open-dsi
/
clamav
mirror of https://github.com/Cisco-Talos/clamav
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

config

Browse Source 
git-svn-id: file:///var/lib/svn/clamav-devel/branches/newlimits@3592 77e5149b-7576-45b1-b177-96237e5ba77b
remotes/push_mirror/metadata
aCaB 18 years ago
parent d91ab809a2
commit 281c7642fb
6 changed files with 69 additions and 60 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 39
      clamd/server-th.c
  2. 26
      clamscan/clamscan.c
  3. 3
      clamscan/clamscan_opt.h
  4. 24
      clamscan/manager.c
  5. 27
      etc/clamd.conf
  6. 10
      shared/cfgparser.c

39
clamd/server-th.c
Unescape View File

@ -309,27 +309,36 @@ int acceptloop_th(int *socketds, int nsockets, struct cl_engine *engine, unsigne
logg("*Listening daemon: PID: %u\n", (unsigned int) mainpid);
max_threads = cfgopt(copt, "MaxThreads")->numarg;
if(cfgopt(copt, "ScanArchive")->enabled) {
if(cfgopt(copt, "ScanArchive")->enabled) { /* FIXMELIMITS: unparsed if archives disabled! */
/* set up limits */
memset(&limits, 0, sizeof(struct cl_limits));
if((limits.maxfilesize = cfgopt(copt, "ArchiveMaxFileSize")->numarg)) {
logg("Archive: Archived file size limit set to %lu bytes.\n", limits.maxfilesize);
logg("Archive support enabled.\n");
options |= CL_SCAN_ARCHIVE;
if((limits.maxfilesize = cfgopt(copt, "MaxScanSize")->numarg)) {
logg("Limits: Global size limit set to %lu bytes.\n", limits.maxscansize);
} else {
logg("^Limits: Global size limit protection disabled.\n");
}
if((limits.maxfilesize = cfgopt(copt, "MaxFileSize")->numarg)) {
logg("Limits: File size limit set to %lu bytes.\n", limits.maxfilesize);
} else {
logg("^Archive: File size limit protection disabled.\n");
logg("^Limits: File size limit protection disabled.\n");
}
if((limits.maxreclevel = cfgopt(copt, "ArchiveMaxRecursion")->numarg)) {
logg("Archive: Recursion level limit set to %u.\n", limits.maxreclevel);
if((limits.maxreclevel = cfgopt(copt, "MaxRecursion")->numarg)) {
logg("Limits: Recursion level limit set to %u.\n", limits.maxreclevel);
} else {
logg("^Archive: Recursion level limit protection disabled.\n");
logg("^Limits: Recursion level limit protection disabled.\n");
}
if((limits.maxfiles = cfgopt(copt, "ArchiveMaxFiles")->numarg)) {
logg("Archive: Files limit set to %u.\n", limits.maxfiles);
if((limits.maxfiles = cfgopt(copt, "MaxFiles")->numarg)) {
logg("Limits: Files limit set to %u.\n", limits.maxfiles);
} else {
logg("^Archive: Files limit protection disabled.\n");
logg("^Limits: Files limit protection disabled.\n");
}
if(cfgopt(copt, "ArchiveLimitMemoryUsage")->enabled) {
@ -338,22 +347,12 @@ int acceptloop_th(int *socketds, int nsockets, struct cl_engine *engine, unsigne
} else {
limits.archivememlim = 0;
}
}
if(cfgopt(copt, "ScanArchive")->enabled) {
logg("Archive support enabled.\n");
options |= CL_SCAN_ARCHIVE;
if(cfgopt(copt, "ArchiveBlockEncrypted")->enabled) {
logg("Archive: Blocking encrypted archives.\n");
options |= CL_SCAN_BLOCKENCRYPTED;
}
if(cfgopt(copt, "ArchiveBlockMax")->enabled) {
logg("Archive: Blocking archives that exceed limits.\n");
options |= CL_SCAN_BLOCKMAX;
}
} else {
logg("Archive support disabled.\n");
}

