open-dsi
/
clamav
mirror of https://github.com/Cisco-Talos/clamav
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

VirusEvent: disable support for %f

Browse Source 
git-svn: trunk@489
remotes/push_mirror/metadata
Tomasz Kojm 21 years ago
parent 41e960e7dd
commit 9cb8aa621a
6 changed files with 15 additions and 23 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 5
      clamav-devel/ChangeLog
  2. 2
      clamav-devel/clamd/clamuko.c
  3. 13
      clamav-devel/clamd/others.c
  4. 2
      clamav-devel/clamd/others.h
  5. 6
      clamav-devel/clamd/scanner.c
  6. 10
      clamav-devel/etc/clamav.conf

5
clamav-devel/ChangeLog
Unescape View File

@ -1,3 +1,8 @@
Wed Apr 14 03:24:44 CEST 2004 (tk)
----------------------------------
* clamd: VirusEvent: disable support for %f
(http://www.securitytracker.com/alerts/2004/Apr/1009615.html)
Tue Apr 13 14:16:42 CEST 2004 (tk)
----------------------------------
* libclamav: scan EVS mails

2
clamav-devel/clamd/clamuko.c
Unescape View File

@ -192,7 +192,7 @@ void *clamukoth(void *arg)
if(scan && cl_scanfile(acc->filename, &virname, NULL, tharg->root, tharg->limits, options) == CL_VIRUS) {
logg("Clamuko: %s: %s FOUND\n", acc->filename, virname);
virusaction(acc->filename, virname, tharg->copt);
virusaction(virname, tharg->copt);
acc->deny = 1;
} else
acc->deny = 0;

13
clamav-devel/clamd/others.c
Unescape View File

@ -49,7 +49,7 @@
#include "memory.h"
#include "cfgparser.h"
void virusaction(const char *filename, const char *virname, const struct cfgstruct *copt)
void virusaction(const char *virname, const struct cfgstruct *copt)
{
char *buffer, *pt, *cmd;
struct cfgstruct *cpt;
@ -60,16 +60,7 @@ void virusaction(const char *filename, const char *virname, const struct cfgstru
cmd = strdup(cpt->strarg);
buffer = (char *) mcalloc(strlen(cmd) + strlen(filename) + strlen(virname) + 10, sizeof(char));
if((pt = strstr(cmd, "%f"))) {
*pt = 0; pt += 2;
strcpy(buffer, cmd);
strcat(buffer, filename);
strcat(buffer, pt);
free(cmd);
cmd = strdup(buffer);
}
buffer = (char *) mcalloc(strlen(cmd) + strlen(virname) + 10, sizeof(char));
if((pt = strstr(cmd, "%v"))) {
*pt = 0; pt += 2;

2
clamav-devel/clamd/others.h
Unescape View File

@ -29,7 +29,7 @@
int poll_fd(int fd, int timeout_sec);
int is_fd_connected(int fd);
void virusaction(const char *filename, const char *virname, const struct cfgstruct *copt);
void virusaction(const char *virname, const struct cfgstruct *copt);
int writen(int fd, void *buff, unsigned int count);
#endif

6
clamav-devel/clamd/scanner.c
Unescape View File

@ -105,7 +105,7 @@ int dirscan(const char *dirname, const char **virname, unsigned long int *scanne
if((scanret = cl_scanfile(fname, virname, scanned, root, limits, options)) == CL_VIRUS) {
mdprintf(odesc, "%s: %s FOUND\n", fname, *virname);
logg("%s: %s FOUND\n", fname, *virname);
virusaction(fname, *virname, copt);
virusaction(*virname, copt);
if(!contscan) {
closedir(dd);
free(fname);
@ -170,7 +170,7 @@ int scan(const char *filename, unsigned long int *scanned, const struct cl_node
if(ret == CL_VIRUS) {
mdprintf(odesc, "%s: %s FOUND\n", filename, virname);
logg("%s: %s FOUND\n", filename, virname);
virusaction(filename, virname, copt);
virusaction(virname, copt);
} else if(ret != CL_CLEAN) {
mdprintf(odesc, "%s: %s ERROR\n", filename, cl_strerror(ret));
logg("%s: %s ERROR\n", filename, cl_strerror(ret));
@ -333,7 +333,7 @@ int scanstream(int odesc, unsigned long int *scanned, const struct cl_node *root
if(ret == CL_VIRUS) {
mdprintf(odesc, "stream: %s FOUND\n", virname);
logg("stream: %s FOUND\n", virname);
virusaction("InputStream", virname, copt);
virusaction(virname, copt);
} else if(ret != CL_CLEAN) {
mdprintf(odesc, "stream: %s ERROR\n", cl_strerror(ret));
logg("stream: %s ERROR\n", cl_strerror(ret));

10
clamav-devel/etc/clamav.conf
Unescape View File

@ -107,14 +107,10 @@ MaxDirectoryRecursion 15
# By default clamd checks itself every 3600 seconds (1 hour).
#SelfCheck 600
# Execute a command when virus is found. In the command string %v and %f will
# be replaced by the virus name and the infected file name respectively.
# Execute a command when a virus is found. In the command string %v will
# be replaced by the virus name.
#
# SECURITY WARNING: Make sure the virus event command cannot be exploited,
# eg. by using some special file name when %f is used.
# Always use a full path to the command.
# Never delete/move files with this directive !
#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %f: %v"
#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v"
# Run as selected user (clamd must be started by root).
# By default it doesn't drop privileges.

Write Preview
Loading…
Cancel
Save