@@ -23,6 +23,13 @@ ClamAV 0.103.1 is a bug patch release to address the following issues.

 - Fixed freshclam --on-update-execute=EXIT_1 temporary directory cleanup issue.

+- `clamd`'s log output and VirusEvent now provide the scan target's file path

+  instead of a file descriptor. The clamd socket API for submitting a scan by

+  FD-passing doesn't include a file path, this feature works by looking up the

+  file path by file descriptor. This feature works on Mac and Linux but is not

+  yet implemented for other UNIX operating systems.

+  FD-passing is not available for Windows.

+

 ### Acknowledgements

 The ClamAV team thanks the following individuals for their code submissions:

@@ -364,7 +364,7 @@ int scan_pathchk(const char *path, struct cli_ftw_cbdata *data)

     return 0;

 }

-int scanfd(

+cl_error_t scanfd(

     const client_conn_t *conn,

     unsigned long int *scanned,

     const struct cl_engine *engine,

@@ -373,13 +373,17 @@ int scanfd(

     int odesc,

     int stream)

 {

-    int ret, fd = conn->scanfd;

+    cl_error_t ret      = -1;

+    int fd              = conn->scanfd;

     const char *virname = NULL;

     STATBUF statbuf;

     struct cb_context context;

     char fdstr[32];

     const char *reply_fdstr;

+    char *filepath     = NULL;

+    char *log_filename = fdstr;

+

     UNUSEDPARAM(odesc);

     if (stream) {

@@ -396,41 +400,60 @@ int scanfd(

     }

     if (FSTAT(fd, &statbuf) == -1 || !S_ISREG(statbuf.st_mode)) {

         logg("%s: Not a regular file. ERROR\n", fdstr);

-        if (conn_reply(conn, reply_fdstr, "Not a regular file", "ERROR") == -1)

-            return CL_ETIMEOUT;

-        return -1;

+        if (conn_reply(conn, reply_fdstr, "Not a regular file", "ERROR") == -1) {

+            ret = CL_ETIMEOUT;

+            goto done;

+        }

+        ret = CL_BREAK;

+        goto done;

+    }

+

+    /* Try and get the real filename, for logging purposes */

+    if (!stream) {

+        if (CL_SUCCESS != cli_get_filepath_from_filedesc(fd, &filepath)) {

+            logg("*%s: Unable to determine the filepath given the file descriptor.\n", fdstr);

+        } else {

+            log_filename = filepath;

+        }

     }

     thrmgr_setactivetask(fdstr, NULL);

     context.filename = fdstr;

     context.virsize  = 0;

     context.scandata = NULL;

-    ret              = cl_scandesc_callback(fd, conn->filename, &virname, scanned, engine, options, &context);

+    ret              = cl_scandesc_callback(fd, log_filename, &virname, scanned, engine, options, &context);

     thrmgr_setactivetask(NULL, NULL);

     if (thrmgr_group_need_terminate(conn->group)) {

         logg("*Client disconnected while scanjob was active\n");

-        return ret == CL_ETIMEOUT ? ret : CL_BREAK;

+        ret = ret == CL_ETIMEOUT ? ret : CL_BREAK;

+        goto done;

     }

     if (ret == CL_VIRUS) {

         if (conn_reply_virus(conn, reply_fdstr, virname) == -1)

             ret = CL_ETIMEOUT;

         if (context.virsize && optget(opts, "ExtendedDetectionInfo")->enabled)

-            logg("%s: %s(%s:%llu) FOUND\n", fdstr, virname, context.virhash, context.virsize);

+            logg("%s: %s(%s:%llu) FOUND\n", log_filename, virname, context.virhash, context.virsize);

         else

-            logg("%s: %s FOUND\n", fdstr, virname);

-        virusaction(reply_fdstr, virname, opts);

+            logg("%s: %s FOUND\n", log_filename, virname);

+        virusaction(log_filename, virname, opts);

     } else if (ret != CL_CLEAN) {

         if (conn_reply(conn, reply_fdstr, cl_strerror(ret), "ERROR") == -1)

             ret = CL_ETIMEOUT;

-        logg("%s: %s ERROR\n", fdstr, cl_strerror(ret));

+        logg("%s: %s ERROR\n", log_filename, cl_strerror(ret));

     } else {

         if (conn_reply_single(conn, reply_fdstr, "OK") == CL_ETIMEOUT)

             ret = CL_ETIMEOUT;

         if (logok)

-            logg("%s: OK\n", fdstr);

+            logg("%s: OK\n", log_filename);

     }

+

+done:

+    if (NULL != filepath) {

+        free(filepath);

+    }

+

     return ret;

 }

@@ -65,7 +65,7 @@ struct cb_context {

     struct scan_cb_data *scandata;

 };

-int scanfd(const client_conn_t *conn, unsigned long int *scanned, const struct cl_engine *engine, struct cl_scan_options *options, const struct optstruct *opts, int odesc, int stream);

+cl_error_t scanfd(const client_conn_t *conn, unsigned long int *scanned, const struct cl_engine *engine, struct cl_scan_options *options, const struct optstruct *opts, int odesc, int stream);

 int scanstream(int odesc, unsigned long int *scanned, const struct cl_engine *engine, struct cl_scan_options *options, const struct optstruct *opts, char term);

 cl_error_t scan_callback(STATBUF *sb, char *filename, const char *msg, enum cli_ftw_reason reason, struct cli_ftw_cbdata *data);

 int scan_pathchk(const char *path, struct cli_ftw_cbdata *data);

@@ -262,6 +262,7 @@ CLAMAV_PRIVATE {

     cli_basename;

     cli_realpath;

     cli_codepage_to_utf8;

+    cli_get_filepath_from_filedesc;

     __cli_strcasestr;

     __cli_strndup;

@@ -188,6 +188,7 @@ EXPORTS __cli_strnlen @44390 NONAME

 EXPORTS __cli_strnstr @44391 NONAME

 EXPORTS cli_gentemp_with_prefix @44392 NONAME

 EXPORTS cli_basename @44393 NONAME

+EXPORTS cli_get_filepath_from_filedesc @44394 NONAME

 ; compatibility layer, tommath, zlib

 EXPORTS w32_srand @44269 NONAME

@@ -270,4 +271,4 @@ EXPORTS cli_sigperf_events_destroy @44350 NONAME

 EXPORTS cli_cache_init @44351 NONAME

 EXPORTS cli_cache_destroy @44352 NONAME

 EXPORTS cli_strntoul @44353 NONAME

-EXPORTS cli_realpath @44354 NONAME

\ No newline at end of file

+EXPORTS cli_realpath @44354 NONAME