@@ -1,3 +1,7 @@

+Tue Jan 30 22:08:22 CET 2007 (tk)

+---------------------------------

+  * clamscan: code cleanup

+

 Tue Jan 30 20:24:34 CET 2007 (tk)

 ---------------------------------

   * libclamav/dconf.c: enable sue, mew, upack and nspack (with agreement from

@@ -36,12 +36,11 @@ clamscan_SOURCES = \

     clamscan_opt.h \

     others.c \

     others.h \

-    shared.h \

+    global.h \

     manager.c \

     manager.h \

     treewalk.c \

-    treewalk.h \

-    defaults.h

+    treewalk.h

 DEFS = @DEFS@ -DCL_NOTHREADS

 LIBS = $(top_builddir)/libclamav/libclamav.la @ADDITIONAL_LIBS@

@@ -234,12 +234,11 @@ clamscan_SOURCES = \

     clamscan_opt.h \

     others.c \

     others.h \

-    shared.h \

+    global.h \

     manager.c \

     manager.h \

     treewalk.c \

-    treewalk.h \

-    defaults.h

+    treewalk.h

 INCLUDES = -I$(top_srcdir) -I$(top_srcdir)/shared -I$(top_srcdir)/libclamav

 all: all-am

@@ -27,25 +27,23 @@

 #include <unistd.h>

 #include <sys/time.h>

 #include <time.h>

+#ifdef C_LINUX

+#include <sys/resource.h>

+#endif

 #include "clamscan_opt.h"

 #include "others.h"

-#include "shared.h"

+#include "global.h"

 #include "manager.h"

-#include "defaults.h"

 #include "treewalk.h"

-#include "misc.h"

-

-#include "output.h"

-#include "options.h"

-#ifdef C_LINUX

-#include <sys/resource.h>

-#endif

+#include "shared/misc.h"

+#include "shared/output.h"

+#include "shared/options.h"

 void help(void);

-struct s_info claminfo;

+struct s_info info;

 short recursion = 0, printinfected = 0, bell = 0;

 int main(int argc, char **argv)

@@ -180,7 +178,7 @@ int main(int argc, char **argv)

 	}

     }

-    memset(&claminfo, 0, sizeof(struct s_info));

+    memset(&info, 0, sizeof(struct s_info));

     gettimeofday(&t1, &tz);

     ret = scanmanager(opt);

@@ -192,23 +190,23 @@ int main(int argc, char **argv)

 	ds -= (dms < 0) ? (1):(0);

 	dms += (dms < 0) ? (1000000):(0);

 	logg("\n----------- SCAN SUMMARY -----------\n");

-	logg("Known viruses: %d\n", claminfo.signs);

+	logg("Known viruses: %u\n", info.sigs);

 	if(opt_check(opt, "ncore"))

 	    logg("Engine version: %s [ncore]\n", cl_retver());

 	else

 	    logg("Engine version: %s\n", cl_retver());

-	logg("Scanned directories: %d\n", claminfo.dirs);

-	logg("Scanned files: %d\n", claminfo.files);

-	logg("Infected files: %d\n", claminfo.ifiles);

-	if(claminfo.notremoved) {

-	    logg("Not removed: %d\n", claminfo.notremoved);

+	logg("Scanned directories: %u\n", info.dirs);

+	logg("Scanned files: %u\n", info.files);

+	logg("Infected files: %u\n", info.ifiles);

+	if(info.notremoved) {

+	    logg("Not removed: %u\n", info.notremoved);

 	}

-	if(claminfo.notmoved) {

-	    logg("Not %s: %d\n", opt_check(opt, "copy") ? "moved" : "copied", claminfo.notmoved);

+	if(info.notmoved) {

+	    logg("Not %s: %u\n", opt_check(opt, "copy") ? "moved" : "copied", info.notmoved);

 	}

-	mb = claminfo.blocks * (CL_COUNT_PRECISION / 1024) / 1024.0;

+	mb = info.blocks * (CL_COUNT_PRECISION / 1024) / 1024.0;

 	logg("Data scanned: %2.2lf MB\n", mb);

-	logg("Time: %d.%3.3d sec (%d m %d s)\n", ds, dms/1000, ds/60, ds%60);

+	logg("Time: %u.%3.3u sec (%u m %u s)\n", ds, dms/1000, ds/60, ds%60);

     }

     opt_free(opt);

deleted file mode 100644

@@ -1,32 +0,0 @@

-/*

- *  Copyright (C) 2002 Tomasz Kojm <tkojm@clamav.net>

- *

- *  This program is free software; you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License as published by

- *  the Free Software Foundation; either version 2 of the License, or

- *  (at your option) any later version.

