[Pkg-clamav-commits] [SCM] Debian repository for ClamAV branch, debian/unstable, updated. debian/0.95+dfsg-1-167-g4319a8f

tkojm tkojm at 77e5149b-7576-45b1-b177-96237e5ba77b
Fri Jun 12 19:12:24 UTC 2009


The following commit has been merged in the debian/unstable branch:
commit 99550b0210c6e86e37b4845d8fd5093f501e07bc
Author: tkojm <tkojm at 77e5149b-7576-45b1-b177-96237e5ba77b>
Date:   Wed Jun 10 20:50:49 2009 +0000

    0.95.2
    
    
    git-svn-id: http://svn.clamav.net/svn/clamav-devel/trunk@5074 77e5149b-7576-45b1-b177-96237e5ba77b

diff --git a/ChangeLog b/ChangeLog
index 0af09cd..8275ac2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,26 @@
+Wed Jun 10 19:01:11 CEST 2009 (tk)
+----------------------------------
+ * V 0.95.2
+
+Wed Jun 10 18:04:53 CEST 2009 (tk)
+----------------------------------
+ * libclamav: detect and handle archives hidden inside other files (eg. images),
+	      which can be unpacked by WinZip, WinRAR and other tools (bb#1554)
+	      Reported by ROGER Mickael and Thierry Zoller
+
+Wed Jun 10 18:02:31 CEST 2009 (tk)
+----------------------------------
+ * libclamav/mspack.c, cab.c: don't rely on file sizes stored in CAB headers (bb#1562)
+			      Reported by Thierry*Zoller <Thierry*Zoller.lu>
+
+Wed Jun 10 17:58:47 CEST 2009 (acab)
+------------------------------------
+ * libclamunrar/unrarvm.c: fix handling of some broken rar files
+
+Wed Jun 10 17:58:30 CEST 2009 (edwin)
+-------------------------------------
+ * libclamav/mbox.c: handle malformed emails with embedded \0s (bb #1573)
+
 Fri May 29 14:37:08 EEST 2009 (edwin)
 -------------------------------------
  * clamdtop/clamdtop.c: Add missing #include, fixed bb #1619.
diff --git a/NEWS b/NEWS
index a3b68fe..d3c6221 100644
--- a/NEWS
+++ b/NEWS
@@ -1,7 +1,9 @@
-0.95.1
+0.95.2
 ------
 
-This is a bugfix release only, please see the ChangeLog for details.
+This version improves handling of archives, adds support for --file-list
+in clamscan and clamdscan, and fixes various issues found in previous
+releases.
 
 --
 The ClamAV team (http://www.clamav.net/team)
diff --git a/README b/README
index 6231f70..abec596 100644
--- a/README
+++ b/README
@@ -2,6 +2,16 @@ Note: This README/NEWS file refers to the source tarball. Some things described
 here may not be available in binary packages.
 --
 
+0.95.2
+------
+
+This version improves handling of archives, adds support for --file-list
+in clamscan and clamdscan, and fixes various issues found in previous
+releases.
+
+--
+The ClamAV team (http://www.clamav.net/team)
+
 0.95.1
 ------
 
diff --git a/configure b/configure
index 9cc7cdd..4a4c94c 100755
--- a/configure
+++ b/configure
@@ -2997,7 +2997,7 @@ _ACEOF
 
 
 LC_CURRENT=6
-LC_REVISION=3
+LC_REVISION=4
 LC_AGE=0
 LIBCLAMAV_VERSION="$LC_CURRENT":"$LC_REVISION":"$LC_AGE"
 
diff --git a/configure.in b/configure.in
index b1358bd..ddbcf48 100644
--- a/configure.in
+++ b/configure.in
@@ -44,7 +44,7 @@ dnl VERSION="0.94rc1"
 AC_DEFINE_UNQUOTED([VERSION],"$VERSION",[Version number of package])
 
 LC_CURRENT=6
-LC_REVISION=3
+LC_REVISION=4
 LC_AGE=0
 LIBCLAMAV_VERSION="$LC_CURRENT":"$LC_REVISION":"$LC_AGE"
 AC_SUBST([LIBCLAMAV_VERSION])
diff --git a/docs/clamdoc.pdf b/docs/clamdoc.pdf
index f09dd7f..1f1d9b8 100644
Binary files a/docs/clamdoc.pdf and b/docs/clamdoc.pdf differ
diff --git a/docs/clamdoc.tex b/docs/clamdoc.tex
index 3958cf0..dfbe30a 100644
--- a/docs/clamdoc.tex
+++ b/docs/clamdoc.tex
@@ -71,7 +71,7 @@
     \vspace{3cm}
     \begin{flushright}
 	\rule[-1ex]{8cm}{3pt}\\
-	\huge Clam AntiVirus 0.95.1\\
+	\huge Clam AntiVirus 0.95.2\\
 	\huge \emph{User Manual}\\
     \end{flushright}
 
