open-dsi
/
clamav
mirror of https://github.com/Cisco-Talos/clamav
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

clamonacc - fix fd leak when excluding file after self-check; cleanup signal handling and application exiting; fixup path for using unix fd passing with curl; normalize some log output; add suppression of noisy error cases when clamd lacks sufficient permissions to stat certain files"

Browse Source
pull/111/head
Mickey Sola 6 years ago committed by Micah Snyder
parent 7ad7211e1a
commit 7d83fa292d
8 changed files with 223 additions and 93 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 6
      clamonacc/clamonacc.h
  2. 126
      clamonacc/client/onaccess_client.c
  3. 25
      clamonacc/client/onaccess_proto.c
  4. 45
      clamonacc/fanotif/onaccess_fan.c
  5. 37
      clamonacc/inotif/onaccess_ddd.c
  6. 24
      clamonacc/scan/onaccess_scque.c
  7. 33
      clamonacc/scan/onaccess_scth.c
  8. 20
      clamonacc/scan/onaccess_scth.h

6
clamonacc/clamonacc.h
Unescape View File

@ -24,6 +24,12 @@
#include "libclamav/clamav.h"
#ifndef ONAS_DEBUG
#define ONAS_DEBUG
#endif
/* dev only switch for very noisy output */
#undef ONAS_DEBUG
#ifndef HAVE_ATTRIB_PACKED
#define __attribute__(x)
#endif

