From d0d5b036c6bdf9196e24ace21c6240b5bdbfd223 Mon Sep 17 00:00:00 2001 From: wk333 <13474090681@163.com> Date: Tue, 26 Aug 2025 09:55:59 +0800 Subject: [PATCH] Fix sigtool, clambc command execution failure (cherry picked from commit fa2a2e5eb06e8069e5a48d4e7bbe845d81f2f983) --- clamav.spec | 9 ++- fix-clambc-crashes-on-startup.patch | 83 ++++++++++++++++++++++++ fix-sigtool---html-normalise-crash.patch | 35 ++++++++++ 3 files changed, 126 insertions(+), 1 deletion(-) create mode 100644 fix-clambc-crashes-on-startup.patch create mode 100644 fix-sigtool---html-normalise-crash.patch diff --git a/clamav.spec b/clamav.spec index ab34f7b..bd5a88f 100644 --- a/clamav.spec +++ b/clamav.spec @@ -16,7 +16,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 1.4.3 -Release: 3 +Release: 4 License: GPL-2.0-only URL: https://www.clamav.net/ Source0: https://www.clamav.net/downloads/production/%{name}-%{version}.tar.gz @@ -59,6 +59,8 @@ Patch6: clamav-freshclam.service.patch # Debian patch to fix big-endian # https://salsa.debian.org/clamav-team/clamav/-/raw/unstable/debian/patches/libclamav-pe-Use-endian-wrapper-in-more-places.patch Patch7: libclamav-pe-Use-endian-wrapper-in-more-places.patch +Patch8: fix-sigtool---html-normalise-crash.patch +Patch9: fix-clambc-crashes-on-startup.patch BuildRequires: cmake BuildRequires: gettext-devel @@ -235,6 +237,8 @@ This package contains files which are needed to run the clamav-milter. %patch -P5 -p1 -b .clamonacc-service %patch -P6 -p1 -b .freshclam-service %patch -P7 -p1 -b .big-endian +%patch -P8 -p1 +%patch -P9 -p1 mkdir -p libclamunrar{,_iface} touch libclamunrar/{Makefile.in,all,install @@ -505,6 +509,9 @@ done %{_sysusersdir}/clamav-milter.conf %changelog +* Tue Aug 26 2025 wangkai <13474090681@163.com> - 1.4.3-4 +- Fix sigtool, clambc command execution failure + * Tue Aug 12 2025 yaoxin <1024769339@qq.com> - 1.4.3-3 - Fix clamav-clamonacc.service and clamonacc.service stop error - Fix clamav-milter, and clamav-filesystem installation error diff --git a/fix-clambc-crashes-on-startup.patch b/fix-clambc-crashes-on-startup.patch new file mode 100644 index 0000000..2655c7a --- /dev/null +++ b/fix-clambc-crashes-on-startup.patch @@ -0,0 +1,83 @@ +From 87a2957bccce76dcb267a535362204a07343166f Mon Sep 17 00:00:00 2001 +From: Valerie Snyder +Date: Tue, 10 Jun 2025 10:51:58 -0400 +Subject: [PATCH] ClamBC: fix crashes on startup + +Fix crashes related to recursion stack initialization and cleanup. + +Resolves: https://github.com/Cisco-Talos/clamav/issues/1484 + +Origin: https://github.com/Cisco-Talos/clamav/commit/87a2957bccce76dcb267a535362204a07343166f + +--- + clambc/bcrun.c | 23 ++++++++++++++--------- + 1 file changed, 14 insertions(+), 9 deletions(-) + +diff --git a/clambc/bcrun.c b/clambc/bcrun.c +index efb167b..1d0d385 100644 +--- a/clambc/bcrun.c ++++ b/clambc/bcrun.c +@@ -405,13 +405,6 @@ int main(int argc, char *argv[]) + exit(3); + } + +- // ctx was memset, so recursion_level starts at 0. +- cctx.recursion_stack[cctx.recursion_level].fmap = map; +- cctx.recursion_stack[cctx.recursion_level].type = CL_TYPE_ANY; /* ANY for the top level, because we don't yet know the type. */ +- cctx.recursion_stack[cctx.recursion_level].size = map->len; +- +- cctx.fmap = cctx.recursion_stack[cctx.recursion_level].fmap; +- + memset(&dbg_state, 0, sizeof(dbg_state)); + dbg_state.file = ""; + dbg_state.line = 0; +@@ -449,11 +442,18 @@ int main(int argc, char *argv[]) + optfree(opts); + exit(5); + } ++ + map = fmap(fd, 0, 0, opt->strarg); + if (!map) { + fprintf(stderr, "Unable to map input file %s\n", opt->strarg); + exit(5); + } ++ ++ // ctx was memset, so recursion_level starts at 0. ++ cctx.recursion_stack[cctx.recursion_level].fmap = map; ++ cctx.recursion_stack[cctx.recursion_level].type = CL_TYPE_ANY; /* ANY for the top level, because we don't yet know the type. */ ++ cctx.recursion_stack[cctx.recursion_level].size = map->len; ++ + rc = cli_bytecode_context_setfile(ctx, map); + if (rc != CL_SUCCESS) { + fprintf(stderr, "Unable to set file %s: %s\n", opt->strarg, cl_strerror(rc)); +@@ -461,10 +461,15 @@ int main(int argc, char *argv[]) + exit(5); + } + } ++ + /* for testing */ + ctx->hooks.match_counts = deadbeefcounts; + ctx->hooks.match_offsets = deadbeefcounts; +- rc = cli_bytecode_run(&bcs, bc, ctx); ++ ++ /* ++ * Run the bytecode. ++ */ ++ rc = cli_bytecode_run(&bcs, bc, ctx); + if (rc != CL_SUCCESS) { + fprintf(stderr, "Unable to run bytecode: %s\n", cl_strerror(rc)); + } else { +@@ -478,9 +483,9 @@ int main(int argc, char *argv[]) + cli_bytecode_context_destroy(ctx); + if (map) + funmap(map); +- cl_engine_free(engine); + free(cctx.recursion_stack); + evidence_free(cctx.evidence); ++ cl_engine_free(engine); + } + cli_bytecode_destroy(bc); + cli_bytecode_done(&bcs); +-- +2.51.0 + diff --git a/fix-sigtool---html-normalise-crash.patch b/fix-sigtool---html-normalise-crash.patch new file mode 100644 index 0000000..3270c8c --- /dev/null +++ b/fix-sigtool---html-normalise-crash.patch @@ -0,0 +1,35 @@ +From 641b36658d17713603d95042a0ce6338f284da8d Mon Sep 17 00:00:00 2001 +From: "Val S." +Date: Tue, 19 Aug 2025 12:29:04 -0400 +Subject: [PATCH] Sigtool: fix --html-normalise crash + +Origin:https://github.com/Cisco-Talos/clamav/pull/1556 + +Sigtool crashes when you use the `--html-normalise` option, every time. + +Simple double free bug only affecting that specific sigtool command. +Does not affect clamscan scans (thank goodness). + +Fixes: https://github.com/Cisco-Talos/clamav/issues/1483 + +CLAM-2835 +--- + sigtool/sigtool.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/sigtool/sigtool.c b/sigtool/sigtool.c +index 7270210233..393f9713cc 100644 +--- a/sigtool/sigtool.c ++++ b/sigtool/sigtool.c +@@ -587,9 +587,9 @@ static int htmlnorm(const struct optstruct *opts) + + if (NULL != (ctx = convenience_ctx(fd))) { + html_normalise_map(ctx, ctx->fmap, ".", NULL, NULL); +- funmap(ctx->fmap); +- } else ++ } else { + mprintf(LOGG_ERROR, "fmap failed\n"); ++ } + + close(fd); + -- Gitee