------- You are receiving this mail because: -------
You are on the CC list for the bug.
http://bugs.exim.org/show_bug.cgi?id=1418
Summary: several fixed-size buffers in malware.c
Product: Exim
Version: 4.82
Platform: Other
OS/Version: Linux
Status: NEW
Severity: bug
Priority: medium
Component: Content Scanning
AssignedTo: tom@???
ReportedBy: jgh146exb@???
CC: exim-dev@???
The file has at least four limited-size arrays. One of these has been seen to
be a limiting factor in the response from a scanner, resulting in
false-negatives. One class of malware involves a very long filename on an
executable, presumably to make it hard for both humans and scanners.
Limits involved probably need to be on order of the OS filename limit, but
preferably not using excessive resource for all uses.
--
Configure bugmail:
http://bugs.exim.org/userprefs.cgi?tab=email