Re: Virus Checking - COMPLETELY UNENCUMBERED!

To: debian-devel@lists.debian.org
Subject: Re: Virus Checking - COMPLETELY UNENCUMBERED!
From: Tim Bell <bhat@trinity.unimelb.edu.au>
Date: Wed, 15 May 2002 17:45:01 +1000
Message-id: <[🔎] 20020515074501.GA14385@trinity.unimelb.edu.au>
In-reply-to: <[🔎] 20020515060532.GB961@cs140102.pp.htv.fi>
References: <[🔎] 1021202211.532.5.camel@zion> <[🔎] 200205130843.g4D8hjoN016167@tornado> <[🔎] 877km6elcf.fsf@ataraxia.vdst-ka.inka.de> <[🔎] 1021427092.5009.42.camel@scrooge> <[🔎] 877km6b0n4.fsf@ataraxia.vdst-ka.inka.de> <[🔎] 20020514204111.B23809@ece.ubc.ca> <[🔎] 20020515060532.GB961@cs140102.pp.htv.fi>

On Wed 15 May 2002 at 09:05:32 +0300, Richard Braakman wrote:
> On Tue, May 14, 2002 at 08:41:11PM -0700, Luca Filipozzi wrote:
> > > Or tried to feed a .bz2 from 2 gigabytes of zeroes through an amavis
> > > with an unpacking partition of 150MB.
> > 
> > That's interesting.  Good thing I limit mail messages to 10MB with the
> > MTA, I guess.
> 
> That might not help.  Gigabytes of zeroes compress really well :)
> The actual .bz2 file can be under your 10MB limit, and still fill up
> any partition you try to unpack it in.  So the virus scanner needs
> to be smart enough to deal with this.

For example:

    $ cat /dev/zero | head -c 2147483647 | bzip2 -9 | wc -c
       1522
    $

For decompressors which can operate in a pipe (like bzip2, gzip), is
there anything much wrong with doing the decompressing something like
this:

    $ cat $TMPFILE | bzcat | head -c $SIZELIMIT > $TMPFILEOUT

?  Of course it will corrupt (by truncating) attachments which are zipped
files of zeros, but is that a problem?

Tim.
-- 
Tim Bell - bhat@trinity.unimelb.edu.au - System Administrator & Programmer
    Trinity College, Royal Parade, Parkville, Victoria, 3052, Australia


-- 
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: Virus Checking - COMPLETELY UNENCUMBERED!
  - From: Hilko Bengen <bengen@vdst-ka.inka.de>

References:
- Virus Checking - COMPLETELY UNENCUMBERED!
  - From: Matthew Grant <grantma@anathoth.gen.nz>
- Re: Virus Checking - COMPLETELY UNENCUMBERED!
  - From: David Findlay <david@davsoft.com.au>
- Re: Virus Checking - COMPLETELY UNENCUMBERED!
  - From: Hilko Bengen <bengen@vdst-ka.inka.de>
- Re: Virus Checking - COMPLETELY UNENCUMBERED!
  - From: Brian May <bam@snoopy.apana.org.au>
- Re: Virus Checking - COMPLETELY UNENCUMBERED!
  - From: Hilko Bengen <bengen@vdst-ka.inka.de>
- Re: Virus Checking - COMPLETELY UNENCUMBERED!
  - From: Luca Filipozzi <lfilipoz@debian.org>
- Re: Virus Checking - COMPLETELY UNENCUMBERED!
  - From: Richard Braakman <dark@xs4all.nl>

Prev by Date: Re: SPAM mails marking bugs as done?
Next by Date: Re: SPAM mails marking bugs as done?
Previous by thread: Re: Virus Checking - COMPLETELY UNENCUMBERED!
Next by thread: Re: Virus Checking - COMPLETELY UNENCUMBERED!
Index(es):
- Date
- Thread