Browse code
bb11896 - fix 'infected' count for whitelisted pdf file.
Steven Morgan authored on 2017/08/25 05:33:33Showing 1 changed files
| ... | ... |
@@ -146,7 +146,7 @@ static int xrefCheck(const char *xref, const char *eof) |
| 146 | 146 |
} |
| 147 | 147 |
|
| 148 | 148 |
/* define this to be noisy about things that we can't parse properly */ |
| 149 |
-#define NOISY |
|
| 149 |
+#undef NOISY |
|
| 150 | 150 |
|
| 151 | 151 |
#ifdef NOISY |
| 152 | 152 |
#define noisy_msg(pdf, ...) cli_infomsg(pdf->ctx, __VA_ARGS__) |
| ... | ... |
@@ -2458,9 +2458,11 @@ int cli_pdf(const char *dir, cli_ctx *ctx, off_t offset) |
| 2458 | 2458 |
pdf_parseobj(&pdf, obj); |
| 2459 | 2459 |
if (SCAN_ALGO && obj->numfilters > PDF_FILTER_DTRIGGER) {
|
| 2460 | 2460 |
rc = cli_append_virus(ctx, "Heuristic.PDF.TooManyFilters"); |
| 2461 |
- alerts++; |
|
| 2462 |
- if (SCAN_ALL && rc == CL_VIRUS) |
|
| 2463 |
- rc = CL_CLEAN; |
|
| 2461 |
+ if (rc == CL_VIRUS) {
|
|
| 2462 |
+ alerts++; |
|
| 2463 |
+ if (SCAN_ALL) |
|
| 2464 |
+ rc = CL_CLEAN; |
|
| 2465 |
+ } |
|
| 2464 | 2466 |
} |
| 2465 | 2467 |
} |
| 2466 | 2468 |
|
| ... | ... |
@@ -2476,10 +2478,12 @@ int cli_pdf(const char *dir, cli_ctx *ctx, off_t offset) |
| 2476 | 2476 |
/* It is encrypted, and a password/key needs to be supplied to decrypt. |
| 2477 | 2477 |
* This doesn't trigger for PDFs that are encrypted but don't need |
| 2478 | 2478 |
* a password to decrypt */ |
| 2479 |
- cli_append_virus(ctx, "Heuristics.Encrypted.PDF"); |
|
| 2480 |
- alerts++; |
|
| 2481 |
- if (SCAN_ALL && rc == CL_VIRUS) |
|
| 2482 |
- rc = CL_CLEAN; |
|
| 2479 |
+ rc = cli_append_virus(ctx, "Heuristics.Encrypted.PDF"); |
|
| 2480 |
+ if (rc == CL_VIRUS) {
|
|
| 2481 |
+ alerts++; |
|
| 2482 |
+ if (SCAN_ALL) |
|
| 2483 |
+ rc = CL_CLEAN; |
|
| 2484 |
+ } |
|
| 2483 | 2485 |
} |
| 2484 | 2486 |
|
| 2485 | 2487 |
if (!rc) {
|