/* Copyright (c) Tom Kistner <tom@duncanthrax.net> 2003 - 2015
* License: GPL
- * Copyright (c) The Exim Maintainers 2015 - 2018
+ * Copyright (c) The Exim Maintainers 2015 - 2020
*/
/* Code for calling virus (malware) scanners. Called from acl.c. */
/* Some (currently avast only) use backslash escaped whitespace,
this function undoes these escapes */
+#ifndef DISABLE_MAL_AVAST
static inline void
unescape(uschar *p)
{
if (*p == '\\' && (isspace(p[1]) || p[1] == '\\'))
for (p0 = p; *p0; ++p0) *p0 = p0[1];
}
+#endif
/* --- malware_*_defer --- */
static inline int
return malware_panic_defer(string_sprintf("%s %s : %s",
scanent->name, hostport ? hostport : CUS"", str));
}
-static inline int
-m_log_defer(struct scan * scanent, const uschar * hostport,
- const uschar * str)
-{
-return malware_log_defer(string_sprintf("%s %s : %s",
- scanent->name, hostport ? hostport : CUS"", str));
-}
/* --- m_*_defer_3 */
static inline int
m_panic_defer_3(struct scan * scanent, const uschar * hostport,
const uschar * str, int fd_to_close)
{
+DEBUG(D_acl) debug_print_socket(fd_to_close);
(void) close(fd_to_close);
return m_panic_defer(scanent, hostport, str);
}
int roffset;
const pcre * cre;
-cre = pcre_compile(CS re, PCRE_COPT, (const char **)&rerror, &roffset, NULL);
-if (!cre)
+if (!(cre = pcre_compile(CS re, PCRE_COPT, CCSS &rerror, &roffset, NULL)))
*errstr= string_sprintf("regular expression error in '%s': %s at offset %d",
re, rerror, roffset);
return cre;
ovector, nelem(ovector));
uschar * substr = NULL;
if (i >= 2) /* Got it */
- pcre_get_substring(CS text, ovector, i, 1, (const char **) &substr);
+ pcre_get_substring(CS text, ovector, i, 1, CCSS &substr);
return substr;
}
return cre;
}
+
/*
Simple though inefficient wrapper for reading a line. Drop CRs and the
trailing newline. Can return early on buffer full. Null-terminate.
}
if (!ok)
{
- DEBUG(D_acl) debug_printf_indent("Malware scan: read %s (%s)\n",
+ DEBUG(D_acl)
+ {
+ debug_printf_indent("Malware scan: read %s (%s)\n",
rcv==0 ? "EOF" : "error", strerror(errno));
+ debug_print_socket(fd);
+ }
return rcv==0 ? -1 : -2;
}
*p = '\0';
}
/* return TRUE iff size as requested */
+#ifndef DISABLE_MAL_DRWEB
static BOOL
recv_len(int sock, void * buf, int size, time_t tmo)
{
? recv(sock, buf, size, 0) == size
: FALSE;
}
+#endif
switch(scanent->conn)
{
case MC_TCP:
- malware_daemon_ctx.sock = ip_tcpsocket(scanner_options, &errstr, 5); break;
+ malware_daemon_ctx.sock = ip_tcpsocket(scanner_options, &errstr, 5, NULL); break;
case MC_UNIX:
malware_daemon_ctx.sock = ip_unixsocket(scanner_options, &errstr); break;
case MC_STRM:
- malware_daemon_ctx.sock = ip_streamsocket(scanner_options, &errstr, 5); break;
+ malware_daemon_ctx.sock = ip_streamsocket(scanner_options, &errstr, 5, NULL); break;
default:
/* compiler quietening */ break;
}
if (*scanner_options != '/')
{
/* calc file size */
- if ((drweb_fd = open(CCS eml_filename, O_RDONLY)) == -1)
+ if ((drweb_fd = exim_open2(CCS eml_filename, O_RDONLY)) == -1)
return m_panic_defer_3(scanent, NULL,
string_sprintf("can't open spool file %s: %s",
eml_filename, strerror(errno)),
malware_daemon_ctx.sock);
}
- if (!(drweb_fbuf = US malloc(fsize_uint)))
+ if (!(drweb_fbuf = store_malloc(fsize_uint)))
{
(void)close(drweb_fd);
return m_panic_defer_3(scanent, NULL,
{
int err = errno;
(void)close(drweb_fd);
- free(drweb_fbuf);
+ store_free(drweb_fbuf);
