@@ -1,3 +1,7 @@

+Tue Jun 10 18:18:42 CEST 2008 (tk)

+----------------------------------

+  * clamscan: drop support for external unpackers (bb#1052)

+

 Mon Jun  9 20:31:50 CEST 2008 (tk)

 ----------------------------------

   * sync with 0.93.1

@@ -36,9 +36,7 @@ clamscan_SOURCES = \

     others.h \

     global.h \

     manager.c \

-    manager.h \

-    treewalk.c \

-    treewalk.h

+    manager.h

 DEFS = @DEFS@ -DCL_NOTHREADS

 LIBS = $(top_builddir)/libclamav/libclamav.la @THREAD_LIBS@

@@ -69,8 +69,7 @@ binPROGRAMS_INSTALL = $(INSTALL_PROGRAM)

 PROGRAMS = $(bin_PROGRAMS)

 am_clamscan_OBJECTS = output.$(OBJEXT) getopt.$(OBJEXT) \

 	cfgparser.$(OBJEXT) misc.$(OBJEXT) options.$(OBJEXT) \

-	clamscan.$(OBJEXT) others.$(OBJEXT) manager.$(OBJEXT) \

-	treewalk.$(OBJEXT)

+	clamscan.$(OBJEXT) others.$(OBJEXT) manager.$(OBJEXT)

 clamscan_OBJECTS = $(am_clamscan_OBJECTS)

 clamscan_LDADD = $(LDADD)

 DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)

@@ -234,9 +233,7 @@ clamscan_SOURCES = \

     others.h \

     global.h \

     manager.c \

-    manager.h \

-    treewalk.c \

-    treewalk.h

+    manager.h

 AM_CPPFLAGS = -I$(top_srcdir) -I$(top_srcdir)/shared -I$(top_srcdir)/libclamav

 all: all-am

@@ -318,7 +315,6 @@ distclean-compile:

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/options.Po@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/others.Po@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/output.Po@am__quote@

-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/treewalk.Po@am__quote@

 .c.o:

 @am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<

@@ -40,13 +40,13 @@

 #include "others.h"

 #include "global.h"

 #include "manager.h"

-#include "treewalk.h"

 #include "shared/misc.h"

 #include "shared/output.h"

 #include "shared/options.h"

 #include "libclamav/str.h"

+#include "libclamav/clamav.h"

 void help(void);

@@ -322,7 +322,7 @@ void help(void)

     mprintf("    --no-ole2                            Disable OLE2 support\n");

     mprintf("    --no-pdf                             Disable PDF support\n");

     mprintf("    --no-html                            Disable HTML support\n");

-    mprintf("    --no-archive                         Disable libclamav archive support\n");

+    mprintf("    --no-archive                         Disable archive support\n");

     mprintf("    --detect-broken                      Try to detect broken executable files\n");

     mprintf("    --block-encrypted                    Block encrypted archives\n");

     mprintf("    --mail-follow-urls                   Download and scan URLs\n");

@@ -332,15 +332,8 @@ void help(void)

     mprintf("    --max-files=#n                       The maximum number of files to scan for each container file (*)\n");

     mprintf("    --max-recursion=#n                   Maximum archive recursion level for container file (*)\n");

     mprintf("    --max-dir-recursion=#n               Maximum directory recursion level\n");

-    mprintf("    --unzip[=FULLPATH]                   Enable support for .zip files\n");

-    mprintf("    --unrar[=FULLPATH]                   Enable support for .rar files\n");

-    mprintf("    --arj[=FULLPATH]                     Enable support for .arj files\n");

-    mprintf("    --unzoo[=FULLPATH]                   Enable support for .zoo files\n");

-    mprintf("    --lha[=FULLPATH]                     Enable support for .lha files\n");

-    mprintf("    --jar[=FULLPATH]                     Enable support for .jar files\n");

-    mprintf("    --tar[=FULLPATH]                     Enable support for .tar files\n");

-    mprintf("    --deb[=FULLPATH to ar]               Enable support for .deb files\n");

-    mprintf("    --tgz[=FULLPATH]                     Enable support for .tar.gz, .tgz files\n\n");

