-/* $Cambridge: exim/src/src/malware.c,v 1.10 2005/06/27 14:29:43 ph10 Exp $ */
+/* $Cambridge: exim/src/src/malware.c,v 1.15 2006/07/06 14:19:50 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
#define SHUT_WR 1
#endif
+
+#define MALWARE_TIMEOUT 120
+
+
#define DRWEBD_SCAN_CMD (1) /* scan file, buffer or diskfile */
#define DRWEBD_RETURN_VIRUSES (1<<0) /* ask daemon return to us viruses names from report */
#define DRWEBD_IS_MAIL (1<<19) /* say to daemon that format is "archive MAIL" */
/* prepare variables */
drweb_cmd = htonl(DRWEBD_SCAN_CMD);
drweb_flags = htonl(DRWEBD_RETURN_VIRUSES | DRWEBD_IS_MAIL);
- snprintf(CS scanrequest, 1024,CS"%s/scan/%s/%s.eml",
+ (void)string_format(scanrequest, 1024,CS"%s/scan/%s/%s.eml",
spool_directory, message_id, message_id);
/* calc file size */
/* prepare variables */
drweb_cmd = htonl(DRWEBD_SCAN_CMD);
drweb_flags = htonl(DRWEBD_RETURN_VIRUSES | DRWEBD_IS_MAIL);
- snprintf(CS scanrequest, 1024,CS"%s/scan/%s/%s.eml", spool_directory, message_id, message_id);
+ (void)string_format(scanrequest, 1024,CS"%s/scan/%s/%s.eml", spool_directory, message_id, message_id);
drweb_slen = htonl(Ustrlen(scanrequest));
/* send scan request */
};
/* prepare our command */
- snprintf(CS buf, 32768, "SCAN bPQRSTUW %s/scan/%s/%s.eml\r\n", spool_directory, message_id, message_id);
+ (void)string_format(buf, 32768, "SCAN bPQRSTUW %s/scan/%s/%s.eml\r\n", spool_directory, message_id, message_id);
/* and send it */
if (send(sock, buf, Ustrlen(buf), 0) < 0) {
}
/* prepare our command */
- snprintf(CS buf, 32768, "quit\r\n");
+ (void)string_format(buf, 32768, "quit\r\n");
/* and send it */
if (send(sock, buf, Ustrlen(buf), 0) < 0) {
return DEFER;
};
- bread = read(sock, av_buffer, sizeof(av_buffer));
+ bread = ip_recv(sock, av_buffer, sizeof(av_buffer), MALWARE_TIMEOUT);
if (bread >0) av_buffer[bread]='\0';
if (bread < 0) {
(void)close(sock);
};
/* pass the mailfile to fsecure */
- snprintf(CS file_name,1024,"SCAN\t%s/scan/%s/%s.eml\n", spool_directory, message_id, message_id);
+ (void)string_format(file_name,1024,"SCAN\t%s/scan/%s/%s.eml\n", spool_directory, message_id, message_id);
/* debug_printf("send scan %s",file_name); */
if (write(sock, file_name, Ustrlen(file_name)) < 0) {
(void)close(sock);
i = 0;
memset(av_buffer, 0, sizeof(av_buffer));
do {
- bread=read(sock, &av_buffer[i], 1);
+ bread=ip_recv(sock, &av_buffer[i], 1, MALWARE_TIMEOUT);
if (bread < 0) {
(void)close(sock);
log_write(0, LOG_MAIN|LOG_PANIC,
/* get current date and time, build scan request */
time(&t);
strftime(CS tmpbuf, sizeof(tmpbuf), "<0>%d %b %H:%M:%S:%%s/scan/%%s", localtime(&t));
- snprintf(CS scanrequest, 1024,CS tmpbuf, spool_directory, message_id);
+ (void)string_format(scanrequest, 1024,CS tmpbuf, spool_directory, message_id);
/* send scan request */
if (send(sock, scanrequest, Ustrlen(scanrequest)+1, 0) < 0) {
};
/* prepare scanner call */
- snprintf(CS file_name,1024,"%s/scan/%s", spool_directory, message_id);
- snprintf(CS commandline,1024, CS cmdline_scanner,file_name);
+ (void)string_format(file_name,1024,"%s/scan/%s", spool_directory, message_id);
+ (void)string_format(commandline,1024, CS cmdline_scanner,file_name);
/* redirect STDERR too */
