libclamav/matcher: make icon sigs work with bytecode (bb#2137)

15 years ago · 9d10f054a5
parent 9acc81d603
commit 9d10f054a5
2 changed files with 12 additions and 5 deletions
--- a/4
+++ b/4
@ -1,3 +1,7 @@
+Mon Aug  2 15:37:19 CEST 2010 (tk)
+----------------------------------
+ * libclamav/matcher: make icon sigs work with bytecode (bb#2137)
+
 Fri Jul 30 17:46:14 CEST 2010 (acab)
 ------------------------------------
 * libclamav/others.h: bump CLI_MAX_ALLOCATION by 5 MB (needed by lzma - bb#2124)
--- a/libclamav/matcher.c
+++ b/libclamav/matcher.c
@ -493,12 +493,15 @@ int cli_lsig_eval(cli_ctx *ctx, struct cli_matcher *root, struct cli_ac_data *ac
 		if(!target_info || target_info->status != 1)
 		    continue;
 		if(matchicon(ctx, &target_info->exeinfo, root->ac_lsigtable[i]->tdb.icongrp1, root->ac_lsigtable[i]->tdb.icongrp2) == CL_VIRUS) {
-		    if(ctx->virname)
-			*ctx->virname = root->ac_lsigtable[i]->virname;
-		    return CL_VIRUS;
-		} else {
-		    continue;
+		    if(!root->ac_lsigtable[i]->bc_idx) {
+			if(ctx->virname)
+			    *ctx->virname = root->ac_lsigtable[i]->virname;
+			return CL_VIRUS;
+		    } else if(cli_bytecode_runlsig(ctx, &ctx->engine->bcs, root->ac_lsigtable[i]->bc_idx, ctx->virname, acdata->lsigcnt[i], acdata->lsigsuboff[i], map) == CL_VIRUS) {
+			return CL_VIRUS;
+		    }
 		}
+		continue;
 	    }
 	    if(!root->ac_lsigtable[i]->bc_idx) {
 		if(ctx->virname)