... | ... |
@@ -120,6 +120,7 @@ static struct dconf_module modules[] = { |
120 | 120 |
{ "OTHER", "DLP", OTHER_CONF_DLP, 1 }, |
121 | 121 |
{ "OTHER", "MYDOOMLOG", OTHER_CONF_MYDOOMLOG, 1 }, |
122 | 122 |
{ "OTHER", "PREFILTERING", OTHER_CONF_PREFILTERING,1 }, |
123 |
+ { "OTHER", "PDFNAMEOBJ", OTHER_CONF_PDFNAMEOBJ, 1 }, |
|
123 | 124 |
|
124 | 125 |
{ "PHISHING", "ENGINE", PHISHING_CONF_ENGINE, 1 }, |
125 | 126 |
{ "PHISHING", "ENTCONV", PHISHING_CONF_ENTCONV, 1 }, |
... | ... |
@@ -2232,7 +2232,7 @@ int cli_pdf(const char *dir, cli_ctx *ctx, off_t offset) |
2232 | 2232 |
rc = CL_CLEAN; |
2233 | 2233 |
} |
2234 | 2234 |
} |
2235 |
- if (!rc && (ctx->options & CL_SCAN_ALGORITHMIC)) { |
|
2235 |
+ if (!rc && SCAN_ALGO && (ctx->dconf->other & OTHER_CONF_PDFNAMEOBJ)) { |
|
2236 | 2236 |
if (pdf.flags & (1 << ESCAPED_COMMON_PDFNAME)) { |
2237 | 2237 |
/* for example /Fl#61te#44#65#63#6f#64#65 instead of /FlateDecode */ |
2238 | 2238 |
cli_append_virus(ctx, "Heuristics.PDF.ObfuscatedNameObject"); |