Browse code
protection against potential db downgrade
git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@255 77e5149b-7576-45b1-b177-96237e5ba77b
Tomasz Kojm authored on 2004/02/09 10:07:36Showing 2 changed files
| ... | ... |
@@ -1,8 +1,14 @@ |
| 1 |
+Mon Feb 9 02:04:36 CET 2004 (tk) |
|
| 2 |
+--------------------------------- |
|
| 3 |
+ * freshclam: work-around for potential database downgrade (subtle problem |
|
| 4 |
+ in r-r dns handling) - reported by Daniel Mario Vega |
|
| 5 |
+ <dv5a*dc.uba.ar>, patched by Luca Gibelli <nervous*clamav.net>. |
|
| 6 |
+ |
|
| 1 | 7 |
Sat Feb 7 23:18:51 GMT 2004 (njh) |
| 2 | 8 |
---------------------------------- |
| 3 | 9 |
* libclamav: Handle empty content-type subtypes, e.g. headers such as |
| 4 | 10 |
Content-Type: text/ |
| 5 |
- Noted by Stefan Kaltenbrunner <mm-mailinglist@madness.at> |
|
| 11 |
+ Noted by Stefan Kaltenbrunner <mm-mailinglist*madness.at> |
|
| 6 | 12 |
|
| 7 | 13 |
Sat Feb 7 23:37:52 CET 2004 (tk) |
| 8 | 14 |
--------------------------------- |
| ... | ... |
@@ -116,7 +116,7 @@ int downloaddb(const char *localname, const char *remotename, const char *hostna |
| 116 | 116 |
{
|
| 117 | 117 |
struct cl_cvd *current, *remote; |
| 118 | 118 |
struct cfgstruct *cpt; |
| 119 |
- int hostfd, nodb = 0, ret, port = 0; |
|
| 119 |
+ int hostfd, nodb = 0, dbver = 0, ret, port = 0; |
|
| 120 | 120 |
char *tempname, ipaddr[16]; |
| 121 | 121 |
const char *proxy = NULL, *user = NULL, *pass = NULL; |
| 122 | 122 |
int flevel = cl_retflevel(); |
| ... | ... |
@@ -188,6 +188,8 @@ int downloaddb(const char *localname, const char *remotename, const char *hostna |
| 188 | 188 |
return 1; |
| 189 | 189 |
} |
| 190 | 190 |
|
| 191 |
+ dbver = remote->version; |
|
| 192 |
+ |
|
| 191 | 193 |
if(current) |
| 192 | 194 |
cl_cvdfree(current); |
| 193 | 195 |
|
| ... | ... |
@@ -231,18 +233,30 @@ int downloaddb(const char *localname, const char *remotename, const char *hostna |
| 231 | 231 |
return 54; |
| 232 | 232 |
} |
| 233 | 233 |
|
| 234 |
+ if((current = cl_cvdhead(tempname)) == NULL) {
|
|
| 235 |
+ mprintf("@Can't read CVD header of new %s database.\n", localname); /* we lie :) */
|
|
| 236 |
+ unlink(tempname); |
|
| 237 |
+ free(tempname); |
|
| 238 |
+ return 54; |
|
| 239 |
+ } |
|
| 240 |
+ |
|
| 241 |
+ if(current->version < dbver) {
|
|
| 242 |
+ mprintf("@Mirrors are not fully synchronized. Please try again later.\n");
|
|
| 243 |
+ cl_cvdfree(current); |
|
| 244 |
+ unlink(tempname); |
|
| 245 |
+ free(tempname); |
|
| 246 |
+ return 54; |
|
| 247 |
+ } |
|
| 248 |
+ |
|
| 234 | 249 |
if(!nodb && unlink(localname)) {
|
| 235 | 250 |
mprintf("@Can't unlink %s. Please fix it and try again.\n", localname);
|
| 251 |
+ cl_cvdfree(current); |
|
| 236 | 252 |
unlink(tempname); |
| 237 | 253 |
free(tempname); |
| 238 | 254 |
return 53; |
| 239 | 255 |
} else |
| 240 | 256 |
rename(tempname, localname); |
| 241 | 257 |
|
| 242 |
- if((current = cl_cvdhead(localname)) == NULL) {
|
|
| 243 |
- mprintf("@Can't read CVD header of new %s database.\n", localname);
|
|
| 244 |
- return 54; |
|
| 245 |
- } |
|
| 246 | 258 |
|
| 247 | 259 |
mprintf("%s updated (version: %d, sigs: %d, f-level: %d, builder: %s)\n", localname, current->version, current->sigs, current->fl, current->builder);
|
| 248 | 260 |
logg("%s updated (version: %d, sigs: %d, f-level: %d, builder: %s)\n", localname, current->version, current->sigs, current->fl, current->builder);
|