[Mimedefang] [PATCH] clamav does not filter all zipfiles/rarfiles
Martin Blapp
mb at imp.ch
Thu May 12 19:41:04 EDT 2005
Ok, I think this patch is more correct:
--- mimedefang.pl.in.orig Fri May 13 01:37:52 2005
+++ mimedefang.pl.in Fri May 13 01:37:01 2005
@@ -3714,7 +3714,7 @@
# Run clamscan
my($code, $category, $action) =
- run_virus_scanner($Features{'Virus:CLAMAV'} . " --mbox --stdout --disable-summary --infected $path 2>&1");
+ run_virus_scanner($Features{'Virus:CLAMAV'} . " --unzip --unrar --mbox --stdout --disable-summary --infected $path 2>&1");
if ($action ne 'proceed') {
return (wantarray ? ($code, $category, $action) : $code);
}
@@ -3738,7 +3738,7 @@
# Run clamscan
my($code, $category, $action) =
- run_virus_scanner($Features{'Virus:CLAMAV'} . " -r --mbox --stdout --disable-summary --infected ./Work 2>&1");
+ run_virus_scanner($Features{'Virus:CLAMAV'} . " -r --unzip --unrar --mbox --stdout --disable-summary --infected ./Work 2>&1");
if ($action ne 'proceed') {
return (wantarray ? ($code, $category, $action) : $code);
}
@@ -4455,8 +4455,17 @@
$VirusName = $1;
return (wantarray ? (1, 'virus', 'quarantine') : 1);
} elsif ($output =~ /^(.+) ERROR$/) {
- md_syslog('err', "$MsgID: Clamd returned error: $1");
- return (wantarray ? (999, 'swerr', 'tempfail') : 1);
+ if ($Features{'Virus:CLAMAV'} && $1 =~ /(?:RAR module failure|Input\/Output error|Zip module failure)/) {
+ my($code, $category, $action) = run_virus_scanner($Features{'Virus:CLAMAV'} .
+ " --unzip --unrar --mbox --stdout --disable-summary --infected $path 2>&1");
+ if ($action ne 'proceed') {
+ return (wantarray ? ($code, $category, $action) : $code);
+ }
+ return (wantarray ? interpret_clamav_code($code) : $code);
+ } else {
+ md_syslog('err', "$MsgID: Clamd returned error: $1");
+ return (wantarray ? (999, 'swerr', 'tempfail') : 1);
+ }
}
return (wantarray ? (0, 'ok', 'ok') : 0);
}
@@ -4539,11 +4548,19 @@
$VirusName = $1;
return (wantarray ? (1, 'virus', 'quarantine') : 1);
} elsif ($output =~ /^(.+) ERROR$/) {
- md_syslog('err', "$MsgID: Clamd returned error: $1");
- return (wantarray ? (999, 'swerr', 'tempfail') : 1);
- }
- }
- else {
+ if ($Features{'Virus:CLAMAV'} && $1 =~ /(?:RAR module failure|Input\/Output error|Zip module failure)/) {
+ my($code, $category, $action) =
+ run_virus_scanner($Features{'Virus:CLAMAV'} . " -r --unzip --unrar --mbox --stdout --disable-summary --infected ./Work 2>&1");
+ if ($action ne 'proceed') {
+ return (wantarray ? ($code, $category, $action) : $code);
+ }
+ return (wantarray ? interpret_clamav_code($code) : $code);
+ } else {
+ md_syslog('err', "$MsgID: Clamd returned error: $1");
+ return (wantarray ? (999, 'swerr', 'tempfail') : 1);
+ }
+ }
+ } else {
# Could not connect to daemon
md_syslog('err', "$MsgID: Could not connect to clamd daemon at $clamd_sock");
return (wantarray ? (999, 'cannot-execute', 'tempfail') : 999);
Martin Blapp, <mb at imp.ch> <mbr at FreeBSD.org>
------------------------------------------------------------------
ImproWare AG, UNIXSP & ISP, Zurlindenstrasse 29, 4133 Pratteln, CH
Phone: +41 61 826 93 00 Fax: +41 61 826 93 01
PGP: <finger -l mbr at freebsd.org>
PGP Fingerprint: B434 53FC C87C FE7B 0A18 B84C 8686 EF22 D300 551E
------------------------------------------------------------------
More information about the MIMEDefang
mailing list