From 9cb8aa621a838034420727795cc12a35e49bbe0d Mon Sep 17 00:00:00 2001 From: Tomasz Kojm Date: Wed, 14 Apr 2004 01:27:22 +0000 Subject: [PATCH] VirusEvent: disable support for %f git-svn: trunk@489 --- clamav-devel/ChangeLog | 5 +++++ clamav-devel/clamd/clamuko.c | 2 +- clamav-devel/clamd/others.c | 13 ++----------- clamav-devel/clamd/others.h | 2 +- clamav-devel/clamd/scanner.c | 6 +++--- clamav-devel/etc/clamav.conf | 10 +++------- 6 files changed, 15 insertions(+), 23 deletions(-) diff --git a/clamav-devel/ChangeLog b/clamav-devel/ChangeLog index d78664b4d..ecb0c0c30 100644 --- a/clamav-devel/ChangeLog +++ b/clamav-devel/ChangeLog @@ -1,3 +1,8 @@ +Wed Apr 14 03:24:44 CEST 2004 (tk) +---------------------------------- + * clamd: VirusEvent: disable support for %f + (http://www.securitytracker.com/alerts/2004/Apr/1009615.html) + Tue Apr 13 14:16:42 CEST 2004 (tk) ---------------------------------- * libclamav: scan EVS mails diff --git a/clamav-devel/clamd/clamuko.c b/clamav-devel/clamd/clamuko.c index 5e82e19d8..adfad6065 100644 --- a/clamav-devel/clamd/clamuko.c +++ b/clamav-devel/clamd/clamuko.c @@ -192,7 +192,7 @@ void *clamukoth(void *arg) if(scan && cl_scanfile(acc->filename, &virname, NULL, tharg->root, tharg->limits, options) == CL_VIRUS) { logg("Clamuko: %s: %s FOUND\n", acc->filename, virname); - virusaction(acc->filename, virname, tharg->copt); + virusaction(virname, tharg->copt); acc->deny = 1; } else acc->deny = 0; diff --git a/clamav-devel/clamd/others.c b/clamav-devel/clamd/others.c index d323735f9..61a5847c7 100644 --- a/clamav-devel/clamd/others.c +++ b/clamav-devel/clamd/others.c @@ -49,7 +49,7 @@ #include "memory.h" #include "cfgparser.h" -void virusaction(const char *filename, const char *virname, const struct cfgstruct *copt) +void virusaction(const char *virname, const struct cfgstruct *copt) { char *buffer, *pt, *cmd; struct cfgstruct *cpt; @@ -60,16 +60,7 @@ void virusaction(const char *filename, const char *virname, const struct cfgstru cmd = strdup(cpt->strarg); - buffer = (char *) mcalloc(strlen(cmd) + strlen(filename) + strlen(virname) + 10, sizeof(char)); - - if((pt = strstr(cmd, "%f"))) { - *pt = 0; pt += 2; - strcpy(buffer, cmd); - strcat(buffer, filename); - strcat(buffer, pt); - free(cmd); - cmd = strdup(buffer); - } + buffer = (char *) mcalloc(strlen(cmd) + strlen(virname) + 10, sizeof(char)); if((pt = strstr(cmd, "%v"))) { *pt = 0; pt += 2; diff --git a/clamav-devel/clamd/others.h b/clamav-devel/clamd/others.h index 9df032eed..2d7c4c6f7 100644 --- a/clamav-devel/clamd/others.h +++ b/clamav-devel/clamd/others.h @@ -29,7 +29,7 @@ int poll_fd(int fd, int timeout_sec); int is_fd_connected(int fd); -void virusaction(const char *filename, const char *virname, const struct cfgstruct *copt); +void virusaction(const char *virname, const struct cfgstruct *copt); int writen(int fd, void *buff, unsigned int count); #endif diff --git a/clamav-devel/clamd/scanner.c b/clamav-devel/clamd/scanner.c index fe8d2f1b8..18593e4c2 100644 --- a/clamav-devel/clamd/scanner.c +++ b/clamav-devel/clamd/scanner.c @@ -105,7 +105,7 @@ int dirscan(const char *dirname, const char **virname, unsigned long int *scanne if((scanret = cl_scanfile(fname, virname, scanned, root, limits, options)) == CL_VIRUS) { mdprintf(odesc, "%s: %s FOUND\n", fname, *virname); logg("%s: %s FOUND\n", fname, *virname); - virusaction(fname, *virname, copt); + virusaction(*virname, copt); if(!contscan) { closedir(dd); free(fname); @@ -170,7 +170,7 @@ int scan(const char *filename, unsigned long int *scanned, const struct cl_node if(ret == CL_VIRUS) { mdprintf(odesc, "%s: %s FOUND\n", filename, virname); logg("%s: %s FOUND\n", filename, virname); - virusaction(filename, virname, copt); + virusaction(virname, copt); } else if(ret != CL_CLEAN) { mdprintf(odesc, "%s: %s ERROR\n", filename, cl_strerror(ret)); logg("%s: %s ERROR\n", filename, cl_strerror(ret)); @@ -333,7 +333,7 @@ int scanstream(int odesc, unsigned long int *scanned, const struct cl_node *root if(ret == CL_VIRUS) { mdprintf(odesc, "stream: %s FOUND\n", virname); logg("stream: %s FOUND\n", virname); - virusaction("InputStream", virname, copt); + virusaction(virname, copt); } else if(ret != CL_CLEAN) { mdprintf(odesc, "stream: %s ERROR\n", cl_strerror(ret)); logg("stream: %s ERROR\n", cl_strerror(ret)); diff --git a/clamav-devel/etc/clamav.conf b/clamav-devel/etc/clamav.conf index 8045337f3..45c34ca54 100644 --- a/clamav-devel/etc/clamav.conf +++ b/clamav-devel/etc/clamav.conf @@ -107,14 +107,10 @@ MaxDirectoryRecursion 15 # By default clamd checks itself every 3600 seconds (1 hour). #SelfCheck 600 -# Execute a command when virus is found. In the command string %v and %f will -# be replaced by the virus name and the infected file name respectively. +# Execute a command when a virus is found. In the command string %v will +# be replaced by the virus name. # -# SECURITY WARNING: Make sure the virus event command cannot be exploited, -# eg. by using some special file name when %f is used. -# Always use a full path to the command. -# Never delete/move files with this directive ! -#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %f: %v" +#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v" # Run as selected user (clamd must be started by root). # By default it doesn't drop privileges.