Cisco-Talos · val-ms · Mar 29, 2023 · Feb 18, 2023 · Feb 18, 2023
diff --git a/.github/workflows/clang-format.yml b/.github/workflows/clang-format.yml
@@ -22,7 +22,7 @@ jobs:
       matrix:
         path:
           - check: "libclamav"
-            exclude: "(iana_cctld|bytecode_api_|bytecode_hooks|rijndael|yara|inffixed|inflate|queue|tomsfastmath|nsis|7z|regex|c++|generated)"
+            exclude: "(iana_cctld|bytecode_api_|bytecode_hooks|rijndael|yara|inffixed|inflate|queue|nsis|7z|regex|c++|generated)"
           - check: "libfreshclam"
             exclude: ""
           - check: "clamav-milter"

diff --git a/README.md b/README.md
@@ -113,7 +113,6 @@ ClamAV contains a number of components that include code copied in part or in
 whole from 3rd party projects and whose code is not owned by Cisco and which
 are licensed differently than ClamAV. These include:
 
-- tomsfastmath:  public domain
 - Yara: Apache 2.0 license
   - Yara has since switched to the BSD 3-Clause License;
     Our source is out-of-date and needs to be updated.

diff --git a/clamav-config.h.cmake.in b/clamav-config.h.cmake.in
@@ -401,9 +401,6 @@
 /* Define if UNRAR is linked instead of loaded. */
 #cmakedefine UNRAR_LINKED 1
 
-/* Define if UNRAR is linked instead of loaded. */
-#cmakedefine HAVE_SYSTEM_TOMSFASTMATH 1
-
 /* "Full clamav library version number" */
 #define LIBCLAMAV_FULLVER "@LIBCLAMAV_VERSION@"
 

diff --git a/libclamav/CMakeLists.txt b/libclamav/CMakeLists.txt
@@ -23,15 +23,6 @@ endif()
 
 add_definitions(-DTHIS_IS_LIBCLAMAV)
 
-# Enable overflow checks in TomsFastMath's fp_exptmod() function.
-add_definitions(-DTFM_CHECK)
-
-# Just enable ASM in in TomsFastMath's on x86-64 where we know it works.
-# on i686 we run out of registers with -fPIC, and on ia64 we miscompile.
-if(NOT CMAKE_COMPILER_IS_GNUCC OR NOT (CMAKE_SIZEOF_VOID_P EQUAL 8))
-    add_definitions(-DTFM_NO_ASM)
-endif()
-
 # 3rd party libraries included in libclamav
 add_library( regex OBJECT )
 target_sources( regex
@@ -166,100 +157,6 @@ target_link_libraries( yara
         PCRE2::pcre2
         JSONC::jsonc )
 