-    mprintf("(*) Certain files (e.g. documents, archives, etc.) may in turn contain other files inside.\n");

-    mprintf("    The above options ensure safe processing of this kind of data.\n\n");

+

+    mprintf("\n");

+    mprintf("(*) Certain files (e.g. documents, archives, etc.) may in turn contain other\n");

+    mprintf("    files inside. The above options ensure safe processing of this kind of data.\n\n");

 }

@@ -80,15 +80,6 @@ static struct option clamscan_longopt[] = {

     {"phishing-ssl", 0, 0, 0},

     {"phishing-cloak", 0, 0, 0},

     {"no-algorithmic", 0, 0, 0},

-    {"unzip", 2, 0, 0},

-    {"unrar", 2, 0, 0},

-    {"arj", 2, 0, 0},

-    {"unzoo", 2, 0, 0},

-    {"lha", 2, 0, 0},

-    {"jar", 2, 0, 0},

-    {"tar", 2, 0, 0},

-    {"tgz", 2, 0, 0},

-    {"deb", 2, 0, 0},

     /* developers only */

     {"dev-ac-only", 0, 0, 0},

@@ -34,11 +34,8 @@

 #include <sys/wait.h>

 #include <utime.h>

 #endif

-#ifdef HAVE_GRP_H

-#include <grp.h>

-#endif

-#ifdef HAVE_PWD_H

-#include <pwd.h>

+#ifndef C_WINDOWS

+#include <dirent.h>

 #endif

 #include <fcntl.h>

 #ifdef	HAVE_UNISTD_H

@@ -50,7 +47,6 @@

 #include "manager.h"

 #include "others.h"

-#include "treewalk.h"

 #include "global.h"

 #include "shared/options.h"

@@ -75,9 +71,204 @@ dev_t procdev;

 #define	O_BINARY    0

 #endif

-static int scandirs(const char *dirname, struct cl_engine *engine, const struct passwd *user, const struct optstruct *opt, const struct cl_limits *limits, int options)

+static void move_infected(const char *filename, const struct optstruct *opt);

+

+static int scanfile(const char *filename, struct cl_engine *engine, const struct optstruct *opt, const struct cl_limits *limits, unsigned int options)

 {

-    return treewalk(dirname, engine, user, opt, limits, options, 1);

+	int ret = 0, fd, included, printclean = 1;

+	const struct optnode *optnode;

+	char *argument;

+	const char *virname;

+#ifdef C_LINUX

+	struct stat sb;

+

+    /* argh, don't scan /proc files */

+    if(procdev)

+	if(stat(filename, &sb) != -1)

+	    if(sb.st_dev == procdev) {

+		if(!printinfected)

+		    logg("~%s: Excluded (/proc)\n", filename);

+		return 0;

+	    }

+#endif    

+

+    if(opt_check(opt, "exclude")) {

+	argument = opt_firstarg(opt, "exclude", &optnode);

+	while(argument) {

+	    if(match_regex(filename, argument) == 1) {

+		if(!printinfected)

+		    logg("~%s: Excluded\n", filename);

+		return 0;

+	    }

+	    argument = opt_nextarg(&optnode, "exclude");

+	}

+    }

+

+   if(opt_check(opt, "include")) {

+	included = 0;

+	argument = opt_firstarg(opt, "include", &optnode);

+	while(argument && !included) {

+	    if(match_regex(filename, argument) == 1) {

+		included = 1;

+		break;

+	    }

+	    argument = opt_nextarg(&optnode, "include");

+	}

+

+	if(!included) {

+	    if(!printinfected)

+		logg("~%s: Excluded\n", filename);

+	    return 0;

+	}

+    }

+

+    if(fileinfo(filename, 1) == 0) {

+	if(!printinfected)

+	    logg("~%s: Empty file\n", filename);

+	return 0;

+    }

+

+#ifndef C_WINDOWS

+    if(geteuid())

+	if(checkaccess(filename, NULL, R_OK) != 1) {

+	    if(!printinfected)

+		logg("~%s: Access denied\n", filename);

+	    return 0;

+	}

+#endif

+

+    logg("*Scanning %s\n", filename);