- *

- *  This program is distributed in the hope that it will be useful,

- *  but WITHOUT ANY WARRANTY; without even the implied warranty of

- *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

- *  GNU General Public License for more details.

- *

- *  You should have received a copy of the GNU General Public License

- *  along with this program; if not, write to the Free Software

- *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

- *  MA 02110-1301, USA.

- */

-

-#ifdef CLAMAVUSER

-#define UNPUSER CLAMAVUSER

-#else

-#define UNPUSER "clamav"

-#endif

-

-#ifdef CLAMAVGROUP

-#define UNPGROUP CLAMAVGROUP

-#else

-#define UNPGROUP "clamav"

-#endif

-

-#define MAXFILENAME 1024

new file mode 100644

@@ -0,0 +1,36 @@

+/*

+ *  Copyright (C) 2002 - 2004 Tomasz Kojm <tkojm@clamav.net>

+ *

+ *  This program is free software; you can redistribute it and/or modify

+ *  it under the terms of the GNU General Public License as published by

+ *  the Free Software Foundation; either version 2 of the License, or

+ *  (at your option) any later version.

+ *

+ *  This program is distributed in the hope that it will be useful,

+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of

+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+ *  GNU General Public License for more details.

+ *

+ *  You should have received a copy of the GNU General Public License

+ *  along with this program; if not, write to the Free Software

+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

+ *  MA 02110-1301, USA.

+ */

+

+#ifndef __GLOBAL_H

+#define __GLOBAL_H

+

+struct s_info {

+    unsigned int sigs;		/* number of signatures */

+    unsigned int dirs;		/* number of scanned directories */

+    unsigned int files;		/* number of scanned files */

+    unsigned int ifiles;	/* number of infected files */

+    unsigned int notremoved;	/* number of not removed files (if --remove) */

+    unsigned int notmoved;	/* number of not moved files (if --move) */

+    unsigned long int blocks;	/* number of read 16kb blocks */

+};

+

+extern struct s_info info;

+extern short recursion, printinfected, bell;

+

+#endif

@@ -1,5 +1,5 @@

 /*

- *  Copyright (C) 2002 - 2006 Tomasz Kojm <tkojm@clamav.net>

+ *  Copyright (C) 2002 - 2007 Tomasz Kojm <tkojm@clamav.net>

  *

  *  This program is free software; you can redistribute it and/or modify

  *  it under the terms of the GNU General Public License as published by

@@ -16,7 +16,6 @@

  *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

  *  MA 02110-1301, USA.

  *

- *  Sat May 18 15:23:21 CEST 2002: included cpu autodetection from Magnus Ekdahl

  *  Wed Mar  5 03:45:31 CET 2003: included --move code from Damien Curtain

  */

@@ -37,34 +36,96 @@

 #include <unistd.h>

 #include <sys/types.h>

 #include <signal.h>

-#include "clamav.h"

 #include <errno.h>

-#include "defaults.h"

-#include "others.h"

-#include "options.h"

 #include "manager.h"

+#include "others.h"

 #include "treewalk.h"

-#include "shared.h"

-#include "str.h"

-#include "memory.h"

-#include "output.h"

-#include "misc.h"

-#include "../libclamav/others.h"

-#include "../libclamav/matcher-ac.h"

+#include "global.h"

+

+#include "shared/options.h"

+#include "shared/memory.h"

+#include "shared/output.h"

+#include "shared/misc.h"

+

+#include "libclamav/clamav.h"

+#include "libclamav/others.h"

+#include "libclamav/matcher-ac.h"

+#include "libclamav/str.h"

