git-svn: trunk@3054
Tomasz Kojm authored on 2007/05/15 01:39:07... | ... |
@@ -1,3 +1,8 @@ |
1 |
+Mon May 14 17:43:27 CEST 2007 (tk) |
|
2 |
+---------------------------------- |
|
3 |
+ * libclamav/scanners.c: if possible, only use ratio limit for files which |
|
4 |
+ don't exceed file size limit (requested by Christoph) |
|
5 |
+ |
|
1 | 6 |
Wed May 2 12:29:28 CEST 2007 (tk) |
2 | 7 |
---------------------------------- |
3 | 8 |
* libclamav/others.c: fix cli_malloc() call in C_WINDOWS (bb#477) |
... | ... |
@@ -184,17 +184,6 @@ static int cli_unrar_scanmetadata(int desc, rar_metadata_t *metadata, cli_ctx *c |
184 | 184 |
static int cli_unrar_checklimits(const cli_ctx *ctx, const rar_metadata_t *metadata, unsigned int files) |
185 | 185 |
{ |
186 | 186 |
if(ctx->limits) { |
187 |
- if(ctx->limits->maxratio && metadata->unpack_size && metadata->pack_size) { |
|
188 |
- if(metadata->unpack_size / metadata->pack_size >= ctx->limits->maxratio) { |
|
189 |
- cli_dbgmsg("RAR: Max ratio reached (%u, max: %u)\n", (unsigned int) (metadata->unpack_size / metadata->pack_size), ctx->limits->maxratio); |
|
190 |
- if(BLOCKMAX) { |
|
191 |
- *ctx->virname = "Oversized.RAR"; |
|
192 |
- return CL_VIRUS; |
|
193 |
- } |
|
194 |
- return CL_EMAXSIZE; |
|
195 |
- } |
|
196 |
- } |
|
197 |
- |
|
198 | 187 |
if(ctx->limits->maxfilesize && (metadata->unpack_size > ctx->limits->maxfilesize)) { |
199 | 188 |
cli_dbgmsg("RAR: %s: Size exceeded (%lu, max: %lu)\n", metadata->filename, (unsigned long int) metadata->unpack_size, ctx->limits->maxfilesize); |
200 | 189 |
if(BLOCKMAX) { |
... | ... |
@@ -204,6 +193,21 @@ static int cli_unrar_checklimits(const cli_ctx *ctx, const rar_metadata_t *metad |
204 | 204 |
return CL_EMAXSIZE; |
205 | 205 |
} |
206 | 206 |
|
207 |
+ if(ctx->limits->maxratio && metadata->unpack_size && metadata->pack_size) { |
|
208 |
+ if(metadata->unpack_size / metadata->pack_size >= ctx->limits->maxratio) { |
|
209 |
+ cli_dbgmsg("RAR: Max ratio reached (%u, max: %u)\n", (unsigned int) (metadata->unpack_size / metadata->pack_size), ctx->limits->maxratio); |
|
210 |
+ if(ctx->limits->maxfilesize && (metadata->unpack_size <= ctx->limits->maxfilesize)) { |
|
211 |
+ cli_dbgmsg("RAR: Ignoring ratio limit (file size doesn't hit limits)\n"); |
|
212 |
+ } else { |
|
213 |
+ if(BLOCKMAX) { |
|
214 |
+ *ctx->virname = "Oversized.RAR"; |
|
215 |
+ return CL_VIRUS; |
|
216 |
+ } |
|
217 |
+ return CL_EMAXSIZE; |
|
218 |
+ } |
|
219 |
+ } |
|
220 |
+ } |
|
221 |
+ |
|
207 | 222 |
if(ctx->limits->maxfiles && (files > ctx->limits->maxfiles)) { |
208 | 223 |
cli_dbgmsg("RAR: Files limit reached (max: %u)\n", ctx->limits->maxfiles); |
209 | 224 |
if(BLOCKMAX) { |
... | ... |
@@ -435,9 +439,13 @@ static int cli_scanzip(int desc, cli_ctx *ctx, off_t sfx_offset, uint32_t *sfx_c |
435 | 435 |
} |
436 | 436 |
|
437 | 437 |
if(ctx->limits && ctx->limits->maxratio > 0 && ((unsigned) zdirent.st_size / (unsigned) zdirent.d_csize) >= ctx->limits->maxratio) { |
438 |
- *ctx->virname = "Oversized.Zip"; |
|
439 |
- ret = CL_VIRUS; |
|
440 |
- break; |
|
438 |
+ if(ctx->limits->maxfilesize && ((unsigned int) zdirent.st_size <= ctx->limits->maxfilesize)) { |
|
439 |
+ cli_dbgmsg("Zip: Ignoring ratio limit (file size doesn't hit limits)\n"); |
|
440 |
+ } else { |
|
441 |
+ *ctx->virname = "Oversized.Zip"; |
|
442 |
+ ret = CL_VIRUS; |
|
443 |
+ break; |
|
444 |
+ } |
|
441 | 445 |
} |
442 | 446 |
|
443 | 447 |
if(DETECT_ENCRYPTED && encrypted) { |