126
clamonacc/client/onaccess_client.c
Unescape View File

@ -23,8 +23,6 @@
#include "clamav-config.h"
#endif
//#define ONAS_DEBUG
#include <stdio.h>
#include <stdlib.h>
#include <curl/curl.h>
@ -169,64 +167,90 @@ CURLcode onas_curl_init(CURL **curl, const char *ipaddr, int64_t port, int64_t t
return CURLE_FAILED_INIT;
}
/* setup here, but caller needs to cleanup */
/* setup here, but caller needs to cleanup */
*curl = curl_easy_init();
curlcode = curl_easy_setopt(*curl, CURLOPT_PORT, port);
if (CURLE_OK != curlcode) {
logg("!ClamClient: could not setup curl with tcp port, %s\n", curl_easy_strerror(curlcode));
curl_easy_cleanup(*curl);
return curlcode;
}
if (!port) {
/* "ipaddr" is actually our unix socket path here */
curlcode = curl_easy_setopt(*curl, CURLOPT_UNIX_SOCKET_PATH, ipaddr);
if (CURLE_OK != curlcode) {
logg("!ClamClient: could not setup curl with local unix socket, %s\n", curl_easy_strerror(curlcode));
curl_easy_cleanup(*curl);
return curlcode;
}
curlcode = curl_easy_setopt(*curl, CURLOPT_URL, ipaddr);
if (CURLE_OK != curlcode) {
logg("!ClamClient: could not setup curl with tcp address, %s\n", curl_easy_strerror(curlcode));
curl_easy_cleanup(*curl);
return curlcode;
curlcode = curl_easy_setopt(*curl, CURLOPT_URL, "http://localhost/");
if (CURLE_OK != curlcode) {
logg("!ClamClient: could not setup curl with local address, %s\n", curl_easy_strerror(curlcode));
curl_easy_cleanup(*curl);
return curlcode;
}
} else {
curlcode = curl_easy_setopt(*curl, CURLOPT_PORT, port);
if (CURLE_OK != curlcode) {
logg("!ClamClient: could not setup curl with tcp port, %s\n", curl_easy_strerror(curlcode));
curl_easy_cleanup(*curl);
return curlcode;
}
curlcode = curl_easy_setopt(*curl, CURLOPT_URL, ipaddr);
if (CURLE_OK != curlcode) {
logg("!ClamClient: could not setup curl with tcp address, %s\n", curl_easy_strerror(curlcode));
curl_easy_cleanup(*curl);
return curlcode;
}
}
/* we implement our own transfer protocol via send and recv, so we only need to connect */
curlcode = curl_easy_setopt(*curl, CURLOPT_CONNECT_ONLY, 1L);
if (CURLE_OK != curlcode) {
logg("!ClamClient: could not setup curl to connect only, %s\n", curl_easy_strerror(curlcode));
curl_easy_cleanup(*curl);
return curlcode;
}
curlcode = curl_easy_setopt(*curl, CURLOPT_NOSIGNAL, 1L);
if (CURLE_OK != curlcode) {
logg("!ClamClient: could not setup curl to not use signals, %s\n", curl_easy_strerror(curlcode));
curl_easy_cleanup(*curl);
return curlcode;
}
/* we implement our own transfer protocol via send and recv, so we only need to connect */
curlcode = curl_easy_setopt(*curl, CURLOPT_CONNECTTIMEOUT_MS, (long) timeout);
if (CURLE_OK != curlcode) {
logg("!ClamClient: could not setup curl with connect timeout, %s\n", curl_easy_strerror(curlcode));
curl_easy_cleanup(*curl);
