Hi, there--
I sincerely apologize if this has been mentioned before. Very few
results come up when I search for anything related to ssn's on the
archives, so hopefully I'm not being repetitive...
I've been having problems with false positives on SSNs when searching
only unstripped/hyphened ssn's.
It looks like the problem is that in dlp.c, in dlp_is_valid_ssn
cli_isnumber is never run on the supposedly numeric components of
numbuf, but if there are any numbers in these components, the
sscanf... check still returns that it successfully matched all three.
Then, if by chance the numeric portions of the components satisfy the
rules of a valid ssn, clamscan thinks the invalid string is a valid ssn.
For example, 111-11-4<>! returns as a valid ssn.
I'm not really familiar enough with programming to know whether I am
actually reading the code correctly or not, but I am convinced enough to
bring it to the list.
Is this intended or just a known issue that has been put on the backburner?
Thanks for any help!
--Jen
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
I sincerely apologize if this has been mentioned before. Very few
results come up when I search for anything related to ssn's on the
archives, so hopefully I'm not being repetitive...
I've been having problems with false positives on SSNs when searching
only unstripped/hyphened ssn's.
It looks like the problem is that in dlp.c, in dlp_is_valid_ssn
cli_isnumber is never run on the supposedly numeric components of
numbuf, but if there are any numbers in these components, the
sscanf... check still returns that it successfully matched all three.
Then, if by chance the numeric portions of the components satisfy the
rules of a valid ssn, clamscan thinks the invalid string is a valid ssn.
For example, 111-11-4<>! returns as a valid ssn.
I'm not really familiar enough with programming to know whether I am
actually reading the code correctly or not, but I am convinced enough to
bring it to the list.
Is this intended or just a known issue that has been put on the backburner?
Thanks for any help!
--Jen
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net