 #ifdef C_LINUX

 dev_t procdev;

 #endif

+static int scandirs(const char *dirname, struct cl_engine *engine, const struct passwd *user, const struct optstruct *opt, const struct cl_limits *limits, int options)

+{

+    return treewalk(dirname, engine, user, opt, limits, options, 1);

+}

+

+static int scanstdin(const struct cl_engine *engine, const struct cl_limits *limits, int options)

+{

+	int ret;

+	const char *virname, *tmpdir;

+	char *file, buff[FILEBUFF];

+	FILE *fs;

+

+

+    /* check write access */

+    tmpdir = getenv("TMPDIR");

+

+    if(tmpdir == NULL)

+#ifdef P_tmpdir

+	tmpdir = P_tmpdir;

+#else

+	tmpdir = "/tmp";

+#endif

+

+    if(checkaccess(tmpdir, CLAMAVUSER, W_OK) != 1) {

+	logg("!Can't write to temporary directory\n");

+	return 64;

+    }

+

+    file = cli_gentemp(tmpdir);

+

+    if(!(fs = fopen(file, "wb"))) {

+	logg("!Can't open %s for writing\n", file);

+	return 63;

+    }

+

+    while((ret = fread(buff, 1, FILEBUFF, stdin)))

+	fwrite(buff, 1, ret, fs);

+

+    fclose(fs);

+

+    logg("*Checking %s\n", file);

+    info.files++;

+

+    if((ret = cl_scanfile(file, &virname, &info.blocks, engine, limits, options)) == CL_VIRUS) {

+	logg("stdin: %s FOUND\n", virname);

+	info.ifiles++;

+

+	if(bell)

+	    fprintf(stderr, "\007");

+

+    } else if(ret == CL_CLEAN) {

+	if(!printinfected)

+	    mprintf("stdin: OK\n");

+    } else

+	if(!printinfected)

+	    logg("stdin: %s\n", cl_strerror(ret));

+

+    unlink(file);

+    free(file);

+    return ret;

+}

 int scanmanager(const struct optstruct *opt)

 {

 	mode_t fmode;

-	int ret = 0, compression = 0, fmodeint, options = 0, i, x;

-	unsigned int dboptions = 0;

-	struct cl_node *trie = NULL;

-	struct cl_limits *limits = NULL;

+	int ret = 0, compression = 0, fmodeint, i, x;

+	unsigned int options = 0, dboptions = 0;

+	struct cl_engine *engine = NULL;

+	struct cl_limits limits;

 	struct passwd *user = NULL;

 	struct stat sb;

 	char *fullpath = NULL, cwd[1024];

@@ -73,8 +134,8 @@ int scanmanager(const struct optstruct *opt)

 /* njh@bandsman.co.uk: BeOS */

 #if !defined(C_CYGWIN) && !defined(C_OS2) && !defined(C_BEOS)

     if(!geteuid()) {

-	if((user = getpwnam(UNPUSER)) == NULL) {

-	    logg("!Can't get information about user "UNPUSER"\n");

+	if((user = getpwnam(CLAMAVUSER)) == NULL) {

+	    logg("!Can't get information about user "CLAMAVUSER"\n");

 	    exit(60); /* this is critical problem, so we just exit here */

 	}

     }

@@ -115,7 +176,7 @@ int scanmanager(const struct optstruct *opt)

     }

     if(opt_check(opt, "database")) {

-	if((ret = cl_load(opt_arg(opt, "database"), &trie, &claminfo.signs, dboptions))) {

+	if((ret = cl_load(opt_arg(opt, "database"), &engine, &info.sigs, dboptions))) {

 	    logg("!%s\n", cl_strerror(ret));

 	    return 50;

 	}

@@ -123,7 +184,7 @@ int scanmanager(const struct optstruct *opt)

     } else {

 	    char *dbdir = freshdbdir();

-	if((ret = cl_load(dbdir, &trie, &claminfo.signs, dboptions))) {

+	if((ret = cl_load(dbdir, &engine, &info.sigs, dboptions))) {

 	    logg("!%s\n", cl_strerror(ret));

 	    free(dbdir);

 	    return 50;