26
clamscan/clamscan.c
Unescape View File

@ -144,11 +144,22 @@ int main(int argc, char **argv)
/* validate some numerical options */
if(opt_check(opt, "max-space")) {
pt = opt_arg(opt, "max-space");
if(opt_check(opt, "max-scansize")) {
pt = opt_arg(opt, "max-scansize");
if(!strchr(pt, 'M') && !strchr(pt, 'm')) {
if(!isnumb(pt)) {
logg("!--max-space requires a natural number\n");
logg("!--max-scansize requires a natural number\n");
opt_free(opt);
return 40;
}
}
}
if(opt_check(opt, "max-filesize")) {
pt = opt_arg(opt, "max-filesize");
if(!strchr(pt, 'M') && !strchr(pt, 'm')) {
if(!isnumb(pt)) {
logg("!--max-filesize requires a natural number\n");
opt_free(opt);
return 40;
}
@ -311,14 +322,11 @@ void help(void)
mprintf(" --block-max Block archives that exceed limits\n");
mprintf(" --mail-follow-urls Download and scan URLs\n");
mprintf("\n");
mprintf(" --max-space=#n Only extract first #n kilobytes from\n");
mprintf(" archived files\n");
mprintf(" --max-files=#n Only extract first #n files from\n");
mprintf(" archives\n");
mprintf(" --max-ratio=#n Maximum compression ratio limit\n");
mprintf(" --max-scansize=#n FIXMELIMITS\n");
mprintf(" --max-filesize=#n FIXMELIMITS\n");
mprintf(" --max-files=#n FIXMELIMITS\n");
mprintf(" --max-recursion=#n Maximum archive recursion level\n");
mprintf(" --max-dir-recursion=#n Maximum directory recursion level\n");
mprintf(" --max-mail-recursion=#n Maximum mail recursion level\n");
mprintf(" --unzip[=FULLPATH] Enable support for .zip files\n");
mprintf(" --unrar[=FULLPATH] Enable support for .rar files\n");
mprintf(" --arj[=FULLPATH] Enable support for .arj files\n");

3
clamscan/clamscan_opt.h
Unescape View File

@ -54,7 +54,8 @@ static struct option clamscan_longopt[] = {
{"include", 1, 0, 0},
{"include-dir", 1, 0, 0},
{"max-files", 1, 0, 0},
{"max-space", 1, 0, 0},
{"max-filesize", 1, 0, 0},
{"max-scansize", 1, 0, 0},
{"max-recursion", 1, 0, 0},
{"max-dir-recursion", 1, 0, 0},
{"detect-pua", 0, 0, 0},

24
clamscan/manager.c
Unescape View File

@ -220,9 +220,22 @@ int scanmanager(const struct optstruct *opt)
/* set limits */
memset(&limits, 0, sizeof(struct cl_limits));
if(opt_check(opt, "max-space")) {
if(opt_check(opt, "max-scansize")) {
char *cpy, *ptr;
ptr = opt_arg(opt, "max-space");
ptr = opt_arg(opt, "max-scansize");
if(tolower(ptr[strlen(ptr) - 1]) == 'm') {
cpy = calloc(strlen(ptr), 1);
strncpy(cpy, ptr, strlen(ptr) - 1);
limits.maxfilesize = atoi(cpy) * 1024 * 1024;
free(cpy);
} else
limits.maxscansize = atoi(ptr) * 1024;
} else
limits.maxscansize = 104857600; /* FIXMELIMITS */
if(opt_check(opt, "max-filesize")) {
char *cpy, *ptr;
ptr = opt_arg(opt, "max-filesize");
if(tolower(ptr[strlen(ptr) - 1]) == 'm') {
cpy = calloc(strlen(ptr), 1);
strncpy(cpy, ptr, strlen(ptr) - 1);
@ -231,7 +244,7 @@ int scanmanager(const struct optstruct *opt)
} else
limits.maxfilesize = atoi(ptr) * 1024;
} else
limits.maxfilesize = 10485760;
limits.maxfilesize = 10485760; /* FIXMELIMITS */
if(opt_check(opt, "max-files"))
limits.maxfiles = atoi(opt_arg(opt, "max-files"));
@ -412,9 +425,10 @@ static int clamav_unpack(const char *prog, const char **args, const char *tmpdir
else
maxfiles = 0;
if(opt_check(opt, "max-space")) {
/* FIXMELIMITS */
if(opt_check(opt, "max-filesize")) {
char *cpy, *ptr;
ptr = opt_arg(opt, "max-space");
ptr = opt_arg(opt, "max-filesize");
if(tolower(ptr[strlen(ptr) - 1]) == 'm') { /* megabytes */
cpy = calloc(strlen(ptr), 1);
strncpy(cpy, ptr, strlen(ptr) - 1);

