blah

Cisco-Talos · Jul 18, 2024 · ee0f963 · ee0f963
1 parent 903eb07
commit ee0f963
Showing 1 changed file with 13 additions and 16 deletions.
diff --git a/libclamav/ole2_extract.c b/libclamav/ole2_extract.c
@@ -152,7 +152,6 @@ typedef struct property_tag {
     unsigned char reserved[4];
 } property_t;
 
-
 /*
  * File Information Block Base.
  * Naming is consistent with
@@ -175,7 +174,6 @@ typedef struct __attribute__((packed)) fib_base_type {
     uint32_t reserved6;
 } fib_base_t;
 
-
 struct ole2_list_node;
 
 typedef struct ole2_list_node {
@@ -694,17 +692,17 @@ typedef struct {
 
 } encryption_status_t;
 
-            const char * const ENCRYPTED_JSON_KEY = "Encrypted";
+const char *const ENCRYPTED_JSON_KEY = "Encrypted";
 
-const char *const RC4_ENCRYPTION    = "RC4";
-const char *const XOR_OBFUSCATION   = "XORObfuscation";
-const char *const AES128_ENCRYPTION = "AES128";
-const char *const AES192_ENCRYPTION = "AES192";
-const char *const AES256_ENCRYPTION = "AES256";
-const char * const VELVET_SWEATSHOP_ENCRYPTION = "VelvetSweatshop";
-                const char * const GENERIC_ENCRYPTED = "ENCRYPTION_TYPE_UNKNOWN";
+const char *const RC4_ENCRYPTION              = "RC4";
+const char *const XOR_OBFUSCATION             = "XORObfuscation";
+const char *const AES128_ENCRYPTION           = "AES128";
+const char *const AES192_ENCRYPTION           = "AES192";
+const char *const AES256_ENCRYPTION           = "AES256";
+const char *const VELVET_SWEATSHOP_ENCRYPTION = "VelvetSweatshop";
+const char *const GENERIC_ENCRYPTED           = "ENCRYPTION_TYPE_UNKNOWN";
 
-        const char * const OLE2_HEURISTIC_ENCRYPTED_WARNING = "Heuristics.Encrypted.OLE2";
+const char *const OLE2_HEURISTIC_ENCRYPTED_WARNING = "Heuristics.Encrypted.OLE2";
 
 const uint16_t XLS_XOR_OBFUSCATION    = 0;
 const uint16_t XLS_RC4_ENCRYPTION     = 1;
@@ -2743,7 +2741,7 @@ static bool initialize_encryption_key(
     }
 
     memcpy(encryptionKey, &key, sizeof(encryption_key_t));
-    bRet = true;
+    bRet                               = true;
     pEncryptionStatus->encryption_type = VELVET_SWEATSHOP_ENCRYPTION;
 done:
 
@@ -2943,10 +2941,9 @@ cl_error_t cli_ole2_extract(const char *dirname, cli_ctx *ctx, struct uniq **fil
         }
     }
 
-
     if (SCAN_COLLECT_METADATA && (ctx->wrkproperty != NULL)) {
-        if (encryption_status.encrypted){
-            if (encryption_status.encryption_type){
+        if (encryption_status.encrypted) {
+            if (encryption_status.encryption_type) {
                 cli_jsonstr(ctx->wrkproperty, ENCRYPTED_JSON_KEY, encryption_status.encryption_type);
             } else {
                 cli_jsonstr(ctx->wrkproperty, ENCRYPTED_JSON_KEY, GENERIC_ENCRYPTED);
@@ -2955,7 +2952,7 @@ cl_error_t cli_ole2_extract(const char *dirname, cli_ctx *ctx, struct uniq **fil
     }
 
     if (SCAN_HEURISTIC_ENCRYPTED_DOC && encryption_status.encrypted && (!encryption_status.velvet_sweatshop)) {
-        cl_error_t status = cli_append_potentially_unwanted(ctx, OLE2_HEURISTIC_ENCRYPTED_WARNING );
+        cl_error_t status = cli_append_potentially_unwanted(ctx, OLE2_HEURISTIC_ENCRYPTED_WARNING);
         if (CL_SUCCESS != status) {
             cli_errmsg("OLE2 : Unable to warn potentially unwanted signature '%s'\n", "Heuristics.Encrypted.OLE2");
             ret = status;