From 22c46f1bdcdec825d315f952649c8c35e12a5d3b Mon Sep 17 00:00:00 2001 From: Igor Gnatenko Date: Sat, 3 Aug 2019 15:02:41 +0200 Subject: [PATCH 01/11] "Adding package.cfg file" --- package.cfg | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 package.cfg diff --git a/package.cfg b/package.cfg new file mode 100644 index 0000000..66ea79d --- /dev/null +++ b/package.cfg @@ -0,0 +1,2 @@ +[koji] +targets = epel8 epel8-playground \ No newline at end of file From 7f3e18951345be45e463e76a05c7f6510c0ad5a3 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Wed, 8 Apr 2020 19:09:18 -0600 Subject: [PATCH 02/11] Do not log freshclam output to syslog by default - creates double entries in the journal (bz#1822012) --- clamav.spec | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/clamav.spec b/clamav.spec index 1b46418..ce9f5ec 100644 --- a/clamav.spec +++ b/clamav.spec @@ -46,7 +46,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 0.102.2 -Release: 4%{?dist} +Release: 5%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -332,7 +332,6 @@ install -D -p -m 0600 %SOURCE202 $RPM_BUILD_ROOT%_sysconfdir/cron.d/clamav-up sed -ri \ -e 's!^Example!#Example!' \ -e 's!^#?(UpdateLogFile )!#\1!g;' \ - -e 's!^#?(LogSyslog).*!\1 yes!g' \ -e 's!(DatabaseOwner *)clamav$!\1%updateuser!g' $RPM_BUILD_ROOT%_sysconfdir/freshclam.conf.sample mv $RPM_BUILD_ROOT%_sysconfdir/freshclam.conf{.sample,} @@ -595,7 +594,11 @@ fi %changelog -* Mon Mar 16 2020 Orion Poplawski - 0.102.2-4 +* Wed Apr 8 2020 Orion Poplawski - 0.102.2-5 +- Do not log freshclam output to syslog by default - creates double entries + in the journal (bz#1822012) + +* Mon Mar 16 2020 Orion Poplawski - 0.102.2-4 - Quiet freshclam-sleep when used with proxy * Sat Feb 29 2020 Orion Poplawski - 0.102.2-3 From 503daab28b2090da10fd31873529faf035b09ffa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20Esser?= Date: Wed, 22 Apr 2020 00:02:52 +0200 Subject: [PATCH 03/11] Rebuild (json-c) --- clamav.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/clamav.spec b/clamav.spec index ce9f5ec..93f00bf 100644 --- a/clamav.spec +++ b/clamav.spec @@ -46,7 +46,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 0.102.2 -Release: 5%{?dist} +Release: 6%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -594,6 +594,9 @@ fi %changelog +* Tue Apr 21 2020 Björn Esser - 0.102.2-6 +- Rebuild (json-c) + * Wed Apr 8 2020 Orion Poplawski - 0.102.2-5 - Do not log freshclam output to syslog by default - creates double entries in the journal (bz#1822012) From 6219da6c34991a6d520fadd6257ffbc2d744b79d Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Wed, 29 Apr 2020 21:57:51 -0600 Subject: [PATCH 04/11] Add patch to build with EL7 libcurl - re-enable on-access scanning (bz#1820395) --- clamav-curl.patch | 56 +++++++++++++++++++++++++++++++++++++++++++++++ clamav.spec | 17 ++++++++------ 2 files changed, 66 insertions(+), 7 deletions(-) create mode 100644 clamav-curl.patch diff --git a/clamav-curl.patch b/clamav-curl.patch new file mode 100644 index 0000000..6f9fe74 --- /dev/null +++ b/clamav-curl.patch @@ -0,0 +1,56 @@ +diff -up clamav-0.102.2/clamonacc/client/communication.c.curl clamav-0.102.2/clamonacc/client/communication.c +--- clamav-0.102.2/clamonacc/client/communication.c.curl 2020-02-04 