -809,8 +791,6 @@
u = cp->chars;
while ((c = *u++) != '\0')
CHadd(cs, c);
- for (u = cp->multis; *u != '\0'; u += strlen(u) + 1)
- MCadd(p, cs, u);
}
/*
@@ -852,9 +832,9 @@
p_b_coll_elem(struct parse *p,
int endc) /* name ended by endc,']' */
{
- char *sp = p->next;
- struct cname *cp;
- int len;
+ const char *sp = p->next;
+ const struct cname *cp;
+ size_t len;
while (MORE() && !SEETWO(endc, ']'))
NEXT();
@@ -864,7 +844,7 @@
}
len = p->next - sp;
for (cp = cnames; cp->name != NULL; cp++)
- if (strncmp(cp->name, sp, len) == 0 && cp->name[len] == '\0')
+ if (strncmp(cp->name, sp, len) == 0 && strlen(cp->name) == len)
return(cp->code); /* known name */
if (len == 1)
return(*sp); /* single character */
@@ -896,8 +876,8 @@
static void
bothcases(struct parse *p, int ch)
{
- char *oldnext = p->next;
- char *oldend = p->end;
+ const char *oldnext = p->next;
+ const char *oldend = p->end;
char bracket[3];
ch = (uch)ch;
@@ -919,14 +899,28 @@
static void
ordinary(struct parse *p, int ch)
{
- cat_t *cap = p->g->categories;
-
if ((p->g->cflags®_ICASE) && isalpha((uch)ch) && othercase(ch) != ch)
bothcases(p, ch);
- else {
+ else
EMIT(OCHAR, (uch)ch);
- if (cap[ch] == 0)
- cap[ch] = p->g->ncategories++;
+}
+
+/*
+ * do something magic with this character, but only if it's extra magic
+ */
+static void
+backslash(struct parse *p, int ch)
+{
+ switch (ch) {
+ case '<':
+ EMIT(OBOW, 0);
+ break;
+ case '>':
+ EMIT(OEOW, 0);
+ break;
+ default:
+ ordinary(p, ch);
+ break;
}
}
@@ -938,16 +932,12 @@
static void
nonnewline(struct parse *p)
{
- char *oldnext = p->next;
- char *oldend = p->end;
- char bracket[4];
+ const char *oldnext = p->next;
+ const char *oldend = p->end;
+ static const char bracket[4] = { '^', '\n', ']', '\0' };
p->next = bracket;
p->end = bracket+3;
- bracket[0] = '^';
- bracket[1] = '\n';
- bracket[2] = ']';
- bracket[3] = '\0';
p_bracket(p);
assert(p->next == bracket+3);
p->next = oldnext;
@@ -1027,14 +1017,13 @@
/*
- seterr - set an error condition
*/
-static int /* useless but makes type checking happy */
+static void
seterr(struct parse *p, int e)
{
if (p->error == 0) /* keep earliest error condition */
p->error = e;
p->next = nuls; /* try to bring things to a halt */
p->end = nuls;
- return(0); /* make the return value well-defined */
}
/*
@@ -1056,16 +1045,17 @@
p->ncsalloc += CHAR_BIT;
nc = p->ncsalloc;
assert(nc % CHAR_BIT == 0);
- nbytes = nc / CHAR_BIT * css;
+ nbytes = nc / CHAR_BIT *css;
- ptr = (cset *)cli_realloc((char *)p->g->sets, nc * sizeof(cset));
+ ptr = (cset *)cli_realloc((char*)p->g->sets, nc * sizeof(cset));
if (ptr == NULL)
goto nomem;
p->g->sets = ptr;
- ptr = (uch *)cli_realloc((char *)p->g->setbits, nbytes);
+ ptr = (uch *)cli_realloc((char*)p->g->setbits, nbytes);
if (ptr == NULL)
goto nomem;
+ nbytes = (nc / CHAR_BIT) * css;
p->g->setbits = ptr;
for (i = 0; i < no; i++)
@@ -1081,8 +1071,6 @@
cs->ptr = p->g->setbits + css*((no)/CHAR_BIT);
cs->mask = 1 << ((no) % CHAR_BIT);
cs->hash = 0;
- cs->smultis = 0;
- cs->multis = NULL;
return(cs);
nomem:
@@ -1102,7 +1090,7 @@
static void
freeset(struct parse *p, cset *cs)
{
- size_t i;
+ int i;
cset *top = &p->g->sets[p->g->ncsets];
size_t css = (size_t)p->g->csetsize;
@@ -1125,7 +1113,7 @@
freezeset(struct parse *p, cset *cs)
{
uch h = cs->hash;
- size_t i;
+ int i;
cset *top = &p->g->sets[p->g->ncsets];
cset *cs2;
size_t css = (size_t)p->g->csetsize;
@@ -1135,7 +1123,7 @@
if (cs2->hash == h && cs2 != cs) {
/* maybe */
for (i = 0; i < css; i++)
- if (!!CHIN(cs2, i) != !!CHIN(cs, i))
+ if (CHIN(cs2, i) != CHIN(cs, i))
break; /* no */
if (i == css)
break; /* yes */
@@ -1155,7 +1143,7 @@
static int /* character; there is no "none" value */
firstch(struct parse *p, cset *cs)
{
- size_t i;
+ int i;
size_t css = (size_t)p->g->csetsize;
for (i = 0; i < css; i++)
@@ -1171,7 +1159,7 @@
static int
nch(struct parse *p, cset *cs)
{
- size_t i;
+ int i;
size_t css = (size_t)p->g->csetsize;
int n = 0;
@@ -1182,117 +1170,6 @@
}
/*
- - mcadd - add a collating element to a cset
- */
-static void
-mcadd( struct parse *p, cset *cs, const char *cp)
-{
- size_t oldend = cs->smultis;
- void *np;
-
- cs->smultis += strlen(cp) + 1;
- np = cli_realloc(cs->multis, cs->smultis);
- if (np == NULL) {
- if (cs->multis)
- free(cs->multis);
- cs->multis = NULL;
- SETERROR(REG_ESPACE);
- return;
- }
- cs->multis = np;
-
- cli_strlcpy(cs->multis + oldend - 1, cp, cs->smultis - oldend + 1);
-}
-
-/*
- - mcinvert - invert the list of collating elements in a cset
- *
- * This would have to know the set of possibilities. Implementation
- * is deferred.
