@@ -1,3 +1,9 @@

+Mon Feb 16 14:08:50 EET 2009 (edwin)

+------------------------------------

+ * clamd/server-th.c, clamd/session.c, unit_tests/check_clamd.c: add

+ more unit tests.  Make handling of old-style commands compatible

+ with old clamd: if they have a \n that will delimit the command.

+

 Mon Feb 16 17:59:57 CET 2009 (tk)

 ---------------------------------

  * libclamav, sigtool: fix handling of long signatures (bb#1395)

@@ -240,6 +240,12 @@ static struct cl_engine *reload_db(struct cl_engine *engine, unsigned int dbopti

     return engine;

 }

+/*

+ * zCOMMANDS are delimited by \0

+ * nCOMMANDS are delimited by \n

+ * Old-style non-prefixed commands are one packet, optionally delimited by \n,

+ * with trailing \r|\n ignored

+ */

 static const char *get_cmd(struct fd_buf *buf, size_t off, size_t *len, char *term)

 {

     unsigned char *pos;

@@ -269,10 +275,18 @@ static const char *get_cmd(struct fd_buf *buf, size_t off, size_t *len, char *te

 	    return buf->buffer + off + 1;

 	default:

 	    /* one packet = one command */

-	    *len = buf->off - off;

-	    buf->buffer[buf->off] = '\0';

-	    cli_chomp(buf->buffer + off);

-	    return buf->buffer + off;

+	    if (off)

+		return NULL;

+	    pos = memchr(buf->buffer, '\n', buf->off);

+	    if (pos) {

+		*len = pos - buf->buffer;

+		*pos = '\0';

+	    } else {

+		*len = buf->off;

+		buf->buffer[buf->off] = '\0';

+	    }

+	    cli_chomp(buf->buffer);

+	    return buf->buffer;

     }

 }

@@ -832,6 +846,7 @@ int recvloop_th(int *socketds, unsigned nsockets, struct cl_engine *engine, unsi

 		conn.quota = buf->quota;

 		conn.filename = buf->dumpname;

 		conn.mode = buf->mode;

+		conn.term = buf->term;

 		/* Parse & dispatch commands */

 		while ((conn.mode == MODE_COMMAND) &&

 		       (cmd = get_cmd(buf, pos, &cmdlen, &term)) != NULL) {

@@ -980,8 +995,9 @@ int recvloop_th(int *socketds, unsigned nsockets, struct cl_engine *engine, unsi

 			    if (buf->chunksize > buf->quota) {

 				logg("^INSTREAM: Size limit reached, (requested: %lu, max: %lu)\n", 

 				     (unsigned long)buf->chunksize, (unsigned long)buf->quota);

-				conn_reply_error(&conn, "INSTREAM size limit exceeded. ERROR");

+				conn_reply_error(&conn, "INSTREAM size limit exceeded.");

 				error = 1;

+				break;

 			    } else {

 				buf->quota -= buf->chunksize;

 			    }

@@ -227,7 +227,7 @@ int command(client_conn_t *conn, int *virus)

 	    /* callback freed it */

 	    conn->filename = NULL;

 	    *virus = scandata.infected;

-	    return 0;

+	    return scandata.errors > 0 ? scandata.errors : 0;

 	case COMMAND_FILDES:

 	    thrmgr_setactivetask(NULL, "FILDES");

 #ifdef HAVE_FD_PASSING

@@ -56,16 +56,77 @@ static void conn_teardown(void)

 #define SCANFILE BUILDDIR"/../test/clam.exe"

 #define FOUNDREPLY SCANFILE": ClamAV-Test-File.UNOFFICIAL FOUND"

+/* some clean file */

+#define CLEANFILE SRCDIR"/Makefile.am"

+#define CLEANREPLY CLEANFILE": OK"

+#define UNKNOWN_REPLY "UNKNOWN COMMAND"

+

+#define NONEXISTENT "/nonexistent\vfilename"

+#define NONEXISTENT_REPLY NONEXISTENT": lstat() failed: No such file or directory. ERROR"