@@ -127,7 +127,7 @@
 	\item{POSIX compliant, portable}
 	\item{Fast scanning}
 	\item{Supports on-access scanning (Linux and FreeBSD only)}
-	\item{Detects over 530.000 viruses, worms and trojans, including
+	\item{Detects over 570.000 viruses, worms and trojans, including
 	      Microsoft Office macro viruses, mobile malware, and other threats}
 	\item{Scans within archives and compressed files (also protects
 	      against archive bombs), built-in support includes:
diff --git a/docs/html/clamdoc.html b/docs/html/clamdoc.html
index f3b9655..b33761f 100644
--- a/docs/html/clamdoc.html
+++ b/docs/html/clamdoc.html
@@ -56,7 +56,7 @@ original version by:  Nikos Drakos, CBLU, University of Leeds
 <BR>
 <BR>
     <DIV ALIGN="RIGHT">
-<BR>	<BIG CLASS="HUGE">Clam AntiVirus 0.95
+<BR>	<BIG CLASS="HUGE">Clam AntiVirus 0.95.2
 <BR>	<BIG CLASS="HUGE"><SPAN  CLASS="textit">User Manual</SPAN>
 <BR>    
 </BIG></BIG></DIV>
@@ -225,7 +225,7 @@ original version by:  Nikos Drakos, CBLU, University of Leeds
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/index.html b/docs/html/index.html
index 759c243..b33761f 100644
--- a/docs/html/index.html
+++ b/docs/html/index.html
@@ -56,7 +56,7 @@ original version by:  Nikos Drakos, CBLU, University of Leeds
 <BR>
 <BR>
     <DIV ALIGN="RIGHT">
-<BR>	<BIG CLASS="HUGE">Clam AntiVirus 0.95.1
+<BR>	<BIG CLASS="HUGE">Clam AntiVirus 0.95.2
 <BR>	<BIG CLASS="HUGE"><SPAN  CLASS="textit">User Manual</SPAN>
 <BR>    
 </BIG></BIG></DIV>
@@ -225,7 +225,7 @@ original version by:  Nikos Drakos, CBLU, University of Leeds
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node1.html b/docs/html/node1.html
index ff41c2b..0a04eb3 100644
--- a/docs/html/node1.html
+++ b/docs/html/node1.html
@@ -188,7 +188,7 @@ ClamAV and Clam AntiVirus are trademarks of Sourcefire, Inc.
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node10.html b/docs/html/node10.html
index 35724a9..8e2171b 100644
--- a/docs/html/node10.html
+++ b/docs/html/node10.html
@@ -85,7 +85,7 @@ Requirements</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node11.html b/docs/html/node11.html
index ad88166..57c7beb 100644
--- a/docs/html/node11.html
+++ b/docs/html/node11.html
@@ -75,7 +75,7 @@ Installing on shell account</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node12.html b/docs/html/node12.html
index ea81647..8760349 100644
--- a/docs/html/node12.html
+++ b/docs/html/node12.html
@@ -69,7 +69,7 @@ Adding new system user and group</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node13.html b/docs/html/node13.html
index 007f6ff..72d3454 100644
--- a/docs/html/node13.html
+++ b/docs/html/node13.html
@@ -75,7 +75,7 @@ Compilation of base package</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node14.html b/docs/html/node14.html
index a29278f..2abe019 100644
--- a/docs/html/node14.html
+++ b/docs/html/node14.html
@@ -65,7 +65,7 @@ Compilation with clamav-milter enabled</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node15.html b/docs/html/node15.html
index 8e1f462..7a426ec 100644
--- a/docs/html/node15.html
+++ b/docs/html/node15.html
@@ -142,7 +142,7 @@ All 4 tests passed
 <!--End of Navigation Panel-->
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node16.html b/docs/html/node16.html
index 904899f..8d08225 100644
--- a/docs/html/node16.html
+++ b/docs/html/node16.html
@@ -96,7 +96,7 @@ $ CK_FORK=no ./libtool --mode=execute valgrind unit_tests/check-clamav
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node17.html b/docs/html/node17.html
index 6adae2c..2209e2a 100644
--- a/docs/html/node17.html
+++ b/docs/html/node17.html
@@ -87,7 +87,7 @@ Configuration</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node18.html b/docs/html/node18.html
index a9d62c6..2ada770 100644
--- a/docs/html/node18.html
+++ b/docs/html/node18.html
@@ -79,7 +79,7 @@ clamd</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node19.html b/docs/html/node19.html
index 623fe8a..ad5a38e 100644
--- a/docs/html/node19.html
+++ b/docs/html/node19.html
@@ -90,7 +90,7 @@ On-access scanning</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node2.html b/docs/html/node2.html
index 0b68d67..a0d97cd 100644
--- a/docs/html/node2.html
+++ b/docs/html/node2.html
@@ -79,7 +79,7 @@ Introduction</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node20.html b/docs/html/node20.html
index 6d2d8fb..0163413 100644
--- a/docs/html/node20.html
+++ b/docs/html/node20.html
@@ -67,7 +67,7 @@ clamav-milter</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node21.html b/docs/html/node21.html
index c2f9212..d95a79b 100644
--- a/docs/html/node21.html
+++ b/docs/html/node21.html
@@ -75,7 +75,7 @@ Testing</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node22.html b/docs/html/node22.html
index f16405d..b25aa99 100644
--- a/docs/html/node22.html
+++ b/docs/html/node22.html
@@ -140,7 +140,7 @@ N * * * *	/usr/local/bin/freshclam --quiet
 <!--End of Navigation Panel-->
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node23.html b/docs/html/node23.html
index 1997e51..ec8b81a 100644
--- a/docs/html/node23.html
+++ b/docs/html/node23.html
@@ -77,7 +77,7 @@ Closest mirrors</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node24.html b/docs/html/node24.html
index a7dbe5a..b0ba5e4 100644
--- a/docs/html/node24.html
+++ b/docs/html/node24.html
@@ -108,7 +108,7 @@ The only private data that is transferred is an IP address, which is used
 <!--End of Navigation Panel-->
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node25.html b/docs/html/node25.html
index 3525623..00f8a09 100644
--- a/docs/html/node25.html
+++ b/docs/html/node25.html
@@ -80,7 +80,7 @@ Usage</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node26.html b/docs/html/node26.html
index a8772ce..e85f206 100644
--- a/docs/html/node26.html
+++ b/docs/html/node26.html
@@ -230,7 +230,7 @@ Scan stream: clamd will return a new port number you should
 <!--End of Navigation Panel-->
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node27.html b/docs/html/node27.html
index 4e5c1f4..144a35d 100644
--- a/docs/html/node27.html
+++ b/docs/html/node27.html
@@ -76,7 +76,7 @@ Clam<SPAN  CLASS="textbf">d</SPAN>scan</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node28.html b/docs/html/node28.html
index 4910c0a..a6b7158 100644
--- a/docs/html/node28.html
+++ b/docs/html/node28.html
@@ -92,7 +92,7 @@ SIGTERM signal. In other case you can lose access
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node29.html b/docs/html/node29.html
index 151c566..5d260bf 100644
--- a/docs/html/node29.html
+++ b/docs/html/node29.html
@@ -70,7 +70,7 @@ Output format</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node3.html b/docs/html/node3.html
index 12d86d2..b60cae2 100644
--- a/docs/html/node3.html
+++ b/docs/html/node3.html
@@ -67,7 +67,7 @@ Features</A>
 </LI>
 <LI>Supports on-access scanning (Linux and FreeBSD only)
 </LI>
-<LI>Detects over 530.000 viruses, worms and trojans, including
+<LI>Detects over 570.000 viruses, worms and trojans, including
 	      Microsoft Office macro viruses, mobile malware, and other threats
 </LI>
 <LI>Scans within archives and compressed files (also protects
@@ -183,7 +183,7 @@ Features</A>
 <!--End of Navigation Panel-->
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node30.html b/docs/html/node30.html
index 55da281..158d18f 100644
--- a/docs/html/node30.html
+++ b/docs/html/node30.html
@@ -79,7 +79,7 @@ clamscan</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node31.html b/docs/html/node31.html
index 111d9c7..8f5fb27 100644
--- a/docs/html/node31.html
+++ b/docs/html/node31.html
@@ -83,7 +83,7 @@ Error messages are printed in the following format:
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node32.html b/docs/html/node32.html
index ecbcb08..0971d6e 100644
--- a/docs/html/node32.html
+++ b/docs/html/node32.html
@@ -135,7 +135,7 @@ LibClamAV</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node33.html b/docs/html/node33.html