@@ -131,19 +192,18 @@ int scanmanager(const struct optstruct *opt)

 	free(dbdir);

     }

-    if(!trie) {

+    if(!engine) {

 	logg("!Can't initialize the virus database\n");

 	return 50;

     }

-    if((ret = cl_build(trie)) != 0) {

+    if((ret = cl_build(engine)) != 0) {

 	logg("!Database initialization error: %s\n", cl_strerror(ret));;

 	return 50;

     }

-    /* set (default) limits */

-

-    limits = (struct cl_limits *) calloc(1, sizeof(struct cl_limits));

+    /* set limits */

+    memset(&limits, 0, sizeof(struct cl_limits));

     if(opt_check(opt, "max-space")) {

 	char *cpy, *ptr;

@@ -151,32 +211,32 @@ int scanmanager(const struct optstruct *opt)

 	if(tolower(ptr[strlen(ptr) - 1]) == 'm') {

 	    cpy = mcalloc(strlen(ptr), sizeof(char));

 	    strncpy(cpy, ptr, strlen(ptr) - 1);

-	    limits->maxfilesize = atoi(cpy) * 1024 * 1024;

+	    limits.maxfilesize = atoi(cpy) * 1024 * 1024;

 	    free(cpy);

 	} else

-	    limits->maxfilesize = atoi(ptr) * 1024;

+	    limits.maxfilesize = atoi(ptr) * 1024;

     } else

-	limits->maxfilesize = 10485760;

+	limits.maxfilesize = 10485760;

     if(opt_check(opt, "max-files"))

-	limits->maxfiles = atoi(opt_arg(opt, "max-files"));

+	limits.maxfiles = atoi(opt_arg(opt, "max-files"));

     else

-        limits->maxfiles = 500;

+        limits.maxfiles = 500;

     if(opt_check(opt, "max-recursion"))

-        limits->maxreclevel = atoi(opt_arg(opt, "max-recursion"));

+        limits.maxreclevel = atoi(opt_arg(opt, "max-recursion"));

     else

-        limits->maxreclevel = 8;

+        limits.maxreclevel = 8;

     if(opt_check(opt, "max-mail-recursion"))

-        limits->maxmailrec = atoi(opt_arg(opt, "max-mail-recursion"));

+        limits.maxmailrec = atoi(opt_arg(opt, "max-mail-recursion"));

     else

-        limits->maxmailrec = 64;

+        limits.maxmailrec = 64;

     if(opt_check(opt, "max-ratio"))

-        limits->maxratio = atoi(opt_arg(opt, "max-ratio"));

+        limits.maxratio = atoi(opt_arg(opt, "max-ratio"));

     else

-        limits->maxratio = 250;

+        limits.maxratio = 250;

     /* set options */

@@ -220,11 +280,7 @@ int scanmanager(const struct optstruct *opt)

 	options |= CL_SCAN_MAIL;

 	if(opt_check(opt, "mail-follow-urls"))

-#ifdef WITH_CURL

 	    options |= CL_SCAN_MAILURL;

-#else

-	    logg("^Support for URLs downloading with libcurl not compiled in\n");

-#endif

     }

     if(opt_check(opt, "no-algorithmic"))

@@ -246,10 +302,10 @@ int scanmanager(const struct optstruct *opt)

 	    logg("!Can't get absolute pathname of current working directory\n");

 	    ret = 57;

 	} else

-	    ret = scandirs(cwd, trie, user, opt, limits, options);

+	    ret = scandirs(cwd, engine, user, opt, &limits, options);

     } else if(!strcmp(opt->filename, "-")) { /* read data from stdin */

-	ret = checkstdin(trie, limits, options);

+	ret = scanstdin(engine, &limits, options);

     } else {

 	char *thefilename;

@@ -273,7 +329,6 @@ int scanmanager(const struct optstruct *opt)

 		    /* we need to complete the path */

 		    if(!getcwd(cwd, sizeof(cwd))) {

 			logg("!Can't get absolute pathname of current working directory\n");

-			free(limits);

 			return 57;

 		    } else {

 			fullpath = mcalloc(512, sizeof(char));