07:59:26.000000000 -0700 ++++ clamav-0.102.2/clamonacc/client/communication.c 2020-04-29 21:44:45.073020203 -0600 +@@ -42,12 +42,12 @@ + + #include "communication.h" + +-static int onas_socket_wait(curl_socket_t sockfd, int32_t b_recv, uint64_t timeout_ms); ++static int onas_socket_wait(long sockfd, int32_t b_recv, uint64_t timeout_ms); + + /** + * Function from curl example code, Copyright (C) 1998 - 2018, Daniel Stenberg, see COPYING.curl for license details + */ +-static int onas_socket_wait(curl_socket_t sockfd, int32_t b_recv, uint64_t timeout_ms) ++static int onas_socket_wait(long sockfd, int32_t b_recv, uint64_t timeout_ms) + { + struct timeval tv; + fd_set infd, outfd, errfd; +@@ -79,9 +79,9 @@ int onas_sendln(CURL *curl, const void * + { + size_t sent = 0; + CURLcode curlcode; +- curl_socket_t sockfd; ++ long sockfd; + +- curlcode = curl_easy_getinfo(curl, CURLINFO_ACTIVESOCKET, &sockfd); ++ curlcode = curl_easy_getinfo(curl, CURLINFO_LASTSOCKET, &sockfd); + + if (CURLE_OK != curlcode) { + logg("!ClamCom: could not get curl active socket info %s\n", curl_easy_strerror(curlcode)); +@@ -137,9 +137,9 @@ int onas_recvln(struct RCVLN *rcv_data, + { + char *eol; + int ret = 0; +- curl_socket_t sockfd; ++ long sockfd; + +- rcv_data->curlcode = curl_easy_getinfo(rcv_data->curl, CURLINFO_ACTIVESOCKET, &sockfd); ++ rcv_data->curlcode = curl_easy_getinfo(rcv_data->curl, CURLINFO_LASTSOCKET, &sockfd); + + if (CURLE_OK != rcv_data->curlcode) { + logg("!ClamCom: could not get curl active socket info %s\n", curl_easy_strerror(rcv_data->curlcode)); +diff -up clamav-0.102.2/m4/reorganization/libs/curl.m4.curl clamav-0.102.2/m4/reorganization/libs/curl.m4 +--- clamav-0.102.2/m4/reorganization/libs/curl.m4.curl 2020-02-04 07:59:26.000000000 -0700 ++++ clamav-0.102.2/m4/reorganization/libs/curl.m4 2020-04-29 21:36:15.043808045 -0600 +@@ -62,8 +62,8 @@ if test "X$have_curl" = "Xyes"; then + dnl end of section + + AM_COND_IF([BUILD_CLAMONACC], +- dnl if version greater than (7.45) +- [if test $curl_version -ge 470272 ; then ++ dnl if version greater than (7.29) ++ [if test $curl_version -ge 466176 ; then + $enable_clamonacc="yes" + else + AC_MSG_ERROR([m4_normalize([ diff --git a/clamav.spec b/clamav.spec index 93f00bf..c66c532 100644 --- a/clamav.spec +++ b/clamav.spec @@ -2,13 +2,8 @@ %global _hardened_build 1 -## Fedora Extras specific customization below... -# EL7's curl is too old -%if 0%{?fedora} || 0%{?rhel} >= 8 +## Fedora specific customization below... %bcond_without clamonacc -%else -%bcond_with clamonacc -%endif %bcond_without tmpfiles %bcond_with unrar %ifnarch ppc64 @@ -46,7 +41,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 0.102.2 -Release: 6%{?dist} +Release: 7%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -92,6 +87,8 @@ Patch0: clamav-stats-deprecation.patch Patch1: clamav-default_confs.patch # Fix pkg-config flags for static linking, multilib Patch2: clamav-0.99-private.patch +# Patch to use EL7 libcurl +Patch3: clamav-curl.patch BuildRequires: autoconf automake gettext-devel libtool libtool-ltdl-devel BuildRequires: gcc-c++ @@ -247,6 +244,8 @@ This package contains files which are needed to run the clamav-milter. %endif %patch1 -p1 -b .default_confs %patch2 -p1 -b .private +# Patch to use older