... | ... |
@@ -798,6 +798,10 @@ static int cli_scanxz(cli_ctx *ctx) |
798 | 798 |
/* xz decompress a chunk */ |
799 | 799 |
rc = cli_XzDecode(&strm); |
800 | 800 |
if (XZ_RESULT_OK != rc && XZ_STREAM_END != rc) { |
801 |
+ if (rc == XZ_DIC_HEURISTIC) { |
|
802 |
+ ret = cli_append_virus(ctx, "Heuristic.XZ.DicSizeLimit"); |
|
803 |
+ goto xz_exit; |
|
804 |
+ } |
|
801 | 805 |
cli_errmsg("cli_scanxz: decompress error: %d\n", rc); |
802 | 806 |
ret = CL_EFORMAT; |
803 | 807 |
goto xz_exit; |
... | ... |
@@ -76,7 +76,11 @@ int cli_XzDecode(struct CLI_XZ *XZ) { |
76 | 76 |
return XZ_STREAM_END; |
77 | 77 |
if (XZ->status == CODER_STATUS_NOT_FINISHED && XZ->avail_out == 0) |
78 | 78 |
return XZ_RESULT_OK; |
79 |
- if (((inbytes == 0) && (outbytes == 0)) || res != SZ_OK) |
|
79 |
+ if (((inbytes == 0) && (outbytes == 0)) || res != SZ_OK) { |
|
80 |
+ if (res == SZ_ERROR_MEM) { |
|
81 |
+ return XZ_DIC_HEURISTIC; |
|
82 |
+ } |
|
80 | 83 |
return XZ_RESULT_DATA_ERROR; |
84 |
+ } |
|
81 | 85 |
return XZ_RESULT_OK; |
82 | 86 |
} |