Hi there, Le 24 avr. 2010 à 04:24, Jennifer Fong a écrit :
> Hi, there-- > > I sincerely apologize if this has been mentioned before. Very few results > come up when I search for anything related to ssn's on the archives, so > hopefully I'm not being repetitive... > > I've been having problems with false positives on SSNs when searching only > unstripped/hyphened ssn's. > > It looks like the problem is that in dlp.c, in dlp_is_valid_ssn > > cli_isnumber is never run on the supposedly numeric components of numbuf, but > if there are any numbers in these components, the > sscanf... check still returns that it successfully matched all three. > > Then, if by chance the numeric portions of the components satisfy the rules > of a valid ssn, clamscan thinks the invalid string is a valid ssn. > > For example, 111-11-4<>! returns as a valid ssn. > > I'm not really familiar enough with programming to know whether I am actually > reading the code correctly or not, but I am convinced enough to bring it to > the list. > > Is this intended or just a known issue that has been put on the backburner? I second about false positive, I had several PS and PDF files that has being detected as a false positive. I had to desactivate this in my mail server farm. Xavier _______________________________________________ http://lurker.clamav.net/list/clamav-devel.html Please submit your patches to our Bugzilla: http://bugs.clamav.net