index cd86b31..81dd1dc 100644
--- a/docs/html/node33.html
+++ b/docs/html/node33.html
@@ -65,7 +65,7 @@ Licence</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node34.html b/docs/html/node34.html
index 52cddf2..b8b17c6 100644
--- a/docs/html/node34.html
+++ b/docs/html/node34.html
@@ -79,7 +79,7 @@ Supported formats</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node35.html b/docs/html/node35.html
index 63370e0..f717919 100644
--- a/docs/html/node35.html
+++ b/docs/html/node35.html
@@ -87,7 +87,7 @@ Executables</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node36.html b/docs/html/node36.html
index 94ebb0e..9ea29c5 100644
--- a/docs/html/node36.html
+++ b/docs/html/node36.html
@@ -62,7 +62,7 @@ Mail files</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node37.html b/docs/html/node37.html
index 2c17aa0..05d9d77 100644
--- a/docs/html/node37.html
+++ b/docs/html/node37.html
@@ -92,7 +92,7 @@ Archives and compressed files</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node38.html b/docs/html/node38.html
index 9e5c8a9..2bee6ce 100644
--- a/docs/html/node38.html
+++ b/docs/html/node38.html
@@ -73,7 +73,7 @@ Documents</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node39.html b/docs/html/node39.html
index 5840995..8ee5ac9 100644
--- a/docs/html/node39.html
+++ b/docs/html/node39.html
@@ -62,7 +62,7 @@ Data Loss Prevention</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node4.html b/docs/html/node4.html
index 6fdc245..43b26ed 100644
--- a/docs/html/node4.html
+++ b/docs/html/node4.html
@@ -86,7 +86,7 @@ Alternatively you can try asking on the <code>#clamav</code> IRC channel - launc
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node40.html b/docs/html/node40.html
index c25c27d..5d95ee3 100644
--- a/docs/html/node40.html
+++ b/docs/html/node40.html
@@ -75,7 +75,7 @@ Others</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node41.html b/docs/html/node41.html
index f60c718..3d83b5f 100644
--- a/docs/html/node41.html
+++ b/docs/html/node41.html
@@ -69,7 +69,7 @@ API</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node42.html b/docs/html/node42.html
index 5baa2d1..df47749 100644
--- a/docs/html/node42.html
+++ b/docs/html/node42.html
@@ -63,7 +63,7 @@ Header file</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node43.html b/docs/html/node43.html
index 34aed8a..7c943c1 100644
--- a/docs/html/node43.html
+++ b/docs/html/node43.html
@@ -86,7 +86,7 @@ Initialization</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node44.html b/docs/html/node44.html
index a6ad74c..a96eef8 100644
--- a/docs/html/node44.html
+++ b/docs/html/node44.html
@@ -122,7 +122,7 @@ Load CVD files directly without unpacking them into a temporary
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node45.html b/docs/html/node45.html
index 0f71695..f782ad2 100644
--- a/docs/html/node45.html
+++ b/docs/html/node45.html
@@ -69,7 +69,7 @@ Error handling</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node46.html b/docs/html/node46.html
index 005160e..da91302 100644
--- a/docs/html/node46.html
+++ b/docs/html/node46.html
@@ -74,7 +74,7 @@ Engine structure</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node47.html b/docs/html/node47.html
index c45426c..f25a031 100644
--- a/docs/html/node47.html
+++ b/docs/html/node47.html
@@ -79,7 +79,7 @@ const char *cl_engine_get_str(const struct cl_engine *engine,
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node48.html b/docs/html/node48.html
index 03cf2b6..6795e37 100644
--- a/docs/html/node48.html
+++ b/docs/html/node48.html
@@ -103,7 +103,7 @@ Database reloading</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node49.html b/docs/html/node49.html
index e4317a4..c36f08b 100644
--- a/docs/html/node49.html
+++ b/docs/html/node49.html
@@ -220,7 +220,7 @@ Allow heuristic match to take precedence. When enabled, if
 <!--End of Navigation Panel-->
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node5.html b/docs/html/node5.html
index e6a0401..3555c08 100644
--- a/docs/html/node5.html
+++ b/docs/html/node5.html
@@ -65,7 +65,7 @@ Virus submitting</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node50.html b/docs/html/node50.html
index db4d311..3a2b7f8 100644
--- a/docs/html/node50.html
+++ b/docs/html/node50.html
@@ -63,7 +63,7 @@ Memory</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node51.html b/docs/html/node51.html
index 487f1f8..fcbb936 100644
--- a/docs/html/node51.html
+++ b/docs/html/node51.html
@@ -65,7 +65,7 @@ Forking daemons</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node52.html b/docs/html/node52.html
index 4dca08d..1b39198 100644
--- a/docs/html/node52.html
+++ b/docs/html/node52.html
@@ -67,7 +67,7 @@ clamav-config</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node53.html b/docs/html/node53.html
index f3e0cb3..4f353fa 100644
--- a/docs/html/node53.html
+++ b/docs/html/node53.html
@@ -65,7 +65,7 @@ Example</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node54.html b/docs/html/node54.html
index 2a39d70..6071a78 100644
--- a/docs/html/node54.html
+++ b/docs/html/node54.html
@@ -82,7 +82,7 @@ Verification OK.
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node55.html b/docs/html/node55.html
index 7228cea..5fc4a94 100644
--- a/docs/html/node55.html
+++ b/docs/html/node55.html
@@ -613,7 +613,7 @@ Contributors</A>
 <!--End of Navigation Panel-->
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node56.html b/docs/html/node56.html
index 4f75306..a7cff7e 100644
--- a/docs/html/node56.html
+++ b/docs/html/node56.html
@@ -459,7 +459,7 @@ Donors</A>
 <!--End of Navigation Panel-->
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node57.html b/docs/html/node57.html
index 82ef169..3706a67 100644
--- a/docs/html/node57.html
+++ b/docs/html/node57.html
@@ -63,7 +63,7 @@ Graphics</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node58.html b/docs/html/node58.html
index 280a5ba..6538b9c 100644
--- a/docs/html/node58.html
+++ b/docs/html/node58.html
@@ -62,7 +62,7 @@ OpenAntiVirus</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node59.html b/docs/html/node59.html
index 0bfc116..eb530a9 100644
--- a/docs/html/node59.html
+++ b/docs/html/node59.html
@@ -134,7 +134,7 @@ Role: coder
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node6.html b/docs/html/node6.html
index 669bb60..a9e8cac 100644
--- a/docs/html/node6.html
+++ b/docs/html/node6.html
@@ -71,7 +71,7 @@ Base package</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node60.html b/docs/html/node60.html
index d9440f4..5d03b51 100644
--- a/docs/html/node60.html
+++ b/docs/html/node60.html
@@ -64,11 +64,11 @@ Mathematics Department, Macquarie University, Sydney.
 The command line arguments were: <BR>
  <STRONG>latex2html</STRONG> <TT>-local_icons clamdoc.tex</TT>
 <P>
-The translation was initiated by Tomasz Kojm on 2009-03-23
+The translation was initiated by Tomasz Kojm on 2009-06-10
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node7.html b/docs/html/node7.html
index d9f5e6f..85afbce 100644
--- a/docs/html/node7.html
+++ b/docs/html/node7.html
@@ -80,7 +80,7 @@ Supported platforms</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node8.html b/docs/html/node8.html
index faa1b78..8f38f1e 100644
--- a/docs/html/node8.html
+++ b/docs/html/node8.html
@@ -61,7 +61,7 @@ Binary packages</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/docs/html/node9.html b/docs/html/node9.html
index 1210751..e142fb0 100644
--- a/docs/html/node9.html
+++ b/docs/html/node9.html
@@ -81,7 +81,7 @@ Installation</A>
 <BR><HR>
 <ADDRESS>
 Tomasz Kojm
-2009-03-23
+2009-06-10
 </ADDRESS>
 </BODY>
 </HTML>
diff --git a/libclamav/cab.c b/libclamav/cab.c
index d04c1ce..f090f07 100644
--- a/libclamav/cab.c
+++ b/libclamav/cab.c
@@ -553,7 +553,7 @@ static int cab_unstore(struct cab_file *file, int bytes)
 	return CL_EFORMAT;
     }
 