+

+    if((fd = open(filename, O_RDONLY|O_BINARY)) == -1) {

+	logg("^Can't open file %s\n", filename);

+	return 54;

+    }

+

+    info.files++;

+

+    if((ret = cl_scandesc(fd, &virname, &info.blocks, engine, limits, options)) == CL_VIRUS) {

+	logg("~%s: %s FOUND\n", filename, virname);

+	info.ifiles++;

+

+	if(bell)

+	    fprintf(stderr, "\007");

+

+    } else if(ret == CL_CLEAN) {

+	if(!printinfected && printclean)

+	    mprintf("~%s: OK\n", filename);

+    } else

+	if(!printinfected)

+	    logg("~%s: %s\n", filename, cl_strerror(ret));

+

+    close(fd);

+

+    if(ret == CL_VIRUS) {

+	if(opt_check(opt, "remove")) {

+	    if(unlink(filename)) {

+		logg("^%s: Can't remove\n", filename);

+		info.notremoved++;

+	    } else {

+		logg("~%s: Removed\n", filename);

+	    }

+	} else if(opt_check(opt, "move") || opt_check(opt, "copy"))

+            move_infected(filename, opt);

+    }

+

+    return ret;

+}

+

+static int scandirs(const char *dirname, struct cl_engine *engine, const struct optstruct *opt, const struct cl_limits *limits, unsigned int options, unsigned int depth)

+{

+	DIR *dd;

+	struct dirent *dent;

+	struct stat statbuf;

+	char *fname;

+	int scanret = 0, included;

+	unsigned int maxdepth;

+	const struct optnode *optnode;

+	char *argument;

+

+

+    if(opt_check(opt, "exclude-dir")) {

+	argument = opt_firstarg(opt, "exclude-dir", &optnode);

+	while(argument) {

+	    if(match_regex(dirname, argument) == 1) {

+		if(!printinfected)

+		    logg("~%s: Excluded\n", dirname);

+		return 0;

+	    }

+	    argument = opt_nextarg(&optnode, "exclude-dir");

+	}

+    }

+

+   if(opt_check(opt, "include-dir")) {

+	included = 0;

+	argument = opt_firstarg(opt, "include-dir", &optnode);

+	while(argument && !included) {

+	    if(match_regex(dirname, argument) == 1) {

+		included = 1;

+		break;

+	    }

+	    argument = opt_nextarg(&optnode, "include-dir");

+	}

+

+	if(!included) {

+	    if(!printinfected)

+		logg("~%s: Excluded\n", dirname);

+	    return 0;

+	}

+    }

+

+    if(opt_check(opt, "max-dir-recursion"))

+        maxdepth = atoi(opt_arg(opt, "max-dir-recursion"));

+    else

+        maxdepth = 15;

+

+    if(depth > maxdepth)

+	return 0;

+

+    info.dirs++;

+    depth++;

+

+    if((dd = opendir(dirname)) != NULL) {

+	while((dent = readdir(dd))) {

+#if !defined(C_INTERIX) && !defined(C_WINDOWS) && !defined(C_CYGWIN)

+	    if(dent->d_ino)

+#endif

+	    {

+		if(strcmp(dent->d_name, ".") && strcmp(dent->d_name, "..")) {

+		    /* build the full name */

+		    fname = malloc(strlen(dirname) + strlen(dent->d_name) + 2);

+		    sprintf(fname, "%s/%s", dirname, dent->d_name);

+

+		    /* stat the file */

+		    if(lstat(fname, &statbuf) != -1) {

+			if(S_ISDIR(statbuf.st_mode) && !S_ISLNK(statbuf.st_mode) && recursion) {

+			    if(scandirs(fname, engine, opt, limits, options, depth) == 1)

+				scanret++;

+			} else {

+			    if(S_ISREG(statbuf.st_mode))

+				scanret += scanfile(fname, engine, opt, limits, options);

+			}

+		    }

+		    free(fname);

+		}

+

+	    }

+	}

+    } else {

+	if(!printinfected)

+	    logg("~%s: Can't open directory.\n", dirname);

+	return 53;

+    }

+

+    closedir(dd);

+

+    if(scanret)

+	return 1;

