-
Bug
-
Resolution: Fixed
-
Major
-
3.10.4, 3.11, 4.0
-
MOODLE_310_STABLE, MOODLE_311_STABLE, MOODLE_400_STABLE
-
MOODLE_310_STABLE, MOODLE_311_STABLE
-
Easy
-
get_incident_details() is called as a result of scanner_exception being thrown. When attempting to get the file content hash, rather than use sha1_file() as is done in the file_storage class, the routine calls file_get_contents() to pass the entirety of the file as a single string to the hash_from_string() function.
Any file with a size exceeding the configured memory limit will generate the fatal error: "Allowed memory size of XXXXXXXXX bytes exhausted"
Routine should use the sha1_file() to prevent exhausting memory since scanned files can be anticipated to be extremely large.
Introduced in MDL-66222 antivirus: Added antivirus failure reporting, commit adbe92c, which looks like 3.10 and forward.
- has a non-specific relationship to
-
MDL-66222 Add admin options for how to handle detected viruses
- Closed