edisona / malwarecookbook

Automatically exported from code.google.com/p/malwarecookbook
1 stars 0 forks source link

typo in pescanner.py wrt clamscan status code #36

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
As I was testing pescanner.py, I came across a potential typo. The problem
I ran into was that the tool would not show me the output of clamscan when
I scanned known malicious files. I traced the issue to this code fragment:

 def check_clam(self, file):
        if os.path.isfile(clamscan_path):
            status, output = commands.getstatusoutput("%s %s" %
(clamscan_path, file))
            if status == 0:
                return "Clamav: %s" % output.split("\n")[0]
        return ''

I think the status check should say "!=" instead of "==". Clamscan (at
least on Ubuntu) returns zero if the file is clean; it return a non-zero
value (256 in my testing) if the file is malicious.

Original issue reported on code.google.com by michael.hale@gmail.com on 5 Dec 2011 at 3:06

GoogleCodeExporter commented 9 years ago
This issue was closed by revision r138.

Original comment by michael.hale@gmail.com on 2 May 2012 at 6:13