+    else

+	return 0;

+

 }

 static int scanstdin(const struct cl_engine *engine, const struct cl_limits *limits, int options)

@@ -85,6 +276,7 @@ static int scanstdin(const struct cl_engine *engine, const struct cl_limits *lim

 	int ret;

 	const char *virname, *tmpdir;

 	char *file, buff[FILEBUFF];

+	size_t bread;

 	FILE *fs;

@@ -111,8 +303,8 @@ static int scanstdin(const struct cl_engine *engine, const struct cl_limits *lim

 	return 63;

     }

-    while((ret = fread(buff, 1, FILEBUFF, stdin)))

-	if(fwrite(buff, 1, ret, fs) < ret) {

+    while((bread = fread(buff, 1, FILEBUFF, stdin)))

+	if(fwrite(buff, 1, bread, fs) < bread) {

 	    logg("!Can't write to %s\n", file);

 	    free(file);

 	    return 58;

@@ -145,29 +337,13 @@ static int scanstdin(const struct cl_engine *engine, const struct cl_limits *lim

 int scanmanager(const struct optstruct *opt)

 {

 	mode_t fmode;

-	int ret = 0, extunpacker = 0, fmodeint, i, x;

+	int ret = 0, fmodeint, i, x;

 	unsigned int options = 0, dboptions = 0;

 	struct cl_engine *engine = NULL;

 	struct cl_limits limits;

-	struct passwd *user = NULL;

 	struct stat sb;

-	char *fullpath = NULL, cwd[1024];

-

+	char *file, cwd[1024];

-    if(opt_check(opt, "unzip") || opt_check(opt, "unrar") || opt_check(opt, "arj") ||

-       opt_check(opt, "unzoo") || opt_check(opt, "jar") || opt_check(opt, "lha") ||

-       opt_check(opt, "tar") || opt_check(opt, "tgz") || opt_check(opt, "deb"))

-	    extunpacker = 1;

-

-/* njh@bandsman.co.uk: BeOS */

-#if !defined(C_CYGWIN) && !defined(C_OS2) && !defined(C_BEOS) && !defined(C_WINDOWS)

-    if(extunpacker && !geteuid()) {

-	if((user = getpwnam(CLAMAVUSER)) == NULL) {

-	    logg("!Can't get information about user "CLAMAVUSER" (required to run external unpackers)\n");

-	    exit(60); /* this is critical problem, so we just exit here */

-	}

-    }

-#endif

     if(!opt_check(opt, "no-phishing-sigs"))

 	dboptions |= CL_DB_PHISHING;

@@ -360,66 +536,43 @@ int scanmanager(const struct optstruct *opt)

 	    logg("!Can't get absolute pathname of current working directory\n");

 	    ret = 57;

 	} else

-	    ret = scandirs(cwd, engine, user, opt, &limits, options);

+	    ret = scandirs(cwd, engine, opt, &limits, options, 1);

     } else if(!strcmp(opt->filename, "-")) { /* read data from stdin */

 	ret = scanstdin(engine, &limits, options);

     } else {

-	char *thefilename;

-	for (x = 0; (thefilename = cli_strtok(opt->filename, x, "\t")) != NULL; x++) {

-	    if((fmodeint = fileinfo(thefilename, 2)) == -1) {

-		logg("^Can't access file %s\n", thefilename);

-		perror(thefilename);

+	for (x = 0; (file = cli_strtok(opt->filename, x, "\t")) != NULL; x++) {

+	    if((fmodeint = fileinfo(file, 2)) == -1) {

+		logg("^Can't access file %s\n", file);

+		perror(file);

 		ret = 56;

 	    } else {

 		int slash = 1;

-		for(i = strlen(thefilename) - 1; i > 0 && slash; i--) {

-		    if(thefilename[i] == '/')

-			thefilename[i] = 0;

+		for(i = strlen(file) - 1; i > 0 && slash; i--) {

+		    if(file[i] == '/')

+			file[i] = 0;

 		    else

 			slash = 0;

 		}

 		fmode = (mode_t) fmodeint;

-		if(extunpacker && (thefilename[0] != '/' && thefilename[0] != '\\' && thefilename[1] != ':')) {

