Defending Libpng Applications Against Decompression Bombs

Avast Free Antivirus / Premium Security
1

About the following things, is avast!5 affected?

Security Advisory for libpng-1.4.0 and earlier, 27 February 2010
http://libpng.sourceforge.net/ADVISORY-1.4.1.html

Defending Libpng Applications Against Decompression Bombs
http://libpng.sourceforge.net/decompression_bombs.html

2

bump

3

This is the first time I have gotten a “decompression bomb” result in my avast scan. There are two unable to scan:decompression files, and one that came up unable to scan: reached the end of file. The files are as follows: Starcraft+BroodWar+UpdatePatch1.151+CD Key/StarCraftBroodWar.iso\INSTALL.EXE. All three files are related to StarCraft BroodWar. I am imagining this is some type of game? My husband may have downloaded this before he deployed. Should I just leave this be? Move it? It won’t let me put it into the chest. Would just having these game files on the computer slow it down? Please advise! Thank you!

4

Decompression bomb is a file that may be rather small, but decompresses to an enormous amount of data (when processed as a packed archive). Such file are not malicious per se, but they may block an antivirus program when it tries to scan them.
This kind of files is rather hard to detect (and avoid) precisely - so, it is possible that there are some false alarms. It’s not a big problem in this case, however - the “decompression bomb” announcement actually means something like “The file has a very high, maybe even suspicious, compression ratio and the AV is not going to scan the archive content”.

I’d suggest to ignore these files.