git-svn: trunk@1837
Nigel Horne authored on 2006/02/02 23:39:05... | ... |
@@ -1,3 +1,10 @@ |
1 |
+Thu Feb 2 14:36:53 GMT 2006 (njh) |
|
2 |
+---------------------------------- |
|
3 |
+ * clamav-milter: Added defensive programming against multiple MAIL FROM |
|
4 |
+ calls. |
|
5 |
+ Added debug information when --max-children throttle |
|
6 |
+ is lifted |
|
7 |
+ |
|
1 | 8 |
Mon Jan 30 21:10:57 CET 2006 (tk) |
2 | 9 |
--------------------------------- |
3 | 10 |
* libclamav/sis.c: handle empty files in SIS archives |
... | ... |
@@ -22,9 +22,9 @@ |
22 | 22 |
* |
23 | 23 |
* For installation instructions see the file INSTALL that came with this file |
24 | 24 |
*/ |
25 |
-static char const rcsid[] = "$Id: clamav-milter.c,v 1.227 2006/01/23 10:38:00 nigelhorne Exp $"; |
|
25 |
+static char const rcsid[] = "$Id: clamav-milter.c,v 1.228 2006/02/02 14:39:05 nigelhorne Exp $"; |
|
26 | 26 |
|
27 |
-#define CM_VERSION "devel-141205" |
|
27 |
+#define CM_VERSION "devel-020206" |
|
28 | 28 |
|
29 | 29 |
#if HAVE_CONFIG_H |
30 | 30 |
#include "clamav-config.h" |
... | ... |
@@ -2184,6 +2184,11 @@ clamfi_connect(SMFICTX *ctx, char *hostname, _SOCK_ADDR *hostaddr) |
2184 | 2184 |
return SMFIS_CONTINUE; |
2185 | 2185 |
} |
2186 | 2186 |
|
2187 |
+/* |
|
2188 |
+ * Since sendmail requires that MAIL FROM is called before RCPT TO, it is |
|
2189 |
+ * safe to assume that this routine is called first, so the n_children |
|
2190 |
+ * handler is put here |
|
2191 |
+ */ |
|
2187 | 2192 |
static sfsistat |
2188 | 2193 |
clamfi_envfrom(SMFICTX *ctx, char **argv) |
2189 | 2194 |
{ |
... | ... |
@@ -2214,6 +2219,15 @@ clamfi_envfrom(SMFICTX *ctx, char **argv) |
2214 | 2214 |
mailaddr = "<>"; |
2215 | 2215 |
} |
2216 | 2216 |
} |
2217 |
+ if(smfi_getpriv(ctx) != NULL) { |
|
2218 |
+ /* More than one MAIL FROM command, "can't happen" */ |
|
2219 |
+ cli_warnmsg("clamfi_envfrom: called more than once\n"); |
|
2220 |
+ return SMFIS_CONTINUE; |
|
2221 |
+ } |
|
2222 |
+ |
|
2223 |
+ privdata = (struct privdata *)cli_calloc(1, sizeof(struct privdata)); |
|
2224 |
+ if(privdata == NULL) |
|
2225 |
+ return cl_error; |
|
2217 | 2226 |
|
2218 | 2227 |
if(max_children > 0) { |
2219 | 2228 |
int rc = 0; |
... | ... |
@@ -2243,6 +2257,7 @@ clamfi_envfrom(SMFICTX *ctx, char **argv) |
2243 | 2243 |
n_children, max_children); |
2244 | 2244 |
|
2245 | 2245 |
if(dont_wait) { |
2246 |
+ free(privdata); |
|
2246 | 2247 |
pthread_mutex_unlock(&n_children_mutex); |
2247 | 2248 |
smfi_setreply(ctx, "451", "4.3.2", _("AV system temporarily overloaded - please try later")); |
2248 | 2249 |
return SMFIS_TEMPFAIL; |
... | ... |
@@ -2276,6 +2291,11 @@ clamfi_envfrom(SMFICTX *ctx, char **argv) |
2276 | 2276 |
rc = pthread_cond_timedwait(&n_children_cond, &n_children_mutex, &timeout); |
2277 | 2277 |
} |
2278 | 2278 |
} while((n_children >= max_children) && (rc != ETIMEDOUT)); |
2279 |
+ if(use_syslog) |
|
2280 |
+ /* LOG_INFO */ |
|
2281 |
+ syslog(LOG_NOTICE, |
|
2282 |
+ _("Finished waiting, n_children = %u"), |
|
2283 |
+ n_children); |
|
2279 | 2284 |
} |
2280 | 2285 |
n_children++; |
2281 | 2286 |
|
... | ... |
@@ -2291,10 +2311,6 @@ clamfi_envfrom(SMFICTX *ctx, char **argv) |
2291 | 2291 |
} |
2292 | 2292 |
} |
2293 | 2293 |
|
2294 |
- privdata = (struct privdata *)cli_calloc(1, sizeof(struct privdata)); |
|
2295 |
- if(privdata == NULL) |
|
2296 |
- return cl_error; |
|
2297 |
- |
|
2298 | 2294 |
privdata->dataSocket = -1; /* 0.4 */ |
2299 | 2295 |
#ifndef SESSION |
2300 | 2296 |
privdata->cmdSocket = -1; /* 0.4 */ |