libcurl +%{?el7:%patch3 -p1 -b .curl} install -p -m0644 %SOURCE300 clamav-milter/ @@ -594,6 +593,10 @@ fi %changelog +* Wed Apr 29 2020 Orion Poplawski - 0.102.2-7 +- Add patch to build with EL7 libcurl - re-enable on-access scanning + (bz#1820395) + * Tue Apr 21 2020 Björn Esser - 0.102.2-6 - Rebuild (json-c) From 64dd88751b369173771a24c6c4a3b74855edcd9b Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Thu, 30 Apr 2020 17:05:30 -0600 Subject: [PATCH 05/11] Move /etc/clamd.d/scan.conf to clamav-filesystem Add clamonacc.service --- clamav.spec | 21 ++++++++++++++++++++- clamonacc.service | 11 +++++++++++ 2 files changed, 31 insertions(+), 1 deletion(-) create mode 100644 clamonacc.service diff --git a/clamav.spec b/clamav.spec index c66c532..f105514 100644 --- a/clamav.spec +++ b/clamav.spec @@ -67,6 +67,8 @@ Source10: main-59.cvd Source11: daily-25719.cvd #http://database.clamav.net/bytecode.cvd Source12: bytecode-331.cvd +#for clamonacc +Source100: clamonacc.service #for update Source200: freshclam-sleep Source201: freshclam.sysconfig @@ -114,6 +116,7 @@ BuildRequires: systemd-devel #for milter BuildRequires: sendmail-devel +Requires: clamav-filesystem = %version-%release Requires: clamav-lib = %version-%release Requires: data(clamav) @@ -315,6 +318,8 @@ install -D -m 0644 -p %SOURCE12 $RPM_BUILD_ROOT%homedir/bytecode.cvd install -D -m 0644 -p %SOURCE3 _doc_server/clamd.logrotate install -D -m 0644 -p %SOURCE5 _doc_server/README +install -D -p -m 0644 %SOURCE100 $RPM_BUILD_ROOT%_unitdir/clamonacc.service + install -D -p -m 0644 %SOURCE530 $RPM_BUILD_ROOT%_unitdir/clamd@.service ## prepare the update-files @@ -406,6 +411,16 @@ rm $RPM_BUILD_ROOT%_unitdir/clamav-daemon.* make check +%post +%systemd_post clamonacc.service + +%preun +%systemd_preun clamonacc.service + +%postun +%systemd_postun_with_restart clamonacc.service + + %pre filesystem getent group %{updateuser} >/dev/null || groupadd -r %{updateuser} getent passwd %{updateuser} >/dev/null || \ @@ -510,6 +525,7 @@ fi %_mandir/man[15]/* %exclude %_mandir/*/freshclam* %exclude %_mandir/man5/clamd.conf.5* +%_unitdir/clamonacc.service %files lib @@ -530,6 +546,8 @@ fi %files filesystem %attr(-,%updateuser,%updateuser) %dir %homedir %dir %_sysconfdir/clamd.d +# Used by both clamd, clamdscan, and clamonacc +%config(noreplace) %_sysconfdir/clamd.d/scan.conf %files data @@ -564,7 +582,6 @@ fi %_sbindir/clamd %_unitdir/clamd@.service -%config(noreplace) %_sysconfdir/clamd.d/scan.conf %ghost %scanstatedir/clamd.sock %if %{with tmpfiles} %_tmpfilesdir/clamd.scan.conf @@ -594,8 +611,10 @@ fi %changelog * Wed Apr 29 2020 Orion Poplawski - 0.102.2-7 +- Move /etc/clamd.d/scan.conf to clamav-filesystem - Add patch to build with EL7 libcurl - re-enable on-access scanning (bz#1820395) +- Add clamonacc.service * Tue Apr 21 2020 Björn Esser - 0.102.2-6 - Rebuild (json-c) diff --git a/clamonacc.service b/clamonacc.service new file mode 100644 index 0000000..f1ff7eb --- /dev/null +++ b/clamonacc.service @@ -0,0 +1,11 @@ +[Unit] +Description=Clam AntiVirus userspace daemon for OnAccess Scanning +Documentation=man:clamd(8) man:clamd.conf(5) https://www.clamav.net/documents/ +ConditionPathExists=/etc/clamd.d/scan.conf +After=clamd@scan.service + +[Service] +ExecStart=/usr/bin/clamonacc --foreground + +[Install] +WantedBy=multi-user.target From cb202e01d55a60c4ecdc98acaacaeb3c409e3c46 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Thu, 30 Apr 2020 17:29:15 -0600 Subject: [PATCH 06/11] Enable prelude support (bz#1829726) --- clamav.spec | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/clamav.spec b/clamav.spec index f105514..6b12ac4 100644 --- a/clamav.spec +++ b/clamav.spec @@ -41,7 +41,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 0.102.2 -Release: 7%{?dist} +Release: 8%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -98,6 +98,7 @@ BuildRequires: bzip2-devel BuildRequires: curl-devel BuildRequires: gmp-devel BuildRequires: json-c-devel +BuildRequires: libprelude-devel BuildRequires: libxml2-devel BuildRequires: ncurses-devel BuildRequires: openssl-devel @@ -279,6 +280,7 @@ autoreconf -i --disable-rpath \ --disable-silent-rules \ --enable-clamdtop \ + --enable-prelude \ %{!?with_clamonacc:--disable-clamonacc} \ %{!?with_llvm:--disable-llvm} @@ -610,6 +612,9 @@ fi %changelog +* Thu Apr 30 2020 Orion Poplawski - 0.102.2-8 +- Enable prelude support (bz#1829726) + * Wed Apr 29 2020 Orion Poplawski - 0.102.2-7 - Move /etc/clamd.d/scan.conf to clamav-filesystem - Add patch to build with EL7 libcurl - re-enable on-access scanning From 419decb7793341afaa8867c6a8d347a8ddca5ecf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Thu, 9 Apr 2020 03:33:32 +0100 Subject: [PATCH 07/11] Do not log freshclam output to syslog by default - creates double entries in the journal (bz#1822012) (#1820069) add try-restart clamav-freshclam.service on logrotate --- clamav-update.logrotate | 3 +++ clamav.spec | 1 + 2 files changed, 4 insertions(+) diff --git a/clamav-update.logrotate b/clamav-update.logrotate index ab11396..3cd28f0 100644 --- a/clamav-update.logrotate +++ b/clamav-update.logrotate @@ -2,4 +2,7 @@ monthly notifempty missingok + postrotate + systemctl try-restart clamav-freshclam.service + endscript } diff --git a/clamav.spec b/clamav.spec index 6b12ac4..26177b6 100644 --- a/clamav.spec +++ b/clamav.spec @@ -627,6 +627,7 @@ fi * Wed Apr 8 2020 Orion Poplawski - 0.102.2-5 - Do not log freshclam output to syslog by default - creates double entries in the journal (bz#1822012) +- (#1820069) add try-restart clamav-freshclam.service on logrotate * Mon Mar 16 2020 Orion Poplawski - 0.102.2-4 - Quiet freshclam-sleep when used with proxy From 2ab3499bfd73a36c85a58aa1ead453a1bd47d749 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Fri, 1 May 2020 22:40:02 -0600 Subject: [PATCH 08/11] BR gnutls-devel due to libprelude bug --- clamav.spec | 3 +++ 1 file changed, 3 insertions(+) diff --git a/clamav.spec b/clamav.spec index 26177b6..cdb8124 100644 --- a/clamav.spec +++ b/clamav.spec @@ -99,6 +99,9 @@ BuildRequires: curl-devel BuildRequires: gmp-devel BuildRequires: json-c-devel BuildRequires: libprelude-devel +# libprelude-config --libs brings in gnutls +# https://bugzilla.redhat.com/show_bug.cgi?id=1830473 +BuildRequires: gnutls-devel BuildRequires: libxml2-devel BuildRequires: ncurses-devel BuildRequires: openssl-devel From 47c82af7270eb3db9abc17b0838f0ae171e74784 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sat, 2 May 2020 07:33:48 -0600 Subject: [PATCH 09/11] Add upstream patch to