+ SFileVerify: Added check whether the weak signature is not zeroed out.

+ Typos
author: Ladislav Zezula <ladislav.zezula@avg.com> 2015-03-17 07:49:42 +0100
committer: Ladislav Zezula <ladislav.zezula@avg.com> 2015-03-17 07:49:42 +0100
commit: e5b9f5132a9010a36db81788e10bb1be07ccf410 (patch)
tree: 8cd7344b28befae3bdbe59f4ee9cc789350ea0f8 /src
parent: c2261d51033088429ba960879dd4d9731e6f9bc1 (diff)
3 files changed, 18 insertions, 1 deletions
diff --git a/src/SBaseCommon.cpp b/src/SBaseCommon.cpp
index ed31a61..23c9833 100644
--- a/src/SBaseCommon.cpp
+++ b/src/SBaseCommon.cpp
@@ -1509,6 +1509,18 @@ bool IsValidMD5(LPBYTE pbMd5)
     return (Md5[0] | Md5[1] | Md5[2] | Md5[3]) ? true : false;
 }
 
+bool IsValidSignature(LPBYTE pbSignature)
+{
+    LPDWORD Signature = (LPDWORD)pbSignature;
+    DWORD SigValid = 0;
+
+    for(int i = 0; i < MPQ_WEAK_SIGNATURE_SIZE / sizeof(DWORD); i++)
+        SigValid |= Signature[i];
+
+    return (SigValid != 0) ? true : false;
+}
+
+
 bool VerifyDataBlockHash(void * pvDataBlock, DWORD cbDataBlock, LPBYTE expected_md5)
 {
     hash_state md5_state;
diff --git a/src/SFileVerify.cpp b/src/SFileVerify.cpp
index cff2a81..65bad00 100644
--- a/src/SFileVerify.cpp
+++ b/src/SFileVerify.cpp
@@ -442,6 +442,10 @@ static DWORD VerifyWeakSignature(
     int hash_idx = find_hash("md5");
     int result = 0;
 
+    // The signature might be zeroed out. In that case, we ignore it
+    if(!IsValidSignature(pSI->Signature))
+        return ERROR_WEAK_SIGNATURE_OK;
+
     // Calculate hash of the entire archive, skipping the (signature) file
     if(!CalculateMpqHashMd5(ha, pSI, Md5Digest))
         return ERROR_VERIFY_FAILED;
@@ -746,8 +750,8 @@ bool QueryMpqSignatureInfo(
             if(!FileStream_Read(ha->pStream, &pSI->BeginExclude, pSI->Signature, dwFileSize))
                 return false;
 
-            pSI->cbSignatureSize = dwFileSize;
             pSI->SignatureTypes |= SIGNATURE_TYPE_WEAK;
+            pSI->cbSignatureSize = dwFileSize;
             return true;
         }
     }
diff --git a/src/StormCommon.h b/src/StormCommon.h
index cdca0b0..93193cf 100644
--- a/src/StormCommon.h
+++ b/src/StormCommon.h
@@ -158,6 +158,7 @@ DWORD DetectFileKeyByContent(void * pvEncryptedData, DWORD dwSectorSize, DWORD d
 DWORD DecryptFileKey(const char * szFileName, ULONGLONG MpqPos, DWORD dwFileSize, DWORD dwFlags);
 
 bool IsValidMD5(LPBYTE pbMd5);
+bool IsValidSignature(LPBYTE pbSignature);
 bool VerifyDataBlockHash(void * pvDataBlock, DWORD cbDataBlock, LPBYTE expected_md5);
 void CalculateDataBlockHash(void * pvDataBlock, DWORD cbDataBlock, LPBYTE md5_hash);
author	Ladislav Zezula <ladislav.zezula@avg.com>	2015-03-17 07:49:42 +0100
committer	Ladislav Zezula <ladislav.zezula@avg.com>	2015-03-17 07:49:42 +0100
commit	e5b9f5132a9010a36db81788e10bb1be07ccf410 (patch)
tree	8cd7344b28befae3bdbe59f4ee9cc789350ea0f8 /src
parent	c2261d51033088429ba960879dd4d9731e6f9bc1 (diff)