/* Copyright (c) Tom Kistner <tom@duncanthrax.net> 2003 - 2015
* License: GPL
- * Copyright (c) The Exim Maintainers 2015 - 2020
+ * Copyright (c) The Exim Maintainers 2015 - 2021
*/
/* Code for calling virus (malware) scanners. Called from acl.c. */
/* Under some fault conditions, FreeBSD 12.2 seen to send a (non-TFO) SYN
and, getting no response, wait for a long time. Impose a 5s max. */
if (fd >= 0)
- {
- struct timeval tv = {.tv_sec = 5};
- fd_set fds;
- FD_ZERO(&fds); FD_SET(fd, &fds); (void) select(fd+1, NULL, &fds, NULL, &tv);
- }
+ (void) poll_one_fd(fd, POLLOUT, 5 * 1000);
#endif
return fd;
}
{
uschar errbuf[128];
pcre2_get_error_message(err, errbuf, sizeof(errbuf));
- *errstr= string_sprintf("regular expression error in '%s': %s at offset %l",
+ *errstr= string_sprintf("regular expression error in '%s': %s at offset %ld",
re, errbuf, (long)roffset);
}
return cre;
drweb_slen = ntohl(drweb_slen);
/* assume tainted, since it is external input */
- tmpbuf = store_get(drweb_slen, TRUE);
+ tmpbuf = store_get(drweb_slen, GET_TAINTED);
/* read report body */
if (!recv_len(malware_daemon_ctx.sock, tmpbuf, drweb_slen, tmo))
uschar av_buffer[1024];
uschar *hostname = US"";
host_item connhost;
- int clam_fd, result;
+ int clam_fd;
unsigned int fsize_uint;
BOOL use_scan_command = FALSE;
clamd_address * cv[MAX_CLAMD_SERVERS];
int subsep = ' ';
/* Local file; so we def want to use_scan_command and don't want to try
- * passing IP/port combinations */
+ passing IP/port combinations */
use_scan_command = TRUE;
- cd = (clamd_address *) store_get(sizeof(clamd_address), FALSE);
+ cd = (clamd_address *) store_get(sizeof(clamd_address), GET_UNTAINTED);
/* extract socket-path part */
sublist = scanner_options;
continue;
}
- cd = (clamd_address *) store_get(sizeof(clamd_address), FALSE);
+ cd = (clamd_address *) store_get(sizeof(clamd_address), GET_UNTAINTED);
/* extract host and port part */
sublist = scanner_options;
if (!use_scan_command)
{ cmd_str.data = US"zINSTREAM"; cmd_str.len = 10; }
else
- cmd_str.data = string_sprintf("SCAN %s\n%n", eml_filename, &cmd_str.len);
+ {
+ int n;
+ cmd_str.data = string_sprintf("SCAN %s\n%n", eml_filename, &n);
+ cmd_str.len = n; /* .len is a size_t */
+ }
/* We have some network servers specified */
if (num_servers)
if (*p) ++p;
/* colon in returned output? */
- if(!(p = Ustrchr(av_buffer,':')))
+ if (!(p = Ustrchr(av_buffer,':')))
return m_panic_defer(scanent, CUS callout_address, string_sprintf(
"ClamAV returned malformed result (missing colon): %s",
av_buffer));