@@ -289,11 +344,11 @@ int scanmanager(const struct optstruct *opt)

 		switch(fmode & S_IFMT) {

 		    case S_IFREG:

-			ret = scanfile(fullpath, trie, user, opt, limits, options);

+			ret = scanfile(fullpath, engine, user, opt, &limits, options);

 			break;

 		    case S_IFDIR:

-			ret = scandirs(fullpath, trie, user, opt, limits, options);

+			ret = scandirs(fullpath, engine, user, opt, &limits, options);

 			break;

 		    default:

@@ -310,13 +365,11 @@ int scanmanager(const struct optstruct *opt)

 	}

     }

-    /* free the trie */

-    cl_free(trie);

-

-    free(limits);

+    /* free the engine */

+    cl_free(engine);

     /* overwrite return code */

-    if(claminfo.ifiles)

+    if(info.ifiles)

 	ret = 1;

     else if(ret < 50) /* hopefully no error detected */ 

 	ret = 0; /* just make sure it's 0 */

@@ -324,158 +377,258 @@ int scanmanager(const struct optstruct *opt)

     return ret;

 }

-int scanfile(const char *filename, struct cl_node *root, const struct passwd *user, const struct optstruct *opt, const struct cl_limits *limits, int options)

+/*

+ * -1 -> can't fork

+ * -2 -> can't execute

+ * -3 -> external signal

+ * 0 -> OK

+ */

+static int clamav_unpack(const char *prog, char **args, const char *tmpdir, const struct passwd *user, const struct optstruct *opt)

 {

-	int ret, included, printclean = 1;

-	const struct optnode *optnode;

-	char *argument;

-#ifdef C_LINUX

-	struct stat sb;

+	pid_t pid;

+	int status, wret, fdevnull;

+	unsigned int maxfiles, maxspace;

+	struct s_du n;

-    /* argh, don't scan /proc files */

-    if(procdev)

-	if(stat(filename, &sb) != -1)

-	    if(sb.st_dev == procdev) {

-		if(!printinfected)

-		    logg("%s: Excluded (/proc)\n", filename);

-		return 0;

+

+    if(opt_check(opt, "max-files"))

+	maxfiles = atoi(opt_arg(opt, "max-files"));

+    else

+	maxfiles = 0;

+

+    if(opt_check(opt, "max-space")) {

+	    char *cpy, *ptr;

+	ptr = opt_arg(opt, "max-space");

+	if(tolower(ptr[strlen(ptr) - 1]) == 'm') { /* megabytes */

+	    cpy = mcalloc(strlen(ptr), sizeof(char));

+	    strncpy(cpy, ptr, strlen(ptr) - 1);

+	    maxspace = atoi(cpy) * 1024;

+	    free(cpy);

+	} else /* default - kilobytes */

+	    maxspace = atoi(ptr);

+    } else

+	maxspace = 0;

+

+

+    switch(pid = fork()) {

+	case -1:

+	    return -1;

+	case 0:

+#ifndef C_CYGWIN

+	    if(!geteuid() && user) {

+

+#ifdef HAVE_SETGROUPS

+		if(setgroups(1, &user->pw_gid)) {

+		    fprintf(stderr, "ERROR: setgroups() failed\n");

+		    exit(1);

+		}

+#endif

+

+		if(setgid(user->pw_gid)) {

+		    fprintf(stderr, "ERROR: setgid(%d) failed\n", (int) user->pw_gid);

+		    exit(1);

+		}

+

+		if(setuid(user->pw_uid)) {

+		    fprintf(stderr, "ERROR: setuid(%d) failed\n", (int) user->pw_uid);

+		    exit(1);

+		}

 	    }

-#endif    

+#endif

+	    chdir(tmpdir);

-    if(opt_check(opt, "exclude")) {

-	argument = opt_firstarg(opt, "exclude", &optnode);

-	while(argument) {

-	    if(match_regex(filename, argument) == 1) {

-		if(!printinfected)

-		    logg("%s: Excluded\n", filename);

-		return 0;

+	    if(printinfected) {

+  	        fdevnull = open("/dev/null", O_WRONLY);

