Browse code
Honour StreamMaxLength
git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@466 77e5149b-7576-45b1-b177-96237e5ba77b
Nigel Horne authored on 2004/04/03 13:49:09Showing 3 changed files
| ... | ... |
@@ -1,3 +1,8 @@ |
| 1 |
+Sat Apr 3 06:00:19 BST 2004 (njh) |
|
| 2 |
+---------------------------------- |
|
| 3 |
+ * clamav-milter: Error if ReadTimeout is -ve |
|
| 4 |
+ Honour StreamMaxLength |
|
| 5 |
+ |
|
| 1 | 6 |
Thu Apr 1 16:46:22 BST 2004 (njh) |
| 2 | 7 |
---------------------------------- |
| 3 | 8 |
* libclamav: Stop gracefully if messageAddLine() fails |
| ... | ... |
@@ -313,10 +313,13 @@ Changes |
| 313 | 313 |
Add advice that --quarantine-dir may improve |
| 314 | 314 |
performance when LocalSocket is used |
| 315 | 315 |
ThreadTimeout seems to have been changed to ReadTimeout |
| 316 |
+0.70g 3/4/04 Error if ReadTimeout is -ve |
|
| 317 |
+ Honour StreamMaxLength |
|
| 316 | 318 |
|
| 317 | 319 |
BUG REPORTS |
| 318 | 320 |
|
| 319 |
-Please send bug reports and/or comments to Nigel Horne <njh@despammed.com> |
|
| 321 |
+Please send bug reports and/or comments to Nigel Horne <njh@despammed.com> or |
|
| 322 |
+bugs@clamav.net. |
|
| 320 | 323 |
|
| 321 | 324 |
TODO |
| 322 | 325 |
|
| ... | ... |
@@ -312,9 +312,14 @@ |
| 312 | 312 |
* Add advice that --quarantine-dir may improve |
| 313 | 313 |
* performance when LocalSocket is used |
| 314 | 314 |
* ThreadTimeout seems to have been changed to ReadTimeout |
| 315 |
+ * 0.70g 3/4/04 Error if ReadTimeout is -ve |
|
| 316 |
+ * Honour StreamMaxLength |
|
| 315 | 317 |
* |
| 316 | 318 |
* Change History: |
| 317 | 319 |
* $Log: clamav-milter.c,v $ |
| 320 |
+ * Revision 1.68 2004/04/03 04:47:22 nigelhorne |
|
| 321 |
+ * Honour StreamMaxLength |
|
| 322 |
+ * |
|
| 318 | 323 |
* Revision 1.67 2004/04/01 15:34:00 nigelhorne |
| 319 | 324 |
* ThreadTimeout has been renamed ReadTimeout |
| 320 | 325 |
* |
| ... | ... |
@@ -501,9 +506,9 @@ |
| 501 | 501 |
* Revision 1.6 2003/09/28 16:37:23 nigelhorne |
| 502 | 502 |
* Added -f flag use MaxThreads if --max-children not set |
| 503 | 503 |
*/ |
| 504 |
-static char const rcsid[] = "$Id: clamav-milter.c,v 1.67 2004/04/01 15:34:00 nigelhorne Exp $"; |
|
| 504 |
+static char const rcsid[] = "$Id: clamav-milter.c,v 1.68 2004/04/03 04:47:22 nigelhorne Exp $"; |
|
| 505 | 505 |
|
| 506 |
-#define CM_VERSION "0.70f" |
|
| 506 |
+#define CM_VERSION "0.70g" |
|
| 507 | 507 |
|
| 508 | 508 |
/*#define CONFDIR "/usr/local/etc"*/ |
| 509 | 509 |
|
| ... | ... |
@@ -613,6 +618,7 @@ struct privdata {
|
| 613 | 613 |
u_char *body; /* body of the message if Sflag is set */ |
| 614 | 614 |
size_t bodyLen; /* number of bytes in body */ |
| 615 | 615 |
header_list_t headers; /* Message headers */ |
| 616 |
+ off_t numBytes; /* Number of bytes sent so far */ |
|
| 616 | 617 |
}; |
| 617 | 618 |
|
| 618 | 619 |
static int pingServer(int serverNumber); |
| ... | ... |
@@ -695,10 +701,11 @@ static int cl_error = SMFIS_TEMPFAIL; /* |
| 695 | 695 |
* an error. Patch from |
| 696 | 696 |
* Joe Talbott <josepht@cstone.net> |
