Fix conversation closedown with the Avast malware scanner. Bug 2113

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 8112d4b07e83640cafd8fbfe042a272bfb733166..b99b8187bd007a113216b085e9beb7f28621714d 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -89,6 +89,11 @@ PP/01 Fix broken Heimdal GSSAPI authenticator integration.
       Broken in f2ed27cf5, missing an equals sign for specified-initialisers.
       Broken also in d185889f4, with init system revamp.
 
+JH/17 Bug 2113: Fix conversation closedown with the Avast malware scanner.
+      Previously we abruptly closed the connection after reading a malware-
+      found indication; now we go on to read the "scan ok" response line,
+      and send a quit.
+
 
 Exim version 4.90
 -----------------

diff --git a/src/src/malware.c b/src/src/malware.c
index c18cd95be93e173a93cfdb60d9d920c24a86c06d..e74ba983004f179aaa1b6ea23b1ac4acdb174564 100644 (file)
--- a/src/src/malware.c
+++ b/src/src/malware.c
@@ -1968,15 +1968,17 @@ b_seek:   err = errno;
                    0, 0, ovector, nelem(ovector)) > 0)
                break;
 
-             if ((malware_name = m_pcre_exec(ava_re_virus, buf)))
+             if (  !malware_name
+                && (malware_name = m_pcre_exec(ava_re_virus, buf)))
                { /* remove backslash in front of [whitespace|backslash] */
                uschar * p, * p0;
                for (p = malware_name; *p; ++p)
                  if (*p == '\\' && (isspace(p[1]) || p[1] == '\\'))
                    for (p0 = p; *p0; ++p0) *p0 = p0[1];
 
-               avast_stage = AVA_DONE;
-               goto endloop;
+               DEBUG(D_acl)
+                 debug_printf_indent("unescaped m-name: '%s'\n", malware_name);
+               break;
                }
 
              if (Ustrncmp(buf, "200 SCAN OK", 11) == 0)
@@ -1987,15 +1989,14 @@ b_seek:   err = errno;
                              "unable to send quit request to socket (%s): %s",
                              scanner_options, strerror(errno)),
                              sock);
-               malware_name = NULL;
+
                avast_stage = AVA_DONE;
-               goto endloop;
                }
 
-             /* here for any unexpected response from the scanner */
+             /* here also for any unexpected response from the scanner */
              goto endloop;
 
-           case AVA_DONE:      log_write(0, LOG_PANIC, "%s:%d:%s: should not happen",
+           default:    log_write(0, LOG_PANIC, "%s:%d:%s: should not happen",
                            __FILE__, __LINE__, __FUNCTION__);
            }
          }

diff --git a/test/scripts/4007_scan_avast/4007 b/test/scripts/4007_scan_avast/4007
index a58188c952eded18d7ce6e77ee79e37045bc5f64..0611f2a96782a3b691b066fe9df425ae467316cc 100644 (file)
--- a/test/scripts/4007_scan_avast/4007
+++ b/test/scripts/4007_scan_avast/4007
@@ -10,7 +10,7 @@ server DIR/eximdir/avast_sock
 >LF>blah       [+]
 >LF>200 SCAN OK
 <QUIT
-<*eof
+*eof
 ****
 #
 #
@@ -36,7 +36,7 @@ server DIR/eximdir/avast_sock
 >LF>blah       [E]
 >LF>200 SCAN OK
 <QUIT
-<*eof
+*eof
 ****
 #
 #
@@ -62,7 +62,7 @@ server DIR/eximdir/avast_sock
 >LF>b\\ l\\ a\\ h      [L]9.9  9 VNAME
 >LF>200 SCAN OK
 <QUIT
-<*eof
+*eof
 ****
 #
 #

diff --git a/test/stdout/4007 b/test/stdout/4007
index 19e0f305b1c027c411a5b530040157ca75dba281..603de152181b9bcb95258f00463ea8f8f5a640a1 100644 (file)
--- a/test/stdout/4007
+++ b/test/stdout/4007
@@ -66,7 +66,7 @@ Connection request
 >LF>blah\x09[+]
 >LF>200 SCAN OK
 <QUIT
-Unexpected EOF read from client
+Expected EOF read from client
 End of script
 Listening on TESTSUITE/eximdir/avast_sock ... 
 Connection request
@@ -83,7 +83,9 @@ Connection request
 >LF>210 SCAN DATA
 >LF>b\\ l\\ a\\ h\x09[L]9.9\x099 VNAME
 >LF>200 SCAN OK
-Unexpected EOF read from client
+<QUIT
+Expected EOF read from client
+End of script
 Listening on TESTSUITE/eximdir/avast_sock ... 
 Connection request
 *sleep 3