-add_library( tomsfastmath OBJECT )
-target_sources( tomsfastmath
-    PRIVATE
-        tomsfastmath/addsub/fp_add.c
-        tomsfastmath/addsub/fp_add_d.c
-        tomsfastmath/addsub/fp_addmod.c
-        tomsfastmath/addsub/fp_cmp.c
-        tomsfastmath/addsub/fp_cmp_d.c
-        tomsfastmath/addsub/fp_cmp_mag.c
-        tomsfastmath/addsub/fp_sub.c
-        tomsfastmath/addsub/fp_sub_d.c
-        tomsfastmath/addsub/fp_submod.c
-        tomsfastmath/addsub/s_fp_add.c
-        tomsfastmath/addsub/s_fp_sub.c
-        tomsfastmath/bin/fp_radix_size.c
-        tomsfastmath/bin/fp_read_radix.c
-        tomsfastmath/bin/fp_read_signed_bin.c
-        tomsfastmath/bin/fp_read_unsigned_bin.c
-        tomsfastmath/bin/fp_reverse.c
-        tomsfastmath/bin/fp_s_rmap.c
-        tomsfastmath/bin/fp_signed_bin_size.c
-        tomsfastmath/bin/fp_to_signed_bin.c
-        tomsfastmath/bin/fp_to_unsigned_bin.c
-        tomsfastmath/bin/fp_toradix.c
-        tomsfastmath/bin/fp_toradix_n.c
-        tomsfastmath/bin/fp_unsigned_bin_size.c
-        tomsfastmath/bit/fp_cnt_lsb.c
-        tomsfastmath/bit/fp_count_bits.c
-        tomsfastmath/bit/fp_div_2.c
-        tomsfastmath/bit/fp_div_2d.c
-        tomsfastmath/bit/fp_lshd.c
-        tomsfastmath/bit/fp_mod_2d.c
-        tomsfastmath/bit/fp_rshd.c
-        tomsfastmath/divide/fp_div.c
-        tomsfastmath/divide/fp_div_d.c
-        tomsfastmath/divide/fp_mod.c
-        tomsfastmath/divide/fp_mod_d.c
-        tomsfastmath/exptmod/fp_2expt.c
-        tomsfastmath/exptmod/fp_exptmod.c
-        tomsfastmath/misc/fp_ident.c
-        tomsfastmath/misc/fp_set.c
-        tomsfastmath/mont/fp_montgomery_calc_normalization.c
-        tomsfastmath/mont/fp_montgomery_reduce.c
-        tomsfastmath/mont/fp_montgomery_setup.c
-        tomsfastmath/mul/fp_mul.c
-        tomsfastmath/mul/fp_mul_comba.c
-        tomsfastmath/mul/fp_mul_2.c
-        tomsfastmath/mul/fp_mul_2d.c
-        tomsfastmath/mul/fp_mul_comba_12.c
-        tomsfastmath/mul/fp_mul_comba_17.c
-        tomsfastmath/mul/fp_mul_comba_20.c
-        tomsfastmath/mul/fp_mul_comba_24.c
-        tomsfastmath/mul/fp_mul_comba_28.c
-        tomsfastmath/mul/fp_mul_comba_3.c
-        tomsfastmath/mul/fp_mul_comba_32.c
-        tomsfastmath/mul/fp_mul_comba_4.c
-        tomsfastmath/mul/fp_mul_comba_48.c
-        tomsfastmath/mul/fp_mul_comba_6.c
-        tomsfastmath/mul/fp_mul_comba_64.c
-        tomsfastmath/mul/fp_mul_comba_7.c
-        tomsfastmath/mul/fp_mul_comba_8.c
-        tomsfastmath/mul/fp_mul_comba_9.c
-        tomsfastmath/mul/fp_mul_comba_small_set.c
-        tomsfastmath/mul/fp_mul_d.c
-        tomsfastmath/mul/fp_mulmod.c
-        tomsfastmath/numtheory/fp_invmod.c
-        tomsfastmath/sqr/fp_sqr.c
-        tomsfastmath/sqr/fp_sqr_comba_12.c
-        tomsfastmath/sqr/fp_sqr_comba_17.c
-        tomsfastmath/sqr/fp_sqr_comba_20.c
-        tomsfastmath/sqr/fp_sqr_comba_24.c
-        tomsfastmath/sqr/fp_sqr_comba_28.c
-        tomsfastmath/sqr/fp_sqr_comba_3.c
-        tomsfastmath/sqr/fp_sqr_comba_32.c
-        tomsfastmath/sqr/fp_sqr_comba_4.c
-        tomsfastmath/sqr/fp_sqr_comba_48.c
-        tomsfastmath/sqr/fp_sqr_comba_6.c
-        tomsfastmath/sqr/fp_sqr_comba_64.c
-        tomsfastmath/sqr/fp_sqr_comba_7.c
-        tomsfastmath/sqr/fp_sqr_comba_8.c
-        tomsfastmath/sqr/fp_sqr_comba_9.c
-        tomsfastmath/sqr/fp_sqr_comba_generic.c
-        tomsfastmath/sqr/fp_sqr_comba_small_set.c
-        tomsfastmath/sqr/fp_sqrmod.c
-    PUBLIC
-        bignum.h )
-target_include_directories( tomsfastmath
-    PRIVATE
-        ${CMAKE_BINARY_DIR}
-        ${CMAKE_CURRENT_SOURCE_DIR}/tomsfastmath/headers
-    PUBLIC  ${CMAKE_CURRENT_SOURCE_DIR} )
-set_target_properties( tomsfastmath PROPERTIES
-    COMPILE_FLAGS "${WARNCFLAGS}" )
-
 # Bytecode Runtime
 add_library( bytecode_runtime OBJECT )
 if(LLVM_FOUND)
@@ -525,7 +422,6 @@ if(ENABLE_SHARED_LIB)
             regex
             lzma_sdk
             yara
-            tomsfastmath
             bytecode_runtime
             ${LIBMSPACK}
             ClamAV::libclamav_rust
@@ -638,7 +534,6 @@ if(ENABLE_STATIC_LIB)
             regex
             lzma_sdk
             yara
-            tomsfastmath
             bytecode_runtime
             ${LIBMSPACK}
             ClamAV::libclamav_rust

diff --git a/libclamav/Doxyfile b/libclamav/Doxyfile
@@ -111,15 +111,4 @@ INPUT = . \
         jsparse \
         jsparse/generated \
         nsis \
-        regex \
-        tomsfastmath \
-        tomsfastmath/addsub \
-        tomsfastmath/bin \
-        tomsfastmath/bit \
-        tomsfastmath/divide \
-        tomsfastmath/exptmod \
-        tomsfastmath/misc \
-        tomsfastmath/mont \
-        tomsfastmath/mul \
-        tomsfastmath/numtheory \
-        tomsfastmath/sqr
+        regex
diff --git a/libclamav/asn1.c b/libclamav/asn1.c
@@ -24,10 +24,10 @@
 #endif
 