-		    /* we need to complete the path */

-		    if(!getcwd(cwd, sizeof(cwd))) {

-			logg("!Can't get absolute pathname of current working directory\n");

-			return 57;

-		    } else {

-			fullpath = malloc(512);

-#ifdef NO_SNPRINTF

-			sprintf(fullpath, "%s/%s", cwd, thefilename);

-#else

-			snprintf(fullpath, 512, "%s/%s", cwd, thefilename);

-#endif

-			logg("*Full path: %s\n", fullpath);

-		    }

-		} else

-		    fullpath = thefilename;

-

 		switch(fmode & S_IFMT) {

 		    case S_IFREG:

-			ret = scanfile(fullpath, engine, user, opt, &limits, options);

+			ret = scanfile(file, engine, opt, &limits, options);

 			break;

 		    case S_IFDIR:

-			ret = scandirs(fullpath, engine, user, opt, &limits, options);

+			ret = scandirs(file, engine, opt, &limits, options, 1);

 			break;

 		    default:

-			logg("!Not supported file type (%s)\n", thefilename);

+			logg("!Not supported file type (%s)\n", file);

 			ret = 52;

 		}

-

-		if(extunpacker && (thefilename[0] != '/' && thefilename[0] != '\\' && thefilename[1] != ':')) {

-		    free(fullpath);

-		    fullpath = NULL;

-		}

 	    }

-	    free(thefilename);

+	    free(file);

 	}

     }

@@ -435,133 +588,6 @@ int scanmanager(const struct optstruct *opt)

     return ret;

 }

-/*

- * -1 -> can't fork

- * -2 -> can't execute

- * -3 -> external signal

- * 0 -> OK

- */

-

-#ifdef C_WINDOWS

-static int clamav_unpack(const char *prog, const char **args, const char *tmpdir, const struct passwd *user, const struct optstruct *opt)

-{

-    /* TODO: use spamvp(P_WAIT, prog, args); */

-    cli_errmsg("clamav_unpack is not supported under Windows yet\n");

-    return -1;

-}

-#else

-static int clamav_unpack(const char *prog, const char **args, const char *tmpdir, const struct passwd *user, const struct optstruct *opt)

-{

-	pid_t pid;

-	int status, wret, fdevnull;

-	unsigned int maxfiles, maxscansize;

-	struct s_du n;

-

-

-    if(opt_check(opt, "max-files"))

-	maxfiles = atoi(opt_arg(opt, "max-files"));

-    else

-	maxfiles = 10000;

-

-    if(opt_check(opt, "max-scansize")) {

-	    char *cpy, *ptr;

-	ptr = opt_arg(opt, "max-scansize");

-	if(tolower(ptr[strlen(ptr) - 1]) == 'm') { /* megabytes */

-	    cpy = calloc(strlen(ptr), 1);

-	    strncpy(cpy, ptr, strlen(ptr) - 1);

-	    cpy[strlen(ptr)-1]='\0';

-	    maxscansize = atoi(cpy) * 1024;

-	    free(cpy);

-	} else /* default - kilobytes */

-	    maxscansize = atoi(ptr);

-    } else

-	maxscansize = 104857600;

-

-    switch(pid = fork()) {

-	case -1:

-	    return -1;

-	case 0:

-#ifndef C_CYGWIN

-	    if(!geteuid() && user) {

-

-#ifdef HAVE_SETGROUPS

-		if(setgroups(1, &user->pw_gid)) {

-		    fprintf(stderr, "ERROR: setgroups() failed\n");

-		    exit(1);

-		}

-#endif

-

-		if(setgid(user->pw_gid)) {

-		    fprintf(stderr, "ERROR: setgid(%d) failed\n", (int) user->pw_gid);

-		    exit(1);

-		}

-

-		if(setuid(user->pw_uid)) {

-		    fprintf(stderr, "ERROR: setuid(%d) failed\n", (int) user->pw_uid);

-		    exit(1);

-		}

-	    }

-#endif

-	    if(chdir(tmpdir) == -1) {

-		fprintf(stderr, "ERROR: chdir(%s) failed\n", tmpdir);

