rpms/clamav/F-8 clamav-0.92.1-CVE-2008-2713.diff, NONE, 1.1 clamav-0.92.1-outdated.patch, NONE, 1.1

[Enrico Scholz (ensc)]

Author: ensc

Update of /cvs/extras/rpms/clamav/F-8
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv17018

Added Files:
	clamav-0.92.1-CVE-2008-2713.diff clamav-0.92.1-outdated.patch 
Log Message:
initial checkin


clamav-0.92.1-CVE-2008-2713.diff:

--- NEW FILE clamav-0.92.1-CVE-2008-2713.diff ---
Index: petite.c
===================================================================
--- libclamav/petite.c	(Revision 3751)
+++ libclamav/petite.c	(Revision 3940)
@@ -214,8 +214,14 @@
       /* Let's compact data */
       for (t = 0; t < j ; t++) {
 	usects[t].raw = (t>0)?(usects[t-1].raw + usects[t-1].rsz):0;
-	if (usects[t].rsz != 0 && CLI_ISCONTAINED(buf, bufsz, buf + usects[t].raw, usects[t].rsz))
-	  memmove(buf + usects[t].raw, adjbuf + usects[t].rva, usects[t].rsz);
+	if (usects[t].rsz != 0)
+	  if(CLI_ISCONTAINED(buf, bufsz, buf + usects[t].raw, usects[t].rsz)) {
+	    memmove(buf + usects[t].raw, adjbuf + usects[t].rva, usects[t].rsz);
+	  } else {
+	    cli_dbgmsg("Petite: Skipping section %d, Raw: %x, RSize:%x\n", t, usects[t].raw, usects[t].rsz);
+	    usects[t].raw = t>0 ? usects[t-1].raw : 0;
+	    usects[t].rsz = 0;
+	  }
       }
 
       /* Showtime!!! */
@@ -265,6 +271,7 @@
       uint32_t check1, check2;
       uint8_t mydl = 0;
       uint8_t goback;
+      unsigned int q;
       
       /* Unpak each original section in turn */
 
@@ -312,16 +319,19 @@
        * (eg the icon): let's fix the rva
        */
 
-      if (!check4resources) {
-	unsigned int q;
-	for ( q = 0 ; q < sectcount ; q++ ) {
-	  if ( thisrva <= sections[q].rva || thisrva >= sections[q].rva + sections[q].vsz)
-	    continue;
+      for ( q = 0 ; q < sectcount ; q++ ) {
+	if(!CLI_ISCONTAINED(sections[q].rva, sections[q].vsz, usects[j].rva, usects[j].vsz))
+	  continue;
+	if (!check4resources) {
 	  usects[j].rva = sections[q].rva;
 	  usects[j].rsz = thisrva - sections[q].rva + size;
-	  break;
 	}
+	break;
       }
+      if (q == sectcount) {
+	free(usects);
+	return 1;
+      }
 
       /* Increase count of unpacked sections */
       j++;

clamav-0.92.1-outdated.patch:

--- NEW FILE clamav-0.92.1-outdated.patch ---
Disabled check which prevents older freshclam versions to run in <4h
intervals (bz #453601)

diff -up clamav-0.92.1/freshclam/mirman.c.~1~ clamav-0.92.1/freshclam/mirman.c
--- clamav-0.92.1/freshclam/mirman.c.~1~	2007-12-06 13:58:58.000000000 +0100
+++ clamav-0.92.1/freshclam/mirman.c	2008-07-13 20:28:01.000000000 +0200
@@ -105,9 +105,11 @@ int mirman_check(uint32_t ip, struct mir
     for(i = 0; i < mdat->num; i++) {
 	if(mdat->mirtab[i].atime && mdat->mirtab[i].ip == ip) {
 
+#if 0
 	    if(mdat->dbflevel && (mdat->dbflevel > flevel) && (mdat->dbflevel - flevel > 3))
 		if(time(NULL) - mdat->mirtab[i].atime < 4 * 3600)
 		    return 2;
+#endif
 
 	    if(mdat->mirtab[i].ignore) {
 		if(time(NULL) - mdat->mirtab[i].atime > IGNTIME) {