-    todo = bytes;
+    todo = MIN((unsigned int) bytes, file->max_size);
 
     while(1) {
 
diff --git a/libclamav/cab.h b/libclamav/cab.h
index 6eda6cd..92fb5eb 100644
--- a/libclamav/cab.h
+++ b/libclamav/cab.h
@@ -61,6 +61,7 @@ struct cab_file {
     struct cab_file *next;
     struct cab_archive *cab;
     uint16_t attribs;
+    uint64_t max_size, written_size;
 };
 
 struct cab_folder {
diff --git a/libclamav/chmunpack.c b/libclamav/chmunpack.c
index e0322b7..97647af 100644
--- a/libclamav/chmunpack.c
+++ b/libclamav/chmunpack.c
@@ -49,6 +49,7 @@
 #include "mspack.h"
 #include "cltypes.h"
 #include "chmunpack.h"
+#include "cab.h"
 
 #ifndef HAVE_ATTRIB_PACKED
 #define __attribute__(x)
@@ -682,7 +683,7 @@ static int read_sys_reset_table(int fd, chm_metadata_t *metadata, lzx_reset_tabl
 /* This section interfaces to the mspack files. As such, this is a */
 /* little bit dirty compared to my usual code */
 
-static int chm_decompress_stream(int fd, chm_metadata_t *metadata, const char *dirname)
+static int chm_decompress_stream(int fd, chm_metadata_t *metadata, const char *dirname, cli_ctx *ctx)
 {
 	lzx_content_t lzx_content;
 	lzx_reset_table_t lzx_reset_table;
@@ -690,6 +691,7 @@ static int chm_decompress_stream(int fd, chm_metadata_t *metadata, const char *d
 	int window_bits, length, tmpfd, retval=-1;
 	struct lzx_stream * stream;
 	char filename[1024];
+	struct cab_file file;
 	
 	snprintf(filename, 1024, "%s/clamav-unchm.bin", dirname);
 	tmpfd = open(filename, O_RDWR|O_CREAT|O_TRUNC|O_BINARY, S_IRWXU);
@@ -753,10 +755,12 @@ static int chm_decompress_stream(int fd, chm_metadata_t *metadata, const char *d
 	if ((uint64_t) lseek(fd, lzx_content.offset, SEEK_SET) != lzx_content.offset) {
 		goto abort;
 	}
-	
+
+	memset(&file, 0, sizeof(struct cab_file));
+	file.max_size = ctx->engine->maxfilesize;
 	stream = lzx_init(fd, tmpfd, window_bits,
 			lzx_control.reset_interval / LZX_FRAME_SIZE,
-			4096, length, NULL, NULL);
+			4096, length, &file, NULL);
 	if (!stream) {
 		cli_dbgmsg("lzx_init failed\n");
 		goto abort;
@@ -811,9 +815,10 @@ void cli_chm_close(chm_metadata_t *metadata)
 #endif
 }
 
-int cli_chm_extract_file(int fd, char *dirname, chm_metadata_t *metadata)
+int cli_chm_extract_file(int fd, char *dirname, chm_metadata_t *metadata, cli_ctx *ctx)
 {
 	char filename[1024];
+	uint64_t len;
 
 	cli_dbgmsg("in cli_chm_extract_file\n");
 	
@@ -826,8 +831,9 @@ int cli_chm_extract_file(int fd, char *dirname, chm_metadata_t *metadata)
 	if (metadata->ofd < 0) {
 		return CL_ECREAT;
 	}
-	if (chm_copy_file_data(metadata->ufd, metadata->ofd, metadata->file_length) != metadata->file_length) {
-		cli_dbgmsg("failed to copy %lu bytes\n", (unsigned long int) metadata->file_length);
+	len = ctx->engine->maxfilesize ? (MIN(ctx->engine->maxfilesize, metadata->file_length)) : metadata->file_length;
+	if (chm_copy_file_data(metadata->ufd, metadata->ofd, len) != len) {
+		cli_dbgmsg("failed to copy %lu bytes\n", (unsigned long int) len);
 		close(metadata->ofd);
 		return CL_EFORMAT; /* most likely a corrupted file */
 	}
@@ -857,7 +863,7 @@ int cli_chm_prepare_file(int fd, char *dirname, chm_metadata_t *metadata)
 	return retval;
 }
 
-int cli_chm_open(int fd, const char *dirname, chm_metadata_t *metadata)
+int cli_chm_open(int fd, const char *dirname, chm_metadata_t *metadata, cli_ctx *ctx)
 {
 	struct stat statbuf;
 	int retval;
@@ -926,7 +932,7 @@ int cli_chm_open(int fd, const char *dirname, chm_metadata_t *metadata)
 		goto abort;
 	}
 	
-	metadata->ufd = chm_decompress_stream(fd, metadata, dirname);
+	metadata->ufd = chm_decompress_stream(fd, metadata, dirname, ctx);
 	if (metadata->ufd == -1) {
 		goto abort;
 	}
diff --git a/libclamav/chmunpack.h b/libclamav/chmunpack.h
index 9544f16..ce0b94c 100644
--- a/libclamav/chmunpack.h
+++ b/libclamav/chmunpack.h
@@ -28,6 +28,7 @@
 #endif
 
 #include "cltypes.h"
+#include "others.h"
 
 #ifndef HAVE_ATTRIB_PACKED
 #define __attribute__(x)
@@ -113,8 +114,8 @@ typedef struct chm_metadata_tag {
 	uint16_t chunk_entries;
 } chm_metadata_t;
 
