From 4f3fd81e6aff2829d95ecf971feb5ba34b761c76 Mon Sep 17 00:00:00 2001
From: Robert Scheck <robert@fedoraproject.org>
Date: Sun, 26 Nov 2017 03:55:21 +0100
Subject: [PATCH] Backported upstream patch to unbreak e2guardian vs. temp
 files

---
 clamav-0.99.2-temp-cleanup.patch | 137 +++++++++++++++++++++++++++++++
 clamav.spec                      |   7 +-
 2 files changed, 143 insertions(+), 1 deletion(-)
 create mode 100644 clamav-0.99.2-temp-cleanup.patch

diff --git a/clamav-0.99.2-temp-cleanup.patch b/clamav-0.99.2-temp-cleanup.patch
new file mode 100644
index 0000000..1b01341
--- /dev/null
+++ b/clamav-0.99.2-temp-cleanup.patch
@@ -0,0 +1,137 @@
+https://github.com/vrtadmin/clamav-devel/commit/f5bc94cf01e6a19d5255c0e5f9a5bc2336f5a2b1
+backported (re-merge). See also:
+
+ - https://bugzilla.clamav.net/show_bug.cgi?id=11549
+ - https://github.com/e2guardian/e2guardian/issues/159
+
+--- clamav-0.99.2/libclamav/scanners.c			2016-04-22 17:02:19.000000000 +0200
++++ clamav-0.99.2/libclamav/scanners.c.temp-cleanup	2017-11-17 00:59:14.295670694 +0100
+@@ -1342,37 +1342,33 @@
+ 		return CL_CLEAN;
+ 	}
+ 
+-	/* dump to disk only if explicitly asked to
+-	 * or if necessary to check relative offsets,
+-	 * otherwise we can process just in-memory */
+-	if(ctx->engine->keeptmp || (troot && troot->ac_reloff_num > 0)) {
+-		if((ret = cli_gentempfd(ctx->engine->tmpdir, &tmpname, &ofd))) {
+-			cli_dbgmsg("cli_scanscript: Can't generate temporary file/descriptor\n");
+-			return ret;
+-		}
+-		if (ctx->engine->keeptmp)
+-			cli_dbgmsg("cli_scanscript: saving normalized file to %s\n", tmpname);
+-	}
+-
+ 	if(!(normalized = cli_malloc(SCANBUFF + maxpatlen))) {
+ 		cli_dbgmsg("cli_scanscript: Unable to malloc %u bytes\n", SCANBUFF);
+-		free(tmpname);
+ 		return CL_EMEM;
+ 	}
+-
+ 	text_normalize_init(&state, normalized, SCANBUFF + maxpatlen);
+-	ret = CL_CLEAN;
+-
+ 
+ 	if ((ret = cli_ac_initdata(&tmdata, troot?troot->ac_partsigs:0, troot?troot->ac_lsigs:0, troot?troot->ac_reloff_num:0, CLI_DEFAULT_AC_TRACKLEN))) {
+-		free(tmpname);
+-		return ret;
++            free(normalized);
++            return ret;
+ 	}
+ 
+ 	if ((ret = cli_ac_initdata(&gmdata, groot->ac_partsigs, groot->ac_lsigs, groot->ac_reloff_num, CLI_DEFAULT_AC_TRACKLEN))) {
+-		cli_ac_freedata(&tmdata);
+-		free(tmpname);
+-		return ret;
++            cli_ac_freedata(&tmdata);
++            free(normalized);
++            return ret;
++	}
++
++	/* dump to disk only if explicitly asked to
++	 * or if necessary to check relative offsets,
++	 * otherwise we can process just in-memory */
++	if(ctx->engine->keeptmp || (troot && troot->ac_reloff_num > 0)) {
++            if((ret = cli_gentempfd(ctx->engine->tmpdir, &tmpname, &ofd))) {
++                cli_dbgmsg("cli_scanscript: Can't generate temporary file/descriptor\n");
++                goto done;
++            }
++            if (ctx->engine->keeptmp)
++                cli_dbgmsg("cli_scanscript: saving normalized file to %s\n", tmpname);
+ 	}
+ 