- */
-/* ARGSUSED */
-static void
-mcinvert(struct parse *p, cset *cs)
-{
- UNUSEDPARAM(p);
- assert(cs->multis == NULL); /* xxx */
-}
-
-/*
- - mccase - add case counterparts of the list of collating elements in a cset
- *
- * This would have to know the set of possibilities. Implementation
- * is deferred.
- */
-/* ARGSUSED */
-static void
-mccase(struct parse *p, cset *cs)
-{
- UNUSEDPARAM(p);
- assert(cs->multis == NULL); /* xxx */
-}
-
-/*
- - isinsets - is this character in any sets?
- */
-static int /* predicate */
-isinsets(struct re_guts *g, int c)
-{
- uch *col;
- int i;
- int ncols = (g->ncsets+(CHAR_BIT-1)) / CHAR_BIT;
- unsigned uc = (uch)c;
-
- for (i = 0, col = g->setbits; i < ncols; i++, col += g->csetsize)
- if (col[uc] != 0)
- return(1);
- return(0);
-}
-
-/*
- - samesets - are these two characters in exactly the same sets?
- */
-static int /* predicate */
-samesets(struct re_guts *g, int c1, int c2)
-{
- uch *col;
- int i;
- int ncols = (g->ncsets+(CHAR_BIT-1)) / CHAR_BIT;
- unsigned uc1 = (uch)c1;
- unsigned uc2 = (uch)c2;
-
- for (i = 0, col = g->setbits; i < ncols; i++, col += g->csetsize)
- if (col[uc1] != col[uc2])
- return(0);
- return(1);
-}
-
-/*
- - categorize - sort out character categories
- */
-static void
-categorize(struct parse *p, struct re_guts *g)
-{
- cat_t *cats = g->categories;
- int c;
- int c2;
- cat_t cat;
-
- /* avoid making error situations worse */
- if (p->error != 0)
- return;
-
- for (c = CHAR_MIN; c <= CHAR_MAX; c++)
- if (cats[c] == 0 && isinsets(g, c)) {
- cat = g->ncategories++;
- cats[c] = cat;
- for (c2 = c+1; c2 <= CHAR_MAX; c2++)
- if (cats[c2] == 0 && samesets(g, c, c2))
- cats[c2] = cat;
- }
-}
-
-/*
- dupl - emit a duplicate of a bunch of sops
*/
static sopno /* start of duplicate */
@@ -1306,10 +1183,9 @@
assert(finish >= start);
if (len == 0)
return(ret);
- enlarge(p, p->ssize + len); /* this many unexpected additions */
- assert(p->ssize >= p->slen + len);
- (void) memmove((char *)(p->strip + p->slen),
- (char *)(p->strip + start), (size_t)len*sizeof(sop));
+ if (!enlarge(p, p->ssize + len)) /* this many unexpected additions */
+ return(ret);
+ (void) memcpy(p->strip + p->slen, p->strip + start, len * sizeof(sop));
p->slen += len;
return(ret);
}
@@ -1333,8 +1209,8 @@
/* deal with undersized strip */
if (p->slen >= p->ssize)
- enlarge(p, (p->ssize+1) / 2 * 3); /* +50% */
- assert(p->slen < p->ssize);
+ if (!enlarge(p, (p->ssize+1) / 2 * 3)) /* +50% */
+ return;
/* finally, it's all reduced to the easy case */
p->strip[p->slen++] = SOP(op, opnd);
@@ -1356,7 +1232,10 @@
sn = HERE();
EMIT(op, opnd); /* do checks, ensure space */
- assert(HERE() == sn+1);
+ if (HERE() != sn+1) {
+ SETERROR(REG_ASSERT);
+ return;
+ }
s = p->strip[sn];
/* adjust paren pointers */
@@ -1392,21 +1271,22 @@
/*
- enlarge - enlarge the strip
*/
-static void
+static int
enlarge(struct parse *p, sopno size)
{
sop *sp;
if (p->ssize >= size)
- return;
+ return 1;
- sp = (sop *)cli_realloc(p->strip, size*sizeof(sop));
+ sp = (sop *)cli_realloc(p->strip, size * sizeof(sop));
if (sp == NULL) {
SETERROR(REG_ESPACE);
- return;
+ return 0;
}
p->strip = sp;
p->ssize = size;
+ return 1;
}
/*
@@ -1508,7 +1388,7 @@
*cp++ = (char)OPND(s);
}
assert(cp == g->must + g->mlen);
- *cp++ = '\0'; /* just on general principles */
+ *cp = '\0'; /* just on general principles */
}
/*
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/libclamav/regex/regerror.c clamav-0.103.6+dfsg/libclamav/regex/regerror.c
--- clamav-0.103.5+dfsg/libclamav/regex/regerror.c 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/regex/regerror.c 2022-05-02 06:46:41.000000000 +0200
@@ -1,6 +1,5 @@
+/* $OpenBSD: regerror.c,v 1.15 2020/12/30 08:56:38 tb Exp $ */
/*-
- * This code is derived from OpenBSD's libc/regex, original license follows:
- *
* Copyright (c) 1992, 1993, 1994 Henry Spencer.
