git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@79 77e5149b-7576-45b1-b177-96237e5ba77b
Nigel Horne authored on 2003/10/12 00:43:47... | ... |
@@ -1,3 +1,7 @@ |
1 |
+Sat Oct 11 16:42:42 BST 2003 (njh) |
|
2 |
+ * clamav-milter: fixed possible crash with long e-mail addresses |
|
3 |
+ Removed call to clamdscan to get version |
|
4 |
+ |
|
1 | 5 |
Thu Oct 9 15:18:44 CEST 2003 (tk) |
2 | 6 |
---------------------------------- |
3 | 7 |
* configure.in: added -lresolv to CLAMD_LIBS on Solaris |
... | ... |
@@ -131,6 +131,10 @@ Changes |
131 | 131 |
who's e-mail is not scanned |
132 | 132 |
0.60k 5/10/03 Only remove old UNIX domain socket if FixStaleSocket |
133 | 133 |
is set |
134 |
+0.60l 11/10/03 port is now unsigned |
|
135 |
+ Removed remote possibility of crash if the target |
|
136 |
+ e-mail address is very long |
|
137 |
+ No longer calls clamdscan to get the version |
|
134 | 138 |
|
135 | 139 |
BUG REPORTS |
136 | 140 |
|
... | ... |
@@ -136,9 +136,16 @@ |
136 | 136 |
* who's e-mail is not scanned |
137 | 137 |
* 0.60k 5/10/03 Only remove old UNIX domain socket if FixStaleSocket |
138 | 138 |
* is set |
139 |
+ * 0.60l 11/10/03 port is now unsigned |
|
140 |
+ * Removed remote possibility of crash if the target |
|
141 |
+ * e-mail address is very long |
|
142 |
+ * No longer calls clamdscan to get the version |
|
139 | 143 |
* |
140 | 144 |
* Change History: |
141 | 145 |
* $Log: clamav-milter.c,v $ |
146 |
+ * Revision 1.13 2003/10/11 15:42:15 nigelhorne |
|
147 |
+ * Don't call clamdscan |
|
148 |
+ * |
|
142 | 149 |
* Revision 1.12 2003/10/05 17:30:04 nigelhorne |
143 | 150 |
* Only fix old socket when FixStaleSocket is set |
144 | 151 |
* |
... | ... |
@@ -161,7 +168,7 @@ |
161 | 161 |
* Added -f flag use MaxThreads if --max-children not set |
162 | 162 |
* |
163 | 163 |
*/ |
164 |
-static char const rcsid[] = "$Id: clamav-milter.c,v 1.12 2003/10/05 17:30:04 nigelhorne Exp $"; |
|
164 |
+static char const rcsid[] = "$Id: clamav-milter.c,v 1.13 2003/10/11 15:42:15 nigelhorne Exp $"; |
|
165 | 165 |
|
166 | 166 |
#define CM_VERSION "0.60k" |
167 | 167 |
|
... | ... |
@@ -318,11 +325,9 @@ int |
318 | 318 |
main(int argc, char **argv) |
319 | 319 |
{ |
320 | 320 |
extern char *optarg; |
321 |
- char *port = NULL, *ptr; |
|
322 |
- FILE *clamd; |
|
321 |
+ char *port = NULL; |
|
323 | 322 |
const char *cfgfile = CL_DEFAULT_CFG; |
324 | 323 |
struct cfgstruct *cpt; |
325 |
- char cmd[64]; |
|
326 | 324 |
struct smfiDesc smfilter = { |
327 | 325 |
"ClamAv", /* filter name */ |
328 | 326 |
SMFI_VERSION, /* version code -- leave untouched */ |
... | ... |
@@ -339,6 +344,10 @@ main(int argc, char **argv) |
339 | 339 |
clamfi_close, /* connection cleanup callback */ |
340 | 340 |
}; |
341 | 341 |
|
342 |
+ snprintf(clamav_version, sizeof(clamav_version), |
|
343 |
+ "ClamAV version %s, clamav-milter version %s", |
|
344 |
+ VERSION, CM_VERSION); |
|
345 |
+ |
|
342 | 346 |
for(;;) { |
343 | 347 |
int opt_index = 0; |
344 | 348 |
#ifdef CL_DEBUG |
... | ... |
@@ -441,7 +450,7 @@ main(int argc, char **argv) |
441 | 441 |
serverIP = optarg; |
442 | 442 |
break; |
443 | 443 |
case 'V': |
444 |
- printf("%s version %s\n", argv[0], CM_VERSION); |
|
444 |
+ puts(clamav_version); |
|
445 | 445 |
