Browse code
if possible, only use ratio limit for files which don't exceed file size limit
| ... | ... |
@@ -1,3 +1,8 @@ |
| 1 |
+Mon May 14 17:43:27 CEST 2007 (tk) |
|
| 2 |
+---------------------------------- |
|
| 3 |
+ * libclamav/scanners.c: if possible, only use ratio limit for files which |
|
| 4 |
+ don't exceed file size limit (requested by Christoph) |
|
| 5 |
+ |
|
| 1 | 6 |
Wed May 2 12:29:28 CEST 2007 (tk) |
| 2 | 7 |
---------------------------------- |
| 3 | 8 |
* libclamav/others.c: fix cli_malloc() call in C_WINDOWS (bb#477) |
| ... | ... |
@@ -184,17 +184,6 @@ static int cli_unrar_scanmetadata(int desc, rar_metadata_t *metadata, cli_ctx *c |
| 184 | 184 |
static int cli_unrar_checklimits(const cli_ctx *ctx, const rar_metadata_t *metadata, unsigned int files) |
| 185 | 185 |
{
|
| 186 | 186 |
if(ctx->limits) {
|
| 187 |
- if(ctx->limits->maxratio && metadata->unpack_size && metadata->pack_size) {
|
|
| 188 |
- if(metadata->unpack_size / metadata->pack_size >= ctx->limits->maxratio) {
|
|
| 189 |
- cli_dbgmsg("RAR: Max ratio reached (%u, max: %u)\n", (unsigned int) (metadata->unpack_size / metadata->pack_size), ctx->limits->maxratio);
|
|
| 190 |
- if(BLOCKMAX) {
|
|
| 191 |
- *ctx->virname = "Oversized.RAR"; |
|
| 192 |
- return CL_VIRUS; |
|
| 193 |
- } |
|
| 194 |
- return CL_EMAXSIZE; |
|
| 195 |
- } |
|
| 196 |
- } |
|
| 197 |
- |
|
| 198 | 187 |
if(ctx->limits->maxfilesize && (metadata->unpack_size > ctx->limits->maxfilesize)) {
|
| 199 | 188 |
cli_dbgmsg("RAR: %s: Size exceeded (%lu, max: %lu)\n", metadata->filename, (unsigned long int) metadata->unpack_size, ctx->limits->maxfilesize);
|
| 200 | 189 |
if(BLOCKMAX) {
|
| ... | ... |
@@ -204,6 +193,21 @@ static int cli_unrar_checklimits(const cli_ctx *ctx, const rar_metadata_t *metad |
| 204 | 204 |
return CL_EMAXSIZE; |
| 205 | 205 |
} |
| 206 | 206 |
|
| 207 |
+ if(ctx->limits->maxratio && metadata->unpack_size && metadata->pack_size) {
|
|
| 208 |
+ if(metadata->unpack_size / metadata->pack_size >= ctx->limits->maxratio) {
|
|
| 209 |
+ cli_dbgmsg("RAR: Max ratio reached (%u, max: %u)\n", (unsigned int) (metadata->unpack_size / metadata->pack_size), ctx->limits->maxratio);
|
|
| 210 |
+ if(ctx->limits->maxfilesize && (metadata->unpack_size <= ctx->limits->maxfilesize)) {
|
|
| 211 |
+ cli_dbgmsg("RAR: Ignoring ratio limit (file size doesn't hit limits)\n");
|
|
| 212 |
+ } else {
|
|
| 213 |
+ if(BLOCKMAX) {
|
|
| 214 |
+ *ctx->virname = "Oversized.RAR"; |
|
| 215 |
+ return CL_VIRUS; |
|
| 216 |
+ } |
|
| 217 |
+ return CL_EMAXSIZE; |
|
| 218 |
+ } |
|
| 219 |
+ } |
|
| 220 |
+ } |
|
| 221 |
+ |
|
| 207 | 222 |
if(ctx->limits->maxfiles && (files > ctx->limits->maxfiles)) {
|
| 208 | 223 |
cli_dbgmsg("RAR: Files limit reached (max: %u)\n", ctx->limits->maxfiles);
|
| 209 | 224 |
if(BLOCKMAX) {
|
| ... | ... |
@@ -435,9 +439,13 @@ static int cli_scanzip(int desc, cli_ctx *ctx, off_t sfx_offset, uint32_t *sfx_c |
| 435 | 435 |
} |
| 436 | 436 |
|
| 437 | 437 |
if(ctx->limits && ctx->limits->maxratio > 0 && ((unsigned) zdirent.st_size / (unsigned) zdirent.d_csize) >= ctx->limits->maxratio) {
|
| 438 |
- *ctx->virname = "Oversized.Zip"; |
|
| 439 |
- ret = CL_VIRUS; |
|
| 440 |
- break; |
|
| 438 |
+ if(ctx->limits->maxfilesize && ((unsigned int) zdirent.st_size <= ctx->limits->maxfilesize)) {
|
|
| 439 |
+ cli_dbgmsg("Zip: Ignoring ratio limit (file size doesn't hit limits)\n");
|
|
| 440 |
+ } else {
|
|
| 441 |
+ *ctx->virname = "Oversized.Zip"; |
|
| 442 |
+ ret = CL_VIRUS; |
|
| 443 |
+ break; |
|
| 444 |
+ } |
|
| 441 | 445 |
} |
| 442 | 446 |
|
| 443 | 447 |
if(DETECT_ENCRYPTED && encrypted) {
|