+

+#define ACCDENIED BUILDDIR"/accdenied"

+#define ACCDENIED_REPLY ACCDENIED": Access denied. ERROR"

+

+static void commands_setup(void)

+{

+    const char *nonempty = "NONEMPTYFILE";

+    int fd = open(NONEXISTENT, O_RDONLY);

+    int rc;

+    if (fd != -1) close(fd);

+    fail_unless(fd == -1, "Nonexistent file exists!\n");

+

+    fd = open(ACCDENIED, O_CREAT | O_WRONLY, S_IWUSR);

+    fail_unless_fmt(fd != -1,

+		    "Failed to create file for access denied tests: %s\n", strerror(errno));

+

+

+    fail_unless_fmt(fchmod(fd,  S_IWUSR) != -1,

+		    "Failed to chmod: %s\n", strerror(errno));

+    /* must not be empty file */

+    fail_unless_fmt(write(fd, nonempty, strlen(nonempty)) == strlen(nonempty),

+		    "Failed to write into testfile: %s\n", strerror(errno));

+    close(fd);

+}

+

+static void commands_teardown(void)

+{

+    int rc = unlink(ACCDENIED);

+    fail_unless_fmt(rc != -1, "Failed to unlink access denied testfile: %s\n", strerror(errno));

+}

+

 static struct basic_test {

     const char *command;

+    const char *extra;

     const char *reply;

 } basic_tests[] = {

-    {"PING", "PONG"},

-    {"RELOAD","RELOADING"},

-    {"VERSION", "ClamAV "REPO_VERSION""VERSION_SUFFIX},

-    {"SCAN "SCANFILE, FOUNDREPLY},

-    {"CONTSCAN "SCANFILE, FOUNDREPLY},

-    {"MULTISCAN "SCANFILE, FOUNDREPLY},

+    {"PING", NULL, "PONG"},

+    {"RELOAD", NULL, "RELOADING"},

+    {"VERSION", NULL, "ClamAV "REPO_VERSION""VERSION_SUFFIX},

+    {"SCAN "SCANFILE, NULL, FOUNDREPLY},

+    {"SCAN "CLEANFILE, NULL, CLEANREPLY},

+    {"CONTSCAN "SCANFILE, NULL, FOUNDREPLY},

+    {"CONTSCAN "CLEANFILE, NULL, CLEANREPLY},

+    {"MULTISCAN "SCANFILE, NULL, FOUNDREPLY},

+    {"MULTISCAN "CLEANFILE, NULL, CLEANREPLY},

+    /* unknown commnads */

+    {"RANDOM", NULL, UNKNOWN_REPLY},

+    /* commands invalid as first */

+    {"END", NULL, UNKNOWN_REPLY},

+    /* commands for nonexistent files */

+    {"SCAN "NONEXISTENT, NULL, NONEXISTENT_REPLY},

+    {"CONTSCAN "NONEXISTENT, NULL, NONEXISTENT_REPLY},

+    {"MULTISCAN "NONEXISTENT, NULL, NONEXISTENT_REPLY},

+    /* commands for access denied files */

+    {"SCAN "ACCDENIED, NULL, ACCDENIED_REPLY},

+    {"CONTSCAN "ACCDENIED, NULL, ACCDENIED_REPLY},

+    {"MULTISCAN "ACCDENIED, NULL, ACCDENIED_REPLY},

+    /* commands with invalid/missing arguments */

+    {"SCAN", NULL, UNKNOWN_REPLY},

+    {"CONTSCAN", NULL, UNKNOWN_REPLY},

+    {"MULTISCAN", NULL, UNKNOWN_REPLY},

+    /* commands with invalid data */

+    {"INSTREAM", "\xff\xff\xff\xff", "INSTREAM size limit exceeded. ERROR"}, /* too big chunksize */

+    {"FILDES", "X", "No file descriptor received. ERROR"}, /* FILDES w/o ancillary data */

 };

 static void *recvfull(int sd, size_t *len)

@@ -91,13 +152,18 @@ static void *recvfull(int sd, size_t *len)

     return buf;

