[Pkg-clamav-commits] [SCM] Debian repository for ClamAV branch, debian/unstable, updated. debian/0.95+dfsg-1-167-g4319a8f

tkojm tkojm at 77e5149b-7576-45b1-b177-96237e5ba77b
Fri Jun 12 19:12:16 UTC 2009 

The following commit has been merged in the debian/unstable branch:
commit 51e9980cb89727b64d6cc46230b27c071c1d102d
Author: tkojm <tkojm at 77e5149b-7576-45b1-b177-96237e5ba77b>
Date:   Wed May 27 16:33:33 2009 +0000

    libclamav/scanners.c: don't call cli_scanembpe() for files larger than 10MB (bb#1604)
    
    
    git-svn-id: http://svn.clamav.net/svn/clamav-devel/trunk@5071 77e5149b-7576-45b1-b177-96237e5ba77b

diff --git a/ChangeLog b/ChangeLog
index cdc3272..487f10b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+Wed May 27 18:32:33 CEST 2009 (tk)
+----------------------------------
+ * libclamav/scanners.c: don't call cli_scanembpe() for files larger than 10MB
+			 (bb#1604)
+
 Fri May 22 14:09:23 CEST 2009 (tk)
 ----------------------------------
  * libclamav/readdb.c: add offset checks (bb#1615)
diff --git a/libclamav/scanners.c b/libclamav/scanners.c
index 0d17870..5179737 100644
--- a/libclamav/scanners.c
+++ b/libclamav/scanners.c
@@ -1637,7 +1637,6 @@ static int cli_scanembpe(int desc, cli_ctx *ctx)
 	char buff[512];
 	char *tmpname;
 
-
     tmpname = cli_gentemp(ctx->engine->tmpdir);
     if(!tmpname)
 	return CL_EMEM;
@@ -1704,6 +1703,7 @@ static int cli_scanraw(int desc, cli_ctx *ctx, cli_file_t type, uint8_t typercg,
 	uint32_t lastzip, lastrar;
 	struct cli_exe_info peinfo;
 	unsigned int acmode = AC_SCAN_VIR, break_loop = 0;
+	struct stat sb;
 
 
     if(typercg) switch(type) {
@@ -1790,12 +1790,14 @@ static int cli_scanraw(int desc, cli_ctx *ctx, cli_file_t type, uint8_t typercg,
 
 		    case CL_TYPE_MSEXE:
 			if(SCAN_PE && ctx->dconf->pe && fpt->offset) {
-			    cli_dbgmsg("PE signature found at %u\n", (unsigned int) fpt->offset);
+			    fstat(desc, &sb);
+			    if(sb.st_size > 10485760)
+				break;
 			    memset(&peinfo, 0, sizeof(struct cli_exe_info));
 			    peinfo.offset = fpt->offset;
 			    lseek(desc, fpt->offset, SEEK_SET);
 			    if(cli_peheader(desc, &peinfo) == 0) {
-				cli_dbgmsg("*** Detected embedded PE file ***\n");
+				cli_dbgmsg("*** Detected embedded PE file at %u ***\n", (unsigned int) fpt->offset);
 				if(peinfo.section)
 				    free(peinfo.section);
 

-- 
Debian repository for ClamAV

More information about the Pkg-clamav-commits mailing list