Lines 80-85
Link Here
|
80 |
#define PEALIGN(o,a) (((a))?(((o)/(a))*(a)):(o)) |
80 |
#define PEALIGN(o,a) (((a))?(((o)/(a))*(a)):(o)) |
81 |
#define PESALIGN(o,a) (((a))?(((o)/(a)+((o)%(a)!=0))*(a)):(o)) |
81 |
#define PESALIGN(o,a) (((a))?(((o)/(a)+((o)%(a)!=0))*(a)):(o)) |
82 |
|
82 |
|
|
|
83 |
#define CLI_UNPSIZELIMITS(NAME,CHK) \ |
84 |
if(ctx->limits && ctx->limits->maxfilesize && (CHK) > ctx->limits->maxfilesize) { \ |
85 |
cli_dbgmsg(NAME": Sizes exceeded (%lu > %lu)\n", (CHK), ctx->limits->maxfilesize); \ |
86 |
free(exe_sections); \ |
87 |
if(BLOCKMAX) { \ |
88 |
*ctx->virname = "PE."NAME".ExceededFileSize"; \ |
89 |
return CL_VIRUS; \ |
90 |
} else { \ |
91 |
return CL_CLEAN; \ |
92 |
} \ |
93 |
} |
94 |
|
83 |
extern short cli_leavetemps_flag; |
95 |
extern short cli_leavetemps_flag; |
84 |
|
96 |
|
85 |
struct offset_list { |
97 |
struct offset_list { |
Lines 1153-1168
int cli_scanpe(int desc, cli_ctx *ctx)
Link Here
|
1153 |
dsize = exe_sections[i].vsz; |
1165 |
dsize = exe_sections[i].vsz; |
1154 |
|
1166 |
|
1155 |
cli_dbgmsg("MEW: ssize %08x dsize %08x offdiff: %08x\n", ssize, dsize, offdiff); |
1167 |
cli_dbgmsg("MEW: ssize %08x dsize %08x offdiff: %08x\n", ssize, dsize, offdiff); |
1156 |
if(ctx->limits && ctx->limits->maxfilesize && (ssize + dsize > ctx->limits->maxfilesize || exe_sections[i + 1].rsz > ctx->limits->maxfilesize)) { |
1168 |
|
1157 |
cli_dbgmsg("MEW: Sizes exceeded (ssize: %u, dsize: %u, max: %lu)\n", ssize, dsize , ctx->limits->maxfilesize); |
1169 |
CLI_UNPSIZELIMITS("MEW", MAX(ssize, dsize)); |
1158 |
free(exe_sections); |
1170 |
CLI_UNPSIZELIMITS("MEW", MAX(ssize + dsize, exe_sections[i + 1].rsz)); |
1159 |
if(BLOCKMAX) { |
|
|
1160 |
*ctx->virname = "PE.MEW.ExceededFileSize"; |
1161 |
return CL_VIRUS; |
1162 |
} else { |
1163 |
return CL_CLEAN; |
1164 |
} |
1165 |
} |
1166 |
|
1171 |
|
1167 |
/* allocate needed buffer */ |
1172 |
/* allocate needed buffer */ |
1168 |
if (!(src = cli_calloc (ssize + dsize, sizeof(char)))) { |
1173 |
if (!(src = cli_calloc (ssize + dsize, sizeof(char)))) { |