@@ -1,3 +1,8 @@

+Wed Apr 14 03:24:44 CEST 2004 (tk)

+----------------------------------

+  * clamd: VirusEvent: disable support for %f

+	   (http://www.securitytracker.com/alerts/2004/Apr/1009615.html)

+

 Tue Apr 13 14:16:42 CEST 2004 (tk)

 ----------------------------------

   * libclamav: scan EVS mails

@@ -192,7 +192,7 @@ void *clamukoth(void *arg)

 	    if(scan && cl_scanfile(acc->filename, &virname, NULL, tharg->root, tharg->limits, options) == CL_VIRUS) {

 		logg("Clamuko: %s: %s FOUND\n", acc->filename, virname);

-		virusaction(acc->filename, virname, tharg->copt);

+		virusaction(virname, tharg->copt);

 		acc->deny = 1;

 	    } else

 		acc->deny = 0;

@@ -49,7 +49,7 @@

 #include "memory.h"

 #include "cfgparser.h"

-void virusaction(const char *filename, const char *virname, const struct cfgstruct *copt)

+void virusaction(const char *virname, const struct cfgstruct *copt)

 {

 	char *buffer, *pt, *cmd;

 	struct cfgstruct *cpt;

@@ -60,16 +60,7 @@ void virusaction(const char *filename, const char *virname, const struct cfgstru

     cmd = strdup(cpt->strarg);

-    buffer = (char *) mcalloc(strlen(cmd) + strlen(filename) + strlen(virname) + 10, sizeof(char));

-

-    if((pt = strstr(cmd, "%f"))) {

-	*pt = 0; pt += 2;

-	strcpy(buffer, cmd);

-	strcat(buffer, filename);

-	strcat(buffer, pt);

-	free(cmd);

-	cmd = strdup(buffer);

-    }

+    buffer = (char *) mcalloc(strlen(cmd) + strlen(virname) + 10, sizeof(char));

     if((pt = strstr(cmd, "%v"))) {

 	*pt = 0; pt += 2;

@@ -29,7 +29,7 @@

 int poll_fd(int fd, int timeout_sec);

 int is_fd_connected(int fd);

-void virusaction(const char *filename, const char *virname, const struct cfgstruct *copt);

+void virusaction(const char *virname, const struct cfgstruct *copt);

 int writen(int fd, void *buff, unsigned int count);

 #endif

@@ -105,7 +105,7 @@ int dirscan(const char *dirname, const char **virname, unsigned long int *scanne

 				if((scanret = cl_scanfile(fname, virname, scanned, root, limits, options)) == CL_VIRUS) {

 				    mdprintf(odesc, "%s: %s FOUND\n", fname, *virname);

 				    logg("%s: %s FOUND\n", fname, *virname);

-				    virusaction(fname, *virname, copt);

+				    virusaction(*virname, copt);

 				    if(!contscan) {

 					closedir(dd);

 					free(fname);

@@ -170,7 +170,7 @@ int scan(const char *filename, unsigned long int *scanned, const struct cl_node

 	    if(ret == CL_VIRUS) {

 		mdprintf(odesc, "%s: %s FOUND\n", filename, virname);

 		logg("%s: %s FOUND\n", filename, virname);

-		virusaction(filename, virname, copt);

+		virusaction(virname, copt);

 	    } else if(ret != CL_CLEAN) {

 		mdprintf(odesc, "%s: %s ERROR\n", filename, cl_strerror(ret));

 		logg("%s: %s ERROR\n", filename, cl_strerror(ret));

@@ -333,7 +333,7 @@ int scanstream(int odesc, unsigned long int *scanned, const struct cl_node *root

     if(ret == CL_VIRUS) {

 	mdprintf(odesc, "stream: %s FOUND\n", virname);

 	logg("stream: %s FOUND\n", virname);

-	virusaction("InputStream", virname, copt);

+	virusaction(virname, copt);

     } else if(ret != CL_CLEAN) {

 	mdprintf(odesc, "stream: %s ERROR\n", cl_strerror(ret));

 	logg("stream: %s ERROR\n", cl_strerror(ret));

@@ -107,14 +107,10 @@ MaxDirectoryRecursion 15

 # By default clamd checks itself every 3600 seconds (1 hour).

 #SelfCheck 600

-# Execute a command when virus is found. In the command string %v and %f will

-# be replaced by the virus name and the infected file name respectively.

+# Execute a command when a virus is found. In the command string %v will

+# be replaced by the virus name.

 #

-# SECURITY WARNING: Make sure the virus event command cannot be exploited,

-#		    eg. by using some special file name when %f is used.

-#		    Always use a full path to the command.

-#		    Never delete/move files with this directive !

-#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %f: %v"

+#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v"

 # Run as selected user (clamd must be started by root).

 # By default it doesn't drop privileges.