Browse code
Correction to clamsubmit to use the malware session id instead of the presigned session id, as the presigned one appears to not be set and the malware one appears to work as intended. Added an additional check for safety to ensure that the cfduid and session id values are not NULL.
Micah Snyder authored on 2018/03/21 00:37:37Showing 1 changed files
| ... | ... |
@@ -259,6 +259,12 @@ int main(int argc, char *argv[]) |
| 259 | 259 |
else |
| 260 | 260 |
curl_easy_setopt(clam_curl, CURLOPT_URL, "http://www.clamav.net/presigned?type=fp"); |
| 261 | 261 |
curl_easy_setopt(clam_curl, CURLOPT_HTTPGET, 1); |
| 262 |
+ |
|
| 263 |
+ if (NULL == hd_malware.cfduid || NULL == hd_malware.session) {
|
|
| 264 |
+ fprintf (stderr, "invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission."); |
|
| 265 |
+ exit(1); |
|
| 266 |
+ } |
|
| 267 |
+ |
|
| 262 | 268 |
len = strlen(hd_malware.cfduid) + strlen(hd_malware.session) + 3; |
| 263 | 269 |
str = malloc(len); |
| 264 | 270 |
if (str == NULL) {
|
| ... | ... |
@@ -371,13 +377,13 @@ int main(int argc, char *argv[]) |
| 371 | 371 |
|
| 372 | 372 |
/*** The POST submit to clamav.net ***/ |
| 373 | 373 |
slist = curl_slist_append(slist, "Expect:"); |
| 374 |
- len = strlen(hd_malware.cfduid) + strlen(hd_presigned.session) + 3; |
|
| 374 |
+ len = strlen(hd_malware.cfduid) + strlen(hd_malware.session) + 3; |
|
| 375 | 375 |
str = malloc(len); |
| 376 | 376 |
if (str == NULL) {
|
| 377 | 377 |
fprintf(stderr, "No memory for POST submit cookies.\n"); |
| 378 | 378 |
exit(1); |
| 379 | 379 |
} |
| 380 |
- if (snprintf(str, len, "%s; %s;", hd_malware.cfduid, hd_presigned.session) > len) {
|
|
| 380 |
+ if (snprintf(str, len, "%s; %s;", hd_malware.cfduid, hd_malware.session) > len) {
|
|
| 381 | 381 |
fprintf(stderr, "snprintf() failed formatting POST submit cookies\n"); |
| 382 | 382 |
exit(1); |
| 383 | 383 |
} |