fix "Attempt to allocate 0 bytes" errors while scanning certain PDFs --- ...5c4f0e5ea5c4879681d843a9b93fc871fd90.patch | 89 +++++++++++++++++++ clamav.spec | 9 +- 2 files changed, 97 insertions(+), 1 deletion(-) create mode 100644 0e865c4f0e5ea5c4879681d843a9b93fc871fd90.patch diff --git a/0e865c4f0e5ea5c4879681d843a9b93fc871fd90.patch b/0e865c4f0e5ea5c4879681d843a9b93fc871fd90.patch new file mode 100644 index 0000000..649e934 --- /dev/null +++ b/0e865c4f0e5ea5c4879681d843a9b93fc871fd90.patch @@ -0,0 +1,89 @@ +From 0e865c4f0e5ea5c4879681d843a9b93fc871fd90 Mon Sep 17 00:00:00 2001 +From: "Micah Snyder (micasnyd)" +Date: Mon, 6 Apr 2020 15:03:20 -0700 +Subject: [PATCH] PDF: Fix error Attempt to allocate 0 bytes + +The PDF parser currently prints verbose error messages when attempting +to shrink a buffer down to actual data length after decoding if it turns +out that the decoded stream was empty (0 bytes). With exception to the +verbose error messages, there's no real behavior issue. + +This commit fixes the issue by checking if any bytes were decoded before +attempting to shrink the buffer. +--- + libclamav/pdfdecode.c | 27 ++++++++++++++++++--------- + 1 file changed, 18 insertions(+), 9 deletions(-) + +diff --git a/libclamav/pdfdecode.c b/libclamav/pdfdecode.c +index 8315f3a761..d63f7b1cd4 100644 +--- a/libclamav/pdfdecode.c ++++ b/libclamav/pdfdecode.c +@@ -638,8 +638,11 @@ static cl_error_t filter_rldecode(struct pdf_struct *pdf, struct pdf_obj *obj, s + } + + if (rc == CL_SUCCESS) { +- /* Shrink output buffer to final the decoded data length to minimize RAM usage */ +- if (!(temp = cli_realloc(decoded, declen))) { ++ if (declen == 0) { ++ cli_dbgmsg("cli_pdf: empty stream after inflation completed.\n"); ++ rc = CL_BREAK; ++ } else if (!(temp = cli_realloc(decoded, declen))) { ++ /* Shrink output buffer to final the decoded data length to minimize RAM usage */ + cli_errmsg("cli_pdf: cannot reallocate memory for decoded output\n"); + rc = CL_EMEM; + } else { +@@ -647,7 +650,7 @@ static cl_error_t filter_rldecode(struct pdf_struct *pdf, struct pdf_obj *obj, s + } + } + +- if (rc == CL_SUCCESS) { ++ if (rc == CL_SUCCESS || rc == CL_BREAK) { + free(token->content); + + cli_dbgmsg("cli_pdf: decoded %lu bytes from %lu total bytes\n", +@@ -817,8 +820,11 @@ static cl_error_t filter_flatedecode(struct pdf_struct *pdf, struct pdf_obj *obj + (void)inflateEnd(&stream); + + if (rc == CL_SUCCESS) { +- /* Shrink output buffer to final the decoded data length to minimize RAM usage */ +- if (!(temp = cli_realloc(decoded, declen))) { ++ if (declen == 0) { ++ cli_dbgmsg("cli_pdf: empty stream after inflation completed.\n"); ++ rc = CL_BREAK; ++ } else if (!(temp = cli_realloc(decoded, declen))) { ++ /* Shrink output buffer to final the decoded data length to minimize RAM usage */ + cli_errmsg("cli_pdf: cannot reallocate memory for decoded output\n"); + rc = CL_EMEM; + } else { +@@ -826,7 +832,7 @@ static cl_error_t filter_flatedecode(struct pdf_struct *pdf, struct pdf_obj *obj + } + } + +- if (rc == CL_SUCCESS) { ++ if (rc == CL_SUCCESS || rc == CL_BREAK) { + free(token->content); + + token->content = decoded; +@@ -1099,8 +1105,11 @@ static cl_error_t filter_lzwdecode(struct pdf_struct *pdf, struct pdf_obj *obj, + (void)lzwInflateEnd(&stream); + + if (rc == CL_SUCCESS) { +- /* Shrink output buffer to final the decoded data length to minimize RAM usage */ +- if (!