@@ -1,3 +1,7 @@

+Tue Apr 27 16:34:38 CEST 2010 (tk)

+----------------------------------

+ * libclamav: fix some limit settings (bb#1973)

+

 Mon Apr 26 18:18:47 EEST 2010 (edwin)

 -------------------------------------

  * bytecode: min/max functionality level support.

@@ -408,7 +408,7 @@ Files larger than this limit won't be scanned. Affects the input file itself as

 Default: 25M

 .TP 

 \fBMaxRecursion NUMBER\fR

-Nested archives are scanned recursively, e.g. if a Zip archive contains a RAR file, all files within it will also be scanned. This options specifies how deeply the process should be continued. \fBWarning: disabling this limit or setting it too high may result in severe damage to the system.\fR

+Nested archives are scanned recursively, e.g. if a Zip archive contains a RAR file, all files within it will also be scanned. This options specifies how deeply the process should be continued. \fBWarning: setting this limit too high may result in severe damage to the system.\fR

 .br 

 Default: 16

 .TP 

@@ -398,9 +398,7 @@ Example

 # Nested archives are scanned recursively, e.g. if a Zip archive contains a RAR

 # file, all files within it will also be scanned. This options specifies how

 # deeply the process should be continued.

-# Note: disabling this limit or setting it too high may result in severe damage

-# to the system.

-# Value of 0 disables the limit.

+# Note: setting this limit too high may result in severe damage to the system.

 # Default: 16

 #MaxRecursion 10

@@ -355,7 +355,11 @@ int cl_engine_set_num(struct cl_engine *engine, enum cl_engine_field field, long

 	    engine->maxfilesize = num;

 	    break;

 	case CL_ENGINE_MAX_RECURSION:

-	    engine->maxreclevel = num;

+	    if(!num) {

+		cli_warnmsg("MaxRecursion: the value of 0 is not allowed, using default: %u\n", CLI_DEFAULT_MAXRECLEVEL);

+		engine->maxreclevel = CLI_DEFAULT_MAXRECLEVEL;

+	    } else

+		engine->maxreclevel = num;

 	    break;

 	case CL_ENGINE_MAX_FILES:

 	    engine->maxfiles = num;

@@ -733,7 +733,7 @@ static int cli_scanmscab(int desc, cli_ctx *ctx, off_t sfx_offset)

 	if(ctx->engine->maxscansize && ctx->scansize + ctx->engine->maxfilesize >= ctx->engine->maxscansize)

 	    file->max_size = ctx->engine->maxscansize - ctx->scansize;

 	else

-	    file->max_size = ctx->engine->maxfilesize;

+	    file->max_size = ctx->engine->maxfilesize ? ctx->engine->maxfilesize : 0xffffffff;

 	cli_dbgmsg("CAB: Extracting file %s to %s, size %u, max_size: %u\n", file->name, tempname, file->length, (unsigned int) file->max_size);

 	file->written_size = 0;