27
etc/clamd.conf
Unescape View File

@ -224,10 +224,6 @@ LocalSocket /tmp/clamd.socket
# Default: no
#MailFollowURLs no
# Recursion level limit for the mail scanner.
# Default: 64
#MailMaxRecursion 128
# With this option enabled ClamAV will try to detect phishing attempts by using
# signatures.
# Default: yes
@ -270,28 +266,27 @@ LocalSocket /tmp/clamd.socket
# The options below protect your system against Denial of Service attacks
# using archive bombs.
# FIXMELIMITS
# Value of 0 disables the limit.
# Default: FIXMELIMITS
#MaxScanSize 15M
# Files in archives larger than this limit won't be scanned.
# Value of 0 disables the limit.
# Default: 10M
#ArchiveMaxFileSize 15M
#MaxFileSize 15M
# Nested archives are scanned recursively, e.g. if a Zip archive contains a RAR
# file, all files within it will also be scanned. This options specifies how
# deeply the process should be continued.
# Value of 0 disables the limit.
# Default: 8
#ArchiveMaxRecursion 10
#MaxRecursion 10
# Number of files to be scanned within an archive.
# Value of 0 disables the limit.
# Default: 1000
#ArchiveMaxFiles 1500
# If a file in an archive is compressed more than ArchiveMaxCompressionRatio
# times it will be marked as a virus (Oversized.ArchiveType, e.g. Oversized.Zip)
# Value of 0 disables the limit.
# Default: 250
#ArchiveMaxCompressionRatio 300
#MaxFiles 1500
# Use slower but memory efficient decompression algorithm.
# only affects the bzip2 decompressor.
@ -302,12 +297,6 @@ LocalSocket /tmp/clamd.socket
# Default: no
#ArchiveBlockEncrypted no
# Mark archives as viruses (e.g. RAR.ExceededFileSize, Zip.ExceededFilesLimit)
# if ArchiveMaxFiles, ArchiveMaxFileSize, or ArchiveMaxRecursion limit is
# reached.
# Default: no
#ArchiveBlockMax no
##
## Clamuko settings

10
shared/cfgparser.c
Unescape View File

@ -47,7 +47,6 @@ struct cfgoption cfg_options[] = {
{"DetectBrokenExecutables", OPT_BOOL, 0, NULL, 0, OPT_CLAMD},
{"ScanMail", OPT_BOOL, 1, NULL, 0, OPT_CLAMD},
{"MailFollowURLs", OPT_BOOL, 0, NULL, 0, OPT_CLAMD},
{"MailMaxRecursion", OPT_NUM, 64, NULL, 0, OPT_CLAMD},
{"PhishingSignatures", OPT_BOOL, 1, NULL, 0, OPT_CLAMD},
{"PhishingScanURLs",OPT_BOOL, 1, NULL, 0, OPT_CLAMD},
/* these are FP prone options, if default isn't used */
@ -61,13 +60,12 @@ struct cfgoption cfg_options[] = {
{"ScanOLE2", OPT_BOOL, 1, NULL, 0, OPT_CLAMD},
{"ScanPDF", OPT_BOOL, 0, NULL, 0, OPT_CLAMD},
{"ScanArchive", OPT_BOOL, 1, NULL, 0, OPT_CLAMD},
{"ArchiveMaxFileSize", OPT_COMPSIZE, 10485760, NULL, 0, OPT_CLAMD},
{"ArchiveMaxRecursion", OPT_NUM, 8, NULL, 0, OPT_CLAMD},
{"ArchiveMaxFiles", OPT_NUM, 1000, NULL, 0, OPT_CLAMD},
{"ArchiveMaxCompressionRatio", OPT_NUM, 250, NULL, 0, OPT_CLAMD},
{"MaxScanSize", OPT_COMPSIZE, 104857600, NULL, 0, OPT_CLAMD}, /* FIXMELIMITS */
{"MaxFileSize", OPT_COMPSIZE, 10485760, NULL, 0, OPT_CLAMD},
{"MaxRecursion", OPT_NUM, 8, NULL, 0, OPT_CLAMD},
{"MaxFiles", OPT_NUM, 1000, NULL, 0, OPT_CLAMD},
{"ArchiveLimitMemoryUsage", OPT_BOOL, 0, NULL, 0, OPT_CLAMD},
{"ArchiveBlockEncrypted", OPT_BOOL, 0, NULL, 0, OPT_CLAMD},
{"ArchiveBlockMax", OPT_BOOL, 0, NULL, 0, OPT_CLAMD},
{"DatabaseDirectory", OPT_QUOTESTR, -1, DATADIR, 0, OPT_CLAMD | OPT_FRESHCLAM},
{"TCPAddr", OPT_QUOTESTR, -1, NULL, 0, OPT_CLAMD},
{"TCPSocket", OPT_NUM, -1, NULL, 0, OPT_CLAMD},

Write Preview
Loading…
Cancel
Save