commit c167e30: [Fix] Fix ClamAV result for cached encrypted file (#3395)

Andrew Lewis nerf at judo.za.org
Wed Nov 4 14:00:08 UTC 2020


Author: Andrew Lewis
Date: 2020-11-04 15:39:45 +0200
URL: https://github.com/rspamd/rspamd/commit/c167e307883e84dc60f3acf193f3ef4a3804a535 (refs/pull/3543/head)

[Fix] Fix ClamAV result for cached encrypted file (#3395)

---
 lualib/lua_scanners/clamav.lua | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lualib/lua_scanners/clamav.lua b/lualib/lua_scanners/clamav.lua
index 855eefac9..7c56f5798 100644
--- a/lualib/lua_scanners/clamav.lua
+++ b/lualib/lua_scanners/clamav.lua
@@ -139,10 +139,11 @@ local function clamav_check(task, content, digest, rule)
           if string.find(vname, '^Heuristics%.Encrypted') then
             rspamd_logger.errx(task, '%s: File is encrypted', rule.log_prefix)
             common.yield_result(task, rule, 'File is encrypted: '.. vname, 0.0, 'encrypted')
-            cached = 'encrypted'
+            cached = 'ENCRYPTED'
           elseif string.find(vname, '^Heuristics%.OLE2%.ContainsMacros') then
             rspamd_logger.errx(task, '%s: ClamAV Found an OLE2 Office Macro', rule.log_prefix)
             common.yield_result(task, rule, vname, 0.0, 'macro')
+            cached = 'MACRO'
           elseif string.find(vname, '^Heuristics%.Limits%.Exceeded') then
             rspamd_logger.errx(task, '%s: ClamAV Limits Exceeded', rule.log_prefix)
             common.yield_result(task, rule, 'Limits Exceeded: '.. vname, 0.0, 'fail')


More information about the Commits mailing list