-int cli_chm_open(int fd, const char *dirname, chm_metadata_t *metadata);
+int cli_chm_open(int fd, const char *dirname, chm_metadata_t *metadata, cli_ctx *ctx);
 int cli_chm_prepare_file(int fd, char *dirname, chm_metadata_t *metadata);
-int cli_chm_extract_file(int fd, char *dirname, chm_metadata_t *metadata);
+int cli_chm_extract_file(int fd, char *dirname, chm_metadata_t *metadata, cli_ctx *ctx);
 void cli_chm_close(chm_metadata_t *metadata);
 #endif
diff --git a/libclamav/matcher-ac.c b/libclamav/matcher-ac.c
index 6f1eb35..f78c38e 100644
--- a/libclamav/matcher-ac.c
+++ b/libclamav/matcher-ac.c
@@ -991,7 +991,7 @@ int cli_ac_scanbuff(const unsigned char *buffer, uint32_t length, const char **v
 				    if((pt->type > type || pt->type >= CL_TYPE_SFX || pt->type == CL_TYPE_MSEXE) && (!pt->rtype || ftype == pt->rtype)) {
 					cli_dbgmsg("Matched signature for file type %s\n", pt->virname);
 					type = pt->type;
-					if(ftoffset && (!*ftoffset || (*ftoffset)->cnt < MAX_EMBEDDED_OBJ || type == CL_TYPE_ZIPSFX) && ((ftype == CL_TYPE_MSEXE && type >= CL_TYPE_SFX) || ((ftype == CL_TYPE_MSEXE || ftype == CL_TYPE_ZIP || ftype == CL_TYPE_MSOLE2) && type == CL_TYPE_MSEXE)))  {
+					if(ftoffset && (!*ftoffset || (*ftoffset)->cnt < MAX_EMBEDDED_OBJ || type == CL_TYPE_ZIPSFX) && (type >= CL_TYPE_SFX || ((ftype == CL_TYPE_MSEXE || ftype == CL_TYPE_ZIP || ftype == CL_TYPE_MSOLE2) && type == CL_TYPE_MSEXE)))  {
 					    /* FIXME: we don't know which offset of the first part is the correct one */
 					    for(j = 1; j <= CLI_DEFAULT_AC_TRACKLEN && offmatrix[0][j] != -1; j++) {
 						if(ac_addtype(ftoffset, type, offmatrix[pt->parts - 1][j], ctx)) {
@@ -1053,7 +1053,7 @@ int cli_ac_scanbuff(const unsigned char *buffer, uint32_t length, const char **v
 				if((pt->type > type || pt->type >= CL_TYPE_SFX || pt->type == CL_TYPE_MSEXE) && (!pt->rtype || ftype == pt->rtype)) {
 				    cli_dbgmsg("Matched signature for file type %s at %u\n", pt->virname, realoff);
 				    type = pt->type;
-				    if(ftoffset && (!*ftoffset || (*ftoffset)->cnt < MAX_EMBEDDED_OBJ || type == CL_TYPE_ZIPSFX) && ((ftype == CL_TYPE_MSEXE && type >= CL_TYPE_SFX) || ((ftype == CL_TYPE_MSEXE || ftype == CL_TYPE_ZIP || ftype == CL_TYPE_MSOLE2) && type == CL_TYPE_MSEXE)))  {
+				    if(ftoffset && (!*ftoffset || (*ftoffset)->cnt < MAX_EMBEDDED_OBJ || type == CL_TYPE_ZIPSFX) && (type >= CL_TYPE_SFX || ((ftype == CL_TYPE_MSEXE || ftype == CL_TYPE_ZIP || ftype == CL_TYPE_MSOLE2) && type == CL_TYPE_MSEXE)))  {
 
 					if(ac_addtype(ftoffset, type, realoff, ctx)) {
 					    if(info.exeinfo.section)
diff --git a/libclamav/mbox.c b/libclamav/mbox.c
index 7e5a5d6..bbb2e92 100644
--- a/libclamav/mbox.c
+++ b/libclamav/mbox.c
@@ -4826,7 +4826,8 @@ getline_from_mbox(char *buffer, size_t len, FILE *fin)
 
 		switch(c) {
 			default:
-				*buffer++ = (char)c;
+				*buffer = (char)c;
+				buffer += (c != 0);
 				continue;
 			case '\n':
 				*buffer++ = '\n';
diff --git a/libclamav/mspack.c b/libclamav/mspack.c
index a86be4a..f155975 100644
--- a/libclamav/mspack.c
+++ b/libclamav/mspack.c
@@ -347,6 +347,23 @@ static int mszip_read_lens(struct mszip_stream *zip) {
   return 0;
 }
 
+static int mspack_write(int fd, const void *buff, unsigned int count, struct cab_file *file)
+{
+	int ret;
+
+    if(file->max_size) {
+	if(file->written_size >= file->max_size)
+	    return CL_BREAK;
+
+	if(file->written_size + count > file->max_size)
+	    count = file->max_size - file->written_size;
+    }
+    if((ret = cli_writen(fd, buff, count)) > 0)
+	file->written_size += ret;
+
+    return (ret == -1) ? CL_EWRITE : CL_SUCCESS;
+}
+
 /* a clean implementation of RFC 1951 / inflate */
 static int mszip_inflate(struct mszip_stream *zip) {
   unsigned int last_block, block_type, distance, length, this_run, i;
@@ -613,7 +630,7 @@ int mszip_decompress(struct mszip_stream *zip, off_t out_bytes) {
   register int bits_left;
   unsigned char *i_ptr, *i_end;
 
-  int i, state, error;
+  int i, ret, state, error;
 
   /* easy answers */
   if (!zip || (out_bytes < 0)) return CL_ENULLARG;
@@ -623,8 +640,8 @@ int mszip_decompress(struct mszip_stream *zip, off_t out_bytes) {
   i = zip->o_end - zip->o_ptr;
   if ((off_t) i > out_bytes) i = (int) out_bytes;
   if (i) {
-    if (zip->wflag && cli_writen(zip->ofd, zip->o_ptr, i) != i) {
-      return zip->error = CL_EWRITE;
+    if (zip->wflag && (ret = mspack_write(zip->ofd, zip->o_ptr, i, zip->file)) != CL_SUCCESS) {
+      return zip->error = ret;
     }
     zip->o_ptr  += i;
     out_bytes   -= i;
@@ -669,8 +686,8 @@ int mszip_decompress(struct mszip_stream *zip, off_t out_bytes) {
     /* write a frame */
     i = (out_bytes < (off_t)zip->bytes_output) ?
       (int)out_bytes : zip->bytes_output;
-    if (zip->wflag && cli_writen(zip->ofd, zip->o_ptr, i) != i) {
-      return zip->error = CL_EWRITE;
+    if (zip->wflag && (ret = mspack_write(zip->ofd, zip->o_ptr, i, zip->file)) != CL_SUCCESS) {
+      return zip->error = ret;
     }
 