 }

-static void test_command(const char *cmd, size_t len, const char *expect, size_t expect_len)

+static void test_command(const char *cmd, size_t len, const char *extra, const char *expect, size_t expect_len)

 {

     void *recvdata;

     ssize_t rc;

     rc = send(sockd, cmd, len, 0);

     fail_unless_fmt((size_t)rc == len, "Unable to send(): %s\n", strerror(errno));

+    if (extra) {

+	rc = send(sockd, extra, strlen(extra), 0);

+	fail_unless_fmt((size_t)rc == strlen(extra), "Unable to send(): %s\n", strerror(errno));

+    }

+

     recvdata = recvfull(sockd, &len);

     fail_unless_fmt(len == expect_len, "Reply has wrong size: %lu, expected %lu, reply: %s\n",

@@ -112,22 +178,46 @@ START_TEST (test_basic_commands)

 {

     struct basic_test *test = &basic_tests[_i];

     char nsend[BUFSIZ], nreply[BUFSIZ];

-    /* send the command the "old way" */

-    conn_setup();

-    snprintf(nreply, sizeof(nreply), "%s\n", test->reply);

-    test_command(test->command, strlen(test->command), nreply, strlen(nreply));

-    conn_teardown();

     /* send nCOMMAND */

-    conn_setup();

+    snprintf(nreply, sizeof(nreply), "%s\n", test->reply);

     snprintf(nsend, sizeof(nsend), "n%s\n", test->command);

-    test_command(nsend, strlen(nsend), nreply, strlen(nreply));

+    conn_setup();

+    test_command(nsend, strlen(nsend), test->extra, nreply, strlen(nreply));

     conn_teardown();

     /* send zCOMMAND */

-    conn_setup();

     snprintf(nsend, sizeof(nsend), "z%s", test->command);

-    test_command(nsend, strlen(nsend)+1, test->reply, strlen(test->reply)+1);

+    conn_setup();

+    test_command(nsend, strlen(nsend)+1, test->extra, test->reply, strlen(test->reply)+1);

+    conn_teardown();

+}

+END_TEST

+

+START_TEST (test_compat_commands)

+{

+    /* test sending the command the "old way" */

+    struct basic_test *test = &basic_tests[_i];

+    char nsend[BUFSIZ], nreply[BUFSIZ];

+

+    snprintf(nreply, sizeof(nreply), "%s\n", test->reply);

+    if (!test->extra) {

+	/* one command = one packet, no delimiter */

+	conn_setup();

+	test_command(test->command, strlen(test->command), test->extra, nreply, strlen(nreply));

+	conn_teardown();

+    }

+

+    /* one packet, \n delimited command, followed by "extra" if needed */

+    snprintf(nsend, sizeof(nsend), "%s\n", test->command);

+    conn_setup();

+    test_command(nsend, strlen(nsend), test->extra, nreply, strlen(nreply));

+    conn_teardown();

+

+    /* one packet, \r\n delimited command, followed by "extra" if needed */

+    snprintf(nsend, sizeof(nsend), "%s\r\n", test->command);

+    conn_setup();

+    test_command(nsend, strlen(nsend), test->extra, nreply, strlen(nreply));

     conn_teardown();

 }

 END_TEST

@@ -204,12 +294,15 @@ START_TEST (tc_instream)

 }

 END_TEST

+

 static Suite *test_clamd_suite(void)

 {

     Suite *s = suite_create("clamd");

     TCase *tc_commands = tcase_create("clamd commands");

     suite_add_tcase(s, tc_commands);

+    tcase_add_unchecked_fixture(tc_commands, commands_setup, commands_teardown);

     tcase_add_loop_test(tc_commands, test_basic_commands, 0, sizeof(basic_tests)/sizeof(basic_tests[0]));

+    tcase_add_loop_test(tc_commands, test_compat_commands, 0, sizeof(basic_tests)/sizeof(basic_tests[0]));

     tcase_add_test(tc_commands, tc_instream);

     tcase_add_test(tc_commands, tc_stats);

     return s;