return curlcode;
}
curlcode = curl_easy_setopt(*curl, CURLOPT_CONNECTTIMEOUT_MS, (long) timeout);
if (CURLE_OK != curlcode) {
logg("!ClamClient: could not setup curl with connect timeout, %s\n", curl_easy_strerror(curlcode));
curl_easy_cleanup(*curl);
return curlcode;
}
/* we implement our own transfer protocol via send and recv, so we only need to connect */
curlcode = curl_easy_setopt(*curl, CURLOPT_CONNECT_ONLY, 1L);
if (CURLE_OK != curlcode) {
logg("!ClamClient: could not setup curl to connect only, %s\n", curl_easy_strerror(curlcode));
curl_easy_cleanup(*curl);
return curlcode;
}
#ifdef ONAS_DEBUG
curlcode = curl_easy_setopt(*curl, CURLOPT_VERBOSE, 1L);
if (CURLE_OK != curlcode) {
logg("!ClamClient: could not tell curl to be verbose, %s\n", curl_easy_strerror(curlcode));
curl_easy_cleanup(*curl);
return curlcode;
}
curlcode = curl_easy_setopt(*curl, CURLOPT_VERBOSE, 1L);
if (CURLE_OK != curlcode) {
logg("!ClamClient: could not tell curl to be verbose, %s\n", curl_easy_strerror(curlcode));
curl_easy_cleanup(*curl);
return curlcode;
}
#endif
/* don't care about the body of the return message */
curlcode = curl_easy_setopt(*curl, CURLOPT_NOBODY, 1L);
if (CURLE_OK != curlcode) {
logg("!ClamClient: could not setup curl to send HEAD request, %s\n", curl_easy_strerror(curlcode));
curl_easy_cleanup(*curl);
return curlcode;
}
/* don't care about the body of the return message */
curlcode = curl_easy_setopt(*curl, CURLOPT_NOBODY, 1L);
if (CURLE_OK != curlcode) {
logg("!ClamClient: could not setup curl to send HEAD request, %s\n", curl_easy_strerror(curlcode));
curl_easy_cleanup(*curl);
return curlcode;
}
curlcode = curl_easy_setopt(*curl, CURLOPT_HEADER, 0L);
if (CURLE_OK != curlcode) {
logg("!ClamClient: could not setup curl to not send header, %s\n", curl_easy_strerror(curlcode));
curl_easy_cleanup(*curl);
return curlcode;
}
curlcode = curl_easy_setopt(*curl, CURLOPT_HEADER, 0L);
if (CURLE_OK != curlcode) {
logg("!ClamClient: could not setup curl to not send header, %s\n", curl_easy_strerror(curlcode));
curl_easy_cleanup(*curl);
return curlcode;
}
return curlcode;
}
@ -336,13 +360,7 @@ int onas_get_clamd_version(struct onas_context **ctx)
}
if (!b_remote) {
curl = curl_easy_init();
curlcode = curl_easy_setopt(curl, CURLOPT_UNIX_SOCKET_PATH, optget((*ctx)->clamdopts, "LocalSocket")->strarg);
if (CURLE_OK != curlcode) {
logg("!ClamClient: could not setup curl with local unix socket, %s\n", curl_easy_strerror(curlcode));
curl_easy_cleanup(curl);
return 2;
}
curlcode = onas_curl_init(&curl, optget((*ctx)->clamdopts, "LocalSocket")->strarg, (*ctx)->portnum, timeout);
} else {
curlcode = onas_curl_init(&curl, optget((*ctx)->clamdopts, "TCPAddr")->strarg, (*ctx)->portnum, timeout);
if (CURLE_OK != curlcode) {