     /* mspack errors (i.e. read errors) are fatal and can't be recovered */
@@ -1085,7 +1102,7 @@ int lzx_decompress(struct lzx_stream *lzx, off_t out_bytes) {
   unsigned char *i_ptr, *i_end;
 
   int match_length, length_footer, extra, verbatim_bits, bytes_todo;
-  int this_run, main_element, aligned_bits, j;
+  int this_run, main_element, aligned_bits, j, ret;
   unsigned char *window, *runsrc, *rundest, buf[12];
   unsigned int frame_size=0, end_frame, match_offset, window_posn;
   unsigned int R0, R1, R2;
@@ -1098,8 +1115,8 @@ int lzx_decompress(struct lzx_stream *lzx, off_t out_bytes) {
   i = lzx->o_end - lzx->o_ptr;
   if ((off_t) i > out_bytes) i = (int) out_bytes;
   if (i) {
-    if (lzx->wflag && cli_writen(lzx->ofd, lzx->o_ptr, i) != i) {
-      return lzx->error = CL_EWRITE;
+    if (lzx->wflag && (ret = mspack_write(lzx->ofd, lzx->o_ptr, i, lzx->file)) != CL_SUCCESS) {
+      return lzx->error = ret;
     }
     lzx->o_ptr  += i;
     lzx->offset += i;
@@ -1474,8 +1491,8 @@ int lzx_decompress(struct lzx_stream *lzx, off_t out_bytes) {
 
     /* write a frame */
     i = (out_bytes < (off_t)frame_size) ? (unsigned int)out_bytes : frame_size;
-    if (lzx->wflag && cli_writen(lzx->ofd, lzx->o_ptr, i) != i) {
-      return lzx->error = CL_EWRITE;
+    if (lzx->wflag && (ret = mspack_write(lzx->ofd, lzx->o_ptr, i, lzx->file)) != CL_SUCCESS) {
+      return lzx->error = ret;
     }
     lzx->o_ptr  += i;
     lzx->offset += i;
@@ -1794,7 +1811,7 @@ struct qtm_stream *qtm_init(int fd, int ofd,
 int qtm_decompress(struct qtm_stream *qtm, off_t out_bytes) {
   unsigned int frame_start, frame_end, window_posn, match_offset, range;
   unsigned char *window, *i_ptr, *i_end, *runsrc, *rundest;
-  int i, j, selector, extra, sym, match_length;
+  int i, j, selector, extra, sym, match_length, ret;
   unsigned short H, L, C, symf;
 
   register unsigned int bit_buffer;
@@ -1809,8 +1826,8 @@ int qtm_decompress(struct qtm_stream *qtm, off_t out_bytes) {
   i = qtm->o_end - qtm->o_ptr;
   if ((off_t) i > out_bytes) i = (int) out_bytes;
   if (i) {
-    if (qtm->wflag && cli_writen(qtm->ofd, qtm->o_ptr, i) != i) {
-      return qtm->error = CL_EWRITE;
+    if (qtm->wflag && (ret = mspack_write(qtm->ofd, qtm->o_ptr, i, qtm->file)) != CL_SUCCESS) {
+      return qtm->error = ret;
     }
     qtm->o_ptr  += i;
     out_bytes   -= i;
@@ -1928,8 +1945,8 @@ int qtm_decompress(struct qtm_stream *qtm, off_t out_bytes) {
       if (window_posn == qtm->window_size) {
 	/* flush all currently stored data */
 	i = (qtm->o_end - qtm->o_ptr);
-	if (qtm->wflag && cli_writen(qtm->ofd, qtm->o_ptr, i) != i) {
-	  return qtm->error = CL_EWRITE;
+	if (qtm->wflag && (ret = mspack_write(qtm->ofd, qtm->o_ptr, i, qtm->file)) != CL_SUCCESS) {
+	  return qtm->error = ret;
 	}
 	out_bytes -= i;
 	qtm->o_ptr = &window[0];
@@ -1944,8 +1961,8 @@ int qtm_decompress(struct qtm_stream *qtm, off_t out_bytes) {
 
   if (out_bytes) {
     i = (int) out_bytes;
-    if (qtm->wflag && cli_writen(qtm->ofd, qtm->o_ptr, i) != i) {
-      return qtm->error = CL_EWRITE;
+    if (qtm->wflag && (ret = mspack_write(qtm->ofd, qtm->o_ptr, i, qtm->file)) != CL_SUCCESS) {
+      return qtm->error = ret;
     }
     qtm->o_ptr += i;
   }
diff --git a/libclamav/others.h b/libclamav/others.h
index 1faa411..4b949aa 100644
--- a/libclamav/others.h
+++ b/libclamav/others.h
@@ -45,7 +45,7 @@
  * in re-enabling affected modules.
  */
 
-#define CL_FLEVEL 42
+#define CL_FLEVEL 43
 #define CL_FLEVEL_DCONF	CL_FLEVEL
 
 extern uint8_t cli_debug_flag;
diff --git a/libclamav/scanners.c b/libclamav/scanners.c
index 5179737..9751739 100644
--- a/libclamav/scanners.c
+++ b/libclamav/scanners.c
@@ -711,19 +711,30 @@ static int cli_scanmscab(int desc, cli_ctx *ctx, off_t sfx_offset)
     for(file = cab.files; file; file = file->next) {
 	files++;
 
-	if(cli_checklimits("CAB", ctx, file->length, 0, 0)!=CL_CLEAN)
-	    continue;
-
 	if(!(tempname = cli_gentemp(ctx->engine->tmpdir))) {
 	    ret = CL_EMEM;
 	    break;
 	}
-	cli_dbgmsg("CAB: Extracting file %s to %s, size %u\n", file->name, tempname, file->length);
-	if((ret = cab_extract(file, tempname)))
-	    cli_dbgmsg("CAB: Failed to extract file: %s\n", cl_strerror(ret));
+
+	if(ctx->engine->maxscansize && ctx->scansize >= ctx->engine->maxscansize) {
+	    ret = CL_CLEAN;
+	    break;
+	}
+	if(ctx->engine->maxscansize && ctx->scansize + ctx->engine->maxfilesize >= ctx->engine->maxscansize)
+	    file->max_size = ctx->engine->maxscansize - ctx->scansize;
 	else
-	    ret = cli_scanfile(tempname, ctx);
+	    file->max_size = ctx->engine->maxfilesize;
 
