-/* @(#) $Id: check_rc_trojans.c,v 1.12 2009/06/24 18:53:07 dcid Exp $ */
+/* @(#) $Id: ./src/rootcheck/check_rc_trojans.c, 2011/09/08 dcid Exp $
+ */
/* Copyright (C) 2009 Trend Micro Inc.
* All right reserved.
*
* This program is a free software; you can redistribute it
* and/or modify it under the terms of the GNU General Public
- * License (version 3) as published by the FSF - Free Software
+ * License (version 2) as published by the FSF - Free Software
* Foundation
*/
-
+
#include "shared.h"
#include "rootcheck.h"
/* Normalizing line */
nbuf = normalize_string(buf);
-
+
if(*nbuf == '\0' || *nbuf == '#')
{
{
continue;
}
-
+
*string_to_look = '\0';
string_to_look++;
}
*message = '\0';
message++;
-
+
string_to_look = normalize_string(string_to_look);
file = normalize_string(file);
message = normalize_string(message);
-
-
+
+
if(*file == '\0' || *string_to_look == '\0')
{
continue;
}
-
+
_total++;
-
-
+
+
/* Trying with all possible paths */
while(all_paths[i] != NULL)
{
if(*file != '/')
{
- snprintf(file_path, OS_SIZE_1024, "%s/%s/%s",basedir,
+ snprintf(file_path, OS_SIZE_1024, "%s/%s/%s",basedir,
all_paths[i],
file);
}
strncpy(file_path, file, OS_SIZE_1024);
file_path[OS_SIZE_1024 -1] = '\0';
}
-
+
/* Checking if entry is found */
if(is_file(file_path) && os_string(file_path, string_to_look))
{
char op_msg[OS_SIZE_1024 +1];
_errors = 1;
-
+
snprintf(op_msg, OS_SIZE_1024, "Trojaned version of file "
- "'%s' detected. Signature used: '%s' (%s).",
+ "'%s' detected. Signature used: '%s' (%s).",
file_path,
string_to_look,
*message == '\0'?
}
i++;
}
- continue;
+ continue;
}