Copyright updates:

[exim.git] / src / src / malware.c

diff --git a/src/src/malware.c b/src/src/malware.c
index cd80cd4b2d01dc620867f0ab2849aa9268ad4ecf..4719a5d616c3018cb502f6d9526549784a4d839e 100644 (file)
--- a/src/src/malware.c
+++ b/src/src/malware.c
@@ -2,9 +2,10 @@
 *     Exim - an Internet mail transport agent    *
 *************************************************/
 
-/* Copyright (c) Tom Kistner <tom@duncanthrax.net> 2003 - 2015
+/*
+ * Copyright (c) The Exim Maintainers 2015 - 2022
+ * Copyright (c) Tom Kistner <tom@duncanthrax.net> 2003 - 2015
  * License: GPL
- * Copyright (c) The Exim Maintainers 2015 - 2020
  */
 
 /* Code for calling virus (malware) scanners. Called from acl.c. */
@@ -277,11 +278,7 @@ int fd = ip_connectedsocket(SOCK_STREAM, hostname, port, port, 5,
 /* Under some fault conditions, FreeBSD 12.2 seen to send a (non-TFO) SYN
 and, getting no response, wait for a long time.  Impose a 5s max. */
 if (fd >= 0)
-  {
-  struct timeval tv = {.tv_sec = 5};
-  fd_set fds;
-  FD_ZERO(&fds); FD_SET(fd, &fds); (void) select(fd+1, NULL, &fds, NULL, &tv);
-  }
+  (void) poll_one_fd(fd, POLLOUT, 5 * 1000);
 #endif
 return fd;
 }
@@ -313,7 +310,7 @@ if (!(cre = pcre2_compile((PCRE2_SPTR)re, PCRE2_ZERO_TERMINATED,
   {
   uschar errbuf[128];
   pcre2_get_error_message(err, errbuf, sizeof(errbuf));
-  *errstr= string_sprintf("regular expression error in '%s': %s at offset %l",
+  *errstr= string_sprintf("regular expression error in '%s': %s at offset %ld",
       re, errbuf, (long)roffset);
   }
 return cre;
@@ -938,7 +935,7 @@ badseek:  err = errno;
          drweb_slen = ntohl(drweb_slen);
 
          /* assume tainted, since it is external input */
-         tmpbuf = store_get(drweb_slen, TRUE);
+         tmpbuf = store_get(drweb_slen, GET_TAINTED);
 
          /* read report body */
          if (!recv_len(malware_daemon_ctx.sock, tmpbuf, drweb_slen, tmo))
@@ -1457,7 +1454,7 @@ badseek:  err = errno;
       uschar av_buffer[1024];
       uschar *hostname = US"";
       host_item connhost;
-      int clam_fd, result;
+      int clam_fd;
       unsigned int fsize_uint;
       BOOL use_scan_command = FALSE;
       clamd_address * cv[MAX_CLAMD_SERVERS];
@@ -1475,9 +1472,9 @@ badseek:  err = errno;
        int subsep = ' ';
 
        /* Local file; so we def want to use_scan_command and don't want to try
-        * passing IP/port combinations */
+       passing IP/port combinations */
        use_scan_command = TRUE;
-       cd = (clamd_address *) store_get(sizeof(clamd_address), FALSE);
+       cd = (clamd_address *) store_get(sizeof(clamd_address), GET_UNTAINTED);
 
        /* extract socket-path part */
        sublist = scanner_options;
@@ -1511,7 +1508,7 @@ badseek:  err = errno;
            continue;
            }
 
-         cd = (clamd_address *) store_get(sizeof(clamd_address), FALSE);
+         cd = (clamd_address *) store_get(sizeof(clamd_address), GET_UNTAINTED);
 
          /* extract host and port part */
          sublist = scanner_options;
@@ -1563,7 +1560,11 @@ badseek:  err = errno;
       if (!use_scan_command)
        { cmd_str.data = US"zINSTREAM"; cmd_str.len = 10; }
       else
-       cmd_str.data = string_sprintf("SCAN %s\n%n", eml_filename, &cmd_str.len);
+       {
+       int n;
+       cmd_str.data = string_sprintf("SCAN %s\n%n", eml_filename, &n);
+       cmd_str.len = n;                /* .len is a size_t */
+       }
 
       /* We have some network servers specified */
       if (num_servers)
@@ -1820,7 +1821,7 @@ badseek:  err = errno;
       if (*p) ++p;
 
       /* colon in returned output? */
-      if(!(p = Ustrchr(av_buffer,':')))
+      if (!(p = Ustrchr(av_buffer,':')))
        return m_panic_defer(scanent, CUS callout_address, string_sprintf(
                  "ClamAV returned malformed result (missing colon): %s",
                  av_buffer));