| 697 | 697 |
*/ |
| 698 |
-static int threadtimeout = CL_DEFAULT_SCANTIMEOUT; /* |
|
| 698 |
+static int readTimeout = CL_DEFAULT_SCANTIMEOUT; /* |
|
| 699 | 699 |
* number of seconds to wait for clamd to |
| 700 | 700 |
* respond, see ReadTimeout in clamav.conf |
| 701 | 701 |
*/ |
| 702 |
+static off_t streamMaxLength = -1; /* StreamMaxLength from clamav.conf */ |
|
| 702 | 703 |
static int logClean = 1; /* |
| 703 | 704 |
* Add clean items to the log file |
| 704 | 705 |
*/ |
| ... | ... |
@@ -1053,6 +1060,10 @@ main(int argc, char **argv) |
| 1053 | 1053 |
} |
| 1054 | 1054 |
|
| 1055 | 1055 |
if(!cfgopt(copt, "ScanMail")) {
|
| 1056 |
+ /* |
|
| 1057 |
+ * In fact ScanMail isn't needed if this machine doesn't run |
|
| 1058 |
+ * clamd. |
|
| 1059 |
+ */ |
|
| 1056 | 1060 |
fprintf(stderr, "%s: ScanMail not enabled in %s\n", |
| 1057 | 1061 |
argv[0], cfgfile); |
| 1058 | 1062 |
return EX_CONFIG; |
| ... | ... |
@@ -1067,14 +1078,22 @@ main(int argc, char **argv) |
| 1067 | 1067 |
max_children = cpt->numarg; |
| 1068 | 1068 |
|
| 1069 | 1069 |
if((cpt = cfgopt(copt, "ReadTimeout")) != NULL) {
|
| 1070 |
- threadtimeout = cpt->numarg; |
|
| 1070 |
+ readTimeout = cpt->numarg; |
|
| 1071 | 1071 |
|
| 1072 |
- if(threadtimeout < 0) {
|
|
| 1072 |
+ if(readTimeout < 0) {
|
|
| 1073 | 1073 |
fprintf(stderr, "%s: ReadTimeout must not be negative in %s\n", |
| 1074 | 1074 |
argv[0], cfgfile); |
| 1075 |
+ return EX_CONFIG; |
|
| 1075 | 1076 |
} |
| 1076 | 1077 |
} |
| 1077 |
- |
|
| 1078 |
+ if((cpt = cfgopt(copt, "StreamMaxLength")) != NULL) {
|
|
| 1079 |
+ if(cpt->numarg < 0) {
|
|
| 1080 |
+ fprintf(stderr, "%s: StreamMaxLength must not be negative in %s\n", |
|
| 1081 |
+ argv[0], cfgfile); |
|
| 1082 |
+ return EX_CONFIG; |
|
| 1083 |
+ } |
|
| 1084 |
+ streamMaxLength = cpt->numarg; |
|
| 1085 |
+ } |
|
| 1078 | 1086 |
/* |
| 1079 | 1087 |
* Get the outgoing socket details - the way to talk to clamd |
| 1080 | 1088 |
*/ |
| ... | ... |
@@ -1426,7 +1445,7 @@ findServer(void) |
| 1426 | 1426 |
|
| 1427 | 1427 |
free(servers); |
| 1428 | 1428 |
|
| 1429 |
- tv.tv_sec = threadtimeout; |
|
| 1429 |
+ tv.tv_sec = readTimeout; |
|
| 1430 | 1430 |
tv.tv_usec = 0; |
| 1431 | 1431 |
|
| 1432 | 1432 |
retval = select(maxsock, &rfds, NULL, NULL, &tv); |
| ... | ... |
@@ -1662,9 +1681,12 @@ clamfi_envfrom(SMFICTX *ctx, char **argv) |
| 1662 | 1662 |
privdata->cmdSocket = -1; /* 0.4 */ |
| 1663 | 1663 |
|
| 1664 | 1664 |
privdata->from = strdup(argv[0]); |
| 1665 |
- privdata->to = NULL; |
|
| 1666 | 1665 |
|
| 1667 |
- privdata->headers = (hflag) ? header_list_new() : NULL; |
|
| 1666 |
+ if(streamMaxLength > 0) |
|
| 1667 |
+ privdata->numBytes = strlen(argv[0]) + 6; |
|
| 1668 |
+ |
|
| 1669 |
+ if(hflag) |
|
| 1670 |
+ privdata->headers = header_list_new(); |
|
| 1668 | 1671 |
|
| 1669 | 1672 |
if(smfi_setpriv(ctx, privdata) == MI_SUCCESS) |
| 1670 | 1673 |
return SMFIS_CONTINUE; |
| ... | ... |
@@ -1694,6 +1716,9 @@ clamfi_envrcpt(SMFICTX *ctx, char **argv) |
| 1694 | 1694 |
privdata->to[privdata->numTo] = strdup(argv[0]); |