+	cli_dbgmsg("CAB: Extracting file %s to %s, size %u, max_size: %u\n", file->name, tempname, file->length, (unsigned int) file->max_size);
+	file->written_size = 0;
+	if((ret = cab_extract(file, tempname))) {
+	    cli_dbgmsg("CAB: Failed to extract file: %s\n", cl_strerror(ret));
+	} else {
+	    if(file->length != file->written_size)
+		cli_dbgmsg("CAB: Length from header %u but wrote %u bytes\n", (unsigned int) file->length, (unsigned int) file->written_size);
+
+	    ret = cli_scanfile(tempname, ctx);
+	}
 	if(!ctx->engine->keeptmp) {
 	    if (cli_unlink(tempname)) {
 	    	free(tempname);
@@ -1268,7 +1279,7 @@ static int cli_scanmschm(int desc, cli_ctx *ctx)
 	return CL_ETMPDIR;
     }
 
-    ret = cli_chm_open(desc, dir, &metadata);
+    ret = cli_chm_open(desc, dir, &metadata, ctx);
     if (ret != CL_SUCCESS) {
 	if(!ctx->engine->keeptmp)
 	    cli_rmdirs(dir);
@@ -1282,7 +1293,7 @@ static int cli_scanmschm(int desc, cli_ctx *ctx)
 	if (ret != CL_SUCCESS) {
 	   break;
 	}
-	ret = cli_chm_extract_file(desc, dir, &metadata);
+	ret = cli_chm_extract_file(desc, dir, &metadata, ctx);
 	if (ret == CL_SUCCESS) {
 	    lseek(metadata.ofd, 0, SEEK_SET);
 	    rc = cli_magic_scandesc(metadata.ofd, ctx);
@@ -1706,15 +1717,11 @@ static int cli_scanraw(int desc, cli_ctx *ctx, cli_file_t type, uint8_t typercg,
 	struct stat sb;
 
 
-    if(typercg) switch(type) {
-	case CL_TYPE_TEXT_ASCII:
-	case CL_TYPE_MSEXE:
-	case CL_TYPE_ZIP:
-	case CL_TYPE_MSOLE2:
-	    acmode |= AC_SCAN_FT;
-	default:
-	    break;
-    }
+    if(ctx->engine->maxreclevel && ctx->recursion >= ctx->engine->maxreclevel)
+        return CL_EMAXREC;
+
+    if(typercg)
+	acmode |= AC_SCAN_FT;
 
     if(lseek(desc, 0, SEEK_SET) < 0) {
 	cli_errmsg("cli_scanraw: lseek() failed\n");
@@ -1724,6 +1731,7 @@ static int cli_scanraw(int desc, cli_ctx *ctx, cli_file_t type, uint8_t typercg,
     ret = cli_scandesc(desc, ctx, type == CL_TYPE_TEXT_ASCII ? 0 : type, 0, &ftoffset, acmode);
 
     if(ret >= CL_TYPENO) {
+	ctx->recursion++;
 
 /*
 	if(type == CL_TYPE_TEXT_ASCII) {
@@ -1735,33 +1743,34 @@ static int cli_scanraw(int desc, cli_ctx *ctx, cli_file_t type, uint8_t typercg,
 	}
 */
 
-	if(nret != CL_VIRUS && (type == CL_TYPE_MSEXE || type == CL_TYPE_ZIP || type == CL_TYPE_MSOLE2)) {
+	if(nret != CL_VIRUS) {
 	    lastzip = lastrar = 0xdeadbeef;
 	    fpt = ftoffset;
 	    while(fpt) {
-		switch(fpt->type) {
+		if(fpt->offset) switch(fpt->type) {
 		    case CL_TYPE_RARSFX:
-			if(have_rar && SCAN_ARCHIVE && type == CL_TYPE_MSEXE && (DCONF_ARCH & ARCH_CONF_RAR)) {
-			    cli_dbgmsg("RAR-SFX signature found at %u\n", (unsigned int) fpt->offset);
+			    cli_dbgmsg("RAR/RAR-SFX signature found at %u\n", (unsigned int) fpt->offset);
+			if(type != CL_TYPE_RAR && have_rar && SCAN_ARCHIVE && fpt->offset < 102400 && (DCONF_ARCH & ARCH_CONF_RAR)) {
+			    cli_dbgmsg("RAR/RAR-SFX signature found at %u\n", (unsigned int) fpt->offset);
 			    nret = cli_scanrar(desc, ctx, fpt->offset, &lastrar);
 			}
 			break;
 
 		    case CL_TYPE_ZIPSFX:
-			if(SCAN_ARCHIVE && type == CL_TYPE_MSEXE && (DCONF_ARCH & ARCH_CONF_ZIP) && fpt->offset) {
-			    cli_dbgmsg("ZIP-SFX signature found at %u\n", (unsigned int) fpt->offset);
+			if(type != CL_TYPE_ZIP && SCAN_ARCHIVE && fpt->offset < 102400 && (DCONF_ARCH & ARCH_CONF_ZIP)) {
+			    cli_dbgmsg("ZIP/ZIP-SFX signature found at %u\n", (unsigned int) fpt->offset);
 			    nret = cli_unzip_single(desc, ctx, fpt->offset);
 			}
 			break;
 
 		    case CL_TYPE_CABSFX:
-			if(SCAN_ARCHIVE && type == CL_TYPE_MSEXE && (DCONF_ARCH & ARCH_CONF_CAB)) {
-			    cli_dbgmsg("CAB-SFX signature found at %u\n", (unsigned int) fpt->offset);
+			if(type != CL_TYPE_MSCAB && SCAN_ARCHIVE && fpt->offset < 102400 && (DCONF_ARCH & ARCH_CONF_CAB)) {
+			    cli_dbgmsg("CAB/CAB-SFX signature found at %u\n", (unsigned int) fpt->offset);
 			    nret = cli_scanmscab(desc, ctx, fpt->offset);
 			}
 			break;
 		    case CL_TYPE_ARJSFX:
-			if(SCAN_ARCHIVE && type == CL_TYPE_MSEXE && (DCONF_ARCH & ARCH_CONF_ARJ)) {
+			if(type != CL_TYPE_ARJ && SCAN_ARCHIVE && fpt->offset < 102400 && (DCONF_ARCH & ARCH_CONF_ARJ)) {
 			    cli_dbgmsg("ARJ-SFX signature found at %u\n", (unsigned int) fpt->offset);
 			    nret = cli_scanarj(desc, ctx, fpt->offset, &lastrar);
 			}
@@ -1782,14 +1791,14 @@ static int cli_scanraw(int desc, cli_ctx *ctx, cli_file_t type, uint8_t typercg,
 			break;
 
 		    case CL_TYPE_PDF:
-			if(SCAN_PDF && (DCONF_DOC & DOC_CONF_PDF)) {
+			if(type != CL_TYPE_PDF && SCAN_PDF && (DCONF_DOC & DOC_CONF_PDF)) {
 			    cli_dbgmsg("PDF signature found at %u\n", (unsigned int) fpt->offset);
 			    nret = cli_scanpdf(desc, ctx, fpt->offset);
 			}
 			break;
 
 		    case CL_TYPE_MSEXE:
-			if(SCAN_PE && ctx->dconf->pe && fpt->offset) {
+ 			if(SCAN_PE && (type == CL_TYPE_MSEXE || type == CL_TYPE_ZIP || type == CL_TYPE_MSOLE2) && ctx->dconf->pe) {
 			    fstat(desc, &sb);
 			    if(sb.st_size > 10485760)
 				break;
@@ -1823,8 +1832,6 @@ static int cli_scanraw(int desc, cli_ctx *ctx, cli_file_t type, uint8_t typercg,
 	    }
 	}
 