 #include <time.h>
+#include <openssl/bn.h>
 
 #include "clamav.h"
 #include "asn1.h"
-#include "bignum.h"
 #include "matcher-hash.h"
 
 /* --------------------------------------------------------------------------- OIDS */
@@ -695,7 +695,8 @@ static int asn1_get_rsa_pubkey(fmap_t *map, const void **asn1data, unsigned int
         return 1;
     }
 
-    fp_read_unsigned_bin(&x509->n, obj.content, avail2);
+    if (!BN_bin2bn(obj.content, avail2, x509->n))
+        return 1;
 
     if (asn1_expect_objtype(map, obj.next, &avail, &obj, ASN1_TYPE_INTEGER)) /* INTEGER - exp */
         return 1;
@@ -712,7 +713,8 @@ static int asn1_get_rsa_pubkey(fmap_t *map, const void **asn1data, unsigned int
         return 1;
     }
 
-    fp_read_unsigned_bin(&x509->e, obj.content, obj.size);
+    if (!BN_bin2bn(obj.content, obj.size, x509->e))
+        return 1;
 
     return 0;
 }
@@ -738,9 +740,12 @@ static int asn1_get_x509(fmap_t *map, const void **asn1data, unsigned int *size,
     int ret = ASN1_GET_X509_UNRECOVERABLE_ERROR;
     unsigned int version;
 
-    cli_crt_init(&x509);
-
     do {
+        if (cli_crt_init(&x509) < 0) {
+            cli_dbgmsg("asn1_get_x509: failed to initialize x509.\n");
+            break;
+        }
+
         if (asn1_expect_objtype(map, *asn1data, size, &crt, ASN1_TYPE_SEQUENCE)) { /* SEQUENCE */
             cli_dbgmsg("asn1_get_x509: expected SEQUENCE at the x509 start\n");
             break;
@@ -1107,7 +1112,8 @@ static int asn1_get_x509(fmap_t *map, const void **asn1data, unsigned int *size,
             break;
         }
 
-        fp_read_unsigned_bin(&x509.sig, obj.content, obj.size);
+        if (!BN_bin2bn(obj.content, obj.size, x509.sig))
+            break;
 
         if (crt.size) {
             cli_dbgmsg("asn1_get_x509: found unexpected extra data in signature\n");
@@ -1404,6 +1410,8 @@ static cl_error_t asn1_parse_mscat(struct cl_engine *engine, fmap_t *map, size_t
     void *hash_ctx;
     int result;
     cl_error_t ret = CL_EPARSE;
+    char *mod      = NULL;
+    char *exp      = NULL;
 
     cli_dbgmsg("in asn1_parse_mscat\n");
 
@@ -1558,11 +1566,10 @@ static cl_error_t asn1_parse_mscat(struct cl_engine *engine, fmap_t *map, size_t
                     while (x509) {
                         char raw_issuer[CRT_RAWMAXLEN * 2 + 1], raw_subject[CRT_RAWMAXLEN * 2 + 1], raw_serial[CRT_RAWMAXLEN * 3 + 1];
                         char issuer[SHA1_HASH_SIZE * 2 + 1], subject[SHA1_HASH_SIZE * 2 + 1], serial[SHA1_HASH_SIZE * 2 + 1];
-                        char mod[1024 + 1], exp[1024 + 1];
-                        int j = 1024;
+                        int j;
 
-                        fp_toradix_n(&x509->n, mod, 16, j + 1);
-                        fp_toradix_n(&x509->e, exp, 16, j + 1);
+                        mod = BN_bn2hex(x509->n);
+                        exp = BN_bn2hex(x509->e);
                         memset(raw_issuer, 0, CRT_RAWMAXLEN * 2 + 1);
                         memset(raw_subject, 0, CRT_RAWMAXLEN * 2 + 1);
                         memset(raw_serial, 0, CRT_RAWMAXLEN * 2 + 1);
@@ -1594,6 +1601,10 @@ static cl_error_t asn1_parse_mscat(struct cl_engine *engine, fmap_t *map, size_t
                         cli_dbgmsg("  raw_issuer: %s\n", raw_issuer);
 
                         x509 = x509->next;
+                        OPENSSL_free(mod);
+                        OPENSSL_free(exp);
+                        mod = NULL;
+                        exp = NULL;
                     }
                     x509 = newcerts.crts;
                 }
@@ -2149,6 +2160,8 @@ static cl_error_t asn1_parse_mscat(struct cl_engine *engine, fmap_t *map, size_t
     } while (0);
 
 finish:
+    OPENSSL_free(mod);
+    OPENSSL_free(exp);
     if (CL_EPARSE == ret) {
         cli_dbgmsg("asn1_parse_mscat: failed to parse authenticode section\n");
     }

diff --git a/libclamav/bignum.h b/libclamav/bignum.h