Hi Sebastian,
On 10.01.2015 13:22, Sebastian Andrzej Siewior wrote:
I will do the same change here by applying the
patch at the end of this email. I upgraded the severity here to important
since we have here some loss of functionality.
I can prepare you a Wheezy package with this change if you like. I will
have to check with the team if this is something we want to address now
or wait for the next clamav release.
If I understand correctly, this problem only affects scanning
(partially) broken archives and thus shouldn't have a major impact.
In particular the provided sample seems to be broken completely, because
cabextract only extracts empty files.
In light of this I'd say the fix can wait until the next release.
diff --git a/libclamav/libmspack.c b/libclamav/libmspack.c
index e94312e..92338d5 100644
--- a/libclamav/libmspack.c
+++ b/libclamav/libmspack.c
@@ -399,8 +397,12 @@ int cli_scanmscab(cli_ctx *ctx, off_t sfx_offset)
}
free(tmp_fname);
files++;
- if (ret == CL_VIRUS && SCAN_ALL)
- continue;
+ if (ret == CL_VIRUS) {
+ if (SCAN_ALL)
+ continue;
+ else
+ break;
+ }
if (ret)
break;
}
@@ -507,8 +508,12 @@ int cli_scanmschm(cli_ctx *ctx)
}
free(tmp_fname);
files++;
- if (ret == CL_VIRUS && SCAN_ALL)
- continue;
+ if (ret == CL_VIRUS) {
+ if (SCAN_ALL)
+ continue;
+ else
+ break;
+ }
if (ret)
break;
}
These changes seem to have no effect, or have they?
The rest of the patch looks good.
Best regards,
Andreas
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