Ustrcat(commandline," 2>&1");
return DEFER;
};
- snprintf(CS file_name,1024,"%s/scan/%s/%s_scanner_output", spool_directory, message_id, message_id);
- scanner_record = fopen(CS file_name,"w");
+ (void)string_format(file_name,1024,"%s/scan/%s/%s_scanner_output", spool_directory, message_id, message_id);
+ scanner_record = modefopen(file_name,"wb",SPOOL_MODE);
if (scanner_record == NULL) {
log_write(0, LOG_MAIN|LOG_PANIC,
malware_name = malware_name_buffer;
/* re-open the scanner output file, look for name match */
- scanner_record = fopen(CS file_name,"r");
+ scanner_record = fopen(CS file_name,"rb");
while(fgets(CS linebuffer,32767,scanner_record) != NULL) {
/* try match */
result = pcre_exec(cmdline_regex_re, NULL, CS linebuffer, Ustrlen(linebuffer), 0, 0, ovector, 30);
}
/* pass the scan directory to sophie */
- snprintf(CS file_name,1024,"%s/scan/%s", spool_directory, message_id);
+ (void)string_format(file_name,1024,"%s/scan/%s", spool_directory, message_id);
if (write(sock, file_name, Ustrlen(file_name)) < 0) {
(void)close(sock);
log_write(0, LOG_MAIN|LOG_PANIC,
/* wait for result */
memset(av_buffer, 0, sizeof(av_buffer));
- if ((!(bread = read(sock, av_buffer, sizeof(av_buffer))) > 0)) {
+ if ((!(bread = ip_recv(sock, av_buffer, sizeof(av_buffer), MALWARE_TIMEOUT)) > 0)) {
(void)close(sock);
log_write(0, LOG_MAIN|LOG_PANIC,
"malware acl condition: unable to read from sophie UNIX socket (%s)", sophie_options);
/* Pass the string to ClamAV (7 = "SCAN \n" + \0) */
- snprintf(CS file_name,1024,"SCAN %s/scan/%s\n", spool_directory, message_id);
+ (void)string_format(file_name,1024,"SCAN %s/scan/%s\n", spool_directory, message_id);
if (send(sock, file_name, Ustrlen(file_name), 0) < 0) {
(void)close(sock);
return DEFER;
}
memset(av_buffer2, 0, sizeof(av_buffer2));
- bread = read(sock, av_buffer2, sizeof(av_buffer2));
+ bread = ip_recv(sock, av_buffer2, sizeof(av_buffer2), MALWARE_TIMEOUT);
if (bread < 0) {
log_write(0, LOG_MAIN|LOG_PANIC,
return DEFER;
}
- snprintf(CS scanrequest, 1024,CS"%s/scan/%s/%s.eml",
+ (void)string_format(scanrequest, 1024,CS"%s/scan/%s/%s.eml",
spool_directory, message_id, message_id);
/* calc file size */
/* Pass the string to ClamAV (7 = "SCAN \n" + \0) */
- snprintf(CS file_name,1024,"SCAN %s/scan/%s\n", spool_directory, message_id);
+ (void)string_format(file_name,1024,"SCAN %s/scan/%s\n", spool_directory, message_id);
if (send(sock, file_name, Ustrlen(file_name), 0) < 0) {
(void)close(sock);
/* Read the result */
memset(av_buffer, 0, sizeof(av_buffer));
- bread = read(sock, av_buffer, sizeof(av_buffer));
+ bread = ip_recv(sock, av_buffer, sizeof(av_buffer), MALWARE_TIMEOUT);
(void)close(sock);
if (!(bread > 0)) {
return DEFER;
}
+ /* strip newline at the end */
+ p = av_buffer + Ustrlen(av_buffer) - 1;
+ if( *p == '\n' ) *p = '\0';
+
/* colon in returned output? */
if((p = Ustrrchr(av_buffer,':')) == NULL) {
log_write(0, LOG_MAIN|LOG_PANIC,
return DEFER;
}
- /* strip filename strip CR at the end */
+ /* strip filename */
++p;
while (*p == ' ') ++p;
vname = p;
- p = vname + Ustrlen(vname) - 1;
- if( *p == '\n' ) *p = '\0';
-
if ((p = Ustrstr(vname, "FOUND"))!=NULL) {
*p=0;
for (--p;p>vname && *p<=32;p--) *p=0;