@@ -1,3 +1,8 @@

+Mon Feb  8 13:40:06 CET 2010 (acab)

+----------------------------------

+ * libclamav: drop support for type 8 signatures. disasm matching is now

+		done via bytecode

+

 Mon Feb  8 10:30:03 CET 2010 (tk)

 ---------------------------------

  * freshclam, sigtool: use zlib's Z_FILTERED strategy

@@ -41,7 +41,6 @@ typedef enum {

     /* Please do not add any new types above this line */

     CL_TYPE_ERROR,

     CL_TYPE_MSEXE,

-    CL_TYPE_PE_DISASM,

     CL_TYPE_ELF,

     CL_TYPE_MACHO,

     CL_TYPE_MACHO_UNIBIN,

@@ -136,7 +136,7 @@ static const struct cli_mtarget cli_mtargets[CLI_MTARGETS] =  {

     { CL_TYPE_GRAPHICS,	    "GRAPHICS",	    5,	1   },

     { CL_TYPE_ELF,	    "ELF",	    6,	1   },

     { CL_TYPE_TEXT_ASCII,   "ASCII",	    7,	1   },

-    { CL_TYPE_PE_DISASM,    "DISASM",	    8,	1   },

+    { CL_TYPE_ERROR,        "NOT USED",	    8,	1   },

     { CL_TYPE_MACHO,	    "MACH-O",	    9,	1   }

 };

@@ -1074,16 +1074,19 @@ int cli_scanpe(cli_ctx *ctx, icon_groupset *iconset)

     epsize = fmap_readn(map, epbuff, ep, 4096);

-    CLI_UNPTEMP("DISASM",(exe_sections,0));

-    if(disasmbuf((unsigned char*)epbuff, epsize, ndesc))

-	ret = cli_scandesc(ndesc, ctx, CL_TYPE_PE_DISASM, 1, NULL, AC_SCAN_VIR);

-    close(ndesc);

-    CLI_TMPUNLK();

-    free(tempfile);

-    if(ret == CL_VIRUS) {

-	free(exe_sections);

-	return ret;

-    }

+

+    /* Disasm scan disabled since it's now handled by the bytecode */

+

+    /* CLI_UNPTEMP("DISASM",(exe_sections,0)); */

+    /* if(disasmbuf((unsigned char*)epbuff, epsize, ndesc)) */

+    /* 	ret = cli_scandesc(ndesc, ctx, CL_TYPE_PE_DISASM, 1, NULL, AC_SCAN_VIR); */

+    /* close(ndesc); */

+    /* CLI_TMPUNLK(); */

+    /* free(tempfile); */

+    /* if(ret == CL_VIRUS) { */

+    /* 	free(exe_sections); */

+    /* 	return ret; */

+    /* } */

     if(overlays) {

 	int overlays_sz = fsize - overlays;