[exim-dev] [Bug 1418] New: several fixed-size buffers in mal…

Página superior
Eliminar este mensaje
Responder a este mensaje
Autor: Jeremy Harris
Fecha:  
A: exim-dev
Temas nuevos: [exim-dev] [Bug 1418] several fixed-size buffers in malware.c, [exim-dev] [Bug 1418] several fixed-size buffers in malware.c, [exim-dev] [Bug 1418] several fixed-size buffers in malware.c, [exim-dev] [Bug 1418] several fixed-size buffers in malware.c, [exim-dev] [Bug 1418] several fixed-size buffers in malware.c
Asunto: [exim-dev] [Bug 1418] New: several fixed-size buffers in malware.c
------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=1418
           Summary: several fixed-size buffers in malware.c
           Product: Exim
           Version: 4.82
          Platform: Other
        OS/Version: Linux
            Status: NEW
          Severity: bug
          Priority: medium
         Component: Content Scanning
        AssignedTo: tom@???
        ReportedBy: jgh146exb@???
                CC: exim-dev@???



The file has at least four limited-size arrays. One of these has been seen to
be a limiting factor in the response from a scanner, resulting in
false-negatives. One class of malware involves a very long filename on an
executable, presumably to make it hard for both humans and scanners.

Limits involved probably need to be on order of the OS filename limit, but
preferably not using excessive resource for all uses.


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email