@@ -1,3 +1,7 @@

+Wed Aug  5 16:27:06 CEST 2009 (tk)

+----------------------------------

+ * clamd, clamscan: add support for CrossFilesystems/--cross-fs (bb#1607)

+

 Tue Aug  4 23:15:26 CEST 2009 (tk)

 ----------------------------------

  * configure, libclamav: fix compile issues on IRIX (bb#1532)

@@ -237,17 +237,29 @@ int scan_pathchk(const char *path, struct cli_ftw_cbdata *data)

 {

 	struct scan_cb_data *scandata = data->data;

 	const struct optstruct *opt;

+	struct stat statbuf;

     if((opt = optget(scandata->opts, "ExcludePath"))->enabled) {

 	while(opt) {

 	    if(match_regex(path, opt->strarg) == 1) {

 		if(scandata->type != TYPE_MULTISCAN)

 		    conn_reply_single(scandata->conn, path, "Excluded");

-		    return 1;

+		return 1;

 	    }

 	    opt = (const struct optstruct *) opt->nextarg;

 	}

     }

+

+    if(!optget(scandata->opts, "CrossFilesystems")->enabled) {

+	if(stat(path, &statbuf) == 0) {

+	    if(statbuf.st_dev != scandata->dev) {

+		if(scandata->type != TYPE_MULTISCAN)

+		    conn_reply_single(scandata->conn, path, "Excluded (another filesystem)");

+		return 1;

+	    }

+	}

+    }

+

     return 0;

 }

@@ -25,6 +25,8 @@

 #define TYPE_CONTSCAN	1

 #define TYPE_MULTISCAN	2

+#include <sys/types.h>

+

 #include "libclamav/clamav.h"

 #include "shared/optparser.h"

 #include "thrmgr.h"

@@ -46,6 +48,7 @@ struct scan_cb_data {

     const struct optstruct *opts;

     threadpool_t *thr_pool;

     jobgroup_t *group;

+    dev_t dev;

 };

 int scanfd(const int fd, const client_conn_t *conn, unsigned long int *scanned, const struct cl_engine *engine, unsigned int options, const struct optstruct *opts, int odesc, int stream);

@@ -192,6 +192,7 @@ int command(client_conn_t *conn, int *virus)

     struct scan_cb_data scandata;

     struct cli_ftw_cbdata data;

     unsigned ok, error, total;

+    struct stat sb;

     jobgroup_t *group = NULL;

     if (thrmgr_group_need_terminate(conn->group)) {

@@ -316,6 +317,11 @@ int command(client_conn_t *conn, int *virus)

 	flags |= CLI_FTW_FOLLOW_DIR_SYMLINK;

     if (optget(opts, "FollowFileSymlinks")->enabled)

 	flags |= CLI_FTW_FOLLOW_FILE_SYMLINK;

+

+    if(!optget(opts, "CrossFilesystems")->enabled)

+	if(stat(conn->filename, &sb) == 0)

+	    scandata.dev = sb.st_dev;

+

     ret = cli_ftw(conn->filename, flags,  maxdirrec ? maxdirrec : INT_MAX, scan_callback, &data, scan_pathchk);

     if (ret == CL_EMEM)

 	if(optget(opts, "ExitOnOOM")->enabled)

@@ -238,6 +238,7 @@ void help(void)

     mprintf("                                         all supported db files from DIR\n");

     mprintf("    --log=FILE            -l FILE        Save scan report to FILE\n");

     mprintf("    --recursive[=yes/no(*)]  -r          Scan subdirectories recursively\n");

+    mprintf("    --cross-fs[=yes(*)/no]               Scan files and directories on other filesystems\n");

     mprintf("    --file-list=FILE      -f FILE        Scan files from FILE\n");

     mprintf("    --remove[=yes/no(*)]                 Remove infected files. Be careful!\n");

     mprintf("    --move=DIRECTORY                     Move infected files into DIRECTORY\n");

@@ -169,7 +169,7 @@ static int scanfile(const char *filename, struct cl_engine *engine, const struct

     return ret;

 }

-static int scandirs(const char *dirname, struct cl_engine *engine, const struct optstruct *opts, unsigned int options, unsigned int depth)

