[Mimedefang] [PATCH] clamav does not filter all zipfiles/rarfiles

Thu May 12 19:41:04 EDT 2005

Ok, I think this patch is more correct:

--- mimedefang.pl.in.orig	Fri May 13 01:37:52 2005
+++ mimedefang.pl.in		Fri May 13 01:37:01 2005
@@ -3714,7 +3714,7 @@

      # Run clamscan
      my($code, $category, $action) =
-	run_virus_scanner($Features{'Virus:CLAMAV'} . " --mbox --stdout --disable-summary --infected $path 2>&1");
+	run_virus_scanner($Features{'Virus:CLAMAV'} . " --unzip --unrar --mbox --stdout --disable-summary --infected $path 2>&1");
      if ($action ne 'proceed') {
  	return (wantarray ? ($code, $category, $action) : $code);
      }
@@ -3738,7 +3738,7 @@

      # Run clamscan
      my($code, $category, $action) =
-	run_virus_scanner($Features{'Virus:CLAMAV'} . " -r --mbox --stdout --disable-summary --infected ./Work 2>&1");
+	run_virus_scanner($Features{'Virus:CLAMAV'} . " -r --unzip --unrar --mbox --stdout --disable-summary --infected ./Work 2>&1");
      if ($action ne 'proceed') {
  	return (wantarray ? ($code, $category, $action) : $code);
      }
@@ -4455,8 +4455,17 @@
  	    $VirusName = $1;
  	    return (wantarray ? (1, 'virus', 'quarantine') : 1);
  	} elsif ($output =~ /^(.+) ERROR$/) {
-	    md_syslog('err', "$MsgID: Clamd returned error: $1");
-	    return (wantarray ? (999, 'swerr', 'tempfail') : 1);
+            if ($Features{'Virus:CLAMAV'} && $1 =~ /(?:RAR module failure|Input\/Output error|Zip module failure)/) {
+    		my($code, $category, $action) = run_virus_scanner($Features{'Virus:CLAMAV'} .
+		    " --unzip --unrar --mbox --stdout --disable-summary --infected $path 2>&1");
+		if ($action ne 'proceed') {
+			return (wantarray ? ($code, $category, $action) : $code);
+	        }
+		return (wantarray ? interpret_clamav_code($code) : $code);
+	    } else {
+			md_syslog('err', "$MsgID: Clamd returned error: $1");
+			return (wantarray ? (999, 'swerr', 'tempfail') : 1);
+	    }
  	}
  	return (wantarray ? (0, 'ok', 'ok') : 0);
      }
@@ -4539,11 +4548,19 @@
  	    $VirusName = $1;
  	    return (wantarray ? (1, 'virus', 'quarantine') : 1);
  	} elsif ($output =~ /^(.+) ERROR$/) {
-	    md_syslog('err', "$MsgID: Clamd returned error: $1");
-	    return (wantarray ? (999, 'swerr', 'tempfail') : 1);
-	}
-    }
-    else {
+           if ($Features{'Virus:CLAMAV'} && $1 =~ /(?:RAR module failure|Input\/Output error|Zip module failure)/) {
+		my($code, $category, $action) =
+		run_virus_scanner($Features{'Virus:CLAMAV'} . " -r --unzip --unrar --mbox --stdout --disable-summary --infected ./Work 2>&1");
+    		if ($action ne 'proceed') {
+			return (wantarray ? ($code, $category, $action) : $code);
+		}
+		return (wantarray ? interpret_clamav_code($code) : $code);
+	    } else {
+			md_syslog('err', "$MsgID: Clamd returned error: $1");
+			return (wantarray ? (999, 'swerr', 'tempfail') : 1);
+	    }
+        }
+    } else {
  	# Could not connect to daemon
  	md_syslog('err', "$MsgID: Could not connect to clamd daemon at $clamd_sock");
  	return (wantarray ? (999, 'cannot-execute', 'tempfail') : 999);

Martin Blapp, <mb at imp.ch> <mbr at FreeBSD.org>
------------------------------------------------------------------
ImproWare AG, UNIXSP & ISP, Zurlindenstrasse 29, 4133 Pratteln, CH
Phone: +41 61 826 93 00 Fax: +41 61 826 93 01
PGP: <finger -l mbr at freebsd.org>
PGP Fingerprint: B434 53FC C87C FE7B 0A18 B84C 8686 EF22 D300 551E
------------------------------------------------------------------


