git-svn: trunk@92
Tomasz Kojm authored on 2003/11/01 12:16:25... | ... |
@@ -26,6 +26,7 @@ ClamAV patches were submitted by (in alphabetical order): |
26 | 26 |
Kamil Andrusz <wizz@mniam.net> |
27 | 27 |
Patrick Bihan-Faou <patrick@mindstep.com> |
28 | 28 |
Damien Curtain <damien@pagefault.org> |
29 |
+Michael Dankov <misha@btrc.ru> |
|
29 | 30 |
Alejandro Dubrovsky <s328940@student.uq.edu.au> |
30 | 31 |
Magnus Ekdahl <magnus@debian.org> |
31 | 32 |
Jason Englander <jason@englanders.cc> |
... | ... |
@@ -44,6 +45,7 @@ Ed Phillips <ed@UDel.Edu> |
44 | 44 |
Andreas Piesk <Andreas.Piesk@heise.de> |
45 | 45 |
Ant La Porte <ant@dvere.net> |
46 | 46 |
Thomas Quinot <thomas@cuivre.fr.eu.org> |
47 |
+Joe Talbott <josepht@cstone.net> |
|
47 | 48 |
Gernot Tenchio <g.tenchio@telco-tech.de> |
48 | 49 |
Laurent Wacrenier <lwa@teaser.fr> |
49 | 50 |
David Woakes <david@mitredata.co.uk> |
... | ... |
@@ -1,3 +1,9 @@ |
1 |
+Sat Nov 1 04:14:14 CET 2003 (tk) |
|
2 |
+--------------------------------- |
|
3 |
+ * clamd: scanner: close a whole file stream and not only a file descriptor; |
|
4 |
+ fixed potential descriptor leaks on error situation (patches by |
|
5 |
+ Michael Dankov) |
|
6 |
+ |
|
1 | 7 |
Fri Oct 31 13:34:18 GMT 2003 (njh) |
2 | 8 |
---------------------------------- |
3 | 9 |
* clamav-milter: added dont scan on error flag |
... | ... |
@@ -176,14 +176,14 @@ int scanstream(int odesc, unsigned long int *scanned, const struct cl_node *root |
176 | 176 |
{ |
177 | 177 |
int ret, portscan = CL_DEFAULT_MAXPORTSCAN, sockfd, port, acceptd, tmpd, bread; |
178 | 178 |
long int size = 0, maxsize = 0; |
179 |
- short binded = 0; |
|
179 |
+ short bound = 0; |
|
180 | 180 |
char *virname, buff[32768]; |
181 | 181 |
struct sockaddr_in server; |
182 | 182 |
struct cfgstruct *cpt; |
183 |
- FILE *tmp; |
|
183 |
+ FILE *tmp = NULL; |
|
184 | 184 |
|
185 | 185 |
|
186 |
- while(!binded && portscan--) { |
|
186 |
+ while(!bound && portscan--) { |
|
187 | 187 |
if((port = cl_rndnum(60000)) < 1024) |
188 | 188 |
port += 2139; |
189 | 189 |
|
... | ... |
@@ -198,11 +198,11 @@ int scanstream(int odesc, unsigned long int *scanned, const struct cl_node *root |
198 | 198 |
if(bind(sockfd, (struct sockaddr *) &server, sizeof(struct sockaddr_in)) == -1) |
199 | 199 |
close(sockfd); |
200 | 200 |
else |
201 |
- binded = 1; |
|
201 |
+ bound = 1; |
|
202 | 202 |
|
203 | 203 |
} |
204 | 204 |
|
205 |
- if(!binded && !portscan) { |
|
205 |
+ if(!bound && !portscan) { |
|
206 | 206 |
mdprintf(odesc, "ERROR\n"); |
207 | 207 |
logg("!ScanStream: Can't find any free port.\n"); |
208 | 208 |
return -1; |
... | ... |
@@ -219,12 +219,13 @@ int scanstream(int odesc, unsigned long int *scanned, const struct cl_node *root |
219 | 219 |
} |
220 | 220 |
|
221 | 221 |
|
222 |
- logg("*Accepted connection on port %d\n", port); |
|
222 |
+ logg("*Accepted connection on port %d, fd %d\n", port, acceptd); |
|
223 | 223 |
|
224 | 224 |
if(cfgopt(copt, "StreamSaveToDisk")) { |
225 | 225 |
if((tmp = tmpfile()) == NULL) { |
226 | 226 |
shutdown(sockfd, 2); |
227 | 227 |
close(sockfd); |
228 |
+ close(acceptd); |
|
228 | 229 |
mdprintf(odesc, "Temporary file ERROR\n"); |
229 | 230 |
logg("!ScanStream: Can't create temporary file.\n"); |
