Browse code
update
| ... | ... |
@@ -368,7 +368,7 @@ static int cli_scanzip(int desc, const char **virname, long int *scanned, const |
| 368 | 368 |
|
| 369 | 369 |
if(!zdirent.d_name || !strlen(zdirent.d_name)) { /* Mimail fix */
|
| 370 | 370 |
cli_dbgmsg("Zip: strlen(zdirent.d_name) == %d\n", strlen(zdirent.d_name));
|
| 371 |
- *virname = "Suspected.Zip"; |
|
| 371 |
+ *virname = "Suspect.Zip"; |
|
| 372 | 372 |
ret = CL_VIRUS; |
| 373 | 373 |
break; |
| 374 | 374 |
} |
| ... | ... |
@@ -384,7 +384,7 @@ static int cli_scanzip(int desc, const char **virname, long int *scanned, const |
| 384 | 384 |
if(!zdirent.st_size) {
|
| 385 | 385 |
if(zdirent.d_crc32) {
|
| 386 | 386 |
cli_dbgmsg("Zip: Broken file or modified information in local header part of archive\n");
|
| 387 |
- *virname = "Suspected.Zip"; |
|
| 387 |
+ *virname = "Exploit.Zip.ModifiedHeaders"; |
|
| 388 | 388 |
ret = CL_VIRUS; |
| 389 | 389 |
break; |
| 390 | 390 |
} |
| ... | ... |
@@ -443,7 +443,7 @@ static int cli_scanzip(int desc, const char **virname, long int *scanned, const |
| 443 | 443 |
/* work-around for problematic zips (zziplib crashes with them) */ |
| 444 | 444 |
if(zdirent.d_csize <= 0 || zdirent.st_size < 0) {
|
| 445 | 445 |
cli_dbgmsg("Zip: Malformed archive detected.\n");
|
| 446 |
- *virname = "Suspected.Zip"; |
|
| 446 |
+ *virname = "Suspect.Zip"; |
|
| 447 | 447 |
ret = CL_VIRUS; |
| 448 | 448 |
break; |
| 449 | 449 |
} |
| ... | ... |
@@ -531,12 +531,8 @@ static int cli_scanzip(int desc, const char **virname, long int *scanned, const |
| 531 | 531 |
ret = CL_VIRUS; |
| 532 | 532 |
break; |
| 533 | 533 |
} else if(ret == CL_EMALFZIP) {
|
| 534 |
- /* |
|
| 535 |
- * The trick with detection of ZoD only works with higher (>= 5) |
|
| 536 |
- * recursion limit level. |
|
| 537 |
- */ |
|
| 538 | 534 |
cli_dbgmsg("Zip: Malformed Zip file, scanning stopped.\n");
|
| 539 |
- *virname = "Suspected.Zip"; |
|
| 535 |
+ *virname = "Suspect.Zip"; |
|
| 540 | 536 |
ret = CL_VIRUS; |
| 541 | 537 |
break; |
| 542 | 538 |
} |