@@ -26,6 +26,7 @@ ClamAV patches were submitted by (in alphabetical order):

 Kamil Andrusz <wizz@mniam.net>

 Patrick Bihan-Faou <patrick@mindstep.com>

 Damien Curtain <damien@pagefault.org>

+Michael Dankov <misha@btrc.ru>

 Alejandro Dubrovsky <s328940@student.uq.edu.au>

 Magnus Ekdahl <magnus@debian.org>

 Jason Englander <jason@englanders.cc>

@@ -44,6 +45,7 @@ Ed Phillips <ed@UDel.Edu>

 Andreas Piesk <Andreas.Piesk@heise.de>

 Ant La Porte <ant@dvere.net>

 Thomas Quinot <thomas@cuivre.fr.eu.org>

+Joe Talbott <josepht@cstone.net>

 Gernot Tenchio <g.tenchio@telco-tech.de>

 Laurent Wacrenier <lwa@teaser.fr>

 David Woakes <david@mitredata.co.uk>

@@ -1,3 +1,9 @@

+Sat Nov  1 04:14:14 CET 2003 (tk)

+---------------------------------

+  * clamd: scanner: close a whole file stream and not only a file descriptor;

+	   fixed potential descriptor leaks on error situation (patches by

+	   Michael Dankov)

+

 Fri Oct 31 13:34:18 GMT 2003 (njh)

 ----------------------------------

   * clamav-milter: added dont scan on error flag

@@ -176,14 +176,14 @@ int scanstream(int odesc, unsigned long int *scanned, const struct cl_node *root

 {

 	int ret, portscan = CL_DEFAULT_MAXPORTSCAN, sockfd, port, acceptd, tmpd, bread;

 	long int size = 0, maxsize = 0;

-	short binded = 0;

+	short bound = 0;

 	char *virname, buff[32768];

 	struct sockaddr_in server;

 	struct cfgstruct *cpt;

-	FILE *tmp;

+	FILE *tmp = NULL;

-    while(!binded && portscan--) {

+    while(!bound && portscan--) {

 	if((port = cl_rndnum(60000)) < 1024)

 	    port += 2139;

@@ -198,11 +198,11 @@ int scanstream(int odesc, unsigned long int *scanned, const struct cl_node *root

 	if(bind(sockfd, (struct sockaddr *) &server, sizeof(struct sockaddr_in)) == -1)

 	    close(sockfd);

 	else

-	    binded = 1;

+	    bound = 1;

     }

-    if(!binded && !portscan) {

+    if(!bound && !portscan) {

 	mdprintf(odesc, "ERROR\n");

 	logg("!ScanStream: Can't find any free port.\n");

 	return -1;

@@ -219,12 +219,13 @@ int scanstream(int odesc, unsigned long int *scanned, const struct cl_node *root

     }

-    logg("*Accepted connection on port %d\n", port);

+    logg("*Accepted connection on port %d, fd %d\n", port, acceptd);

     if(cfgopt(copt, "StreamSaveToDisk")) {

 	if((tmp = tmpfile()) == NULL) {

 	    shutdown(sockfd, 2);

 	    close(sockfd);

+	    close(acceptd);

 	    mdprintf(odesc, "Temporary file ERROR\n");

 	    logg("!ScanStream: Can't create temporary file.\n");

 	    return -1;

@@ -240,18 +241,22 @@ int scanstream(int odesc, unsigned long int *scanned, const struct cl_node *root

 	    if(maxsize && (size + sizeof(buff)) > maxsize) {

 		shutdown(sockfd, 2);

 		close(sockfd);

+		close(acceptd);

 		mdprintf(odesc, "Size exceeded ERROR\n");

 		logg("^ScanStream: Size exceeded (stopped at %d, max: %d)\n", size, maxsize);

-		close(tmpd);

+		if(tmp)

+		    fclose(tmp);

 		return -1;

 	    }

 	    if(write(tmpd, buff, bread) < 0) {

 		shutdown(sockfd, 2);

 		close(sockfd);

+		close(acceptd);

 		mdprintf(odesc, "Temporary file -> write ERROR\n");

 		logg("!ScanStream: Can't write to temporary file.\n");

-		close(tmpd);

+		if(tmp)

+		    fclose(tmp);

 		return -1;

 	    }

@@ -259,7 +264,8 @@ int scanstream(int odesc, unsigned long int *scanned, const struct cl_node *root

 	lseek(tmpd, 0, SEEK_SET);

 	ret = cl_scandesc(tmpd, &virname, scanned, root, limits, options);

-	close(tmpd);

+	if(tmp)

+	    fclose(tmp);

     } else

 	ret = cl_scandesc(acceptd, &virname, scanned, root, limits, 0);

@@ -55,6 +55,7 @@ int main(int argc, char **argv)

 	    {"build", 1, 0, 'b'},

 	    {"server", 1, 0, 's'},

 	    {"unpack", 1, 0, 'u'},

+	    {"unpack-current", 1, 0, 0},

 	    {"info", 1, 0, 'i'},

 	    {0, 0, 0, 0}

     	};

@@ -201,6 +201,10 @@ void sigtool(struct optstruct *opt)

 	unpack(opt);

+    } else if(optl(opt, "unpack-current")) {

+

+	unpack(opt);

+

     } else if(optc(opt, 'i')) {

 	cvdinfo(opt);

@@ -669,7 +673,7 @@ void cvdinfo(struct optstruct *opt)

 	exit(1);

     }

-    mprintf("Creation time: %s\n", cvd->time);

+    mprintf("Build time: %s\n", cvd->time);

     mprintf("Version: %d\n", cvd->version);

     mprintf("# of signatures: %d\n", cvd->sigs);

     mprintf("Functionality level: %d\n", cvd->fl);

@@ -711,6 +715,7 @@ void help(void)

     mprintf("   --build NAME		    -b NAME	Build a CVD file\n");

     mprintf("   --server ADDR	    -s ADDR	ClamAV Signing Service address\n");

     mprintf("   --unpack FILE	    -u FILE	Unpack a CVD file\n");

+    mprintf("   --unpack-current NAME		Unpack local CVD\n");

     mprintf("\n");

     exit(0);

@@ -785,10 +790,16 @@ int unpack(struct optstruct *opt)

 {

 	FILE *fd;

 	struct cl_cvd *cvd;

+	char *name;

+    if(optl(opt, "unpack-current")) {

+	name = mcalloc(300, sizeof(char)); /* FIXME */

+	sprintf(name, "%s/%s", cl_retdbdir(), getargl(opt, "unpack-current"));

+    } else

+	name = getargc(opt, 'u');

-    if((fd = fopen(getargc(opt, 'u'), "rb")) == NULL) {

-	mprintf("!Can't open CVD file %s\n");

+    if((fd = fopen(name, "rb")) == NULL) {

+	mprintf("!Can't open CVD file %s\n", name);

 	exit(1);

     }