[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Clam Antivirus

To: ports@openbsd.org
Subject: Re: Clam Antivirus
From: Craig Barraclough <craigba@creative.com.au>
Date: Thu, 28 Aug 2003 10:12:50 +1000
Organization: Creative Digital Technology
References: <20030827110722.27acbd9e.marc@msys.ch>
User-Agent: KMail/1.5.2

>
> I am using (i.e. trying to use) clamav's clamd on OpenBSD 3.3 sparc/64. 
> The daemon suddenly hangs, accepts connections but does no longer accept
> commands.
>
> Has anybody had similiar problems?
>
I'm in the process of trying to debug ClamAV. I'm using the sendmail milter.
Attached is a patch which makes the milter a bit more stable. I'll throw my 
meager skills at the daemon to see if I can do anything.
Warning: My programming skills are very rusty, so take this (non port ready*) 
patch with a large helping of mistrust.
*Needs to swap /usr/local for a variable to be swapped for ${LOCALBASE}
-- 
Craig

$OpenBSD$
--- clamav-milter/clamav-milter.c.orig	Wed Jul 30 01:48:44 2003
+++ clamav-milter/clamav-milter.c	Thu Aug 28 09:32:54 2003
@@ -123,9 +123,6 @@
 
 #include <stdio.h>
 #include <sysexits.h>
-#ifndef TARGET_OS_FREEBSD
-#include <malloc.h>
-#endif
 #include <syslog.h>
 #include <unistd.h>
 #include <stdlib.h>
@@ -407,7 +404,7 @@ main(int argc, char **argv)
 	 * call clamdscan to get the version number of clamd.
 	 * TODO: there's probably a better way of doing this!
 	 */
-	snprintf(cmd, sizeof(cmd), "clamdscan --version 2>&1");
+	snprintf(cmd, sizeof(cmd), "/usr/local/bin/clamdscan --version 2>&1");
 	clamd = popen(cmd, "r");
 
 	if(clamd == NULL) {
@@ -533,7 +530,7 @@ clamfi_connect(SMFICTX *ctx, char *hostn
 
 	if(use_syslog)
 		syslog(LOG_NOTICE, "clamfi_connect: connection from %s [%s]", hostname, remoteIP);
-	printf("clamfi_connect: connection from %s [%s]\n", hostname, remoteIP);
+//	printf("clamfi_connect: connection from %s [%s]\n", hostname, remoteIP);
 
 	if(!oflag)
 		if(strcmp(remoteIP, "127.0.0.1") == 0) {
@@ -653,6 +650,9 @@ clamfi_envfrom(SMFICTX *ctx, char **argv
 		pthread_mutex_unlock(&n_children_mutex);
 
 		if(rc == ETIMEDOUT) {
+			pthread_mutex_lock(&n_children_mutex);
+			n_children--;
+			pthread_mutex_unlock(&n_children_mutex);
 #ifdef	CL_DEBUG
 			if(use_syslog)
 				syslog(LOG_NOTICE, "Timeout waiting for a child to die");
@@ -662,6 +662,8 @@ clamfi_envfrom(SMFICTX *ctx, char **argv
 	}
 
 	privdata = (struct privdata *)calloc(1, sizeof(struct privdata));
+	if (!privdata)
+		return SMFIS_TEMPFAIL;
 	privdata->dataSocket = -1;	/* 0.4 */
 	privdata->cmdSocket = -1;	/* 0.4 */
 
@@ -817,6 +819,8 @@ clamfi_envrcpt(SMFICTX *ctx, char **argv
 	} else
 		privdata->to = realloc(privdata->to, sizeof(char *) * (privdata->numTo + 2));
 
+	if (!privdata->to)
+		return SMFIS_TEMPFAIL;
 	privdata->to[privdata->numTo] = strdup(argv[0]);
 	privdata->to[++privdata->numTo] = NULL;
 
@@ -916,6 +920,10 @@ clamfi_eom(SMFICTX *ctx)
 		puts("clamfi_eom: read nothing from clamd");
 #endif
 		mess[0] = '\0';
+		clamfi_cleanup(ctx);
+		rc = SMFIS_TEMPFAIL;
+		return rc;
+
 	}
 
 	if(strstr(mess, "FOUND") == NULL) {
@@ -943,6 +951,8 @@ clamfi_eom(SMFICTX *ctx)
 		 */
 		i = 1024;
 		err = (char *)malloc(i);
+		if (!err)
+			return SMFIS_TEMPFAIL;
 
 		snprintf(err, i, "Intercepted virus from: %s to:", privdata->from);
 
@@ -967,7 +977,7 @@ clamfi_eom(SMFICTX *ctx)
 		puts(err);
 #endif
 
-		sendmail = popen("/usr/lib/sendmail -t", "w");
+		sendmail = popen("/usr/sbin/sendmail -t", "w");
 		if(sendmail) {
 			fputs("From: MAILER-DAEMON\n", sendmail);
 			if(bflag) {
@@ -1016,9 +1026,11 @@ clamfi_abort(SMFICTX *ctx)
 	 *
 	 * TODO: There *must* be a tidier way of doing this!
 	 */
-	(void)pthread_mutex_unlock(&n_children_mutex);
+	if (n_children_mutex != NULL)
+		(void)pthread_mutex_unlock(&n_children_mutex);
 
-	clamfi_cleanup(ctx);
+	if (ctx != NULL)
+		clamfi_cleanup(ctx);
 
 	return SMFIS_TEMPFAIL;
 }
@@ -1035,6 +1047,11 @@ clamfi_close(SMFICTX *ctx)
 
 	if(logVerbose)
 		syslog(LOG_DEBUG, "clamfi_close");
+	pthread_mutex_lock(&n_children_mutex);
+	if (n_children < 0) {
+		n_children=0;
+	}
+	pthread_mutex_unlock(&n_children_mutex);
 
 	return SMFIS_CONTINUE;
 }
@@ -1044,6 +1061,7 @@ clamfi_cleanup(SMFICTX *ctx)
 {
 	struct privdata *privdata = (struct privdata *)smfi_getpriv(ctx);
 
+	if (privdata != NULL) {
 	assert(privdata != NULL);
 
 	if(privdata->dataSocket >= 0) {
@@ -1095,6 +1113,8 @@ clamfi_cleanup(SMFICTX *ctx)
 		puts("Free privdata");
 #endif
 	free(privdata);
+	} // End If (privdata != NULL)
+
 	smfi_setpriv(ctx, NULL);
 
 	if(max_children > 0) {

Follow-Ups:
- Re: Clam Antivirus
  - From: Marc Balmer <marc@msys.ch>

References:
- Clam Antivirus
  - From: Marc Balmer <marc@msys.ch>

Prev by Date: Thank you! -- KO/Office has blocked your mail due to an email policy.
Next by Date: Re: php-4.3.3, please test
Prev by thread: Clam Antivirus
Next by thread: Re: Clam Antivirus
Index(es):
- Date
- Thread