| line |
true |
false |
branch |
|
76
|
0 |
0 |
unless exists $pms->{'antivirus_microsoft_exe'}
|
|
84
|
0 |
0 |
unless exists $pms->{'antivirus_suspect_name'}
|
|
105
|
0 |
0 |
if ($name and $name =~ /\.(?:ade|adp|asx|bas|bat|chm|cmd|com|cpl|crt|dll|exe|hlp|hta|inf|ins|isp|js|jse|lnk|mda|mdb|mde|mdt|mdw|mdz|msc|msi|msp|mst|nws|ops|pcd|pif|prf|reg|scf|scr\??|sct|shb|shs|shm|swf|url|vb|vbe|vbs|vbx|vxd|wsc|wsf|wsh)$/) { }
|
|
|
0 |
0 |
elsif ($cte =~ /base64/ and defined $p->raw->[0] and $p->raw->[0] =~ /^TV[opqr].A..[AB].[AQgw][A-H].A/) { }
|
|
|
0 |
0 |
elsif ($ctype =~ /^text\b/) { }
|
|
119
|
0 |
0 |
if (/^M35[GHIJK].`..`..*````/)
|
|
127
|
0 |
0 |
if ($name and $ctype ne 'application/octet-stream')
|
|
131
|
0 |
0 |
if ($name =~ /^(?:txt|[px]?html?|xml)$/ and not $ctype =~ m[^(?:text/(?:plain|[px]?html?|english|sgml|xml|enriched|richtext)|message/external-body)] or $name =~ /^(?:jpe?g|tiff?|gif|png)$/ and not $ctype =~ m[^(?:image/|application/mac-binhex)] or $name eq 'vcf' and $ctype ne 'text/vcard' or $name =~ /^(?:bat|com|exe|pif|scr|swf|vbs)$/ and not $ctype =~ m[^application/] or $name eq 'doc' and not $ctype =~ m[^application/.*word$] or $name eq 'ppt' and not $ctype =~ m[^application/.*(?:powerpoint|ppt)$] or $name eq 'xls' and not $ctype =~ m[^application/.*excel$])
|