Browse code
don't normalise files larger than 10 MB
| ... | ... |
@@ -1,3 +1,7 @@ |
| 1 |
+Sun Jan 14 14:23:44 CET 2007 (tk) |
|
| 2 |
+--------------------------------- |
|
| 3 |
+ * libclamav/scanners.c: cli_scanhtml: don't normalise files larger than 10 MB |
|
| 4 |
+ |
|
| 1 | 5 |
Sun Jan 14 14:01:42 CET 2007 (tk) |
| 2 | 6 |
--------------------------------- |
| 3 | 7 |
* libclamav/ole2_extract.c: use sanitiseName() (bb#207) |
| ... | ... |
@@ -1116,13 +1116,27 @@ static int cli_scanhtml(int desc, cli_ctx *ctx) |
| 1116 | 1116 |
{
|
| 1117 | 1117 |
char *tempname, fullname[1024]; |
| 1118 | 1118 |
int ret=CL_CLEAN, fd; |
| 1119 |
+ struct stat sb; |
|
| 1119 | 1120 |
|
| 1120 | 1121 |
|
| 1121 | 1122 |
cli_dbgmsg("in cli_scanhtml()\n");
|
| 1122 | 1123 |
|
| 1124 |
+ if(fstat(desc, &sb) == -1) {
|
|
| 1125 |
+ cli_errmsg("cli_scanhtml: fstat() failed for descriptor %d\n", desc);
|
|
| 1126 |
+ return CL_EIO; |
|
| 1127 |
+ } |
|
| 1128 |
+ |
|
| 1129 |
+ /* Because HTML detection is FP-prone and html_normalise_fd() needs to |
|
| 1130 |
+ * mmap the file don't normalise files larger than 10 MB. |
|
| 1131 |
+ */ |
|
| 1132 |
+ if(sb.st_size > 10485760) {
|
|
| 1133 |
+ cli_dbgmsg("cli_scanhtml: exiting (file larger than 10 MB)\n");
|
|
| 1134 |
+ return CL_CLEAN; |
|
| 1135 |
+ } |
|
| 1136 |
+ |
|
| 1123 | 1137 |
tempname = cli_gentemp(NULL); |
| 1124 | 1138 |
if(mkdir(tempname, 0700)) {
|
| 1125 |
- cli_dbgmsg("ScanHTML -> Can't create temporary directory %s\n", tempname);
|
|
| 1139 |
+ cli_errmsg("cli_scanhtml: Can't create temporary directory %s\n", tempname);
|
|
| 1126 | 1140 |
free(tempname); |
| 1127 | 1141 |
return CL_ETMPDIR; |
| 1128 | 1142 |
} |