230 | 231 |
return -1; |
... | ... |
@@ -240,18 +241,22 @@ int scanstream(int odesc, unsigned long int *scanned, const struct cl_node *root |
240 | 240 |
if(maxsize && (size + sizeof(buff)) > maxsize) { |
241 | 241 |
shutdown(sockfd, 2); |
242 | 242 |
close(sockfd); |
243 |
+ close(acceptd); |
|
243 | 244 |
mdprintf(odesc, "Size exceeded ERROR\n"); |
244 | 245 |
logg("^ScanStream: Size exceeded (stopped at %d, max: %d)\n", size, maxsize); |
245 |
- close(tmpd); |
|
246 |
+ if(tmp) |
|
247 |
+ fclose(tmp); |
|
246 | 248 |
return -1; |
247 | 249 |
} |
248 | 250 |
|
249 | 251 |
if(write(tmpd, buff, bread) < 0) { |
250 | 252 |
shutdown(sockfd, 2); |
251 | 253 |
close(sockfd); |
254 |
+ close(acceptd); |
|
252 | 255 |
mdprintf(odesc, "Temporary file -> write ERROR\n"); |
253 | 256 |
logg("!ScanStream: Can't write to temporary file.\n"); |
254 |
- close(tmpd); |
|
257 |
+ if(tmp) |
|
258 |
+ fclose(tmp); |
|
255 | 259 |
return -1; |
256 | 260 |
} |
257 | 261 |
|
... | ... |
@@ -259,7 +264,8 @@ int scanstream(int odesc, unsigned long int *scanned, const struct cl_node *root |
259 | 259 |
|
260 | 260 |
lseek(tmpd, 0, SEEK_SET); |
261 | 261 |
ret = cl_scandesc(tmpd, &virname, scanned, root, limits, options); |
262 |
- close(tmpd); |
|
262 |
+ if(tmp) |
|
263 |
+ fclose(tmp); |
|
263 | 264 |
|
264 | 265 |
} else |
265 | 266 |
ret = cl_scandesc(acceptd, &virname, scanned, root, limits, 0); |
... | ... |
@@ -201,6 +201,10 @@ void sigtool(struct optstruct *opt) |
201 | 201 |
|
202 | 202 |
unpack(opt); |
203 | 203 |
|
204 |
+ } else if(optl(opt, "unpack-current")) { |
|
205 |
+ |
|
206 |
+ unpack(opt); |
|
207 |
+ |
|
204 | 208 |
} else if(optc(opt, 'i')) { |
205 | 209 |
|
206 | 210 |
cvdinfo(opt); |
... | ... |
@@ -669,7 +673,7 @@ void cvdinfo(struct optstruct *opt) |
669 | 669 |
exit(1); |
670 | 670 |
} |
671 | 671 |
|
672 |
- mprintf("Creation time: %s\n", cvd->time); |
|
672 |
+ mprintf("Build time: %s\n", cvd->time); |
|
673 | 673 |
mprintf("Version: %d\n", cvd->version); |
674 | 674 |
mprintf("# of signatures: %d\n", cvd->sigs); |
675 | 675 |
mprintf("Functionality level: %d\n", cvd->fl); |
... | ... |
@@ -711,6 +715,7 @@ void help(void) |
711 | 711 |
mprintf(" --build NAME -b NAME Build a CVD file\n"); |
712 | 712 |
mprintf(" --server ADDR -s ADDR ClamAV Signing Service address\n"); |
713 | 713 |
mprintf(" --unpack FILE -u FILE Unpack a CVD file\n"); |
714 |
+ mprintf(" --unpack-current NAME Unpack local CVD\n"); |
|
714 | 715 |
mprintf("\n"); |
715 | 716 |
|
716 | 717 |
exit(0); |
... | ... |
@@ -785,10 +790,16 @@ int unpack(struct optstruct *opt) |
785 | 785 |
{ |
786 | 786 |
FILE *fd; |
787 | 787 |
struct cl_cvd *cvd; |
788 |
+ char *name; |
|
788 | 789 |
|
790 |
+ if(optl(opt, "unpack-current")) { |
|
791 |
+ name = mcalloc(300, sizeof(char)); /* FIXME */ |
|
792 |
+ sprintf(name, "%s/%s", cl_retdbdir(), getargl(opt, "unpack-current")); |
|
793 |
+ } else |
|
794 |
+ name = getargc(opt, 'u'); |
|
789 | 795 |
|
790 |
- if((fd = fopen(getargc(opt, 'u'), "rb")) == NULL) { |
|
791 |
- mprintf("!Can't open CVD file %s\n"); |
|
796 |
+ if((fd = fopen(name, "rb")) == NULL) { |
|
797 |
+ mprintf("!Can't open CVD file %s\n", name); |
|
792 | 798 |
exit(1); |
793 | 799 |
} |
794 | 800 |
|