On Thu, 2006-11-02 at 17:50 +0100, Tomasz Kojm wrote:
> > > if(limits->maxfilesize && ((unsigned int) zdirent.st_size >
> > > limits->maxfilesize)) { cli_dbgmsg("Zip: %s: Size exceeded (%d, max:
> > > %ld)\n", zdirent.d_name, zdirent.st_size, limits->maxfilesize); /* ret =
> > > CL_EMAX
Philip Allison wrote:
Any comments? What is the "official" verdict on what scanners should do
with the limits when ArchiveBlockMax is disabled, and what are the
scanners *actually* doing at the moment?
Regards,
Phil
The current config is clear enough. The limits are adjustable by you and
t
On Thu, 02 Nov 2006 16:10:29 +
Philip Allison <[EMAIL PROTECTED]> wrote:
> Looking at the code of scanners.c, it would appear that some of the limits
> are completely ignored when ArchiveBlockMax is not enabled, and so there is
> not actually any DoS protection in place.
Not true, see below.
Hullo!
I have noticed some disturbing behaviour in ClamAV (0.88.5 and earlier)
regarding the various archive scanning limits (ArchiveMaxFiles,
ArchiveMaxFileSize etc.). What I have noticed is that when
ArchiveBlockMax is not enabled, ClamD can take a very long time to
process files which are above