Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!rutgers!netnews.upenn.edu!vax1.cc.lehigh.edu!cert.sei.cmu.edu!krvw
From: CHESS@YKTVMV.BITNET (David.M.Chess)
Newsgroups: comp.virus
Subject: re: new virus 1022 (PC)
Message-ID: <0004.9007241234.AA23686@ubu.cert.sei.cmu.edu>
Date: 23 Jul 90 14:03:04 GMT
Sender: Virus Discussion List <VIRUS-L@LEHIIBM1>
Lines: 15
Approved: krvw@sei.cmu.edu

"Otto Stolz" <RZOTTO@DKNKURZ1.BITNET>:

> I think that EXE files can only grow by multiples of 16.
> Am I mistaken?

Hm.   I think you may be.   An EXE file can be any length, and
a virus can add any length to it.   In general, a virus will
round the length of the host file up to a multiple of 16 bytes
*before* adding the virus code (because that's the only easy
way to do it).   So, for instance, an EXE infector that was
921 bytes long (just an example) adding itself to an EXE file
that was 1590 bytes long would first round the victim up to
1600, and then add the 921, for a total of 2521.   Something
like that.  I'm not entirely positive that all this is true,
but I think it is!   *8)                     DC