* Copyright (c) 1992, 1993, 1994
* The Regents of the University of California. All rights reserved.
@@ -41,21 +40,18 @@
#include <ctype.h>
#include <limits.h>
#include <stdlib.h>
-
-#include "clamav.h"
-#include "others.h"
#include "regex.h"
#include "utils.h"
static const char *regatoi(const regex_t *, char *, int);
-static struct rerr {
+static const struct rerr {
int code;
const char *name;
const char *explain;
} rerrs[] = {
- { REG_NOMATCH, "REG_NOMATCH", "cli_regexec() failed to match" },
+ { REG_NOMATCH, "REG_NOMATCH", "regexec() failed to match" },
{ REG_BADPAT, "REG_BADPAT", "invalid regular expression" },
{ REG_ECOLLATE, "REG_ECOLLATE", "invalid collating element" },
{ REG_ECTYPE, "REG_ECTYPE", "invalid character class" },
@@ -75,14 +71,13 @@
};
/*
- - cli_regerror - the interface to error numbers
- = extern size_t cli_regerror(int, const regex_t *, char *, size_t);
+ - regerror - the interface to error numbers
+ = extern size_t regerror(int, const regex_t *, char *, size_t);
*/
-/* ARGSUSED */
size_t
cli_regerror(int errcode, const regex_t *preg, char *errbuf, size_t errbuf_size)
{
- struct rerr *r;
+ const struct rerr *r;
size_t len;
int target = errcode &~ REG_ITOA;
const char *s;
@@ -107,12 +102,12 @@
s = r->explain;
}
- len = strlen(s) + 1;
- if (errbuf_size > 0) {
- cli_strlcpy(errbuf, s, errbuf_size);
- }
+ if (errbuf_size != 0)
+ len = cli_strlcpy(errbuf, s, errbuf_size);
+ else
+ len = strlen(s);
- return(len);
+ return len + 1;
}
/*
@@ -121,7 +116,7 @@
static const char *
regatoi(const regex_t *preg, char *localbuf, int localbufsize)
{
- struct rerr *r;
+ const struct rerr *r;
for (r = rerrs; r->code != 0; r++)
if (strcmp(r->name, preg->re_endp) == 0)
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/libclamav/regex/regex2.h clamav-0.103.6+dfsg/libclamav/regex/regex2.h
--- clamav-0.103.5+dfsg/libclamav/regex/regex2.h 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/regex/regex2.h 2022-05-02 06:46:41.000000000 +0200
@@ -1,6 +1,6 @@
+/* $OpenBSD: regex2.h,v 1.12 2021/01/03 17:07:58 tb Exp $ */
+
/*-
- * This code is derived from OpenBSD's libc/regex, original license follows:
- *
* Copyright (c) 1992, 1993, 1994 Henry Spencer.
* Copyright (c) 1992, 1993, 1994
* The Regents of the University of California. All rights reserved.
@@ -106,19 +106,27 @@
uch *ptr; /* -> uch [csetsize] */
uch mask; /* bit within array */
uch hash; /* hash code */
- size_t smultis;
- char *multis; /* -> char[smulti] ab\0cd\0ef\0\0 */
} cset;
-/* note that CHadd and CHsub are unsafe, and CHIN doesn't yield 0/1 */
-#define CHadd(cs, c) ((cs)->ptr[(uch)(c)] |= (cs)->mask, (cs)->hash += (uch)(c))
-#define CHsub(cs, c) ((cs)->ptr[(uch)(c)] &= ~(cs)->mask, (cs)->hash -= (uch)(c))
-#define CHIN(cs, c) ((cs)->ptr[(uch)(c)] & (cs)->mask)
-#define MCadd(p, cs, cp) mcadd(p, cs, cp) /* cli_regcomp() internal fns */
-#define MCsub(p, cs, cp) mcsub(p, cs, cp)
-#define MCin(p, cs, cp) mcin(p, cs, cp)
-/* stuff for character categories */
-typedef unsigned char cat_t;
+static inline void
+CHadd(cset *cs, char c)
+{
+ cs->ptr[(uch)c] |= cs->mask;
+ cs->hash += c;
+}
+
+static inline void
+CHsub(cset *cs, char c)
+{
+ cs->ptr[(uch)c] &= ~cs->mask;
+ cs->hash -= c;
+}
+
+static inline int
+CHIN(const cset *cs, char c)
+{
+ return (cs->ptr[(uch)c] & cs->mask) != 0;
+}
/*
* main compiled-expression structure
@@ -131,7 +139,7 @@
int magic;
int csetsize; /* number of bits in a cset vector */
int ncsets; /* number of csets in use */
- int cflags; /* copy of cli_regcomp() cflags argument */
+ int cflags; /* copy of regcomp() cflags argument */
sopno nstates; /* = number of sops */
sopno firststate; /* the initial OEND (normally 0) */
sopno laststate; /* the final OEND */
@@ -141,15 +149,11 @@
# define REGEX_BAD 04 /* something wrong */
int nbol; /* number of ^ used */
int neol; /* number of $ used */
- int ncategories; /* how many character categories */
- cat_t *categories; /* ->catspace[-CHAR_MIN] */
char *must; /* match must contain this string */
int mlen; /* length of must */
int backrefs; /* does it use back references? */
size_t nsub; /* copy of re_nsub */
sopno nplus; /* how deep does it nest +s? */
- /* catspace must be last */
- cat_t catspace[1]; /* actually [NC] */
};
/* misc utilities */
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/libclamav/regex/regexec.c clamav-0.103.6+dfsg/libclamav/regex/regexec.c
--- clamav-0.103.5+dfsg/libclamav/regex/regexec.c 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/regex/regexec.c 2022-05-02 06:46:41.000000000 +0200
@@ -1,6 +1,5 @@
+/* $OpenBSD: regexec.c,v 1.14 2018/07/11 12:38:46 martijn Exp $ */
/*-
- * This code is derived from OpenBSD's libc/regex, original license follows:
- *
* Copyright (c) 1992, 1993, 1994 Henry Spencer.