(temp = cli_realloc(decoded, declen))) { ++ if (declen == 0) { ++ cli_dbgmsg("cli_pdf: empty stream after inflation completed.\n"); ++ rc = CL_BREAK; ++ } else if (!(temp = cli_realloc(decoded, declen))) { ++ /* Shrink output buffer to final the decoded data length to minimize RAM usage */ + cli_errmsg("cli_pdf: cannot reallocate memory for decoded output\n"); + rc = CL_EMEM; + } else { +@@ -1108,7 +1117,7 @@ static cl_error_t filter_lzwdecode(struct pdf_struct *pdf, struct pdf_obj *obj, + } + } + +- if (rc == CL_SUCCESS) { ++ if (rc == CL_SUCCESS || rc == CL_BREAK) { + free(token->content); + + token->content = decoded; diff --git a/clamav.spec b/clamav.spec index cdb8124..ea6574b 100644 --- a/clamav.spec +++ b/clamav.spec @@ -41,7 +41,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 0.102.2 -Release: 8%{?dist} +Release: 9%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -91,6 +91,8 @@ Patch1: clamav-default_confs.patch Patch2: clamav-0.99-private.patch # Patch to use EL7 libcurl Patch3: clamav-curl.patch +# Upstream fix for "Attempt to allocate 0 bytes" while scanning PDFs +Patch4: https://github.com/Cisco-Talos/clamav-devel/commit/0e865c4f0e5ea5c4879681d843a9b93fc871fd90.patch BuildRequires: autoconf automake gettext-devel libtool libtool-ltdl-devel BuildRequires: gcc-c++ @@ -253,6 +255,7 @@ This package contains files which are needed to run the clamav-milter. %patch2 -p1 -b .private # Patch to use older libcurl %{?el7:%patch3 -p1 -b .curl} +%patch4 -p1 -b .pdf install -p -m0644 %SOURCE300 clamav-milter/ @@ -615,6 +618,10 @@ fi %changelog +* Sat May 02 2020 Orion Poplawski - 0.102.2-9 +- Add upstream patch to fix "Attempt to allocate 0 bytes" errors while scanning + certain PDFs + * Thu Apr 30 2020 Orion Poplawski - 0.102.2-8 - Enable prelude support (bz#1829726) From ba121c958714a57819f93ce0e8f38257eb71919f Mon Sep 17 00:00:00 2001 From: Troy Dawson Date: Thu, 24 Sep 2020 16:33:01 +0000 Subject: [PATCH 10/11] remove package.cfg per new epel-playground policy --- package.cfg | 2 -- 1 file changed, 2 deletions(-) delete mode 100644 package.cfg diff --git a/package.cfg b/package.cfg deleted file mode 100644 index 66ea79d..0000000 --- a/package.cfg +++ /dev/null @@ -1,2 +0,0 @@ -[koji] -targets = epel8 epel8-playground \ No newline at end of file From f03e0f2266d306d0aa88aaf2ba70bf04fd780d69 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Fri, 26 Feb 2021 22:47:35 +0000 Subject: [PATCH 11/11] merge of ff339dd not deleted the files --- ...5c4f0e5ea5c4879681d843a9b93fc871fd90.patch | 89 ------------------- 1 file changed, 89 deletions(-) delete mode 100644 0e865c4f0e5ea5c4879681d843a9b93fc871fd90.patch diff --git a/0e865c4f0e5ea5c4879681d843a9b93fc871fd90.patch b/0e865c4f0e5ea5c4879681d843a9b93fc871fd90.patch deleted file mode 100644 index 649e934..0000000 --- a/0e865c4f0e5ea5c4879681d843a9b93fc871fd90.patch +++ /dev/null @@ -1,89 +0,0 @@ -From 0e865c4f0e5ea5c4879681d843a9b93fc871fd90 Mon Sep 17 00:00:00 2001 -From: "Micah Snyder (micasnyd)" -Date: Mon, 6 Apr 2020 15:03:20 -0700 -Subject: [PATCH] PDF: Fix error Attempt to allocate 0 bytes - -The PDF parser currently prints verbose