-		exit(1);

-	    }

-

-	    if(printinfected) {

-  	        fdevnull = open("/dev/null", O_WRONLY);

-		if(fdevnull == -1) {

-		    logg("Non fatal error: cannot open /dev/null. Continuing with full output\n");

-		    printinfected = 0;

-		} else {

-		    dup2(fdevnull,1);

-		    dup2(fdevnull,2);

-		}

-	    }

-

-	    if(strchr(prog, '/')) /* we have full path */

-		execv(prog, args);

-	    else

-		execvp(prog, args);

-	    perror("execv(p)");

-	    abort();

-	    break;

-	default:

-

-	    if(maxscansize || maxfiles) {

-		while(!(wret = waitpid(pid, &status, WNOHANG))) {

-		    memset(&n, 0, sizeof(struct s_du));

-

-		    if(!du(tmpdir, &n))

-			if((maxfiles && n.files > maxfiles) || (maxscansize && n.space > maxscansize)) {

-			    logg("*n.files: %u, n.space: %lu\n", n.files, n.space);

-			    kill(pid, 9); /* stop it immediately */

-			}

-		}

-	    } else

-		waitpid(pid, &status, 0);

-

-

-	    if(WIFSIGNALED(status)) {

-		switch(WTERMSIG(status)) {

-

-		    case 9:

-			logg("\nUnpacker process %d stopped due to exceeded limits\n", pid);

-			return 0;

-		    case 6: /* abort */

-			logg("^Can't run %s\n", prog);

-			return -2;

-		    default:

-			logg("^\nUnpacker stopped with external signal %d\n", WTERMSIG(status));

-			return -3;

-		}

-	    } else if(WIFEXITED(status))

-		return 0;

-    }

-

-    return 0;

-}

-#endif

-

 static void move_infected(const char *filename, const struct optstruct *opt)

 {

 	char *movedir, *movefilename, numext[4 + 1];

@@ -669,474 +695,3 @@ static void move_infected(const char *filename, const struct optstruct *opt)

     free(movefilename);

 }

-static int checkfile(const char *filename, const struct cl_engine *engine, const struct cl_limits *limits, int options, short printclean)

-{

-	int fd, ret;

-	const char *virname;

-

-

-    logg("*Scanning %s\n", filename);

-

-    if((fd = open(filename, O_RDONLY|O_BINARY)) == -1) {

-	logg("^Can't open file %s\n", filename);

-	return 54;

-    }

-

-    if((ret = cl_scandesc(fd, &virname, &info.blocks, engine, limits, options)) == CL_VIRUS) {

-	logg("~%s: %s FOUND\n", filename, virname);

-	info.ifiles++;

-

-	if(bell)

-	    fprintf(stderr, "\007");

-

-    } else if(ret == CL_CLEAN) {

-	if(!printinfected && printclean)

-	    mprintf("~%s: OK\n", filename);

-    } else

-	if(!printinfected)

-	    logg("~%s: %s\n", filename, cl_strerror(ret));

-

-    close(fd);

-    return ret;

-}

-

-static int scancompressed(const char *filename, struct cl_engine *engine, const struct passwd *user, const struct optstruct *opt, const struct cl_limits *limits, int options)

-{

-	int ret = 0;

-	char *gendir, *userprg;

-	const char *tmpdir;

-	struct stat statbuf;

-

-

-    stat(filename, &statbuf);

-

-    if(!S_ISREG(statbuf.st_mode)) {

-	logg("^Suspect archive %s (not a regular file)\n", filename);

-	return 0; /* hmm ? */

-    }

-

-    /* check write access */

-

-    tmpdir = getenv("TMPDIR");

-

-    if(tmpdir == NULL)

-#ifdef P_tmpdir

-	tmpdir = P_tmpdir;

-#else

-	tmpdir = "/tmp";

-#endif

-

-    if(checkaccess(tmpdir, CLAMAVUSER, W_OK) != 1) {

-	logg("!Can't write to the temporary directory\n");

-	exit(64);

-    }

-

-    /* generate the temporary directory */

-

-    gendir = cli_gentemp(tmpdir);