* Copyright (c) 1992, 1993, 1994
* The Regents of the University of California. All rights reserved.
@@ -36,7 +35,7 @@
*/
/*
- * the outer shell of cli_regexec()
+ * the outer shell of regexec()
*
* This file includes engine.c *twice*, after muchos fiddling with the
* macros that code uses. This lets the same code operate on two different
@@ -48,8 +47,6 @@
#include <string.h>
#include <limits.h>
#include <ctype.h>
-
-#include "clamav.h"
#include "others.h"
#include "regex.h"
@@ -110,7 +107,7 @@
#define SET0(v, n) ((v)[n] = 0)
#define SET1(v, n) ((v)[n] = 1)
#define ISSET(v, n) ((v)[n])
-#define ASSIGN(d, s) memmove(d, s, m->g->nstates)
+#define ASSIGN(d, s) memcpy(d, s, m->g->nstates)
#define EQ(a, b) (memcmp(a, b, m->g->nstates) == 0)
#define STATEVARS long vn; char *space
#define STATESETUP(m, nv) { (m)->space = cli_malloc((nv)*(m)->g->nstates); \
@@ -133,7 +130,7 @@
#include "engine.c"
/*
- - cli_regexec - interface for matching
+ - regexec - interface for matching
*
* We put this here so we can exploit knowledge of the state representation
* when choosing which matcher to call. Also, by this point the matchers
@@ -144,6 +141,7 @@
regmatch_t pmatch[], int eflags)
{
struct re_guts *g = preg->re_g;
+
#ifdef REDEBUG
# define GOODFLAGS(f) (f)
#else
@@ -157,8 +155,8 @@
return(REG_BADPAT);
eflags = GOODFLAGS(eflags);
- if ((unsigned long)(g->nstates) <= CHAR_BIT*sizeof(states1) && !(eflags®_LARGE))
- return(smatcher(g, (char *)string, nmatch, pmatch, eflags));
+ if ((unsigned long)g->nstates <= CHAR_BIT*sizeof(states1) && !(eflags®_LARGE))
+ return(smatcher(g, string, nmatch, pmatch, eflags));
else
- return(lmatcher(g, (char *)string, nmatch, pmatch, eflags));
+ return(lmatcher(g, string, nmatch, pmatch, eflags));
}
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/libclamav/regex/regfree.c clamav-0.103.6+dfsg/libclamav/regex/regfree.c
--- clamav-0.103.5+dfsg/libclamav/regex/regfree.c 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/regex/regfree.c 2022-05-02 06:46:41.000000000 +0200
@@ -1,6 +1,5 @@
+/* $OpenBSD: regfree.c,v 1.11 2015/12/28 22:27:03 mmcc Exp $ */
/*-
- * This code is derived from OpenBSD's libc/regex, original license follows:
- *
* Copyright (c) 1992, 1993, 1994 Henry Spencer.
* Copyright (c) 1992, 1993, 1994
* The Regents of the University of California. All rights reserved.
@@ -38,16 +37,14 @@
#include <sys/types.h>
#include <stdio.h>
#include <stdlib.h>
-
-#include "clamav.h"
-#include "others.h"
#include "regex.h"
+#include <limits.h>
#include "utils.h"
#include "regex2.h"
/*
- - cli_regfree - free everything
+ - regfree - free everything
*/
void
cli_regfree(regex_t *preg)
@@ -63,13 +60,9 @@
preg->re_magic = 0; /* mark it invalid */
g->magic = 0; /* mark it invalid */
- if (g->strip != NULL)
- free((char *)g->strip);
- if (g->sets != NULL)
- free((char *)g->sets);
- if (g->setbits != NULL)
- free((char *)g->setbits);
- if (g->must != NULL)
- free(g->must);
- free((char *)g);
+ free(g->strip);
+ free(g->sets);
+ free(g->setbits);
+ free(g->must);
+ free(g);
}
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/libclamav/regex/utils.h clamav-0.103.6+dfsg/libclamav/regex/utils.h
--- clamav-0.103.5+dfsg/libclamav/regex/utils.h 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/regex/utils.h 2022-05-02 06:46:41.000000000 +0200
@@ -1,6 +1,6 @@
+/* $OpenBSD: utils.h,v 1.4 2003/06/02 20:18:36 millert Exp $ */
+
/*-
- * This code is derived from OpenBSD's libc/regex, original license follows:
- *
* Copyright (c) 1992, 1993, 1994 Henry Spencer.
* Copyright (c) 1992, 1993, 1994
* The Regents of the University of California. All rights reserved.