return m_panic_defer_3(scanent, NULL,
string_sprintf("can't read spool file %s: %s",
eml_filename, strerror(err)),
/* send file body to socket */
if (send(malware_daemon_ctx.sock, drweb_fbuf, fsize, 0) < 0)
{
- free(drweb_fbuf);
+ store_free(drweb_fbuf);
return m_panic_defer_3(scanent, CUS callout_address, string_sprintf(
"unable to send file body to socket (%s)", scanner_options),
malware_daemon_ctx.sock);
}
+ store_free(drweb_fbuf);
}
else
{
return m_panic_defer_3(scanent, CUS callout_address,
US"cannot read report size", malware_daemon_ctx.sock);
drweb_slen = ntohl(drweb_slen);
- tmpbuf = store_get(drweb_slen);
+
+ /* assume tainted, since it is external input */
+ tmpbuf = store_get(drweb_slen, TRUE);
/* read report body */
if (!recv_len(malware_daemon_ctx.sock, tmpbuf, drweb_slen, tmo))
malware_name = US"unknown";
/* re-open the scanner output file, look for name match */
- scanner_record = fopen(CS file_name, "rb");
- while (fgets(CS linebuffer, sizeof(linebuffer), scanner_record))
- {
- /* try match */
- if ((s = m_pcre_exec(cmdline_regex_re, linebuffer)))
+ scanner_record = Ufopen(file_name, "rb");
+ while (Ufgets(linebuffer, sizeof(linebuffer), scanner_record))
+ if ((s = m_pcre_exec(cmdline_regex_re, linebuffer))) /* try match */
malware_name = s;
- }
(void)fclose(scanner_record);
}
else /* no virus found */
/* Local file; so we def want to use_scan_command and don't want to try
* passing IP/port combinations */
use_scan_command = TRUE;
- cd = (clamd_address *) store_get(sizeof(clamd_address));
+ cd = (clamd_address *) store_get(sizeof(clamd_address), FALSE);
/* extract socket-path part */
sublist = scanner_options;
continue;
}
- cd = (clamd_address *) store_get(sizeof(clamd_address));
+ cd = (clamd_address *) store_get(sizeof(clamd_address), FALSE);
/* extract host and port part */
sublist = scanner_options;
malware_daemon_ctx.sock);
/* calc file size */
- if ((clam_fd = open(CS eml_filename, O_RDONLY)) < 0)
+ if ((clam_fd = exim_open2(CS eml_filename, O_RDONLY)) < 0)
{
int err = errno;
return m_panic_defer_3(scanent, NULL,
if (lseek(clam_fd, 0, SEEK_SET) < 0)
goto b_seek;
- if (!(clamav_fbuf = US malloc(fsize_uint)))
+ if (!(clamav_fbuf = store_malloc(fsize_uint)))
{
(void)close(clam_fd);
return m_panic_defer_3(scanent, NULL,
if ((result = read(clam_fd, clamav_fbuf, fsize_uint)) < 0)
{
int err = errno;
- free(clamav_fbuf); (void)close(clam_fd);
+ store_free(clamav_fbuf); (void)close(clam_fd);
return m_panic_defer_3(scanent, NULL,
string_sprintf("can't read spool file %s: %s",
eml_filename, strerror(err)),
(send(malware_daemon_ctx.sock, clamav_fbuf, fsize_uint, 0) < 0) ||
(send(malware_daemon_ctx.sock, &send_final_zeroblock, sizeof(send_final_zeroblock), 0) < 0))
{
- free(clamav_fbuf);
+ store_free(clamav_fbuf);
return m_panic_defer_3(scanent, NULL,
string_sprintf("unable to send file body to socket (%s)", hostname),
malware_daemon_ctx.sock);
}
-
- free(clamav_fbuf);
+ store_free(clamav_fbuf);
}
else
{ /* use scan command */
}
-void
-malware_show_supported(FILE * f)
+gstring *
+malware_show_supported(gstring * g)
{
-fprintf(f, "Malware:");
-for (struct scan * sc = m_scans; sc->scancode != (scanner_t)-1; sc++) fprintf(f, " %s", sc->name);
-fprintf(f, "\n");
+g = string_cat(g, US"Malware:");
+for (struct scan * sc = m_scans; sc->scancode != (scanner_t)-1; sc++)
+ g = string_fmt_append(g, " %s", sc->name);
+return string_cat(g, US"\n");
}