diff options
| author | Jeremy Harris <jgh146exb@wizmail.org> | 2017-12-31 17:40:55 +0000 |
|---|---|---|
| committer | Jeremy Harris <jgh146exb@wizmail.org> | 2018-02-08 21:20:02 +0000 |
| commit | 83d2a8615f6fede0c99dda5cb83dd510d7ad0269 (patch) | |
| tree | 5ce5a51d049ec7d53e8c3571f72e985707cbb4fa | |
| parent | aab9a84358906493bde0efc6aa13b00e59096396 (diff) | |
Fix conversation closedown with the Avast malware scanner. Bug 2113
| -rw-r--r-- | doc/doc-txt/ChangeLog | 5 | ||||
| -rw-r--r-- | src/src/malware.c | 15 | ||||
| -rw-r--r-- | test/scripts/4007_scan_avast/4007 | 6 | ||||
| -rw-r--r-- | test/stdout/4007 | 6 |
4 files changed, 20 insertions, 12 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 8112d4b07..b99b8187b 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -89,6 +89,11 @@ PP/01 Fix broken Heimdal GSSAPI authenticator integration. Broken in f2ed27cf5, missing an equals sign for specified-initialisers. Broken also in d185889f4, with init system revamp. +JH/17 Bug 2113: Fix conversation closedown with the Avast malware scanner. + Previously we abruptly closed the connection after reading a malware- + found indication; now we go on to read the "scan ok" response line, + and send a quit. + Exim version 4.90 ----------------- diff --git a/src/src/malware.c b/src/src/malware.c index c18cd95be..e74ba9830 100644 --- a/src/src/malware.c +++ b/src/src/malware.c @@ -1968,15 +1968,17 @@ b_seek: err = errno; 0, 0, ovector, nelem(ovector)) > 0) break; - if ((malware_name = m_pcre_exec(ava_re_virus, buf))) + if ( !malware_name + && (malware_name = m_pcre_exec(ava_re_virus, buf))) { /* remove backslash in front of [whitespace|backslash] */ uschar * p, * p0; for (p = malware_name; *p; ++p) if (*p == '\\' && (isspace(p[1]) || p[1] == '\\')) for (p0 = p; *p0; ++p0) *p0 = p0[1]; - avast_stage = AVA_DONE; - goto endloop; + DEBUG(D_acl) + debug_printf_indent("unescaped m-name: '%s'\n", malware_name); + break; } if (Ustrncmp(buf, "200 SCAN OK", 11) == 0) @@ -1987,15 +1989,14 @@ b_seek: err = errno; "unable to send quit request to socket (%s): %s", scanner_options, strerror(errno)), sock); - malware_name = NULL; + avast_stage = AVA_DONE; - goto endloop; } - /* here for any unexpected response from the scanner */ + /* here also for any unexpected response from the scanner */ goto endloop; - case AVA_DONE: log_write(0, LOG_PANIC, "%s:%d:%s: should not happen", + default: log_write(0, LOG_PANIC, "%s:%d:%s: should not happen", __FILE__, __LINE__, __FUNCTION__); } } diff --git a/test/scripts/4007_scan_avast/4007 b/test/scripts/4007_scan_avast/4007 index a58188c95..0611f2a96 100644 --- a/test/scripts/4007_scan_avast/4007 +++ b/test/scripts/4007_scan_avast/4007 @@ -10,7 +10,7 @@ server DIR/eximdir/avast_sock >LF>blah [+] >LF>200 SCAN OK <QUIT -<*eof +*eof **** # # @@ -36,7 +36,7 @@ server DIR/eximdir/avast_sock >LF>blah [E] >LF>200 SCAN OK <QUIT -<*eof +*eof **** # # @@ -62,7 +62,7 @@ server DIR/eximdir/avast_sock >LF>b\\ l\\ a\\ h [L]9.9 9 VNAME >LF>200 SCAN OK <QUIT -<*eof +*eof **** # # diff --git a/test/stdout/4007 b/test/stdout/4007 index 19e0f305b..603de1521 100644 --- a/test/stdout/4007 +++ b/test/stdout/4007 @@ -66,7 +66,7 @@ Connection request >LF>blah\x09[+] >LF>200 SCAN OK <QUIT -Unexpected EOF read from client +Expected EOF read from client End of script Listening on TESTSUITE/eximdir/avast_sock ... Connection request @@ -83,7 +83,9 @@ Connection request >LF>210 SCAN DATA >LF>b\\ l\\ a\\ h\x09[L]9.9\x099 VNAME >LF>200 SCAN OK -Unexpected EOF read from client +<QUIT +Expected EOF read from client +End of script Listening on TESTSUITE/eximdir/avast_sock ... Connection request *sleep 3 |