|
|
|
@ -188,7 +188,9 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
|
|
|
|
|
input[line_len] = '\0';
|
|
|
|
|
memcpy (&input, line_buf, line_len);
|
|
|
|
|
|
|
|
|
|
char *p = strtok (input, "*");
|
|
|
|
|
char *saveptr = NULL;
|
|
|
|
|
|
|
|
|
|
char *p = strtok_r (input, "*", &saveptr);
|
|
|
|
|
if (p == NULL) return PARSER_HASH_LENGTH;
|
|
|
|
|
if (strncmp (p, SIGNATURE_PKZIP_V1, 7) != 0 && strncmp (p, SIGNATURE_PKZIP_V2, 8) != 0) return PARSER_SIGNATURE_UNMATCHED;
|
|
|
|
|
|
|
|
|
@ -204,29 +206,29 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
|
|
|
|
|
// check here that the hash_count is valid for the attack type
|
|
|
|
|
if (pkzip->hash_count > 8) return PARSER_HASH_VALUE;
|
|
|
|
|
|
|
|
|
|
p = strtok (NULL, "*");
|
|
|
|
|
p = strtok_r (NULL, "*", &saveptr);
|
|
|
|
|
if (p == NULL) return PARSER_HASH_LENGTH;
|
|
|
|
|
pkzip->checksum_size = atoi (p);
|
|
|
|
|
if (pkzip->checksum_size != 1 && pkzip->checksum_size != 2) return PARSER_HASH_LENGTH;
|
|
|
|
|
|
|
|
|
|
for (int i = 0; i < pkzip->hash_count; i++)
|
|
|
|
|
{
|
|
|
|
|
p = strtok (NULL, "*");
|
|
|
|
|
p = strtok_r (NULL, "*", &saveptr);
|
|
|
|
|
if (p == NULL) return PARSER_HASH_LENGTH;
|
|
|
|
|
pkzip->hashes[i].data_type_enum = atoi (p);
|
|
|
|
|
if (pkzip->hashes[i].data_type_enum > 3) return PARSER_HASH_LENGTH;
|
|
|
|
|
|
|
|
|
|
p = strtok (NULL, "*");
|
|
|
|
|
p = strtok_r (NULL, "*", &saveptr);
|
|
|
|
|
if (p == NULL) return PARSER_HASH_LENGTH;
|
|
|
|
|
pkzip->hashes[i].magic_type_enum = atoi (p);
|
|
|
|
|
|
|
|
|
|
if (pkzip->hashes[i].data_type_enum > 1)
|
|
|
|
|
{
|
|
|
|
|
p = strtok (NULL, "*");
|
|
|
|
|
p = strtok_r (NULL, "*", &saveptr);
|
|
|
|
|
if (p == NULL) return PARSER_HASH_LENGTH;
|
|
|
|
|
pkzip->hashes[i].compressed_length = strtoul (p, NULL, 16);
|
|
|
|
|
|
|
|
|
|
p = strtok (NULL, "*");
|
|
|
|
|
p = strtok_r (NULL, "*", &saveptr);
|
|
|
|
|
if (p == NULL) return PARSER_HASH_LENGTH;
|
|
|
|
|
pkzip->hashes[i].uncompressed_length = strtoul (p, NULL, 16);
|
|
|
|
|
if (pkzip->hashes[i].compressed_length > MAX_DATA)
|
|
|
|
@ -234,31 +236,31 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
|
|
|
|
|
return PARSER_TOKEN_LENGTH;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
p = strtok (NULL, "*");
|
|
|
|
|
p = strtok_r (NULL, "*", &saveptr);
|
|
|
|
|
if (p == NULL) return PARSER_HASH_LENGTH;
|
|
|
|
|
u32 crc32 = 0;
|
|
|
|
|
sscanf (p, "%x", &crc32);
|
|
|
|
|
pkzip->hashes[i].crc32 = crc32;
|
|
|
|
|
|
|
|
|
|
p = strtok (NULL, "*");
|
|
|
|
|
p = strtok_r (NULL, "*", &saveptr);
|
|
|
|
|
if (p == NULL) return PARSER_HASH_LENGTH;
|
|
|
|
|
pkzip->hashes[i].offset = strtoul (p, NULL, 16);
|
|
|
|
|
|
|
|
|
|
p = strtok (NULL, "*");
|
|
|
|
|
p = strtok_r (NULL, "*", &saveptr);
|
|
|
|
|
if (p == NULL) return PARSER_HASH_LENGTH;
|
|
|
|
|
pkzip->hashes[i].additional_offset = strtoul (p, NULL, 16);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
p = strtok (NULL, "*");
|
|
|
|
|
p = strtok_r (NULL, "*", &saveptr);
|
|
|
|
|
if (p == NULL) return PARSER_HASH_LENGTH;
|
|
|
|
|
pkzip->hashes[i].compression_type = atoi (p);
|
|
|
|
|
if (pkzip->hashes[i].compression_type != 8 && pkzip->hashes[i].compression_type != 0) return PARSER_HASH_VALUE;
|
|
|
|
|
|
|
|
|
|
p = strtok (NULL, "*");
|
|
|
|
|
p = strtok_r (NULL, "*", &saveptr);
|
|
|
|
|
if (p == NULL) return PARSER_HASH_LENGTH;
|
|
|
|
|
pkzip->hashes[i].data_length = strtoul (p, NULL, 16);
|
|
|
|
|
|
|
|
|
|
p = strtok (NULL, "*");
|
|
|
|
|
p = strtok_r (NULL, "*", &saveptr);
|
|
|
|
|
if (p == NULL) return PARSER_HASH_LENGTH;
|
|
|
|
|
u16 checksum_from_crc = 0;
|
|
|
|
|
sscanf (p, "%hx", &checksum_from_crc);
|
|
|
|
@ -266,7 +268,7 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
|
|
|
|
|
|
|
|
|
|
if (pkzip->version == 2)
|
|
|
|
|
{
|
|
|
|
|
p = strtok (NULL, "*");
|
|
|
|
|
p = strtok_r (NULL, "*", &saveptr);
|
|
|
|
|
if (p == NULL) return PARSER_HASH_LENGTH;
|
|
|
|
|
u16 checksum_from_timestamp = 0;
|
|
|
|
|
sscanf (p, "%hx", &checksum_from_timestamp);
|
|
|
|
@ -277,7 +279,7 @@ int module_hash_decode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE
|
|
|
|
|
pkzip->hashes[i].checksum_from_timestamp = pkzip->hashes[i].checksum_from_crc;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
p = strtok (NULL, "*");
|
|
|
|
|
p = strtok_r (NULL, "*", &saveptr);
|
|
|
|
|
if (p == NULL) return PARSER_HASH_LENGTH;
|
|
|
|
|
|
|
|
|
|
hex_to_binary (p, strlen (p), (char *) &(pkzip->hashes[i].data));
|
|
|
|
|