return EX_OK; |
446 | 446 |
#ifdef CL_DEBUG |
447 | 447 |
case 'x': |
... | ... |
@@ -525,28 +534,6 @@ main(int argc, char **argv) |
525 | 525 |
return EX_CONFIG; |
526 | 526 |
} |
527 | 527 |
|
528 |
- /* |
|
529 |
- * call clamdscan to get the version number of clamd. |
|
530 |
- * TODO: there's probably a better way of doing this! |
|
531 |
- */ |
|
532 |
- snprintf(cmd, sizeof(cmd), "clamdscan --version 2>&1"); |
|
533 |
- clamd = popen(cmd, "r"); |
|
534 |
- |
|
535 |
- if(clamd == NULL) { |
|
536 |
- /* |
|
537 |
- * TODO: if this happens we should continue, allowing |
|
538 |
- * everything through with a warning |
|
539 |
- */ |
|
540 |
- fprintf(stderr, "%s: can't find clamdscan\n", argv[0]); |
|
541 |
- return EX_TEMPFAIL; |
|
542 |
- } |
|
543 |
- |
|
544 |
- fgets(clamav_version, sizeof(clamav_version), clamd); |
|
545 |
- pclose(clamd); |
|
546 |
- |
|
547 |
- if((ptr = strchr(clamav_version, '\n')) != NULL) |
|
548 |
- *ptr = '\0'; |
|
549 |
- |
|
550 | 528 |
if(!cfgopt(copt, "Foreground")) |
551 | 529 |
switch(fork()) { |
552 | 530 |
case -1: |
... | ... |
@@ -741,7 +728,7 @@ clamfi_envfrom(SMFICTX *ctx, char **argv) |
741 | 741 |
{ |
742 | 742 |
struct privdata *privdata; |
743 | 743 |
struct sockaddr_in reply; |
744 |
- short port; |
|
744 |
+ unsigned short port; |
|
745 | 745 |
int nbytes, rc; |
746 | 746 |
char buf[64]; |
747 | 747 |
|
... | ... |
@@ -914,7 +901,7 @@ clamfi_envfrom(SMFICTX *ctx, char **argv) |
914 | 914 |
if(debug_level >= 4) |
915 | 915 |
printf("Received: %s", buf); |
916 | 916 |
#endif |
917 |
- if(sscanf(buf, "PORT %hd\n", &port) != 1) { |
|
917 |
+ if(sscanf(buf, "PORT %hu\n", &port) != 1) { |
|
918 | 918 |
close(privdata->dataSocket); |
919 | 919 |
close(privdata->cmdSocket); |
920 | 920 |
free(privdata); |
... | ... |
@@ -1157,7 +1144,12 @@ clamfi_eom(SMFICTX *ctx) |
1157 | 1157 |
*/ |
1158 | 1158 |
err = (char *)malloc(1024); |
1159 | 1159 |
|
1160 |
- sprintf(err, "Intercepted virus from %s to", privdata->from); |
|
1160 |
+ /* |
|
1161 |
+ * Use snprintf rather than printf since we don't know the |
|
1162 |
+ * length of privdata->from and may get a buffre overrun |
|
1163 |
+ * causing a crash |
|
1164 |
+ */ |
|
1165 |
+ snprintf(err, 1024, "Intercepted virus from %s to", privdata->from); |
|
1161 | 1166 |
|
1162 | 1167 |
ptr = strchr(err, '\0'); |
1163 | 1168 |
|
... | ... |
@@ -1185,6 +1177,10 @@ clamfi_eom(SMFICTX *ctx) |
1185 | 1185 |
if(!qflag) { |
1186 | 1186 |
sendmail = popen("/usr/lib/sendmail -t", "w"); |
1187 | 1187 |
if(sendmail) { |
1188 |
+ /* |
|
1189 |
+ * TODO: Make this e-mail message customisable |
|
1190 |
+ * perhaps by means of a template |
|
1191 |
+ */ |
|
1188 | 1192 |
fputs("From: MAILER-DAEMON\n", sendmail); |
1189 | 1193 |
if(bflag) { |
1190 | 1194 |
fprintf(sendmail, "To: %s\n", privdata->from); |
... | ... |
@@ -1319,6 +1315,8 @@ clamfi_cleanup(SMFICTX *ctx) |
1319 | 1319 |
pthread_mutex_lock(&n_children_mutex); |
1320 | 1320 |
/* |
1321 | 1321 |
* Deliberately errs on the side of broadcasting too many times |
1322 |
+ * |
|
1323 |
+ * No need to check for underflow since n_children must be > 0 |
|
1322 | 1324 |
*/ |
1323 | 1325 |
--n_children; |
1324 | 1326 |
if((n_children < max_children) && (n_children > 0)) { |