Name already in use

A warning printing the HTTP code and file size was accidentally
committed at the end of ClamAV 1.1.0 dev when fixing a bug.
Remove this warning.

Resolves: #930

The clamd and clamav-milter `--help` message and manpages do
not mention the `--pid` (`-p`) option.

The clamd `--help` message and manpage do not mention the
`--datadir` option.

Also corrected minor punctuation issues, and removed the meaningless
jargon about the "main thread" which has nothing to do with the PID.

* Add new clamd and clamscan option --cache-size

This option allows you to set the number of entries the cache can store.

Additionally, introduce CacheSize as a clamd.conf
synonym for --cache-size.

Fixes #867

We commit Cargo.lock now. Wouldn't want to ignore it!

I'm unsure why, but building with cmke -D MAINTAINER_MODE=ON is failing
right now. Updating to a newer version of bindgen appears to resolve the
issue.

I was able to update it by changing the version specified in
libclamav_rust/Cargo.toml, and then running `cargo update -p bindgen`

Not that I expect anyone else to be running maintainer-mode, but I did
also confirm using `cargo-msrv` that the minimum supported version of
rust did not change as a result of this commit.

common.rc is generated by CMake from common.rc.in.
But we do need to have it generate in the same directory as the other
resource files.

We simply forgot to remove common.rc after removing the Visual Studio
project files.

FLEVEL 180 -> 190

Update the NEWS to have a section for the new version.

When processing UTF-8 HTML code, the image extraction logic may panic if
the string contains a multi-byte grapheme that includes a '(', ')',
whitespace, or one of the other characters used to split the text when
searching for the base64 image content.

The panic is because the `split_at()` method will panic if you try to
split in the middle of a unicode grapheme.

This commit fixes the issue by processing the HTML string one grapheme
at a time instead of one character (byte) at a time.
The `grapheme_indices()` method is used to get the correct position of
the start of each grapheme for splitting the string.

The code to extract CSS from HTML <style> blocks contains an off by one
in case there is no actual content it will have a chunk_size of -1.
Whoops.

Removed the -1 so it is correct, and added an extra safety check in case
something else crazy happens.

Because I can easily upgrade Rust/Cargo there

The intention behind adding `cargo update` in our Jenkinsfile earlier
was to make it so the local cache of the cargo registry index (i.e.
$HOME/.cargo/registry/index) knows about the latest version of the Rust
libraries required by our Cargo.lock file.

As it turns out, `cargo update` modifies the Cargo.lock file, which
was not intended.

This change makes removes use of `cargo update`.

It appears the real issue is that we needed a newer version of Rust to
build the 'image' crate.

Fixed a leak introduced by a recent bug fix in the VBA parser.

Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=58301

For some reason we're generating a filename wiith a random hash in it
to use for the comment content in the event that codepage converstion to
utf8 fails for the comment. This makes no sense. So I'm removing it and
letting it just fail out. The calling functions ignore the failure
anyways and move on which is good.

Note: I think the "cli_genfname" call that I'm removing was a copypaste
from the logic for converting the filename to utf8. We still do that.
I'm not sure about the consequence of failing to have a filename in that
case, so I'm going to leave it as-is.

Coverity-225186, 225156: Fix possible leak of comment message in case
parsing the comment header fails after allocating the comment buffer.

Coverity-225184: Fix possible leak of egg block if the archive is not
solid and contains no files.

Additional improvements to egg parser error handling for functions that
pass back allocated memory through the parameters. Instead of checking
for failure before freeing the allocated memory, we'll hand off
ownership of the allocated memory to the parameter variable by setting
to NULL afterwards, and then always free the variable if not NULL after
the `done` label.

Coverity is unhappy with the use of the EC32, cli_readint32,
and cli_writeint32 macros (and the 64bit equivalents to potentially
change the endianess of variables in place.
It claims:

overlapping_assignment: Assigning ... to ..., which have overlapping
memory locations and different types.

Using a temporary variable in between reading and writing should
resolve these "high impact" complaints.

Resolves: Coverity-225232. 225225, 225215, 225212, 225180, 225170,
225165, 225161, 225159.

Coverity-344510: Fix unitialized sock variable in check_clamd test
program. Only close the socket on error if is a valid file descriptor.

Coverity-344507: Remove unused file-open from clamd test.

Coverity-344497: clamd test recvpartial convenience function is was
reusing the `len` variable used for "how long is the reply" also as
the buffer length. Coverity appears to be confused here and thinks that
the length of the buffer may not be long enough for the NULL terminating
character. I have reworked this to use a separate variable for managing
the length of the buffer.

Prevent double-extraction of same PDF object

Two indirect references to the same PDF object may cause it to try to
extract that object twice. This also may cause it to set the extraction
path twice, which leaks the memory from the first time.

This commit records when object extraction is attempted and prevents
doing it again. It also adds a couple extra checks to make sure that the
object path string is not leaked.

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=58072

Also:

- Coverity-317959: Fix complaint about logically dead code. No need to
  check if UE variable is NULL because we would've returned earlier if it
  was NULL.

- A bunch of medium-severity coverity issues for PDF parser regarding
  checking if a `pdf` pointer is NULL after dereferencing it.

- Coverity-192930: bytes_remaining was being checked twice in a row
  without chainging it. Turns out we should have been changing it after
  moving the `index` pointer.

- Coverity-192920: Switch to use CLI_REALLOC instead of cli_realloc2.
  This is because cli_realloc2 would free `pdf->objs` on failure and we
  still need it.

…tract module.

…module

Fix possibly unitialized binop variable in bytecode module for STORE
and COPY instructions in bytecode module.

Refactored slightly to include additional opcode login in the switch statement.

If not initialized, it could try to close some random file descriptor.

…parser.

Coverity-344508: Fix out-of-bound read in check_str test.
The len argument cannot be longer than the size of the source buffer.
The original test was attempting to test an append failure.
The updated test checks for correct behavior with two consecutive
appends.

Also added function comments to document correct use of textbuffer
functions.

Coverity-344493: Fix out-of-bounds read in check_jsnorm test.
The buffers passed to tokenizer_test must be NULL-terminated.

RTF:
- Coverity-344490: Use cli_realloc instead of cli_realloc2.
  cli_realloc2 will free the memory if the allocation fails, though we
  also free the memory later in SCAN_CLEANUP.
- Fix warning about unused variable.

AutoIt:
- Fix possible memory leaks of input and output buffers.
- Set pointer to NULL after handing off memory to new pointer.

The pointer used to index an HTML file during normalization may be
rewound to an earlier location if encoded javascript (screnc) is
detected while processing the line.

If a <style>-tag was also found in the line after the screnc bytes
then the check for the size of the style-chunk will be "negative"
and would result in a massive memcpy.

This issue was introduced during 1.1 development.

This commit ensures the style chunk size may not be negative.

Resolves: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=57327

Somehow the LOGG_DEBUG-level message used to verify correct behavior
in one of the freshclam tests is not written to stdout when testing
on some Fedora systems.

This commit changes the test to verify correct behavior by checking
for a different message that is LOGG_INFO-level, and is consistently
written to stdout.

Further investigation required to find out why debug messages aren't
always written to stdout.

Update the Cargo.lock file to get latest dependencies ahead of 1.1.0
release.

Running clang format on codebase

Previous behaviour would remove temp files by deleting the subdirectory
This caused issues in cases (on Windows) where subdirectories aren't created
due to performance concerns

This commit removes tempfiles individually if keeptemp is off

Original patch authored by Thomas Vy