+static int scandirs(const char *dirname, struct cl_engine *engine, const struct optstruct *opts, unsigned int options, unsigned int depth, dev_t dev)

 {

 	DIR *dd;

 	struct dirent *dent;

@@ -228,8 +228,16 @@ static int scandirs(const char *dirname, struct cl_engine *engine, const struct

 		    /* stat the file */

 		    if(lstat(fname, &statbuf) != -1) {

+			if(!optget(opts, "cross-fs")->enabled) {

+			    if(statbuf.st_dev != dev) {

+				if(!printinfected)

+				    logg("~%s: Excluded\n", fname);

+				free(fname);

+				continue;

+			    }

+			}

 			if(S_ISDIR(statbuf.st_mode) && !S_ISLNK(statbuf.st_mode) && recursion) {

-			    if(scandirs(fname, engine, opts, options, depth) == 1)

+			    if(scandirs(fname, engine, opts, options, depth, dev) == 1)

 				scanret++;

 			} else {

 			    if(S_ISREG(statbuf.st_mode))

@@ -593,8 +601,10 @@ int scanmanager(const struct optstruct *opts)

 	if(!getcwd(cwd, sizeof(cwd))) {

 	    logg("!Can't get absolute pathname of current working directory\n");

 	    ret = 57;

-	} else

-	    ret = scandirs(cwd, engine, opts, options, 1);

+	} else {

+	    stat(cwd, &sb);

+	    ret = scandirs(cwd, engine, opts, options, 1, sb.st_dev);

+	}

     } else if(opts->filename && !optget(opts, "file-list")->enabled && !strcmp(opts->filename[0], "-")) { /* read data from stdin */

 	ret = scanstdin(engine, opts, options);

@@ -624,7 +634,8 @@ int scanmanager(const struct optstruct *opts)

 			break;

 		    case S_IFDIR:

-			ret = scandirs(file, engine, opts, options, 1);

+			stat(file, &sb);

+			ret = scandirs(file, engine, opts, options, 1, sb.st_dev);

 			break;

 		    default:

@@ -162,6 +162,11 @@ Follow directory symlinks.

 .br 

 Default: no

 .TP 

+\fBCrossFilesystems BOOL\fR

+Scan files and directories on other filesystems.

+.br 

+Default: yes

+.TP 

 \fBFollowFileSymlinks BOOL\fR

 Follow regular file symlinks.

 .br 

@@ -48,6 +48,9 @@ Scan files listed line by line in FILE.

 \fB\-r, \-\-recursive\fR

 Scan directories recursively. All the subdirectories in the given directory will be scanned.

 .TP 

+\fB\-\-cross\-fs=[yes(*)/no]\fR

+Scan files and directories on other filesystems.

+.TP 

 \fB\-\-bell\fR

 Sound bell on virus detection.

 .TP 

@@ -156,6 +156,10 @@ LocalSocket /tmp/clamd.socket

 # Default: no

 #FollowFileSymlinks yes

+# Scan files and directories on other filesystems.

+# Default: yes

+#CrossFilesystems yes

+

 # Perform a database check.

 # Default: 600 (10 min)

 #SelfCheck 600

@@ -211,6 +211,8 @@ const struct clam_option clam_options[] = {

     { "FollowFileSymlinks", NULL, 0, TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD, "Follow symlinks to regular files.", "no" },

+    { "CrossFilesystems", "cross-fs", 0, TYPE_BOOL, MATCH_BOOL, 1, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN, "Scan files and directories on other filesystems.", "yes" },

+

     { "SelfCheck", NULL, 0, TYPE_NUMBER, MATCH_NUMBER, 600, NULL, 0, OPT_CLAMD, "This option specifies the time intervals (in seconds) in which clamd\nshould perform a database check.", "600" },

     { "VirusEvent", NULL, 0, TYPE_STRING, NULL, -1, NULL, 0, OPT_CLAMD, "Execute a command when a virus is found. In the command string %v will be\nreplaced with the virus name. Additionally, two environment variables will\nbe defined: $CLAM_VIRUSEVENT_FILENAME and $CLAM_VIRUSEVENT_VIRUSNAME.", "/usr/bin/mailx -s \"ClamAV VIRUS ALERT: %v\" alert < /dev/null" },