https://github.com/vrtadmin/clamav-devel/commit/f5bc94cf01e6a19d5255c0e5f9a5bc2336f5a2b1 backported (re-merge). See also: - https://bugzilla.clamav.net/show_bug.cgi?id=11549 - https://github.com/e2guardian/e2guardian/issues/159 --- clamav-0.99.2/libclamav/scanners.c 2016-04-22 17:02:19.000000000 +0200 +++ clamav-0.99.2/libclamav/scanners.c.temp-cleanup 2017-11-17 00:59:14.295670694 +0100 @@ -1342,37 +1342,33 @@ return CL_CLEAN; } - /* dump to disk only if explicitly asked to - * or if necessary to check relative offsets, - * otherwise we can process just in-memory */ - if(ctx->engine->keeptmp || (troot && troot->ac_reloff_num > 0)) { - if((ret = cli_gentempfd(ctx->engine->tmpdir, &tmpname, &ofd))) { - cli_dbgmsg("cli_scanscript: Can't generate temporary file/descriptor\n"); - return ret; - } - if (ctx->engine->keeptmp) - cli_dbgmsg("cli_scanscript: saving normalized file to %s\n", tmpname); - } - if(!(normalized = cli_malloc(SCANBUFF + maxpatlen))) { cli_dbgmsg("cli_scanscript: Unable to malloc %u bytes\n", SCANBUFF); - free(tmpname); return CL_EMEM; } - text_normalize_init(&state, normalized, SCANBUFF + maxpatlen); - ret = CL_CLEAN; - if ((ret = cli_ac_initdata(&tmdata, troot?troot->ac_partsigs:0, troot?troot->ac_lsigs:0, troot?troot->ac_reloff_num:0, CLI_DEFAULT_AC_TRACKLEN))) { - free(tmpname); - return ret; + free(normalized); + return ret; } if ((ret = cli_ac_initdata(&gmdata, groot->ac_partsigs, groot->ac_lsigs, groot->ac_reloff_num, CLI_DEFAULT_AC_TRACKLEN))) { - cli_ac_freedata(&tmdata); - free(tmpname); - return ret; + cli_ac_freedata(&tmdata); + free(normalized); + return ret; + } + + /* dump to disk only if explicitly asked to + * or if necessary to check relative offsets, + * otherwise we can process just in-memory */ + if(ctx->engine->keeptmp || (troot && troot->ac_reloff_num > 0)) { + if((ret = cli_gentempfd(ctx->engine->tmpdir, &tmpname, &ofd))) { + cli_dbgmsg("cli_scanscript: Can't generate temporary file/descriptor\n"); + goto done; + } + if (ctx->engine->keeptmp) + cli_dbgmsg("cli_scanscript: saving normalized file to %s\n", tmpname); } mdata[0] = &tmdata; @@ -1387,10 +1383,9 @@ map_off += written; if (write(ofd, state.out, state.out_pos) == -1) { - cli_errmsg("cli_scanscript: can't write to file %s\n",tmpname); - close(ofd); - free(tmpname); - return CL_EWRITE; + cli_errmsg("cli_scanscript: can't write to file %s\n",tmpname); + ret = CL_EWRITE; + goto done; } text_normalize_reset(&state); } @@ -1409,11 +1404,6 @@ funmap(*ctx->fmap); } *ctx->fmap = map; - - /* If we aren't keeping temps, delete the normalized file after scan. */ - if(!(ctx->engine->keeptmp)) - if (cli_unlink(tmpname)) ret = CL_EUNLINK; - } else { /* Since the above is moderately costly all in all, * do the old stuff if there's no relative offsets. */ @@ -1421,11 +1411,8 @@ if (troot) { cli_targetinfo(&info, 7, map); ret = cli_ac_caloff(troot, &tmdata, &info); - if (ret) { - cli_ac_freedata(&tmdata); - free(tmpname); - return ret; - } + if (ret) + goto done; } while(1) { @@ -1466,13 +1453,6 @@ } - if(ctx->engine->keeptmp) { - free(tmpname); - if (ofd >= 0) - close(ofd); - } - free(normalized); - if(ret != CL_VIRUS || SCAN_ALL) { if ((ret = cli_exp_eval(ctx, troot, &tmdata, NULL, NULL)) == CL_VIRUS) viruses_found++; @@ -1481,9 +1461,19 @@ viruses_found++; } +done: + free(normalized); cli_ac_freedata(&tmdata); cli_ac_freedata(&gmdata); + if (ofd != -1) + close(ofd); + if (tmpname != NULL) { + if (!ctx->engine->keeptmp) + cli_unlink(tmpname); + free(tmpname); + } + if (SCAN_ALL && viruses_found) return CL_VIRUS;