25
clamonacc/client/onaccess_proto.c
Unescape View File

@ -329,7 +329,32 @@ int onas_dsresult(CURL *curl, int scantype, uint64_t maxstream, const char *file
if (ret_code) {
*ret_code = CL_ESTAT;
}
} else if(len > 41 && !memcmp(eol-42, " lstat() failed: Permission denied. ERROR", 41)) {
if(errors) {
(*errors)++;
}
*printok = 0;
if(filename) {
(scantype >= STREAM) ? logg("*%s%s\n", filename, colon) : logg("*%s\n", bol);
}
if (ret_code) {
*ret_code = CL_ESTAT;
}
} else if(len > 21 && !memcmp(eol-22, " Access denied. ERROR", 21)) {
if(errors) {
(*errors)++;
}
*printok = 0;
if(filename) {
(scantype >= STREAM) ? logg("*%s%s\n", filename, colon) : logg("*%s\n", bol);
}
if (ret_code) {
*ret_code = CL_EACCES;
}
} else if(!memcmp(eol-7, " ERROR", 6)) {
if(errors) {
(*errors)++;

45
clamonacc/fanotif/onaccess_fan.c
Unescape View File

@ -57,33 +57,38 @@
extern pthread_t ddd_pid;
extern pthread_t scque_pid;
static int onas_fan_fd;
/*static void onas_fan_exit(int sig)
static void onas_fan_exit(int sig)
{
logg("*ClamFanotif: onas_fan_exit(), signal %d\n", sig);
if(onas_fan_fd) {
close(onas_fan_fd);
}
onas_fan_fd = 0;
if (ddd_pid > 0) {
pthread_kill(ddd_pid, SIGUSR1);
pthread_join(ddd_pid, NULL);
}
ddd_pid = 0;
if (scque_pid > 0) {
pthread_kill(ddd_pid, SIGUSR1);
pthread_join(ddd_pid, NULL);
pthread_kill(scque_pid, SIGUSR2);
pthread_join(scque_pid, NULL);
}
scque_pid = 0;
pthread_exit(NULL);
logg("ClamFanotif: stopped\n");
}*/
pthread_exit(NULL);
}
cl_error_t onas_setup_fanotif(struct onas_context **ctx) {
const struct optstruct *pt;
short int scan;
unsigned int sizelimit = 0, extinfo;
int onas_fan_fd;
uint64_t fan_mask = FAN_EVENT_ON_CHILD;
char err[128];
@ -152,9 +157,9 @@ cl_error_t onas_setup_fanotif(struct onas_context **ctx) {
/* Load other options. */
(*ctx)->sizelimit = optget((*ctx)->clamdopts, "OnAccessMaxFileSize")->numarg;
if((*ctx)->sizelimit)
logg("*ClamFanotif: Max file size limited to %lu bytes\n", (*ctx)->sizelimit);
logg("*ClamFanotif: max file size limited to %lu bytes\n", (*ctx)->sizelimit);
else
logg("*ClamFanotif: File size limit disabled\n");
logg("*ClamFanotif: file size limit disabled\n");
extinfo = optget((*ctx)->clamdopts, "ExtendedDetectionInfo")->enabled;
@ -164,6 +169,8 @@ cl_error_t onas_setup_fanotif(struct onas_context **ctx) {
int onas_fan_eloop(struct onas_context **ctx) {
int ret = 0;
int err_cnt = 0;
sigset_t sigset;
struct sigaction act;
short int scan;
STATBUF sb;
fd_set rfds;
@ -174,6 +181,26 @@ int onas_fan_eloop(struct onas_context **ctx) {
int len, check, fres;
char err[128];
/* ignore all signals except SIGUSR1 */
sigfillset(&sigset);
sigdelset(&sigset, SIGUSR1);
/* The behavior of a process is undefined after it ignores a
* SIGFPE, SIGILL, SIGSEGV, or SIGBUS signal */
sigdelset(&sigset, SIGFPE);
sigdelset(&sigset, SIGILL);
sigdelset(&sigset, SIGSEGV);
sigdelset(&sigset, SIGINT);
#ifdef SIGBUS
sigdelset(&sigset, SIGBUS);
#endif
pthread_sigmask(SIG_SETMASK, &sigset, NULL);
memset(&act, 0, sizeof(struct sigaction));
act.sa_handler = onas_fan_exit;
sigfillset(&(act.sa_mask));
sigaction(SIGUSR1, &act, NULL);
sigaction(SIGSEGV, &act, NULL);
sigaction(SIGINT, &act, NULL);
FD_ZERO(&rfds);
FD_SET((*ctx)->fan_fd, &rfds);
do {
@ -278,6 +305,7 @@ int onas_fan_eloop(struct onas_context **ctx) {
logg("!ClamFanotif: error occurred while excluding event\n");
return 2;
}
}
if (-1 == close(fmd->fd)) {
logg("!ClamFanotif: error occurred while closing metadata fd, %d\n", fmd->fd);
@ -289,7 +317,6 @@ int onas_fan_eloop(struct onas_context **ctx) {
}
}
}
}
fmd = FAN_EVENT_NEXT(fmd, bread);
}
do {

