Browse code
bb11896 -- increasing size of max filter for pdf filter heuristic. Still have work to be done to investigate whitelisting issue. This commit additionally fixes a compile error when building with json-c and fixes a couple of minor warnings.
Micah Snyder authored on 2017/08/24 04:08:47Showing 3 changed files
| ... | ... |
@@ -3959,7 +3959,12 @@ static int scan_common(int desc, cl_fmap_t *map, const char **virname, unsigned |
| 3959 | 3959 |
} |
| 3960 | 3960 |
|
| 3961 | 3961 |
/* backwards compatibility: scan the json string unless a virus was detected */ |
| 3962 |
- if (rc != CL_VIRUS && (iroot->ac_lsigs || iroot->ac_patterns || iroot->pcre_metas)) |
|
| 3962 |
+ if (rc != CL_VIRUS && (iroot->ac_lsigs |
|
| 3963 |
+ || iroot->ac_patterns |
|
| 3964 |
+#ifdef HAVE_PCRE |
|
| 3965 |
+ || iroot->pcre_metas |
|
| 3966 |
+#endif |
|
| 3967 |
+ )) |
|
| 3963 | 3968 |
{
|
| 3964 | 3969 |
cli_dbgmsg("scan_common: running deprecated preclass bytecodes for target type 13\n");
|
| 3965 | 3970 |
ctx.options &= ~CL_SCAN_FILE_PROPERTIES; |
| ... | ... |
@@ -238,6 +238,7 @@ struct { \
|
| 238 | 238 |
SLIST_FIRST((head)) = SLIST_NEXT(SLIST_FIRST((head)), field); \ |
| 239 | 239 |
} while (0) |
| 240 | 240 |
|
| 241 |
+#undef SLIST_SWAP |
|
| 241 | 242 |
#define SLIST_SWAP(head1, head2, type) do { \
|
| 242 | 243 |
struct type *swap_first = SLIST_FIRST(head1); \ |
| 243 | 244 |
SLIST_FIRST(head1) = SLIST_FIRST(head2); \ |
| ... | ... |
@@ -473,8 +474,10 @@ struct { \
|
| 473 | 473 |
(elm)->field.le_prev = &LIST_FIRST((head)); \ |
| 474 | 474 |
} while (0) |
| 475 | 475 |
|
| 476 |
+#undef LIST_NEXT |
|
| 476 | 477 |
#define LIST_NEXT(elm, field) ((elm)->field.le_next) |
| 477 | 478 |
|
| 479 |
+#undef LIST_PREV |
|
| 478 | 480 |
#define LIST_PREV(elm, head, type, field) \ |
| 479 | 481 |
((elm)->field.le_prev == &LIST_FIRST((head)) ? NULL : \ |
| 480 | 482 |
__containerof((elm)->field.le_prev, struct type, field.le_next)) |