Browse code
remove detection of Suspect.Zip and Exploit.Zip.ModifiedHeaders (bb#997)
git-svn-id: file:///var/lib/svn/clamav-devel/branches/0.93@3812 77e5149b-7576-45b1-b177-96237e5ba77b
Tomasz Kojm authored on 2008/04/28 20:41:06Showing 2 changed files
| ... | ... |
@@ -1,3 +1,8 @@ |
| 1 |
+Mon Apr 28 12:37:31 CEST 2008 (tk) |
|
| 2 |
+---------------------------------- |
|
| 3 |
+ * libclamav/unzip.c: remove detection of Suspect.Zip and |
|
| 4 |
+ Exploit.Zip.ModifiedHeaders (bb#997) |
|
| 5 |
+ |
|
| 1 | 6 |
Thu Apr 24 17:44:38 MSD 2008 (tk) |
| 2 | 7 |
--------------------------------- |
| 3 | 8 |
* libclamav: scan for embedded PEs inside OLE2 files (bb#914) |
| ... | ... |
@@ -387,25 +387,6 @@ static unsigned int lhdr(uint8_t *zip, uint32_t zsize, unsigned int *fu, unsigne |
| 387 | 387 |
zsize-=csize; |
| 388 | 388 |
} |
| 389 | 389 |
|
| 390 |
- if(ch && !LH_flen) {
|
|
| 391 |
- cli_dbgmsg("cli_unzip: found noname file\n");
|
|
| 392 |
- *ctx->virname = "Suspect.Zip"; |
|
| 393 |
- *ret = CL_VIRUS; |
|
| 394 |
- return 0; |
|
| 395 |
- } |
|
| 396 |
- if(ch && !LH_usize && LH_crc32) {
|
|
| 397 |
- cli_dbgmsg("Zip: Broken file or modified information in local header part of archive\n");
|
|
| 398 |
- *ctx->virname = "Exploit.Zip.ModifiedHeaders"; |
|
| 399 |
- * ret = CL_VIRUS; |
|
| 400 |
- return 0; |
|
| 401 |
- } |
|
| 402 |
- if(ch && !LH_csize && LH_usize) {
|
|
| 403 |
- cli_dbgmsg("Zip: Malformed file (csize == 0 but usize != 0)\n");
|
|
| 404 |
- *ctx->virname = "Suspect.Zip"; |
|
| 405 |
- *ret = CL_VIRUS; |
|
| 406 |
- return 0; |
|
| 407 |
- } |
|
| 408 |
- |
|
| 409 | 390 |
if(LH_flags & F_USEDD) {
|
| 410 | 391 |
if(zsize<12) {
|
| 411 | 392 |
cli_dbgmsg("cli_unzip: lh - data desc out of file\n");
|