1. clamav-devel
  2. Commit 91e8cee011fc38b02d94b70f6b0f021452b88e25
Browse code

enable upx-lzma

git-svn: trunk@4048

aCaB authored on 2008/08/01 09:31:29
Showing 2 changed files
ChangeLog
History View file @ 91e8cee
... ... 
@@ -1,3 +1,7 @@
1 
+Fri Aug  1 02:15:20 CEST 2008 (acab)
2 
+------------------------------------
3 
+  * libclamav: enable support for UPX/LZMA (bb#910)
4 
+
1 5 
 Fri Aug  1 00:07:30 CEST 2008 (tk)
2 6 
 ----------------------------------
3 7 
   * libclamav: scan disasm data with type-8 sigs (bb#895)
libclamav/pe.c
History View file @ 91e8cee
... ... 
@@ -1745,10 +1745,14 @@ int cli_scanpe(int desc, cli_ctx *ctx)
1745 1745 
 	    }
1746 1746 
 	}
1747 1747
1748 
-	if(0 && cli_memstr(UPX_LZMA2, 20, epbuff + 0x2f, 20)) {
1749 
-	  uint32_t ndsize=cli_readint32(epbuff+0x21);
1750 
-	  if(ndsize<=dsize)
1751 
-	    upx_success = upx_inflatelzma(src, ssize, dest, &ndsize, exe_sections[i].rva, exe_sections[i + 1].rva, vep) >=0;
1748 
+	if(cli_memstr(UPX_LZMA2, 20, epbuff + 0x2f, 20)) {
1749 
+	  uint32_t strictdsize=cli_readint32(epbuff+0x21);
1750 
+	  if(strictdsize<=dsize)
1751 
+	    upx_success = upx_inflatelzma(src, ssize, dest, &strictdsize, exe_sections[i].rva, exe_sections[i + 1].rva, vep) >=0;
1752 
+	} else if (cli_memstr(UPX_LZMA1, 20, epbuff + 0x39, 20)) {
1753 
+	  uint32_t strictdsize=cli_readint32(epbuff+0x2b);
1754 
+	  if(strictdsize<=dsize)
1755 
+	    upx_success = upx_inflatelzma(src, ssize, dest, &strictdsize, exe_sections[i].rva, exe_sections[i + 1].rva, vep) >=0;
1752 1756 
 	}
1753 1757
1754 1758 
 	if(!upx_success) {