+ 	mdata[0] = &tmdata;
+@@ -1387,10 +1383,9 @@
+ 			map_off += written;
+ 
+ 			if  (write(ofd, state.out, state.out_pos) == -1) {
+-				cli_errmsg("cli_scanscript: can't write to file %s\n",tmpname);
+-				close(ofd);
+-				free(tmpname);
+-				return CL_EWRITE;
++                            cli_errmsg("cli_scanscript: can't write to file %s\n",tmpname);
++                            ret = CL_EWRITE;
++                            goto done;
+ 			}
+ 			text_normalize_reset(&state);
+ 		}
+@@ -1409,11 +1404,6 @@
+ 			funmap(*ctx->fmap);
+ 		}
+ 		*ctx->fmap = map;
+-
+-		/* If we aren't keeping temps, delete the normalized file after scan. */
+-		if(!(ctx->engine->keeptmp))
+-			if (cli_unlink(tmpname)) ret = CL_EUNLINK;
+-
+ 	} else {
+ 		/* Since the above is moderately costly all in all,
+ 		 * do the old stuff if there's no relative offsets. */
+@@ -1421,11 +1411,8 @@
+ 		if (troot) {
+ 			cli_targetinfo(&info, 7, map);
+ 			ret = cli_ac_caloff(troot, &tmdata, &info);
+-			if (ret) {
+-				cli_ac_freedata(&tmdata);
+-				free(tmpname);
+-				return ret;
+-			}
++			if (ret)
++                            goto done;
+ 		}
+ 
+ 		while(1) {
+@@ -1466,13 +1453,6 @@
+ 
+ 	}
+ 
+-	if(ctx->engine->keeptmp) {
+-		free(tmpname);
+-		if (ofd >= 0)
+-			close(ofd);
+-	}
+-	free(normalized);
+-
+ 	if(ret != CL_VIRUS || SCAN_ALL)  {
+ 		if ((ret = cli_exp_eval(ctx, troot, &tmdata, NULL, NULL)) == CL_VIRUS)
+ 			viruses_found++;
+@@ -1481,9 +1461,19 @@
+ 				viruses_found++;
+ 	}
+ 
++done:
++	free(normalized);
+ 	cli_ac_freedata(&tmdata);
+ 	cli_ac_freedata(&gmdata);
+ 
++	if (ofd != -1)
++		close(ofd);
++	if (tmpname != NULL) {
++		if (!ctx->engine->keeptmp)
++			cli_unlink(tmpname);
++		free(tmpname);
++	}
++
+ 	if (SCAN_ALL && viruses_found)
+ 		return CL_VIRUS;
+ 
diff --git a/clamav.spec b/clamav.spec
index edf30f2..2fd02bd 100644
--- a/clamav.spec
+++ b/clamav.spec
@@ -5,7 +5,7 @@
 Summary: Anti-virus software
 Name: clamav
 Version: 0.99.2
-Release: 2%{?dist}
+Release: 3%{?dist}
 License: GPLv2
 Group: Applications/System
 URL: http://www.clamav.net/
@@ -32,6 +32,7 @@ Source12: http://db.local.clamav.net/daily-21723.cvd
 Source13: http://db.local.clamav.net/bytecode-278.cvd
 
 Patch31:       clamav-0.99.1-setsebool.patch
+Patch32: clamav-0.99.2-temp-cleanup.patch
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
@@ -131,6 +132,7 @@ you will need to install %{name}-devel.
 %setup -q -T -c
 xz -dc %{SOURCE0} | (cd .. ; tar xvvf -)
 %patch31 -p1 -b .setsebool
+%patch32 -p1 -b .temp-cleanup
 
 %{__perl} -pi.orig -e 's|/lib\b|/%{_lib}|g;' configure
 
@@ -410,6 +412,9 @@ rm -rf %{buildroot}
 %exclude %{_libdir}/libclamav.la
 
 %changelog
+* Sun Nov 26 2017 Robert Scheck <robert@fedoraproject.org> - 0.99.2-3
+- Backported upstream patch to unbreak e2guardian vs. temp files
+
 * Tue Mar 28 2017 Robert Scheck <robert@fedoraproject.org> - 0.99.2-2
 - Ensure that missing or invalid timezone configuration does not
   mangle /etc/freshclam.conf in %%post (#1154756)