37
clamonacc/inotif/onaccess_ddd.c
Unescape View File

@ -348,7 +348,8 @@ void *onas_ddd_th(void *arg) {
* SIGFPE, SIGILL, SIGSEGV, or SIGBUS signal */
sigdelset(&sigset, SIGFPE);
sigdelset(&sigset, SIGILL);
//sigdelset(&sigset, SIGSEGV);
sigdelset(&sigset, SIGSEGV);
sigdelset(&sigset, SIGINT);
#ifdef SIGBUS
sigdelset(&sigset, SIGBUS);
#endif
@ -359,22 +360,22 @@ void *onas_ddd_th(void *arg) {
sigaction(SIGUSR1, &act, NULL);
sigaction(SIGSEGV, &act, NULL);
logg("*ClamInotif: Starting inotify event thread\n");
logg("*ClamInotif: starting inotify event thread\n");
onas_in_fd = inotify_init1(IN_NONBLOCK);
if (onas_in_fd == -1) {
logg("!ClamInotif: Could not init inotify.");
logg("!ClamInotif: could not init inotify\n");
return NULL;
}
ret = onas_ddd_init(0, ONAS_DEFAULT_HT_SIZE);
if (ret) {
logg("!ClamInotif: Failed to initialize 3D. \n");
logg("!ClamInotif: failed to initialize DDD system\n");
return NULL;
}
logg("*ClamInotif: Dynamically determining directory hierarchy...\n");
logg("*ClamInotif: dynamically determining directory hierarchy...\n");
/* Add provided paths recursively. */
if (!optget(ctx->opts, "watch-list")->enabled && !optget(ctx->clamdopts, "OnAccessIncludePath")->enabled) {
@ -593,7 +594,7 @@ void *onas_ddd_th(void *arg) {
}
}
logg("*ClamInotif: Exiting inotify event thread\n");
logg("*ClamInotif: exiting inotify event thread\n");
return NULL;
}
@ -605,7 +606,7 @@ static void onas_ddd_handle_in_delete(struct onas_context *ctx,
if (stat(child_path, &s) == 0 && S_ISREG(s.st_mode)) return;
if (!(event->mask & IN_ISDIR)) return;
logg("*ClamInotif: DELETE - Removing %s from %s with wd:%d\n", child_path, path, wd);
logg("*ClamInotif: DELETE - removing %s from %s with wd:%d\n", child_path, path, wd);
onas_ddd_unwatch(child_path, ctx->fan_fd, onas_in_fd);
onas_ht_rm_hierarchy(ddd_ht, child_path, strlen(child_path), 0);
@ -619,7 +620,7 @@ static void onas_ddd_handle_in_moved_from(struct onas_context *ctx,
if (stat(child_path, &s) == 0 && S_ISREG(s.st_mode)) return;
if (!(event->mask & IN_ISDIR)) return;
logg("*ClamInotif: MOVED_FROM - Removing %s from %s with wd:%d\n", child_path, path, wd);
logg("*ClamInotif: MOVED_FROM - removing %s from %s with wd:%d\n", child_path, path, wd);
onas_ddd_unwatch(child_path, ctx->fan_fd, onas_in_fd);
onas_ht_rm_hierarchy(ddd_ht, child_path, strlen(child_path), 0);
@ -636,7 +637,7 @@ static void onas_ddd_handle_in_create(struct onas_context *ctx,
onas_ddd_handle_extra_scanning(ctx, child_path, ONAS_SCTH_B_FILE);
} else if(event->mask & IN_ISDIR) {
logg("*ClamInotif: CREATE - Adding %s to %s with wd:%d\n", child_path, path, wd);
logg("*ClamInotif: CREATE - adding %s to %s with wd:%d\n", child_path, path, wd);
onas_ddd_handle_extra_scanning(ctx, child_path, ONAS_SCTH_B_DIR);
onas_ht_add_hierarchy(ddd_ht, child_path);
@ -648,7 +649,7 @@ static void onas_ddd_handle_in_create(struct onas_context *ctx,
if (stat(child_path, &s) == 0 && S_ISREG(s.st_mode)) return;
if (!(event->mask & IN_ISDIR)) return;
logg("*ClamInotif: MOVED_TO - Adding %s to %s with wd:%d\n", child_path, path, wd);
logg("*ClamInotif: MOVED_TO - adding %s to %s with wd:%d\n", child_path, path, wd);
onas_ht_add_hierarchy(ddd_ht, child_path);
onas_ddd_watch(child_path, ctx->fan_fd, ctx->fan_mask, onas_in_fd, in_mask);
}
@ -665,7 +666,7 @@ static void onas_ddd_handle_in_moved_to(struct onas_context *ctx,
onas_ddd_handle_extra_scanning(ctx, child_path, ONAS_SCTH_B_FILE);
} else if(event->mask & IN_ISDIR) {
logg("*ClamInotif: MOVED_TO - Adding %s to %s with wd:%d\n", child_path, path, wd);
logg("*ClamInotif: MOVED_TO - adding %s to %s with wd:%d\n", child_path, path, wd);
onas_ddd_handle_extra_scanning(ctx, child_path, ONAS_SCTH_B_DIR);
onas_ht_add_hierarchy(ddd_ht, child_path);
@ -676,7 +677,7 @@ static void onas_ddd_handle_in_moved_to(struct onas_context *ctx,
if (stat(child_path, &s) == 0 && S_ISREG(s.st_mode)) return;
if (!(event->mask & IN_ISDIR)) return;
logg("*ClamInotif: MOVED_TO - Adding %s to %s with wd:%d\n", child_path, path, wd);
logg("*ClamInotif: MOVED_TO - adding %s to %s with wd:%d\n", child_path, path, wd);
onas_ht_add_hierarchy(ddd_ht, child_path);
onas_ddd_watch(child_path, ctx->fan_fd, ctx->fan_mask, onas_in_fd, in_mask);
}
@ -717,12 +718,22 @@ static void onas_ddd_handle_extra_scanning(struct onas_context *ctx, const char
static void onas_ddd_exit(int sig) {
logg("*ClamInotif: onas_ddd_exit(), signal %d\n", sig);
if (onas_in_fd) {
close(onas_in_fd);
}
onas_in_fd = 0;
if (ddd_ht) {
onas_free_ht(ddd_ht);
}
ddd_ht = NULL;
if (wdlt) {
free(wdlt);
}
wdlt = NULL;
pthread_exit(NULL);
logg("ClamInotif: stopped\n");
pthread_exit(NULL);
}
#endif