@@ -46,10 +46,6 @@
typedef unsigned char uch;
/* switch off assertions (if not already off) if no REDEBUG */
-#ifdef CL_DEBUG
-#define REDEBUG
-#endif
-
#ifndef REDEBUG
#ifndef NDEBUG
#define NDEBUG /* no assertions please */
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/libclamav/scanners.c clamav-0.103.6+dfsg/libclamav/scanners.c
--- clamav-0.103.5+dfsg/libclamav/scanners.c 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/scanners.c 2022-05-02 06:46:41.000000000 +0200
@@ -362,8 +362,8 @@
file_count += 1;
/*
- * Scan the metadata for the file in question since the content was clean, or we're running in all-match.
- */
+ * Scan the metadata for the file in question since the content was clean, or we're running in all-match.
+ */
status = cli_unrar_scanmetadata(&metadata, ctx, file_count);
if ((status == CL_VIRUS) && SCAN_ALLMATCHES) {
status = CL_CLEAN;
@@ -388,7 +388,7 @@
}
} else if (cli_checklimits("RAR", ctx, metadata.unpack_size, 0, 0)) {
/* File size exceeds maxfilesize, must skip extraction.
- * Although we may be able to scan the metadata */
+ * Although we may be able to scan the metadata */
nTooLargeFilesFound += 1;
cli_dbgmsg("RAR: Next file is too large (%" PRIu64 " bytes); it would exceed max scansize. Skipping to next file.\n", metadata.unpack_size);
@@ -719,8 +719,8 @@
uint32_t i;
for (i = 0; i < nComments; i++) {
/*
- * Drop the comment to a temp file, if requested
- */
+ * Drop the comment to a temp file, if requested
+ */
if (ctx->engine->keeptmp) {
int comment_fd = -1;
size_t prefixLen = strlen("comments_") + 5;
@@ -751,8 +751,8 @@
}
/*
- * Scan the comment.
- */
+ * Scan the comment.
+ */
status = cli_magic_scan_buff(comments[i], strlen(comments[i]), ctx, NULL);
if ((status == CL_VIRUS) && SCAN_ALLMATCHES) {
@@ -809,8 +809,8 @@
file_count += 1;
/*
- * Scan the metadata for the file in question since the content was clean, or we're running in all-match.
- */
+ * Scan the metadata for the file in question since the content was clean, or we're running in all-match.
+ */
status = cli_egg_scanmetadata(&metadata, ctx, file_count);
if ((status == CL_VIRUS) && SCAN_ALLMATCHES) {
status = CL_CLEAN;
@@ -834,7 +834,7 @@
}
} else if (cli_checklimits("EGG", ctx, metadata.unpack_size, 0, 0)) {
/* File size exceeds maxfilesize, must skip extraction.
- * Although we may be able to scan the metadata */
+ * Although we may be able to scan the metadata */
nTooLargeFilesFound += 1;
cli_dbgmsg("EGG: Next file is too large (%" PRIu64 " bytes); it would exceed max scansize. Skipping to next file.\n", metadata.unpack_size);
@@ -856,8 +856,8 @@
}
} else {
/*
- * Extract the file...
- */
+ * Extract the file...
+ */
char *extract_filename = NULL;
char *extract_buffer = NULL;
size_t extract_buffer_len = 0;
@@ -1465,16 +1465,16 @@
ret = CL_EFORMAT;
goto xz_exit;
}
- //cli_dbgmsg("cli_scanxz: xz decompressed %li of %li available bytes\n",
- // avail - strm.avail_in, avail);
+ // cli_dbgmsg("cli_scanxz: xz decompressed %li of %li available bytes\n",
+ // avail - strm.avail_in, avail);
/* write decompress buffer */
if (!strm.avail_out || rc == XZ_STREAM_END) {
size_t towrite = CLI_XZ_OBUF_SIZE - strm.avail_out;
size += towrite;
- //cli_dbgmsg("Writing %li bytes to XZ decompress temp file(%li byte total)\n",
- // towrite, size);
+ // cli_dbgmsg("Writing %li bytes to XZ decompress temp file(%li byte total)\n",
+ // towrite, size);
if (cli_writen(fd, buf, towrite) != towrite) {
cli_errmsg("cli_scanxz: Can't write to file.\n");
@@ -1701,19 +1701,19 @@
}
while (hashcnt) {
- //Find the directory containing the extracted dir file. This is complicated
- //because ClamAV doesn't use the file names from the OLE file, but temporary names,
- //and we have neither the complete path of the dir file in the OLE container,
- //nor the mapping of the temporary directory names to their OLE names.
+ // Find the directory containing the extracted dir file. This is complicated
+ // because ClamAV doesn't use the file names from the OLE file, but temporary names,
+ // and we have neither the complete path of the dir file in the OLE container,
+ // nor the mapping of the temporary directory names to their OLE names.
snprintf(filename, sizeof(filename), "%s_%u", hash, hashcnt);
filename[sizeof(filename) - 1] = '\0';
if (CL_SUCCESS == find_file(filename, dirname, path, sizeof(path))) {
cli_dbgmsg("cli_vba_scandir_new: Found dir file: %s\n", path);
if ((ret = cli_vba_readdir_new(ctx, path, U, hash, hashcnt, &tempfd, has_macros)) != CL_SUCCESS) {
- //FIXME: Since we only know the stream name of the OLE2 stream, but not its path inside the
- // OLE2 archive, we don't know if we have the right file. The only thing we can do is
- // iterate all of them until one succeeds.
