On Wed, 11 Jan 2006 22:04:08 -0500 "David F. Skoll" <[EMAIL PROTECTED]> wrote:
> Hi, > > The file http://www.roaringpenguin.com/msg-1212-47.zip is an EICAR > test virus in a deflate64-compressed zip file. I know that the built-in > zip decompressor doesn't handle this format, but the standard InfoZip > UNIX zip command does. So: > > With ClamAV 0.87.1, the command: > > clamscan --unzip msg-1212-47.zip > > finds the EICAR, but with 0.88 it does not. I believe I found the > problem; below is a patch than makes 0.88 work. If Clam developers > could check it out to make sure there are no bad side effects, I'd > appreciate it. Hi David, the patch is not correct because of the too early return() call. Due to the bug's nature it should not cause any significant problems, though. D. Gueluy's approach seems more correct, btw. Regards, -- oo ..... Tomasz Kojm <[EMAIL PROTECTED]> (\/)\......... http://www.ClamAV.net/gpg/tkojm.gpg \..........._ 0DCA5A08407D5288279DB43454822DC8985A444B //\ /\ Sun Jan 15 20:11:33 CET 2006
signature.asc
Description: PGP signature
_______________________________________________ http://lurker.clamav.net/list/clamav-devel.html