+		if(fdevnull == -1) {

+		    logg("Non fatal error: cannot open /dev/null. Continuing with full output\n");

+		    printinfected = 0;

+		} else {

+		    dup2(fdevnull,1);

+		    dup2(fdevnull,2);

+		}

 	    }

-	    argument = opt_nextarg(&optnode, "exclude");

-	}

+

+	    if(strchr(prog, '/')) /* we have full path */

+		execv(prog, args);

+	    else

+		execvp(prog, args);

+	    perror("execv(p)");

+	    abort();

+	    break;

+	default:

+

+	    if(maxfiles || maxspace) {

+		while(!(wret = waitpid(pid, &status, WNOHANG))) {

+		    memset(&n, 0, sizeof(struct s_du));

+

+		    if(!du(tmpdir, &n))

+			if((maxfiles && n.files > maxfiles) || (maxspace && n.space > maxspace)) {

+			    logg("*n.files: %d, n.space: %d\n", n.files, n.space);

+			    kill(pid, 9); /* stop it immediately */

+			}

+		}

+	    } else

+		waitpid(pid, &status, 0);

+

+

+	    if(WIFSIGNALED(status)) {

+		switch(WTERMSIG(status)) {

+

+		    case 9:

+			logg("\nUnpacker process %d stopped due to exceeded limits\n", pid);

+			return 0;

+		    case 6: /* abort */

+			logg("^Can't run %s\n", prog);

+			return -2;

+		    default:

+			logg("^\nUnpacker stopped with external signal %d\n", WTERMSIG(status));

+			return -3;

+		}

+	    } else if(WIFEXITED(status))

+		return 0;

     }

-   if(opt_check(opt, "include")) {

-	included = 0;

-	argument = opt_firstarg(opt, "include", &optnode);

-	while(argument && !included) {

-	    if(match_regex(filename, argument) == 1) {

-		included = 1;

-		break;

-	    }

-	    argument = opt_nextarg(&optnode, "include");

-	}

+    return 0;

+}

-	if(!included) {

-	    if(!printinfected)

-		logg("%s: Excluded\n", filename);

-	    return 0;

-	}

+static void move_infected(const char *filename, const struct optstruct *opt)

+{

+	char *movedir, *movefilename, *tmp, numext[4 + 1];

+	struct stat fstat, mfstat;

+	int n, len, movefilename_size;

+	int moveflag = opt_check(opt, "move");

+	struct utimbuf ubuf;

+

+

+    if((moveflag && !(movedir = opt_arg(opt, "move"))) ||

+	(!moveflag && !(movedir = opt_arg(opt, "copy")))) {

+        /* Should never reach here */

+        logg("!opt_arg() returned NULL\n", filename);

+        info.notmoved++;

+        return;

     }

-    if(fileinfo(filename, 1) == 0) {

-	if(!printinfected)

-	    logg("%s: Empty file\n", filename);

-	return 0;

+    if(access(movedir, W_OK|X_OK) == -1) {

+	logg("!Can't %s file '%s': cannot write to '%s': %s\n", (moveflag) ? "move" : "copy", filename, movedir, strerror(errno));

+        info.notmoved++;

+        return;

     }

-    if(geteuid())

-	if(checkaccess(filename, NULL, R_OK) != 1) {

-	    if(!printinfected)

-		logg("%s: Access denied\n", filename);

-	    return 0;

-	}

+    if(!(tmp = strrchr(filename, '/')))

+	tmp = (char *) filename;

-    claminfo.files++;

+    movefilename_size = sizeof(char) * (strlen(movedir) + strlen(tmp) + sizeof(numext) + 2);

-    /* 

-     * check the extension  - this is a special case, normally we don't need to

-     * do this (libclamav detects archive by its magic string), but here we

-     * want to know the exit code from internal unpacker and try to use

-     * external (if provided) when internal cannot extract data.