error messages when attempting -to shrink a buffer down to actual data length after decoding if it turns -out that the decoded stream was empty (0 bytes). With exception to the -verbose error messages, there's no real behavior issue. - -This commit fixes the issue by checking if any bytes were decoded before -attempting to shrink the buffer. ---- - libclamav/pdfdecode.c | 27 ++++++++++++++++++--------- - 1 file changed, 18 insertions(+), 9 deletions(-) - -diff --git a/libclamav/pdfdecode.c b/libclamav/pdfdecode.c -index 8315f3a761..d63f7b1cd4 100644 ---- a/libclamav/pdfdecode.c -+++ b/libclamav/pdfdecode.c -@@ -638,8 +638,11 @@ static cl_error_t filter_rldecode(struct pdf_struct *pdf, struct pdf_obj *obj, s - } - - if (rc == CL_SUCCESS) { -- /* Shrink output buffer to final the decoded data length to minimize RAM usage */ -- if (!(temp = cli_realloc(decoded, declen))) { -+ if (declen == 0) { -+ cli_dbgmsg("cli_pdf: empty stream after inflation completed.\n"); -+ rc = CL_BREAK; -+ } else if (!(temp = cli_realloc(decoded, declen))) { -+ /* Shrink output buffer to final the decoded data length to minimize RAM usage */ - cli_errmsg("cli_pdf: cannot reallocate memory for decoded output\n"); - rc = CL_EMEM; - } else { -@@ -647,7 +650,7 @@ static cl_error_t filter_rldecode(struct pdf_struct *pdf, struct pdf_obj *obj, s - } - } - -- if (rc == CL_SUCCESS) { -+ if (rc == CL_SUCCESS || rc == CL_BREAK) { - free(token->content); - - cli_dbgmsg("cli_pdf: decoded %lu bytes from %lu total bytes\n", -@@ -817,8 +820,11 @@ static cl_error_t filter_flatedecode(struct pdf_struct *pdf, struct pdf_obj *obj - (void)inflateEnd(&stream); - - if (rc == CL_SUCCESS) { -- /* Shrink output buffer to final the decoded data length to minimize RAM usage */ -- if (!(temp = cli_realloc(decoded, declen))) { -+ if (declen == 0) { -+ cli_dbgmsg("cli_pdf: empty stream after inflation completed.\n"); -+ rc = CL_BREAK; -+ } else if (!(temp = cli_realloc(decoded, declen))) { -+ /* Shrink output buffer to final the decoded data length to minimize RAM usage */ - cli_errmsg("cli_pdf: cannot reallocate memory for decoded output\n"); - rc = CL_EMEM; - } else { -@@ -826,7 +832,7 @@ static cl_error_t filter_flatedecode(struct pdf_struct *pdf, struct pdf_obj *obj - } - } - -- if (rc == CL_SUCCESS) { -+ if (rc == CL_SUCCESS || rc == CL_BREAK) { - free(token->content); - - token->content = decoded; -@@ -1099,8 +1105,11 @@ static cl_error_t filter_lzwdecode(struct pdf_struct *pdf, struct pdf_obj *obj, - (void)lzwInflateEnd(&stream); - - if (rc == CL_SUCCESS) { -- /* Shrink output buffer to final the decoded data length to minimize RAM usage */ -- if (!(temp = cli_realloc(decoded, declen))) { -+ if (declen == 0) { -+ cli_dbgmsg("cli_pdf: empty stream after inflation completed.\n"); -+ rc = CL_BREAK; -+ } else if (!(temp = cli_realloc(decoded, declen))) { -+ /* Shrink output buffer to final the decoded data length to minimize RAM usage */ - cli_errmsg("cli_pdf: cannot reallocate memory for decoded output\n"); - rc = CL_EMEM; - } else { -@@ -1108,7 +1117,7 @@ static cl_error_t filter_lzwdecode(struct pdf_struct *pdf, struct pdf_obj *obj, - } - } - -- if (rc == CL_SUCCESS) { -+ if (rc == CL_SUCCESS || rc == CL_BREAK) { - free(token->content); - - token->content = decoded;