-	ctx->recursion++;
-
 	if(nret != CL_VIRUS) switch(ret) {
 	    case CL_TYPE_HTML:
 		if(SCAN_HTML && type == CL_TYPE_TEXT_ASCII && (DCONF_DOC & DOC_CONF_HTML)) {
@@ -1864,6 +1871,10 @@ int cli_magic_scandesc(int desc, cli_ctx *ctx)
 	struct stat sb;
 	uint8_t typercg = 1;
 
+    if(ctx->engine->maxreclevel && ctx->recursion > ctx->engine->maxreclevel) {
+        cli_dbgmsg("cli_magic_scandesc: Archive recursion limit exceeded (%u, max: %u)\n", ctx->recursion, ctx->engine->maxreclevel);
+	return CL_CLEAN;
+    }
 
     if(fstat(desc, &sb) == -1) {
 	cli_errmsg("magic_scandesc: Can't fstat descriptor %d\n", desc);
@@ -1885,19 +1896,17 @@ int cli_magic_scandesc(int desc, cli_ctx *ctx)
 	return CL_EMALFDB;
     }
 
-    if(!ctx->options) { /* raw mode (stdin, etc.) */
-	cli_dbgmsg("Raw mode: No support for special files\n");
-	if((ret = cli_scandesc(desc, ctx, 0, 0, NULL, AC_SCAN_VIR)) == CL_VIRUS)
-	    cli_dbgmsg("%s found in descriptor %d\n", *ctx->virname, desc);
-	return ret;
-    }
-
     if(cli_updatelimits(ctx, sb.st_size)!=CL_CLEAN)
         return CL_CLEAN;
 
-    if((SCAN_MAIL || SCAN_ARCHIVE) && ctx->engine->maxreclevel && ctx->recursion > ctx->engine->maxreclevel) {
-        cli_dbgmsg("Archive recursion limit exceeded (level = %u).\n", ctx->recursion);
-	return CL_CLEAN;
+    if(!ctx->options || (ctx->recursion == ctx->engine->maxreclevel)) { /* raw mode (stdin, etc.) or last level of recursion */
+	if(ctx->recursion == ctx->engine->maxreclevel)
+	    cli_dbgmsg("cli_magic_scandesc: Hit recursion limit, only scanning raw file\n");
+	else
+	    cli_dbgmsg("Raw mode: No support for special files\n");
+	if((ret = cli_scandesc(desc, ctx, 0, 0, NULL, AC_SCAN_VIR)) == CL_VIRUS)
+	    cli_dbgmsg("%s found in descriptor %d\n", *ctx->virname, desc);
+	return ret;
     }
 
     lseek(desc, 0, SEEK_SET);
diff --git a/libclamunrar/unrarvm.c b/libclamunrar/unrarvm.c
index fd09b11..b3c394c 100644
--- a/libclamunrar/unrarvm.c
+++ b/libclamunrar/unrarvm.c
@@ -352,7 +352,7 @@ static void execute_standard_filter(rarvm_data_t *rarvm_data, rarvm_standard_fil
 		data_size = rarvm_data->R[4];
 		file_offset = rarvm_data->R[6];
 
-		if ((data_size >= VM_GLOBALMEMADDR) || (data_size < 4)) {
+		if (((unsigned int)data_size >= VM_GLOBALMEMADDR) || (data_size < 4)) {
 			break;
 		}
 
@@ -382,7 +382,7 @@ static void execute_standard_filter(rarvm_data_t *rarvm_data, rarvm_standard_fil
 		data_size = rarvm_data->R[4];
 		file_offset = rarvm_data->R[6];
 		
-		if ((data_size >= VM_GLOBALMEMADDR) || (data_size < 21)) {
+		if (((unsigned int)data_size >= VM_GLOBALMEMADDR) || (data_size < 21)) {
 			break;
 		}
 		
@@ -425,7 +425,7 @@ static void execute_standard_filter(rarvm_data_t *rarvm_data, rarvm_standard_fil
 		border = data_size*2;
 		
 		SET_VALUE(FALSE, &rarvm_data->mem[VM_GLOBALMEMADDR+0x20], data_size);
-		if (data_size >= VM_GLOBALMEMADDR/2) {
+		if ((unsigned int)data_size >= VM_GLOBALMEMADDR/2) {
 			break;
 		}
 		for (cur_channel=0 ; cur_channel < channels ; cur_channel++) {
@@ -444,7 +444,7 @@ static void execute_standard_filter(rarvm_data_t *rarvm_data, rarvm_standard_fil
 		dest_data = src_data + data_size;
 		
 		SET_VALUE(FALSE, &rarvm_data->mem[VM_GLOBALMEMADDR+0x20], data_size);
-		if (data_size >= VM_GLOBALMEMADDR/2) {
+		if ((unsigned int)data_size >= VM_GLOBALMEMADDR/2) {
 			break;
 		}
 		for (cur_channel=0 ; cur_channel < channels; cur_channel++) {
@@ -488,7 +488,7 @@ static void execute_standard_filter(rarvm_data_t *rarvm_data, rarvm_standard_fil
 		dest_data = src_data + data_size;
 		
 		SET_VALUE(FALSE, &rarvm_data->mem[VM_GLOBALMEMADDR+0x20], data_size);
-		if (data_size >= VM_GLOBALMEMADDR/2) {
+		if ((unsigned int)data_size >= VM_GLOBALMEMADDR/2) {
 			break;
 		}
 		for (cur_channel=0 ; cur_channel < channels ; cur_channel++) {
@@ -549,7 +549,7 @@ static void execute_standard_filter(rarvm_data_t *rarvm_data, rarvm_standard_fil
 		data_size = rarvm_data->R[4];
 		src_pos = 0;
 		dest_pos = data_size;
-		if (data_size >= VM_GLOBALMEMADDR/2) {
+		if ((unsigned int)data_size >= VM_GLOBALMEMADDR/2) {
 			break;
 		}
 		while (src_pos < data_size) {

-- 
Debian repository for ClamAV



More information about the Pkg-clamav-commits mailing list