-     */

+    if(!(movefilename = mmalloc(movefilename_size))) {

+        logg("!mmalloc() failed\n");

+	exit(71);

+    }

-    if((cli_strbcasestr(filename, ".zip") || cli_strbcasestr(filename, ".rar")) && (options & CL_SCAN_ARCHIVE)) {

-	/* try to use internal archivers */

-	if((ret = checkfile(filename, root, limits, options, 1)) == CL_VIRUS) {

-	    if(opt_check(opt, "remove")) {

-		if(unlink(filename)) {

-		    logg("^%s: Can't remove\n", filename);

-		    claminfo.notremoved++;

-		} else {

-		    logg("%s: Removed\n", filename);

-		}

-	    } else if (opt_check(opt, "move") || opt_check(opt, "copy"))

-		move_infected(filename, opt);

+    if(!(cli_strrcpy(movefilename, movedir))) {

+        logg("!cli_strrcpy() returned NULL\n");

+        info.notmoved++;

+        free(movefilename);

+        return;

+    }

-	    return 1;

+    strcat(movefilename, "/");

-	} else if(ret == CL_CLEAN) {

-	    return 0;

-	} else if(ret == 54) {

-	    return ret;

-	}

+    if(!(strcat(movefilename, tmp))) {

+        logg("!strcat() returned NULL\n");

+        info.notmoved++;

+        free(movefilename);

+        return;

+    }

-	/* in other case try to continue with external archivers */

-	options &= ~CL_SCAN_ARCHIVE; /* and disable decompression for the checkfile() below */

-	printclean = 0;

+    stat(filename, &fstat);

+

+    if(!stat(movefilename, &mfstat)) {

+        if(fstat.st_ino == mfstat.st_ino) { /* It's the same file*/

+            logg("File excluded '%s'\n", filename);

+            info.notmoved++;

+            free(movefilename);

+            return;

+        } else {

+            /* file exists - try to append an ordinal number to the

+	     * quranatined file in an attempt not to overwrite existing

+	     * files in quarantine  

+	     */

+            len = strlen(movefilename);

+            n = 0;        		        		

+            do {

+                /* reset the movefilename to it's initial value by

+		 * truncating to the original filename length

+		 */

+                movefilename[len] = 0;

+                /* append .XXX */

+                sprintf(numext, ".%03d", n++);

+                strcat(movefilename, numext);            	

+            } while(!stat(movefilename, &mfstat) && (n < 1000));

+       }

     }

-    if((cli_strbcasestr(filename, ".zip") && opt_check(opt, "unzip"))

-    || (cli_strbcasestr(filename, ".rar") && opt_check(opt, "unrar"))

-    || (cli_strbcasestr(filename, ".arj") && opt_check(opt, "arj"))

-    || (cli_strbcasestr(filename, ".zoo") && opt_check(opt, "unzoo"))

-    || (cli_strbcasestr(filename, ".jar") && opt_check(opt, "jar"))

-    || (cli_strbcasestr(filename, ".lzh") && opt_check(opt, "lha"))

-    || (cli_strbcasestr(filename, ".tar") && opt_check(opt, "tar"))

-    || (cli_strbcasestr(filename, ".deb") && opt_check(opt, "deb"))

-    || ((cli_strbcasestr(filename, ".tar.gz") || cli_strbcasestr(filename, ".tgz")) 

-	 && (opt_check(opt, "tgz") || opt_check(opt, "deb"))) ) {

+    if(!moveflag || rename(filename, movefilename) == -1) {

+	if(filecopy(filename, movefilename) == -1) {

+	    logg("!Can't %s '%s' to '%s': %s\n", (moveflag) ? "move" : "copy", filename, movefilename, strerror(errno));

+	    info.notmoved++;

+	    free(movefilename);

+	    return;

+	}

-	/* check permissions */

-	switch(checkaccess(filename, UNPUSER, R_OK)) {

-	    case -1:

-		logg("^Can't get information about user "UNPUSER"\n");

-		exit(60); /* this is a critical problem so we just exit here */

-	    case -2:

-		logg("^Can't fork\n");

-		exit(61);

-	    case 0: /* read access denied */

-		if(geteuid()) {

-		    if(!printinfected)

-			logg("^%s: Access denied to archive\n", filename);

-		} else {

+	chmod(movefilename, fstat.st_mode);

