Browse code
bb11625 - adding heuristic check for XZ dictionary size evasion
Mickey Sola authored on 2017/06/20 04:41:17Showing 3 changed files
| ... | ... |
@@ -798,6 +798,10 @@ static int cli_scanxz(cli_ctx *ctx) |
| 798 | 798 |
/* xz decompress a chunk */ |
| 799 | 799 |
rc = cli_XzDecode(&strm); |
| 800 | 800 |
if (XZ_RESULT_OK != rc && XZ_STREAM_END != rc) {
|
| 801 |
+ if (rc == XZ_DIC_HEURISTIC) {
|
|
| 802 |
+ ret = cli_append_virus(ctx, "Heuristic.XZ.DicSizeLimit"); |
|
| 803 |
+ goto xz_exit; |
|
| 804 |
+ } |
|
| 801 | 805 |
cli_errmsg("cli_scanxz: decompress error: %d\n", rc);
|
| 802 | 806 |
ret = CL_EFORMAT; |
| 803 | 807 |
goto xz_exit; |
| ... | ... |
@@ -76,7 +76,11 @@ int cli_XzDecode(struct CLI_XZ *XZ) {
|
| 76 | 76 |
return XZ_STREAM_END; |
| 77 | 77 |
if (XZ->status == CODER_STATUS_NOT_FINISHED && XZ->avail_out == 0) |
| 78 | 78 |
return XZ_RESULT_OK; |
| 79 |
- if (((inbytes == 0) && (outbytes == 0)) || res != SZ_OK) |
|
| 79 |
+ if (((inbytes == 0) && (outbytes == 0)) || res != SZ_OK) {
|
|
| 80 |
+ if (res == SZ_ERROR_MEM) {
|
|
| 81 |
+ return XZ_DIC_HEURISTIC; |
|
| 82 |
+ } |
|
| 80 | 83 |
return XZ_RESULT_DATA_ERROR; |
| 84 |
+ } |
|
| 81 | 85 |
return XZ_RESULT_OK; |
| 82 | 86 |
} |