@@ -400,9 +400,6 @@ static void scanfile(const char *filename, struct cl_engine *engine, const struc

                 logg("~%s!(%llu): %s FOUND\n", filename, (long long unsigned)(chain.lastvir-1), virname);

             }

         }

-        if (!(options & CL_SCAN_ALLMATCHES))

-            logg("~%s: %s FOUND\n", filename, virname);

-

         info.files++;

         info.ifiles++;

@@ -596,9 +593,6 @@ static int scanstdin(const struct cl_engine *engine, const struct optstruct *opt

     data.filename = "stdin";

     data.chain = NULL;

     if((ret = cl_scanfile_callback(file, &virname, &info.blocks, engine, options, &data)) == CL_VIRUS) {

-        if (!(options & CL_SCAN_ALLMATCHES))

-            logg("stdin: %s FOUND\n", virname);

-

         info.ifiles++;

         if(bell)

@@ -676,6 +670,8 @@ int scanmanager(const struct optstruct *opts)

         return 2;

     }

+    cl_engine_set_clcb_virus_found(engine, clamscan_virus_found_cb);

+    

     if (optget(opts, "disable-cache")->enabled)

         cl_engine_set_num(engine, CL_ENGINE_DISABLE_CACHE, 1);

@@ -1038,7 +1034,6 @@ int scanmanager(const struct optstruct *opts)

     /* set scan options */

     if(optget(opts, "allmatch")->enabled) {

         options |= CL_SCAN_ALLMATCHES;

-        cl_engine_set_clcb_virus_found(engine, clamscan_virus_found_cb);

     }

     if(optget(opts,"phishing-ssl")->enabled)

@@ -1095,6 +1090,10 @@ int scanmanager(const struct optstruct *opts)

     if(optget(opts, "algorithmic-detection")->enabled)

         options |= CL_SCAN_ALGORITHMIC;

+    if(optget(opts, "block-max")->enabled) {

+        options |= CL_SCAN_BLOCKMAX;

+    }

+

 #ifdef HAVE__INTERNAL__SHA_COLLECT

     if(optget(opts, "dev-collect-hashes")->enabled)

         options |= CL_SCAN_INTERNAL_COLLECT_SHA;

@@ -934,6 +934,16 @@ int cl_engine_settings_free(struct cl_settings *settings)

     return CL_SUCCESS;

 }

+void cli_check_blockmax(cli_ctx *ctx, int rc)

+{

+    if (BLOCKMAX && !ctx->limit_exceeded) {

+        cli_append_virus (ctx, "Heuristic.Limits.Exceeded");

+        ctx->limit_exceeded = 1;

+        cli_dbgmsg ("Limit %s Exceeded: scanning may be incomplete and additional analysis needed for this file.\n",

+            cl_strerror(rc));

+    }

+}

+

 int cli_checklimits(const char *who, cli_ctx *ctx, unsigned long need1, unsigned long need2, unsigned long need3) {

     int ret = CL_SUCCESS;

     unsigned long needed;

@@ -963,8 +973,12 @@ int cli_checklimits(const char *who, cli_ctx *ctx, unsigned long need1, unsigned

     if(ctx->engine->maxfiles && ctx->scannedfiles>=ctx->engine->maxfiles) {

         cli_dbgmsg("%s: files limit reached (max: %u)\n", who, ctx->engine->maxfiles);

-	return CL_EMAXFILES;

+	ret = CL_EMAXFILES;

     }

+

+    if (ret != CL_SUCCESS)

+        cli_check_blockmax(ctx, ret);

+

     return ret;

 }

@@ -157,6 +157,7 @@ typedef struct cli_ctx_tag {

     struct json_object *wrkproperty;

 #endif

     struct timeval time_limit;

+    int limit_exceeded;

 } cli_ctx;

 #define STATS_ANON_UUID "5b585e8f-3be5-11e3-bf0b-18037319526c"

@@ -473,7 +474,7 @@ extern int have_rar;

 #define SCAN_ELF	    (ctx->options & CL_SCAN_ELF)

 #define SCAN_ALGO 	    (ctx->options & CL_SCAN_ALGORITHMIC)

 #define DETECT_ENCRYPTED    (ctx->options & CL_SCAN_BLOCKENCRYPTED)

-/* #define BLOCKMAX	    (ctx->options & CL_SCAN_BLOCKMAX) */

+#define BLOCKMAX	    (ctx->options & CL_SCAN_BLOCKMAX)

 #define DETECT_BROKEN	    (ctx->options & CL_SCAN_BLOCKBROKEN)

 #define BLOCK_MACROS	    (ctx->options & CL_SCAN_BLOCKMACROS)