-    if(mkdir(gendir, 0700)) {

-	logg("!Can't create the temporary directory %s\n", gendir);

-	exit(63); /* critical */

-    }

-

-#if !defined(C_OS2) && !defined(C_WINDOWS)

-    /* FIXME: do the correct native windows way */

-    if(user)

-	chown(gendir, user->pw_uid, user->pw_gid);

-#endif

-

-    /* unpack file  - as unprivileged user */

-    if(cli_strbcasestr(filename, ".zip")) {

-	const char *args[] = { "unzip", "-P", "clam", "-o", NULL, NULL };

-	/* Sun's SUNWspro C compiler doesn't allow direct initialisation

-	 * with a variable

-	 */

-	args[4] = filename;

-

-	if((userprg = opt_arg(opt, "unzip")))

-	    ret = clamav_unpack(userprg, args, gendir, user, opt);

-	else

-	    ret = clamav_unpack("unzip", args, gendir, user, opt);

-

-    } else if(cli_strbcasestr(filename, ".rar")) { 

-	const char *args[] = { "unrar", "x", "-p-", "-y", NULL, NULL };

-	args[4] = filename;

-	if((userprg = opt_arg(opt, "unrar")))

-	    ret = clamav_unpack(userprg, args, gendir, user, opt);

-	else

-	    ret = clamav_unpack("unrar", args, gendir, user, opt);

-

-    } else if(cli_strbcasestr(filename, ".arj")) { 

-        const char *args[] = { "arj", "x","-y", NULL, NULL };

-	args[3] = filename;

-        if((userprg = opt_arg(opt, "arj")))

-	    ret = clamav_unpack(userprg, args, gendir, user, opt);

-	else

-	    ret = clamav_unpack("arj", args, gendir, user, opt);

-

-    } else if(cli_strbcasestr(filename, ".zoo")) { 

-	const char *args[] = { "unzoo", "-x","-j","./", NULL, NULL };

-	args[4] = filename;

-	if((userprg = opt_arg(opt, "unzoo")))

-	    ret = clamav_unpack(userprg, args, gendir, user, opt);

-	else

-	    ret = clamav_unpack("unzoo", args, gendir, user, opt);

-

-    } else if(cli_strbcasestr(filename, ".jar")) { 

-	const char *args[] = { "unzip", "-P", "clam", "-o", NULL, NULL };

-	args[4] = filename;

-	if((userprg = opt_arg(opt, "jar")))

-	    ret = clamav_unpack(userprg, args, gendir, user, opt);

-	else

-	    ret = clamav_unpack("unzip", args, gendir, user, opt);

-

-    } else if(cli_strbcasestr(filename, ".lzh")) { 

-	const char *args[] = { "lha", "xf", NULL, NULL };

-	args[2] = filename;

-	if((userprg = opt_arg(opt, "lha")))

-	    ret = clamav_unpack(userprg, args, gendir, user, opt);

-	else

-	    ret = clamav_unpack("lha", args, gendir, user, opt);

-

-    } else if(cli_strbcasestr(filename, ".tar")) { 

-	const char *args[] = { "tar", "-xpvf", NULL, NULL };

-	args[2] = filename;

-	if((userprg = opt_arg(opt, "tar")))

-	    ret = clamav_unpack(userprg, args, gendir, user, opt);

-	else

-	    ret = clamav_unpack("tar", args, gendir, user, opt);

-

-    } else if(cli_strbcasestr(filename, ".deb")) { 

-	const char *args[] = { "ar", "x", NULL, NULL };

-	args[2] = filename;

-	if((userprg = opt_arg(opt, "deb")))

-	    ret = clamav_unpack(userprg, args, gendir, user, opt);

-	else

-	    ret = clamav_unpack("ar", args, gendir, user, opt);

-

-    } else if((cli_strbcasestr(filename, ".tar.gz") || cli_strbcasestr(filename, ".tgz"))) {

-	const char *args[] = { "tar", "-zxpvf", NULL, NULL };

-	args[2] = filename;

-	if((userprg = opt_arg(opt, "tgz")))

-	    ret = clamav_unpack(userprg, args, gendir, user, opt);

-	else

-	    ret = clamav_unpack("tar", args, gendir, user, opt);