+#ifndef C_OS2

+	chown(movefilename, fstat.st_uid, fstat.st_gid);

+#endif

-		    if(limits && limits->maxfilesize)

-			if(fileinfo(filename, 1) / 1024 > limits->maxfilesize) {

-			    if(!printinfected)

-				logg("^%s: Archive too big\n", filename);

-			    return 0;

-			}

+	ubuf.actime = fstat.st_atime;

+	ubuf.modtime = fstat.st_mtime;

+	utime(movefilename, &ubuf);

-		    return(scandenied(filename, root, user, opt, limits, options));

-		}

-		return 0;

-	    case 1:

-		return(scancompressed(filename, root, user, opt, limits, options));

+	if(moveflag && unlink(filename)) {

+	    logg("!Can't unlink '%s': %s\n", filename, strerror(errno));

+	    info.notremoved++;            

+	    free(movefilename);

+	    return;

 	}

     }

-    if((ret = checkfile(filename, root, limits, options, printclean)) == CL_VIRUS) {

-	if(opt_check(opt, "remove")) {

-	    if(unlink(filename)) {

-		logg("^%s: Can't remove\n", filename);

-		claminfo.notremoved++;

-	    } else {

-		logg("%s: Removed\n", filename);

-	    }

-	} else if (opt_check(opt, "move") || opt_check(opt, "copy"))

-            move_infected(filename, opt);

+    logg("%s: %s to '%s'\n", filename, (moveflag) ? "moved" : "copied", movefilename);

+

+    free(movefilename);

+}

+

+static int checkfile(const char *filename, const struct cl_engine *engine, const struct cl_limits *limits, int options, short printclean)

+{

+	int fd, ret;

+	const char *virname;

+

+

+    logg("*Scanning %s\n", filename);

+

+    if((fd = open(filename, O_RDONLY)) == -1) {

+	logg("^Can't open file %s\n", filename);

+	return 54;

     }

+

+    if((ret = cl_scandesc(fd, &virname, &info.blocks, engine, limits, options)) == CL_VIRUS) {

+	logg("%s: %s FOUND\n", filename, virname);

+	info.ifiles++;

+

+	if(bell)

+	    fprintf(stderr, "\007");

+

+    } else if(ret == CL_CLEAN) {

+	if(!printinfected && printclean)

+	    mprintf("%s: OK\n", filename);

+    } else

+	if(!printinfected)

+	    logg("%s: %s\n", filename, cl_strerror(ret));

+

+    close(fd);

     return ret;

 }

-/* it has guaranteed read access to the archive */

-int scancompressed(const char *filename, struct cl_node *root, const struct passwd *user, const struct optstruct *opt, const struct cl_limits *limits, int options)

+static int scancompressed(const char *filename, struct cl_engine *engine, const struct passwd *user, const struct optstruct *opt, const struct cl_limits *limits, int options)

 {

 	int ret = 0;

 	char *tmpdir, *gendir, *userprg;

@@ -500,7 +653,7 @@ int scancompressed(const char *filename, struct cl_node *root, const struct pass

 	tmpdir = "/tmp";

 #endif

-    if(checkaccess(tmpdir, UNPUSER, W_OK) != 1) {

+    if(checkaccess(tmpdir, CLAMAVUSER, W_OK) != 1) {

 	logg("!Can't write to the temporary directory\n");

 	exit(64);

     }

@@ -603,7 +756,7 @@ int scancompressed(const char *filename, struct cl_node *root, const struct pass

 	    short oldrec = recursion;

 	recursion = 1;

-	ret = treewalk(gendir, root, user, opt, limits, options, 1);

+	ret = treewalk(gendir, engine, user, opt, limits, options, 1);

 	recursion = oldrec;

     }

@@ -623,11 +776,11 @@ int scancompressed(const char *filename, struct cl_node *root, const struct pass

 	    /* This is no longer a critical error (since 0.24). We scan

 	     * raw archive.

 	     */

-	    if((ret = checkfile(filename, root, limits, 0, 0)) == CL_VIRUS) {

+	    if((ret = checkfile(filename, engine, limits, 0, 0)) == CL_VIRUS) {