libclamav/scanners.c: don't call cli_scanembpe() for files larger than 10MB (bb#1604)

git-svn: trunk@5071
remotes/push_mirror/0.95
Tomasz Kojm 16 years ago
parent fea1b9bb65
commit 198c851c5c
  1. 5
      ChangeLog
  2. 8
      libclamav/scanners.c

@ -1,3 +1,8 @@
Wed May 27 18:32:33 CEST 2009 (tk)
----------------------------------
* libclamav/scanners.c: don't call cli_scanembpe() for files larger than 10MB
(bb#1604)
Fri May 22 14:09:23 CEST 2009 (tk)
----------------------------------
* libclamav/readdb.c: add offset checks (bb#1615)

@ -1637,7 +1637,6 @@ static int cli_scanembpe(int desc, cli_ctx *ctx)
char buff[512];
char *tmpname;
tmpname = cli_gentemp(ctx->engine->tmpdir);
if(!tmpname)
return CL_EMEM;
@ -1704,6 +1703,7 @@ static int cli_scanraw(int desc, cli_ctx *ctx, cli_file_t type, uint8_t typercg,
uint32_t lastzip, lastrar;
struct cli_exe_info peinfo;
unsigned int acmode = AC_SCAN_VIR, break_loop = 0;
struct stat sb;
if(typercg) switch(type) {
@ -1790,12 +1790,14 @@ static int cli_scanraw(int desc, cli_ctx *ctx, cli_file_t type, uint8_t typercg,
case CL_TYPE_MSEXE:
if(SCAN_PE && ctx->dconf->pe && fpt->offset) {
cli_dbgmsg("PE signature found at %u\n", (unsigned int) fpt->offset);
fstat(desc, &sb);
if(sb.st_size > 10485760)
break;
memset(&peinfo, 0, sizeof(struct cli_exe_info));
peinfo.offset = fpt->offset;
lseek(desc, fpt->offset, SEEK_SET);
if(cli_peheader(desc, &peinfo) == 0) {
cli_dbgmsg("*** Detected embedded PE file ***\n");
cli_dbgmsg("*** Detected embedded PE file at %u ***\n", (unsigned int) fpt->offset);
if(peinfo.section)
free(peinfo.section);

Loading…
Cancel
Save