Only the old format path of do_unrar() does check against $MAXFILES; put a test in place for the new version as well.
Signed-off-by: Philipp Gesang <[email protected]> --- amavisd | 2 ++ 1 file changed, 2 insertions(+) diff --git a/amavisd b/amavisd index 63e9ecd..1f975c9 100755 --- a/amavisd +++ b/amavisd @@ -32305,6 +32305,8 @@ sub do_unrar($$$;$) { "do_unrar: can't parse info line for \"%s\" %s", $member_name,$ln); } else { + if ($entries_cnt++, $MAXFILES && $entries_cnt > $MAXFILES) + { die "Maximum number of files ($MAXFILES) exceeded" } $member_name = $5; if ($1 eq '*') { # member is encrypted $encryptedcount++; $item_num++; -- 2.11.1
