summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Deutschmann <whissi@gentoo.org>2018-01-26 16:23:29 +0100
committerThomas Deutschmann <whissi@gentoo.org>2018-01-26 16:23:43 +0100
commit194c79e18139961a9411a22566eb29d764081ef2 (patch)
tree8b41a7fb5da42fb5ca5ef6d661d46319f33a4714
parentgnome-extra/gnome-builder: amd64 stable wrt bug #644096 (diff)
downloadgentoo-194c79e18139961a9411a22566eb29d764081ef2.tar.gz
gentoo-194c79e18139961a9411a22566eb29d764081ef2.tar.bz2
gentoo-194c79e18139961a9411a22566eb29d764081ef2.zip
app-antivirus/clamav: rev bump to fix fd leak in cli_scanscript
Package-Manager: Portage-2.3.20, Repoman-2.3.6
-rw-r--r--app-antivirus/clamav/clamav-0.99.3-r1.ebuild (renamed from app-antivirus/clamav/clamav-0.99.3.ebuild)1
-rw-r--r--app-antivirus/clamav/files/clamav-0.99.3-fix-fd-leaks-in-cli_scanscript.patch132
2 files changed, 133 insertions, 0 deletions
diff --git a/app-antivirus/clamav/clamav-0.99.3.ebuild b/app-antivirus/clamav/clamav-0.99.3-r1.ebuild
index 3a577d05ac22..adb446d14727 100644
--- a/app-antivirus/clamav/clamav-0.99.3.ebuild
+++ b/app-antivirus/clamav/clamav-0.99.3-r1.ebuild
@@ -40,6 +40,7 @@ PATCHES=(
"${FILESDIR}"/${PN}-0.99.2-tinfo.patch
"${FILESDIR}"/${PN}-0.99.2-bytecode_api.patch
"${FILESDIR}"/${PN}-0.99.2-pcre2-compile-erroffset.patch
+ "${FILESDIR}"/${PN}-0.99.3-fix-fd-leaks-in-cli_scanscript.patch
)
pkg_setup() {
diff --git a/app-antivirus/clamav/files/clamav-0.99.3-fix-fd-leaks-in-cli_scanscript.patch b/app-antivirus/clamav/files/clamav-0.99.3-fix-fd-leaks-in-cli_scanscript.patch
new file mode 100644
index 000000000000..a457a71758c6
--- /dev/null
+++ b/app-antivirus/clamav/files/clamav-0.99.3-fix-fd-leaks-in-cli_scanscript.patch
@@ -0,0 +1,132 @@
+Author: Manuel Mausz <manuel-clamav@mausz.at>
+
+http://lists.clamav.net/pipermail/clamav-users/2018-January/005687.html
+
+--- clamav-0.99.3/libclamav/scanners.c.orig 2018-01-26 14:35:23.299386703 +0100
++++ clamav-0.99.3/libclamav/scanners.c 2018-01-26 14:47:44.422451335 +0100
+@@ -1342,39 +1342,35 @@
+ return CL_CLEAN;
+ }
+
+- /* dump to disk only if explicitly asked to
+- * or if necessary to check relative offsets,
+- * otherwise we can process just in-memory */
+- if(ctx->engine->keeptmp || (troot && troot->ac_reloff_num > 0)) {
+- if((ret = cli_gentempfd(ctx->engine->tmpdir, &tmpname, &ofd))) {
+- cli_dbgmsg("cli_scanscript: Can't generate temporary file/descriptor\n");
+- return ret;
+- }
+- if (ctx->engine->keeptmp)
+- cli_dbgmsg("cli_scanscript: saving normalized file to %s\n", tmpname);
+- }
+-
+ if(!(normalized = cli_malloc(SCANBUFF + maxpatlen))) {
+ cli_dbgmsg("cli_scanscript: Unable to malloc %u bytes\n", SCANBUFF);
+- free(tmpname);
+ return CL_EMEM;
+ }
+-
+ text_normalize_init(&state, normalized, SCANBUFF + maxpatlen);
+- ret = CL_CLEAN;
+-
+
+ if ((ret = cli_ac_initdata(&tmdata, troot?troot->ac_partsigs:0, troot?troot->ac_lsigs:0, troot?troot->ac_reloff_num:0, CLI_DEFAULT_AC_TRACKLEN))) {
+- free(tmpname);
++ free(normalized);
+ return ret;
+ }
+
+ if ((ret = cli_ac_initdata(&gmdata, groot->ac_partsigs, groot->ac_lsigs, groot->ac_reloff_num, CLI_DEFAULT_AC_TRACKLEN))) {
+ cli_ac_freedata(&tmdata);
+- free(tmpname);
++ free(normalized);
+ return ret;
+ }
+
++ /* dump to disk only if explicitly asked to
++ * or if necessary to check relative offsets,
++ * otherwise we can process just in-memory */
++ if(ctx->engine->keeptmp || (troot && troot->ac_reloff_num > 0)) {
++ if((ret = cli_gentempfd(ctx->engine->tmpdir, &tmpname, &ofd))) {
++ cli_dbgmsg("cli_scanscript: Can't generate temporary file/descriptor\n");
++ goto done;
++ }
++ if (ctx->engine->keeptmp)
++ cli_dbgmsg("cli_scanscript: saving normalized file to %s\n", tmpname);
++ }
++
+ mdata[0] = &tmdata;
+ mdata[1] = &gmdata;
+
+@@ -1388,9 +1384,8 @@
+
+ if (write(ofd, state.out, state.out_pos) == -1) {
+ cli_errmsg("cli_scanscript: can't write to file %s\n",tmpname);
+- close(ofd);
+- free(tmpname);
+- return CL_EWRITE;
++ ret = CL_EWRITE;
++ goto done;
+ }
+ text_normalize_reset(&state);
+ }
+@@ -1409,11 +1404,6 @@
+ funmap(*ctx->fmap);
+ }
+ *ctx->fmap = map;
+-
+- /* If we aren't keeping temps, delete the normalized file after scan. */
+- if(!(ctx->engine->keeptmp))
+- if (cli_unlink(tmpname)) ret = CL_EUNLINK;
+-
+ } else {
+ /* Since the above is moderately costly all in all,
+ * do the old stuff if there's no relative offsets. */
+@@ -1421,11 +1411,8 @@
+ if (troot) {
+ cli_targetinfo(&info, 7, map);
+ ret = cli_ac_caloff(troot, &tmdata, &info);
+- if (ret) {
+- cli_ac_freedata(&tmdata);
+- free(tmpname);
+- return ret;
+- }
++ if (ret)
++ goto done;
+ }
+
+ while(1) {
+@@ -1466,13 +1453,6 @@
+
+ }
+
+- if(ctx->engine->keeptmp) {
+- free(tmpname);
+- if (ofd >= 0)
+- close(ofd);
+- }
+- free(normalized);
+-
+ if(ret != CL_VIRUS || SCAN_ALL) {
+ if ((ret = cli_exp_eval(ctx, troot, &tmdata, NULL, NULL)) == CL_VIRUS)
+ viruses_found++;
+@@ -1481,9 +1461,19 @@
+ viruses_found++;
+ }
+
++done:
++ free(normalized);
+ cli_ac_freedata(&tmdata);
+ cli_ac_freedata(&gmdata);
+
++ if (ofd != -1)
++ close(ofd);
++ if (tmpname != NULL) {
++ if (!ctx->engine->keeptmp)
++ if (cli_unlink(tmpname)) ret = CL_EUNLINK;
++ free(tmpname);
++ }
++
+ if (SCAN_ALL && viruses_found)
+ return CL_VIRUS;
+