+ // FIXME: Since we only know the stream name of the OLE2 stream, but not its path inside the
+ // OLE2 archive, we don't know if we have the right file. The only thing we can do is
+ // iterate all of them until one succeeds.
cli_dbgmsg("cli_vba_scandir_new: Failed to read dir from %s, trying others (error: %s (%d))\n", path, cl_strerror(ret), (int)ret);
ret = CL_SUCCESS;
hashcnt--;
@@ -2600,6 +2600,7 @@
if (has_xlm && files) {
ret = cli_xlm_scandir(dir, ctx, files);
if (CL_VIRUS == ret) {
+ viruses_found++;
if (!SCAN_ALLMATCHES) {
goto done;
}
@@ -2608,6 +2609,7 @@
if ((has_xlm || has_vba) && files) {
if (CL_VIRUS == cli_magic_scan_dir(dir, ctx)) {
+ viruses_found++;
if (!SCAN_ALLMATCHES) {
goto done;
}
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/libclamav/sis.c clamav-0.103.6+dfsg/libclamav/sis.c
--- clamav-0.103.5+dfsg/libclamav/sis.c 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/sis.c 2022-05-02 06:46:41.000000000 +0200
@@ -136,12 +136,6 @@
FTnotinst = 99
};
-#define FREE(VAR) \
- if (NULL != VAR) { \
- free(VAR); \
- VAR = NULL; \
- }
-
#define GETD2(VAR) \
{ \
/* cli_dbgmsg("GETD2 smax: %d sleft: %d\n", smax, sleft); */ \
@@ -654,10 +648,10 @@
static inline int getd(struct SISTREAM *s, uint32_t *v)
{
if (s->sleft < 4) {
- int nread;
+ size_t nread;
memcpy(s->buff, s->buff + s->smax - s->sleft, s->sleft);
nread = fmap_readn(s->map, &s->buff[s->sleft], s->pos, BUFSIZ - s->sleft);
- if ((nread < 0) || ((s->sleft = s->smax = nread + s->sleft) < 4)) {
+ if ((nread == (size_t)-1) || ((s->sleft = s->smax = nread + s->sleft) < 4)) {
return 1;
}
s->pos += nread;
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/libclamav/swf.c clamav-0.103.6+dfsg/libclamav/swf.c
--- clamav-0.103.5+dfsg/libclamav/swf.c 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/swf.c 2022-05-02 06:46:41.000000000 +0200
@@ -119,19 +119,21 @@
uint32_t filesize;
};
-static int scanzws(cli_ctx *ctx, struct swf_file_hdr *hdr)
+static cl_error_t scanzws(cli_ctx *ctx, struct swf_file_hdr *hdr)
{
struct CLI_LZMA lz;
unsigned char inbuff[FILEBUFF], outbuff[FILEBUFF];
fmap_t *map = ctx->fmap;
/* strip off header */
- off_t offset = 8;
+ size_t offset = 8;
uint32_t d_insize;
size_t outsize = 8;
- int ret, lret;
+ cl_error_t ret;
+ int lret;
size_t count;
char *tmpname;
int fd;
+ size_t n_read;
if ((ret = cli_gentempfd(ctx->sub_tmpdir, &tmpname, &fd)) != CL_SUCCESS) {
cli_errmsg("scanzws: Can't generate temporary file\n");
@@ -174,8 +176,8 @@
}
/* first buffer required for initializing LZMA */
- ret = fmap_readn(map, inbuff, offset, FILEBUFF);
- if (ret < 0) {
+ n_read = fmap_readn(map, inbuff, offset, FILEBUFF);
+ if (n_read == (size_t)-1) {
cli_errmsg("scanzws: Error reading SWF file\n");
close(fd);
if (cli_unlink(tmpname)) {
@@ -186,7 +188,7 @@
return CL_EUNPACK;
}
/* nothing written, likely truncated */
- if (!ret) {
+ if (0 == n_read) {
cli_errmsg("scanzws: possibly truncated file\n");
close(fd);
if (cli_unlink(tmpname)) {
@@ -196,12 +198,12 @@
free(tmpname);
return CL_EFORMAT;
}
- offset += ret;
+ offset += n_read;
memset(&lz, 0, sizeof(lz));
lz.next_in = inbuff;
lz.next_out = outbuff;
- lz.avail_in = ret;
+ lz.avail_in = n_read;
lz.avail_out = FILEBUFF;
lret = cli_LzmaInit(&lz, hdr->filesize);
@@ -220,8 +222,8 @@
if (lz.avail_in == 0) {
lz.next_in = inbuff;
- ret = fmap_readn(map, inbuff, offset, FILEBUFF);
- if (ret < 0) {
+ n_read = fmap_readn(map, inbuff, offset, FILEBUFF);
+ if ((size_t)-1 == n_read) {
cli_errmsg("scanzws: Error reading SWF file\n");
cli_LzmaShutdown(&lz);
close(fd);
@@ -232,10 +234,10 @@
free(tmpname);
return CL_EUNPACK;
}
- if (!ret)
+ if (0 == n_read)
break;
- lz.avail_in = ret;
- offset += ret;
+ lz.avail_in = n_read;
+ offset += n_read;
}
lret = cli_LzmaDecode(&lz);
count = FILEBUFF - lz.avail_out;
@@ -299,14 +301,17 @@
return ret;
}
-static int scancws(cli_ctx *ctx, struct swf_file_hdr *hdr)
+static cl_error_t scancws(cli_ctx *ctx, struct swf_file_hdr *hdr)
{
z_stream stream;
char inbuff[FILEBUFF], outbuff[FILEBUFF];
- fmap_t *map = ctx->fmap;
- int offset = 8, ret, zret, zend;
+ fmap_t *map = ctx->fmap;
+ size_t offset = 8;
+ int zret, zend;
+ cl_error_t ret;
size_t outsize = 8;
size_t count;
+ size_t n_read;
char *tmpname;
int fd;
@@ -350,8 +355,8 @@
do {
if (stream.avail_in == 0) {
stream.next_in = (Bytef *)inbuff;