24
clamonacc/scan/onaccess_scque.c
Unescape View File

@ -148,12 +148,13 @@ void *onas_scanque_th(void *arg) {
/* ignore all signals except SIGUSR1 */
sigfillset(&sigset);
sigdelset(&sigset, SIGUSR1);
sigdelset(&sigset, SIGUSR2);
/* The behavior of a process is undefined after it ignores a
* SIGFPE, SIGILL, SIGSEGV, or SIGBUS signal */
sigdelset(&sigset, SIGFPE);
sigdelset(&sigset, SIGILL);
//sigdelset(&sigset, SIGSEGV);
sigdelset(&sigset, SIGSEGV);
sigdelset(&sigset, SIGINT);
#ifdef SIGBUS
sigdelset(&sigset, SIGBUS);
#endif
@ -161,16 +162,16 @@ void *onas_scanque_th(void *arg) {
memset(&act, 0, sizeof(struct sigaction));
act.sa_handler = onas_scanque_exit;
sigfillset(&(act.sa_mask));
sigaction(SIGUSR1, &act, NULL);
sigaction(SIGUSR2, &act, NULL);
sigaction(SIGSEGV, &act, NULL);
logg("*ClamQueue: initializing event queue consumer w/ (%d) threads in thread pool\n", ctx->maxthreads);
logg("*ClamQueue: initializing event queue consumer ... (%d) threads in thread pool\n", ctx->maxthreads);
onas_init_event_queue();
threadpool thpool = thpool_init(ctx->maxthreads);
g_thpool = thpool;
/* loop w/ onas_consume_event until we die */
logg("*ClamQueue: waiting to cosume events ...\n");
logg("*ClamQueue: waiting to consume events ...\n");
do {
/* if there's no event to consume ... */
if (!onas_consume_event(thpool)) {
@ -201,7 +202,10 @@ static int onas_consume_event(threadpool thpool) {
return 1;
}
#ifdef ONAS_DEBUG
logg("*ClamonQueue: consuming event!\n");
#endif
thpool_add_work(thpool, (void *) onas_scan_worker, (void *) popped_node->data);
g_onas_event_queue_head->next = g_onas_event_queue_head->next->next;
@ -222,7 +226,10 @@ cl_error_t onas_queue_event(struct onas_scan_event *event_data) {
struct onas_event_queue_node *node = NULL;
#ifdef ONAS_DEBUG
logg("*ClamonQueue: queueing event!\n");
#endif
if (CL_EMEM == onas_new_event_queue_node(&node)) {
return CL_EMEM;
}
@ -273,10 +280,13 @@ static void onas_scanque_exit(int sig) {
logg("*ClamScanque: onas_scanque_exit(), signal %d\n", sig);
onas_destroy_event_queue();
thpool_destroy(g_thpool);
if (g_thpool) {
thpool_destroy(g_thpool);
}
g_thpool = NULL;
pthread_exit(NULL);
logg("ClamScanque: stopped\n");
pthread_exit(NULL);
}
#endif