-    }

-

-    /* fix permissions of extracted files */

-    fixperms(gendir);

-

-    if(!ret) { /* execute successful */

-	    short oldrec = recursion;

-

-	recursion = 1;

-	ret = treewalk(gendir, engine, user, opt, limits, options, 1);

-	recursion = oldrec;

-    }

-

-    /* remove the directory  - as clamav */

-    if(!opt_check(opt, "leave-temps"))

-	clamav_rmdirs(gendir);

-

-    /* free gendir - it's not necessary now */

-    free(gendir);

-

-    switch(ret) {

-	case -1:

-	    logg("!Can't fork()\n");

-	    exit(61); /* this is critical problem, so we just exit here */

-	case -2:

-	    logg("^Can't execute some unpacker. Check paths and permissions on the temporary directory\n");

-	    /* This is no longer a critical error (since 0.24). We scan

-	     * raw archive.

-	     */

-	    if((ret = checkfile(filename, engine, limits, 0, 0)) == CL_VIRUS) {

-		if(opt_check(opt, "remove")) {

-		    if(unlink(filename)) {

-			logg("^%s: Can't remove\n", filename);

-			info.notremoved++;

-		    } else {

-			logg("~%s: Removed\n", filename);

-		    }

-		} else if (opt_check(opt, "move") || opt_check(opt, "copy"))

-		    move_infected(filename, opt);

-	    }

-	    return ret;

-	case -3:

-	    return 0;

-	case 0:

-	    /* no viruses found in archive, we scan just in case a raw file

-	     */

-	    if((ret = checkfile(filename, engine, limits, 0, 1)) == CL_VIRUS) {

-		if(opt_check(opt, "remove")) {

-		    if(unlink(filename)) {

-			logg("^%s: Can't remove\n", filename);

-			info.notremoved++;

-		    } else {

-			logg("~%s: Removed\n", filename);

-		    }

-		} else if (opt_check(opt, "move") || opt_check(opt, "copy"))

-		    move_infected(filename, opt);

-	    }

-	    return ret;

-	case 1:

-	    logg("~%s: Infected.Archive FOUND\n", filename);

-

-	    if(bell)

-		fprintf(stderr, "\007");

-

-	    if(opt_check(opt, "remove")) {

-		if(unlink(filename)) {

-		    logg("^%s: Can't remove\n", filename);

-		    info.notremoved++;

-		} else {

-		    logg("~%s: Removed\n", filename);

-		}

-	    } else if (opt_check(opt, "move") || opt_check(opt, "copy"))

-		move_infected(filename, opt);

-

-	    return 1;

-	default:

-	    logg("^Strange value (%d) returned in scancompressed()\n", ret);

-	    return 0;

-    }

-}

-

-static int scandenied(const char *filename, struct cl_engine *engine, const struct passwd *user, const struct optstruct *opt, const struct cl_limits *limits, int options)

-{

-	char *gendir, *tmp_file;

-	const char *tmpdir, *pt;

-	struct stat statbuf;

-	int ret;

-

-    stat(filename, &statbuf);

-    if(!S_ISREG(statbuf.st_mode)) {

-	logg("^Suspect archive %s (not a regular file)\n", filename);

-	return 0;

-    }

-

-    /* check write access */

-

-    tmpdir = getenv("TMPDIR");

-

-    if(tmpdir == NULL)

-#ifdef P_tmpdir

-	tmpdir = P_tmpdir;

-#else

-	tmpdir = "/tmp";

-#endif

-

-

-    if(checkaccess(tmpdir, CLAMAVUSER, W_OK) != 1) {

-	logg("!Can't write to the temporary directory %s\n", tmpdir);

-	exit(64);

-    }

-

-    /* generate the temporary directory */

-    gendir = cli_gentemp(tmpdir);

-    if(mkdir(gendir, 0700)) {

-	logg("^Can't create the temporary directory %s\n", gendir);

-	exit(63); /* critical */

-    }

-

-    tmp_file = (char *) malloc(strlen(gendir) + strlen(filename) + 10);

-    pt = strrchr(filename, '/');

-    if(!pt)

-	pt = filename;