severity 774686 important
tags 774686 + patch
thanks
* Sebastian Andrzej Siewior | 2015-01-08 15:33:19 [+0100]:
>* =?UTF-8?Q?B=C3=bcsc...@buxtehude.debian.org | 2015-01-06 10:09:21 [+0100]:
>
>>On some files clamav reports an error.
>>Example:
>>root@host:~# clamscan projectlibre-1.5.9.msi
>>projectlibre-1.5.9.msi: Can't create new file ERROR
>
>If you start with --debug you see
>
>I will check later how the old
>library handles the unpacking error.
The old implementation reports an error as well:
| LibClamAV debug: CDBNAME:CL_TYPE_MSCAB:0:ANTLR*TXT:0:1208:0:1:0:(nil)
| LibClamAV debug: CAB: Extracting file ANTLR*TXT to
/tmp/clamav-1ede6fca14a6572195edff162795ac54.tmp, size 1208, max_size: 26214400
| LibClamAV debug: CAB: Compression method: MSZIP
| LibClamAV debug: cab_read: WARNING: partial data block
| LibClamAV debug: mszip_decompress: inflate error -2
| LibClamAV debug: mszip_decompress: MSZIP error, 32768 bytes of data lost
| LibClamAV debug: in cli_magic_scandesc (reclevel: 1/16)
| LibClamAV debug: Recognized binary data
| LibClamAV debug: cache_check: e6cac7c8bbd43fe2143bfd898b8482ed is negative
| LibClamAV debug: in cli_check_mydoom_log()
| LibClamAV debug: hashtab: Freeing hashset, elements: 0, capacity: 0
| LibClamAV debug: cli_magic_scandesc: returning 0 at line 2470
| LibClamAV debug: cache_add: e6cac7c8bbd43fe2143bfd898b8482ed (level 0)
| LibClamAV debug:
CDBNAME:CL_TYPE_MSCAB:0:APACHE*LICENSE*2*0*TXT:0:11358:0:2:0:(nil)
| LibClamAV debug: CAB: Extracting file APACHE*LICENSE*2*0*TXT to
/tmp/clamav-e1d62e231a5e0d816a76dc36df124b0e.tmp, size 11358, max_size: 26214400
| LibClamAV debug: CAB: Compression method: MSZIP
| LibClamAV debug: CAB: Length from header 11358 but wrote 0 bytes
| LibClamAV debug: in cli_magic_scandesc (reclevel: 1/16)
| LibClamAV debug: Recognized binary data
| LibClamAV debug: cache_check: c1de3d128ba264ad4b1e9d0f5b8ba4a3 is negative
| LibClamAV debug: in cli_check_mydoom_log()
| LibClamAV debug: hashtab: Freeing hashset, elements: 0, capacity: 0
| LibClamAV debug: cli_magic_scandesc: returning 0 at line 2470
| LibClamAV debug: cache_add: c1de3d128ba264ad4b1e9d0f5b8ba4a3 (level 0)
but continues scanning. I will do the same change here by applying the
patch at the end of this email. I upgraded the severity here to important
since we have here some loss of functionality.
I can prepare you a Wheezy package with this change if you like. I will
have to check with the team if this is something we want to address now
or wait for the next clamav release.
diff --git a/libclamav/libmspack.c b/libclamav/libmspack.c
index e94312e..92338d5 100644
--- a/libclamav/libmspack.c
+++ b/libclamav/libmspack.c
@@ -350,8 +350,8 @@ int cli_scanmscab(cli_ctx *ctx, off_t sfx_offset)
if (ret) {
if (ret == CL_VIRUS) {
virus_num++;
- if (!SCAN_ALL)
- break;
+ if (SCAN_ALL)
+ continue;
}
goto out_close;
}
@@ -382,14 +382,12 @@ int cli_scanmscab(cli_ctx *ctx, off_t sfx_offset)
ops_ex.max_size = max_size;
/* scan */
ret = cab_d->extract(cab_d, cab_f, tmp_fname);
- if (ret) {
- /* Failed to extract */
+ if (ret)
+ /* Failed to extract. Try to scan what is there */
cli_dbgmsg("%s() failed to extract %d\n", __func__,
ret);
- } else {
- ret = cli_scanfile(tmp_fname, ctx);
- if (ret == CL_VIRUS)
- virus_num++;
- }
+ ret = cli_scanfile(tmp_fname, ctx);
+ if (ret == CL_VIRUS)
+ virus_num++;
if (!ctx->engine->keeptmp) {
if (!access(tmp_fname, R_OK) && cli_unlink(tmp_fname)) {
free(tmp_fname);
@@ -399,8 +397,12 @@ int cli_scanmscab(cli_ctx *ctx, off_t sfx_offset)
}
free(tmp_fname);
files++;
- if (ret == CL_VIRUS && SCAN_ALL)
- continue;
+ if (ret == CL_VIRUS) {
+ if (SCAN_ALL)
+ continue;
+ else
+ break;
+ }
if (ret)
break;
}
@@ -457,8 +459,8 @@ int cli_scanmschm(cli_ctx *ctx)
if (ret) {
if (ret == CL_VIRUS) {
virus_num++;
- if (!SCAN_ALL)
- break;
+ if (SCAN_ALL)
+ continue;
}
goto out_close;
}
@@ -490,14 +492,13 @@ int cli_scanmschm(cli_ctx *ctx)
/* scan */
ret = mschm_d->extract(mschm_d, mschm_f, tmp_fname);
- if (ret) {
- /* Failed to extract */
+ if (ret)
+ /* Failed to extract. Try to scan what is there */
cli_dbgmsg("%s() failed to extract %d\n", __func__,
ret);
- } else {
- ret = cli_scanfile(tmp_fname, ctx);
- if (ret == CL_VIRUS)
- virus_num++;
- }
+ ret = cli_scanfile(tmp_fname, ctx);
+ if (ret == CL_VIRUS)
+ virus_num++;
+
if (!ctx->engine->keeptmp) {
if (!access(tmp_fname, R_OK) && cli_unlink(tmp_fname)) {
free(tmp_fname);
@@ -507,8 +508,12 @@ int cli_scanmschm(cli_ctx *ctx)
}
free(tmp_fname);
files++;
- if (ret == CL_VIRUS && SCAN_ALL)
- continue;
+ if (ret == CL_VIRUS) {
+ if (SCAN_ALL)
+ continue;
+ else
+ break;
+ }
if (ret)
break;
}
--
1.7.10.4
Sebastian
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