| 1695 | 1695 |
privdata->to[++privdata->numTo] = NULL; |
| 1696 | 1696 |
|
| 1697 |
+ if(streamMaxLength > 0) |
|
| 1698 |
+ privdata->numBytes += strlen(argv[0]) + 4; |
|
| 1699 |
+ |
|
| 1697 | 1700 |
return SMFIS_CONTINUE; |
| 1698 | 1701 |
} |
| 1699 | 1702 |
|
| ... | ... |
@@ -1725,6 +1750,9 @@ clamfi_header(SMFICTX *ctx, char *headerf, char *headerv) |
| 1725 | 1725 |
return cl_error; |
| 1726 | 1726 |
} |
| 1727 | 1727 |
|
| 1728 |
+ if(streamMaxLength > 0) |
|
| 1729 |
+ privdata->numBytes += strlen(headerf) + strlen(headerv) + 3; |
|
| 1730 |
+ |
|
| 1728 | 1731 |
if(hflag) |
| 1729 | 1732 |
header_list_add(privdata->headers, headerf, headerv); |
| 1730 | 1733 |
|
| ... | ... |
@@ -1757,6 +1785,8 @@ clamfi_eoh(SMFICTX *ctx) |
| 1757 | 1757 |
clamfi_cleanup(ctx); |
| 1758 | 1758 |
return cl_error; |
| 1759 | 1759 |
} |
| 1760 |
+ if(streamMaxLength > 0) |
|
| 1761 |
+ privdata->numBytes++; |
|
| 1760 | 1762 |
|
| 1761 | 1763 |
/* |
| 1762 | 1764 |
* See if the e-mail is only going to members of the list |
| ... | ... |
@@ -1813,8 +1843,19 @@ clamfi_body(SMFICTX *ctx, u_char *bodyp, size_t len) |
| 1813 | 1813 |
cli_dbgmsg("clamfi_envbody: %u bytes\n", len);
|
| 1814 | 1814 |
#endif |
| 1815 | 1815 |
|
| 1816 |
+ if(streamMaxLength > 0) {
|
|
| 1817 |
+ privdata->numBytes += len; |
|
| 1818 |
+ if(privdata->numBytes > streamMaxLength) {
|
|
| 1819 |
+ if(use_syslog) |
|
| 1820 |
+ syslog(LOG_NOTICE, "%s: Message more than StreamMaxLength (%ld) bytes - not scanned\n", |
|
| 1821 |
+ smfi_getsymval(ctx, "i"), |
|
| 1822 |
+ streamMaxLength); |
|
| 1823 |
+ clamfi_cleanup(ctx); /* not needed, but just to be safe */ |
|
| 1824 |
+ return SMFIS_ACCEPT; |
|
| 1825 |
+ } |
|
| 1826 |
+ } |
|
| 1816 | 1827 |
if(clamfi_send(privdata, len, (char *)bodyp) < 0) {
|
| 1817 |
- clamfi_cleanup(ctx); |
|
| 1828 |
+ clamfi_cleanup(ctx); /* not needed, but just to be safe */ |
|
| 1818 | 1829 |
return cl_error; |
| 1819 | 1830 |
} |
| 1820 | 1831 |
if(Sflag) {
|
| ... | ... |
@@ -2355,13 +2396,13 @@ clamd_recv(int sock, char *buf, size_t len) |
| 2355 | 2355 |
fd_set rfds; |
| 2356 | 2356 |
struct timeval tv; |
| 2357 | 2357 |
|
| 2358 |
- if(threadtimeout == 0) |
|
| 2358 |
+ if(readTimeout == 0) |
|
| 2359 | 2359 |
return recv(sock, buf, len, 0); |
| 2360 | 2360 |
|
| 2361 | 2361 |
FD_ZERO(&rfds); |
| 2362 | 2362 |
FD_SET(sock, &rfds); |
| 2363 | 2363 |
|
| 2364 |
- tv.tv_sec = threadtimeout; |
|
| 2364 |
+ tv.tv_sec = readTimeout; |
|
| 2365 | 2365 |
tv.tv_usec = 0; |
| 2366 | 2366 |
|
| 2367 | 2367 |
switch(select(sock + 1, &rfds, NULL, NULL, &tv)) {
|
| ... | ... |
@@ -2370,7 +2411,7 @@ clamd_recv(int sock, char *buf, size_t len) |
| 2370 | 2370 |
return -1; |
| 2371 | 2371 |
case 0: |
| 2372 | 2372 |
if(use_syslog) |
| 2373 |
- syslog(LOG_ERR, "No data received from clamd in %d seconds\n", threadtimeout); |
|
| 2373 |
+ syslog(LOG_ERR, "No data received from clamd in %d seconds\n", readTimeout); |
|
| 2374 | 2374 |
return 0; |
| 2375 | 2375 |
} |
| 2376 | 2376 |
return recv(sock, buf, len, 0); |