33
clamonacc/scan/onaccess_scth.c
Unescape View File

@ -167,8 +167,6 @@ static cl_error_t onas_scth_scanfile(struct onas_scan_event *event_data, const c
res.response = FAN_DENY;
}
}
} else {
logg("DEBUG: NOT SCANNING\n");
}
@ -178,7 +176,7 @@ static cl_error_t onas_scth_scanfile(struct onas_scan_event *event_data, const c
if(ret == -1) {
logg("!ClamWorker: internal error (can't write to fanotify)\n");
if (errno == ENOENT) {
logg("ClamWorker: permission event has already been written ... recovering ...\n");
logg("*ClamWorker: permission event has already been written ... recovering ...\n");
} else {
ret = CL_EWRITE;
}
@ -187,10 +185,15 @@ static cl_error_t onas_scth_scanfile(struct onas_scan_event *event_data, const c
}
if (b_fanotify) {
#ifdef ONAS_DEBUG
logg("*ClamWorker: closing fd, %d)\n", event_data->fmd->fd);
#endif
if (-1 == close(event_data->fmd->fd) ) {
logg("!ClamWorker: internal error (can't close fanotify meta fd, %d)\n", event_data->fmd->fd);
if (errno == EBADF) {
logg("ClamWorker: fd already closed ... recovering ...\n");
logg("*ClamWorker: fd already closed ... recovering ...\n");
} else {
ret = CL_EUNLINK;
}
@ -273,11 +276,17 @@ static cl_error_t onas_scth_handle_file(struct onas_scan_event *event_data, cons
}
ret = onas_scth_scanfile(event_data, pathname, sb, &infected, &err, &ret_code);
// probs need to error check here later, or at least log
if (event_data->bool_opts | ONAS_SCTH_B_INOTIFY) {
logg(">>>>>>DEBUG: ClamWorker: Inotify Scan Rsults ... ret = %d ; infected = %d ; err = %d ret_code = %d\n",
#ifdef ONAS_DEBUG
/* very noisy, debug only */
if (event_data->bool_opts & ONAS_SCTH_B_INOTIFY) {
logg("*ClamWorker: Inotify Scan Results ...\n\tret = %d ...\n\tinfected = %d ...\n\terr = %d ...\n\tret_code = %d\n",
ret, infected, err, ret_code);
} else {
logg("*ClamWorker: Fanotify Scan Results ...\n\tret = %d ...\n\tinfected = %d ...\n\terr = %d ...\n\tret_code = %d\n\tfd = %d\n",
ret, infected, err, ret_code, event_data->fmd->fd);
}
#endif
return ret;
}
@ -365,8 +374,6 @@ cl_error_t onas_map_context_info_to_event_data(struct onas_context *ctx, struct
(*event_data)->scantype = ctx->scantype;
(*event_data)->timeout = ctx->timeout;
(*event_data)->maxstream = ctx->maxstream;
(*event_data)->tcpaddr = optget(ctx->clamdopts, "TCPAddr")->strarg;
(*event_data)->portnum = ctx->portnum;
(*event_data)->fan_fd = ctx->fan_fd;
(*event_data)->sizelimit = ctx->sizelimit;
(*event_data)->retry_attempts = ctx->retry_attempts;
@ -379,6 +386,14 @@ cl_error_t onas_map_context_info_to_event_data(struct onas_context *ctx, struct
(*event_data)->bool_opts |= ONAS_SCTH_B_DENY_ON_E;
}
if (ctx->isremote) {
(*event_data)->bool_opts |= ONAS_SCTH_B_REMOTE;
(*event_data)->tcpaddr = optget(ctx->clamdopts, "TCPAddr")->strarg;
(*event_data)->portnum = ctx->portnum;
} else {
(*event_data)->tcpaddr = optget(ctx->clamdopts, "LocalSocket")->strarg;
}
return CL_SUCCESS;
}
#endif

20
clamonacc/scan/onaccess_scth.h
Unescape View File

@ -33,6 +33,17 @@
#define ONAS_SCTH_B_SCAN 0x10
#define ONAS_SCTH_B_RETRY_ON_E 0x20
#define ONAS_SCTH_B_DENY_ON_E 0x40
#define ONAS_SCTH_B_REMOTE 0x80
#ifndef HAVE_ATTRIB_PACKED
#define __attribute__(x)
#endif
#ifdef HAVE_PRAGMA_PACK
#pragma pack(1)
#endif
#ifdef HAVE_PRAGMA_PACK_HPPA
#pragma pack 1
#endif
struct onas_scan_event {
const char *tcpaddr;
@ -46,7 +57,14 @@ struct onas_scan_event {
int64_t maxstream;
int64_t timeout;
uint8_t bool_opts;
};
} __attribute((packed));
#ifdef HAVE_PRAGMA_PACK
#pragma pack()
#endif
#ifdef HAVE_PRAGMA_PACK_HPPA
#pragma pack
#endif
void *onas_scan_th(void *arg);

Write Preview
Loading…
Cancel
Save