- ret = fmap_readn(map, inbuff, offset, FILEBUFF);
- if (ret < 0) {
+ n_read = fmap_readn(map, inbuff, offset, FILEBUFF);
+ if (n_read == (size_t)-1) {
cli_errmsg("scancws: Error reading SWF file\n");
close(fd);
inflateEnd(&stream);
@@ -362,10 +367,10 @@
free(tmpname);
return CL_EUNPACK;
}
- if (!ret)
+ if (0 == n_read)
break;
- stream.avail_in = ret;
- offset += ret;
+ stream.avail_in = n_read;
+ offset += n_read;
}
zret = inflate(&stream, Z_SYNC_FLUSH);
count = FILEBUFF - stream.avail_out;
@@ -442,7 +447,7 @@
return NULL;
}
-int cli_scanswf(cli_ctx *ctx)
+cl_error_t cli_scanswf(cli_ctx *ctx)
{
struct swf_file_hdr file_hdr;
fmap_t *map = ctx->fmap;
@@ -495,7 +500,10 @@
cli_dbgmsg("SWF: FrameSize xMin %u xMax %u yMin %u yMax %u\n", xMin, xMax, yMin, yMax);
}
+ /* We don't need the value from foo, we're just reading to increment the offset safely. */
GETWORD(foo);
+ UNUSEDPARAM(foo);
+
GETWORD(val);
cli_dbgmsg("SWF: Frames total: %d\n", val);
@@ -520,7 +528,7 @@
cli_dbgmsg("SWF: Invalid tag length.\n");
return CL_EFORMAT;
}
- if ((offset + tag_len) < offset) {
+ if (tag_len > SIZE_MAX - offset) {
cli_warnmsg("SWF: Tag length too large.\n");
break;
}
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/libclamav/swf.h clamav-0.103.6+dfsg/libclamav/swf.h
--- clamav-0.103.5+dfsg/libclamav/swf.h 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/swf.h 2022-05-02 06:46:41.000000000 +0200
@@ -36,7 +36,7 @@
#include "others.h"
-int cli_scanswf(cli_ctx *ctx);
+cl_error_t cli_scanswf(cli_ctx *ctx);
typedef enum {
TAG_END = 0,
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/libclamav/tiff.c clamav-0.103.6+dfsg/libclamav/tiff.c
--- clamav-0.103.5+dfsg/libclamav/tiff.c 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/tiff.c 2022-05-02 06:46:41.000000000 +0200
@@ -46,6 +46,7 @@
uint16_t i, num_entries;
struct tiff_ifd entry;
size_t value_size;
+ uint32_t last_offset = 0;
cli_dbgmsg("in cli_parsetiff()\n");
@@ -81,6 +82,7 @@
status = CL_EPARSE;
goto done;
}
+ /* offset of the first IFD */
offset = tiff32_to_host(big_endian, offset);
cli_dbgmsg("cli_parsetiff: first IFD located @ offset %u\n", offset);
@@ -181,6 +183,8 @@
ifd_count++;
+ last_offset = offset;
+
/* acquire next IFD location, gets 0 if last IFD */
if (fmap_readn(map, &offset, offset, sizeof(offset)) != sizeof(offset)) {
cli_dbgmsg("cli_parsetiff: Failed to aquire next IFD location, file appears to be truncated.\n");
@@ -189,6 +193,16 @@
goto done;
}
offset = tiff32_to_host(big_endian, offset);
+
+ if (offset) {
+ /*If the offsets are not in order, that is suspicious.*/
+ if (last_offset >= offset) {
+ cli_dbgmsg("cli_parsetiff: Next offset is before current offset, file appears to be malformed.\n");
+ cli_append_possibly_unwanted(ctx, "Heuristics.Broken.Media.TIFF.OutOfOrderIFDOffset");
+ status = CL_EPARSE;
+ goto done;
+ }
+ }
} while (offset);
cli_dbgmsg("cli_parsetiff: examined %u IFD(s)\n", ifd_count);
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/libclamav/tnef.c clamav-0.103.6+dfsg/libclamav/tnef.c
--- clamav-0.103.5+dfsg/libclamav/tnef.c 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/tnef.c 2022-05-02 06:46:41.000000000 +0200
@@ -268,7 +268,7 @@
/*cli_dbgmsg("%lu %lu\n", (long)(offset + length), ftell(fp));*/
- if (!CLI_ISCONTAINED_2(0, fsize, offset, length)) {
+ if (!CLI_ISCONTAINED_2_0_TO(fsize, offset, length)) {
cli_dbgmsg("TNEF: Incorrect length field in tnef_message\n");
return -1;
}
@@ -327,13 +327,13 @@
todo = length;
while (todo) {
unsigned char buf[BUFSIZ];
- int32_t got = fmap_readn(map, buf, *pos, MIN(sizeof(buf), todo));
- if (got <= 0)
+ size_t got = fmap_readn(map, buf, *pos, MIN(sizeof(buf), todo));
+ if (got == 0 || got == (size_t)-1)
break;
- (*pos) += got;
+ (*pos) += (off_t)got;
fileblobAddData(*fbref, buf, got);
- todo -= got;
+ todo -= (uint32_t)got;
}
break;
default:
@@ -344,11 +344,11 @@
/*cli_dbgmsg("%lu %lu\n", (long)(offset + length), ftell(fp));*/
- if (!CLI_ISCONTAINED_2(0, fsize, (off_t)offset, (off_t)length)) {
+ if (!CLI_ISCONTAINED_2_0_TO(fsize, offset, length)) {
cli_dbgmsg("TNEF: Incorrect length field in tnef_attachment\n");
return -1;
}
- (*pos) = (long)(offset + length); /* shouldn't be needed */
+ (*pos) = offset + (off_t)length; /* shouldn't be needed */
(*pos) += 2;
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/libclamav/version.h clamav-0.103.6+dfsg/libclamav/version.h
