From 06e02797fd549f7d6dfcefd74d97ec058ffdd938 Mon Sep 17 00:00:00 2001 From: Steven Morgan Date: Wed, 5 Feb 2014 10:58:16 -0500 Subject: [PATCH 1/2] additional manpage info for max-scansize. --- docs/man/clamd.conf.5.in | 2 +- docs/man/clamscan.1.in | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/man/clamd.conf.5.in b/docs/man/clamd.conf.5.in index 921e1be89..4c37c9117 100644 --- a/docs/man/clamd.conf.5.in +++ b/docs/man/clamd.conf.5.in @@ -505,7 +505,7 @@ Default: no Default: no .TP \fBMaxScanSize SIZE\fR -Sets the maximum amount of data to be scanned for each input file. Archives and other containers are recursively extracted and scanned up to this value. \fBWarning: disabling this limit or setting it too high may result in severe damage to the system.\fR +Sets the maximum amount of data to be scanned for each input file. Archives and other containers are recursively extracted and scanned up to this value. The size of an archive plus the sum of the sizes of all files within archive count toward the scan size. For example, a 1M uncompressed archive containing a single 1M inner file counts as 2M toward the max scan size. \fBWarning: disabling this limit or setting it too high may result in severe damage to the system.\fR .br Default: 100M .TP diff --git a/docs/man/clamscan.1.in b/docs/man/clamscan.1.in index 90253e615..b9b088412 100644 --- a/docs/man/clamscan.1.in +++ b/docs/man/clamscan.1.in @@ -178,7 +178,7 @@ Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR). Extract and scan at most #n bytes from each archive. You may pass the value in kilobytes in format xK or xk, or megabytes in format xM or xm, where x is a number. This option protects your system against DoS attacks (default: 25 MB, max: <4 GB) .TP \fB\-\-max\-scansize=#n\fR -Extract and scan at most #n bytes from each archive. You may pass the value in kilobytes in format xK or xk, or megabytes in format xM or xm, where x is a number. This option protects your system against DoS attacks (default: 100 MB, max: <4 GB) +Extract and scan at most #n bytes from each archive. The size the archive plus the sum of the sizes of all files within archive count toward the scan size. For example, a 1M uncompressed archive containing a single 1M inner file counts as 2M toward max-scansize. You may pass the value in kilobytes in format xK or xk, or megabytes in format xM or xm, where x is a number. This option protects your system against DoS attacks (default: 100 MB, max: <4 GB) .TP \fB\-\-max\-files=#n\fR Extract at most #n files from each scanned file (when this is an archive, a document or another kind of container). This option protects your system against DoS attacks (default: 10000) From 374f21dde95d1a799542826dc36e119b4f7abab8 Mon Sep 17 00:00:00 2001 From: Steven Morgan Date: Wed, 5 Feb 2014 11:00:23 -0500 Subject: [PATCH 2/2] xar: free up some xml memory. --- libclamav/xar.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/libclamav/xar.c b/libclamav/xar.c index d5c03e8ff..20da56750 100644 --- a/libclamav/xar.c +++ b/libclamav/xar.c @@ -117,6 +117,8 @@ static void xar_get_checksum_values(xmlTextReaderPtr reader, unsigned char ** ck *hash = XAR_CKSUM_OTHER; } } + if (style != NULL) + xmlFree(style); if (xmlTextReaderRead(reader) == 1 && xmlTextReaderNodeType(reader) == XML_READER_TYPE_TEXT) { xmlval = xmlTextReaderConstValue(reader); @@ -216,6 +218,8 @@ static int xar_get_toc_data_values(xmlTextReaderPtr reader, long *length, long * cli_dbgmsg("cli_scaxar: unknown style value=%s for encoding element\n", style); *encoding = CL_TYPE_ANY; } + if (style != NULL) + xmlFree(style); } else if (indata && xmlStrEqual(name, (const xmlChar *)"data") && xmlTextReaderNodeType(reader) == XML_READER_TYPE_END_ELEMENT) {