 #define SCAN_STRUCTURED	    (ctx->options & CL_SCAN_STRUCTURED)

@@ -712,6 +713,7 @@ void cli_bitset_free(bitset_t *bs);

 int cli_bitset_set(bitset_t *bs, unsigned long bit_offset);

 int cli_bitset_test(bitset_t *bs, unsigned long bit_offset);

 const char* cli_ctime(const time_t *timep, char *buf, const size_t bufsize);

+void cli_check_blockmax(cli_ctx *, int);

 int cli_checklimits(const char *, cli_ctx *, unsigned long, unsigned long, unsigned long);

 int cli_updatelimits(cli_ctx *, unsigned long);

 unsigned long cli_getsizelimit(cli_ctx *, unsigned long);

@@ -2276,8 +2276,10 @@ static int cli_scanraw(cli_ctx *ctx, cli_file_t type, uint8_t typercg, cli_file_

 	size_t current_container_size = ctx->container_size;

-    if(ctx->engine->maxreclevel && ctx->recursion >= ctx->engine->maxreclevel)

+    if(ctx->engine->maxreclevel && ctx->recursion >= ctx->engine->maxreclevel) {

+        cli_check_blockmax(ctx, CL_EMAXREC);

         return CL_EMAXREC;

+    }

     perf_start(ctx, PERFT_RAW);

     if(typercg)

@@ -2697,6 +2699,7 @@ static int magic_scandesc(cli_ctx *ctx, cli_file_t type)

     if(ctx->engine->maxreclevel && ctx->recursion > ctx->engine->maxreclevel) {

         cli_dbgmsg("cli_magic_scandesc: Archive recursion limit exceeded (%u, max: %u)\n", ctx->recursion, ctx->engine->maxreclevel);

 	emax_reached(ctx);

+        cli_check_blockmax(ctx, CL_EMAXREC);

 	early_ret_from_magicscan(CL_CLEAN);

     }

@@ -2835,8 +2838,10 @@ static int magic_scandesc(cli_ctx *ctx, cli_file_t type)

     ctx->hook_lsig_matches = NULL;

     if(!(ctx->options&~CL_SCAN_ALLMATCHES) || (ctx->recursion == ctx->engine->maxreclevel)) { /* raw mode (stdin, etc.) or last level of recursion */

-	if(ctx->recursion == ctx->engine->maxreclevel)

+	if(ctx->recursion == ctx->engine->maxreclevel) {

+            cli_check_blockmax(ctx, CL_EMAXREC);

 	    cli_dbgmsg("cli_magic_scandesc: Hit recursion limit, only scanning raw file\n");

+        }

 	else

 	    cli_dbgmsg("Raw mode: No support for special files\n");

@@ -3736,7 +3741,7 @@ static int scan_common(int desc, cl_fmap_t *map, const char **virname, unsigned

     cli_bitset_free(ctx.hook_lsig_matches);

     free(ctx.fmap);

     if (rc == CL_CLEAN) {

-        if ((ctx.num_viruses != 0 && ctx.options & CL_SCAN_ALLMATCHES) ||

+        if ((ctx.num_viruses != 0 && (ctx.options & (CL_SCAN_ALLMATCHES | CL_SCAN_BLOCKMAX))) ||

             ctx.found_possibly_unwanted)

                 rc = CL_VIRUS;

     }

@@ -175,7 +175,7 @@ const struct clam_option __clam_options[] = {

     { NULL, "no-phishing-restrictedscan", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMSCAN | OPT_DEPRECATED, "", "" },

     { NULL, "max-ratio", 0, CLOPT_TYPE_NUMBER, MATCH_NUMBER, 0, NULL, 0, OPT_CLAMSCAN | OPT_DEPRECATED, "", "" },

     { NULL, "max-space", 0, CLOPT_TYPE_SIZE, MATCH_SIZE, 0, NULL, 0, OPT_CLAMSCAN | OPT_DEPRECATED, "", "" },

-    { NULL, "block-max", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMSCAN | OPT_DEPRECATED, "", "" },

+    { NULL, "block-max", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMSCAN, "", "" },

     { NULL, "unzip", 0, CLOPT_TYPE_STRING, NULL, -1, "foo", 0, OPT_CLAMSCAN | OPT_DEPRECATED, "", "" },

     { NULL, "unrar", 0, CLOPT_TYPE_STRING, NULL, -1, "foo", 0, OPT_CLAMSCAN | OPT_DEPRECATED, "", "" },

     { NULL, "arj", 0, CLOPT_TYPE_STRING, NULL, -1, "foo", 0, OPT_CLAMSCAN | OPT_DEPRECATED, "", "" },