--- clamav-0.103.5+dfsg/libclamav/version.h 2022-01-11 00:18:33.000000000 +0100
+++ clamav-0.103.6+dfsg/libclamav/version.h 2022-05-02 06:47:30.000000000 +0200
@@ -1 +1 @@
-#define REPO_VERSION "devel-5faab1937"
+#define REPO_VERSION "devel-a92fbc754"
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/m4/reorganization/version.m4 clamav-0.103.6+dfsg/m4/reorganization/version.m4
--- clamav-0.103.5+dfsg/m4/reorganization/version.m4 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/m4/reorganization/version.m4 2022-05-02 06:46:41.000000000 +0200
@@ -3,7 +3,7 @@
dnl For beta, set: VERSION="<version>-beta"
dnl For release candidate, set: VERSION="<version>-rc"
dnl For release, set: VERSION="<version>"
-VERSION="0.103.5"
+VERSION="0.103.6"
major=`echo $PACKAGE_VERSION |cut -d. -f1 | sed -e "s/[^0-9]//g"`
minor=`echo $PACKAGE_VERSION |cut -d. -f2 | sed -e "s/[^0-9]//g"`
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/NEWS.md clamav-0.103.6+dfsg/NEWS.md
--- clamav-0.103.5+dfsg/NEWS.md 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/NEWS.md 2022-05-02 06:46:41.000000000 +0200
@@ -3,6 +3,62 @@
Note: This file refers to the source tarball. Things described here may differ
slightly from the binary packages.
+## 0.103.6
+
+ClamAV 0.103.6 is a critical patch release with the following fixes:
+
+- [CVE-2022-20770](CVE-2022-20770): Fixed a possible infinite loop vulnerability
+ in the CHM file parser.
+ Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and
+ prior versions.
+ Thank you to Michał Dardas for reporting this issue.
+
+- [CVE-2022-20796](CVE-2022-20796): Fixed a possible NULL-pointer dereference
+ crash in the scan verdict cache check.
+ Issue affects versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2.
+ Thank you to Alexander Patrakov and Antoine Gatineau for reporting this issue.
+
+- [CVE-2022-20771](CVE-2022-20771): Fixed a possible infinite loop vulnerability
+ in the TIFF file parser.
+ Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and
+ prior versions.
+ The issue only occurs if the "--alert-broken-media" ClamScan option is
+ enabled. For ClamD, the affected option is "AlertBrokenMedia yes", and for
+ libclamav it is the "CL_SCAN_HEURISTIC_BROKEN_MEDIA" scan option.
+ Thank you to Michał Dardas for reporting this issue.
+
+- [CVE-2022-20785](CVE-2022-20785): Fixed a possible memory leak in the
+ HTML file parser / Javascript normalizer.
+ Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and
+ prior versions.
+ Thank you to Michał Dardas for reporting this issue.
+
+- [CVE-2022-20792](CVE-2022-20792): Fixed a possible multi-byte heap buffer
+ overflow write vulnerability in the signature database load module.
+ The fix was to update the vendored regex library to the latest version.
+ Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and
+ prior versions.
+ Thank you to Michał Dardas for reporting this issue.
+
+- ClamOnAcc: Fixed a number of assorted stability issues and added niceties for
+ debugging ClamOnAcc. Patches courtesy of Frank Fegert.
+
+- Fixed an issue causing byte-compare subsignatures to cause an alert when they
+ match even if other conditions of the given logical signatures were not met.
+
+- Fix memleak when using multiple byte-compare subsignatures.
+ This fix was backported from 0.104.0.
+ Thank you to Andrea De Pasquale for contributing the fix.
+
+- Assorted bug fixes and improvements.
+
+Special thanks to the following people for code contributions and bug reports:
+- Alexander Patrakov
+- Andrea De Pasquale
+- Antoine Gatineau
+- Frank Fegert
+- Michał Dardas
+
## 0.103.5
ClamAV 0.103.5 is a critical patch release with the following fixes:
diff -Nru --exclude '*.html' --exclude searchindex.json --exclude searchindex.js clamav-0.103.5+dfsg/unit_tests/check_jsnorm.c clamav-0.103.6+dfsg/unit_tests/check_jsnorm.c
--- clamav-0.103.5+dfsg/unit_tests/check_jsnorm.c 2022-01-11 00:17:45.000000000 +0100
+++ clamav-0.103.6+dfsg/unit_tests/check_jsnorm.c 2022-05-02 06:46:41.000000000 +0200
@@ -247,7 +247,7 @@
fd = open(filename, O_RDONLY);
if (fd < 0) {
jstest_teardown();
- ck_assert_msg("failed to open output file: %s", filename);
+ ck_assert_msg(0, "failed to open output file: %s", filename);
}
diff_file_mem(fd, expected, len);
More information about the Pkg-clamav-devel
mailing list