From 4f3fd81e6aff2829d95ecf971feb5ba34b761c76 Mon Sep 17 00:00:00 2001 From: Robert Scheck Date: Sun, 26 Nov 2017 03:55:21 +0100 Subject: [PATCH] Backported upstream patch to unbreak e2guardian vs. temp files --- clamav-0.99.2-temp-cleanup.patch | 137 +++++++++++++++++++++++++++++++ clamav.spec | 7 +- 2 files changed, 143 insertions(+), 1 deletion(-) create mode 100644 clamav-0.99.2-temp-cleanup.patch diff --git a/clamav-0.99.2-temp-cleanup.patch b/clamav-0.99.2-temp-cleanup.patch new file mode 100644 index 0000000..1b01341 --- /dev/null +++ b/clamav-0.99.2-temp-cleanup.patch @@ -0,0 +1,137 @@ +https://github.com/vrtadmin/clamav-devel/commit/f5bc94cf01e6a19d5255c0e5f9a5bc2336f5a2b1 +backported (re-merge). See also: + + - https://bugzilla.clamav.net/show_bug.cgi?id=11549 + - https://github.com/e2guardian/e2guardian/issues/159 + +--- clamav-0.99.2/libclamav/scanners.c 2016-04-22 17:02:19.000000000 +0200 ++++ clamav-0.99.2/libclamav/scanners.c.temp-cleanup 2017-11-17 00:59:14.295670694 +0100 +@@ -1342,37 +1342,33 @@ + return CL_CLEAN; + } + +- /* dump to disk only if explicitly asked to +- * or if necessary to check relative offsets, +- * otherwise we can process just in-memory */ +- if(ctx->engine->keeptmp || (troot && troot->ac_reloff_num > 0)) { +- if((ret = cli_gentempfd(ctx->engine->tmpdir, &tmpname, &ofd))) { +- cli_dbgmsg("cli_scanscript: Can't generate temporary file/descriptor\n"); +- return ret; +- } +- if (ctx->engine->keeptmp) +- cli_dbgmsg("cli_scanscript: saving normalized file to %s\n", tmpname); +- } +- + if(!(normalized = cli_malloc(SCANBUFF + maxpatlen))) { + cli_dbgmsg("cli_scanscript: Unable to malloc %u bytes\n", SCANBUFF); +- free(tmpname); + return CL_EMEM; + } +- + text_normalize_init(&state, normalized, SCANBUFF + maxpatlen); +- ret = CL_CLEAN; +- + + if ((ret = cli_ac_initdata(&tmdata, troot?troot->ac_partsigs:0, troot?troot->ac_lsigs:0, troot?troot->ac_reloff_num:0, CLI_DEFAULT_AC_TRACKLEN))) { +- free(tmpname); +- return ret; ++ free(normalized); ++ return ret; + } + + if ((ret = cli_ac_initdata(&gmdata, groot->ac_partsigs, groot->ac_lsigs, groot->ac_reloff_num, CLI_DEFAULT_AC_TRACKLEN))) { +- cli_ac_freedata(&tmdata); +- free(tmpname); +- return ret; ++ cli_ac_freedata(&tmdata); ++ free(normalized); ++ return ret; ++ } ++ ++ /* dump to disk only if explicitly asked to ++ * or if necessary to check relative offsets, ++ * otherwise we can process just in-memory */ ++ if(ctx->engine->keeptmp || (troot && troot->ac_reloff_num > 0)) { ++ if((ret = cli_gentempfd(ctx->engine->tmpdir, &tmpname, &ofd))) { ++ cli_dbgmsg("cli_scanscript: Can't generate temporary file/descriptor\n"); ++ goto done; ++ } ++ if (ctx->engine->keeptmp) ++ cli_dbgmsg("cli_scanscript: saving normalized file to %s\n", tmpname); + } + + mdata[0] = &tmdata; +@@ -1387,10 +1383,9 @@ + map_off += written; + + if (write(ofd, state.out, state.out_pos) == -1) { +- cli_errmsg("cli_scanscript: can't write to file %s\n",tmpname); +- close(ofd); +- free(tmpname); +- return CL_EWRITE; ++ cli_errmsg("cli_scanscript: can't write to file %s\n",tmpname); ++ ret = CL_EWRITE; ++ goto done; + } + text_normalize_reset(&state); + } +@@ -1409,11 +1404,6 @@ + funmap(*ctx->fmap); + } + *ctx->fmap = map; +- +- /* If we aren't keeping temps, delete the normalized file after scan. */ +- if(!(ctx->engine->keeptmp)) +- if (cli_unlink(tmpname)) ret = CL_EUNLINK; +- + } else { + /* Since the above is moderately costly all in all, + * do the old stuff if there's no relative offsets. */ +@@ -1421,11 +1411,8 @@ + if (troot) { + cli_targetinfo(&info, 7, map); + ret = cli_ac_caloff(troot, &tmdata, &info); +- if (ret) { +- cli_ac_freedata(&tmdata); +- free(tmpname); +- return ret; +- } ++ if (ret) ++ goto done; + } + + while(1) { +@@ -1466,13 +1453,6 @@ + + } + +- if(ctx->engine->keeptmp) { +- free(tmpname); +- if (ofd >= 0) +- close(ofd); +- } +- free(normalized); +- + if(ret != CL_VIRUS || SCAN_ALL) { + if ((ret = cli_exp_eval(ctx, troot, &tmdata, NULL, NULL)) == CL_VIRUS) + viruses_found++; +@@ -1481,9 +1461,19 @@ + viruses_found++; + } + ++done: ++ free(normalized); + cli_ac_freedata(&tmdata); + cli_ac_freedata(&gmdata); + ++ if (ofd != -1) ++ close(ofd); ++ if (tmpname != NULL) { ++ if (!ctx->engine->keeptmp) ++ cli_unlink(tmpname); ++ free(tmpname); ++ } ++ + if (SCAN_ALL && viruses_found) + return CL_VIRUS; + diff --git a/clamav.spec b/clamav.spec index edf30f2..2fd02bd 100644 --- a/clamav.spec +++ b/clamav.spec @@ -5,7 +5,7 @@ Summary: Anti-virus software Name: clamav Version: 0.99.2 -Release: 2%{?dist} +Release: 3%{?dist} License: GPLv2 Group: Applications/System URL: http://www.clamav.net/ @@ -32,6 +32,7 @@ Source12: http://db.local.clamav.net/daily-21723.cvd Source13: http://db.local.clamav.net/bytecode-278.cvd Patch31: clamav-0.99.1-setsebool.patch +Patch32: clamav-0.99.2-temp-cleanup.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -131,6 +132,7 @@ you will need to install %{name}-devel. %setup -q -T -c xz -dc %{SOURCE0} | (cd .. ; tar xvvf -) %patch31 -p1 -b .setsebool +%patch32 -p1 -b .temp-cleanup %{__perl} -pi.orig -e 's|/lib\b|/%{_lib}|g;' configure @@ -410,6 +412,9 @@ rm -rf %{buildroot} %exclude %{_libdir}/libclamav.la %changelog +* Sun Nov 26 2017 Robert Scheck - 0.99.2-3 +- Backported upstream patch to unbreak e2guardian vs. temp files + * Tue Mar 28 2017 Robert Scheck - 0.99.2-2 - Ensure that missing or invalid timezone configuration does not mangle /etc/freshclam.conf in %%post (#1154756)