diff options
author | Thomas Deutschmann <whissi@gentoo.org> | 2018-01-26 16:23:29 +0100 |
---|---|---|
committer | Thomas Deutschmann <whissi@gentoo.org> | 2018-01-26 16:23:43 +0100 |
commit | 194c79e18139961a9411a22566eb29d764081ef2 (patch) | |
tree | 8b41a7fb5da42fb5ca5ef6d661d46319f33a4714 | |
parent | gnome-extra/gnome-builder: amd64 stable wrt bug #644096 (diff) | |
download | gentoo-194c79e18139961a9411a22566eb29d764081ef2.tar.gz gentoo-194c79e18139961a9411a22566eb29d764081ef2.tar.bz2 gentoo-194c79e18139961a9411a22566eb29d764081ef2.zip |
app-antivirus/clamav: rev bump to fix fd leak in cli_scanscript
Package-Manager: Portage-2.3.20, Repoman-2.3.6
-rw-r--r-- | app-antivirus/clamav/clamav-0.99.3-r1.ebuild (renamed from app-antivirus/clamav/clamav-0.99.3.ebuild) | 1 | ||||
-rw-r--r-- | app-antivirus/clamav/files/clamav-0.99.3-fix-fd-leaks-in-cli_scanscript.patch | 132 |
2 files changed, 133 insertions, 0 deletions
diff --git a/app-antivirus/clamav/clamav-0.99.3.ebuild b/app-antivirus/clamav/clamav-0.99.3-r1.ebuild index 3a577d05ac22..adb446d14727 100644 --- a/app-antivirus/clamav/clamav-0.99.3.ebuild +++ b/app-antivirus/clamav/clamav-0.99.3-r1.ebuild @@ -40,6 +40,7 @@ PATCHES=( "${FILESDIR}"/${PN}-0.99.2-tinfo.patch "${FILESDIR}"/${PN}-0.99.2-bytecode_api.patch "${FILESDIR}"/${PN}-0.99.2-pcre2-compile-erroffset.patch + "${FILESDIR}"/${PN}-0.99.3-fix-fd-leaks-in-cli_scanscript.patch ) pkg_setup() { diff --git a/app-antivirus/clamav/files/clamav-0.99.3-fix-fd-leaks-in-cli_scanscript.patch b/app-antivirus/clamav/files/clamav-0.99.3-fix-fd-leaks-in-cli_scanscript.patch new file mode 100644 index 000000000000..a457a71758c6 --- /dev/null +++ b/app-antivirus/clamav/files/clamav-0.99.3-fix-fd-leaks-in-cli_scanscript.patch @@ -0,0 +1,132 @@ +Author: Manuel Mausz <manuel-clamav@mausz.at> + +http://lists.clamav.net/pipermail/clamav-users/2018-January/005687.html + +--- clamav-0.99.3/libclamav/scanners.c.orig 2018-01-26 14:35:23.299386703 +0100 ++++ clamav-0.99.3/libclamav/scanners.c 2018-01-26 14:47:44.422451335 +0100 +@@ -1342,39 +1342,35 @@ + return CL_CLEAN; + } + +- /* dump to disk only if explicitly asked to +- * or if necessary to check relative offsets, +- * otherwise we can process just in-memory */ +- if(ctx->engine->keeptmp || (troot && troot->ac_reloff_num > 0)) { +- if((ret = cli_gentempfd(ctx->engine->tmpdir, &tmpname, &ofd))) { +- cli_dbgmsg("cli_scanscript: Can't generate temporary file/descriptor\n"); +- return ret; +- } +- if (ctx->engine->keeptmp) +- cli_dbgmsg("cli_scanscript: saving normalized file to %s\n", tmpname); +- } +- + if(!(normalized = cli_malloc(SCANBUFF + maxpatlen))) { + cli_dbgmsg("cli_scanscript: Unable to malloc %u bytes\n", SCANBUFF); +- free(tmpname); + return CL_EMEM; + } +- + text_normalize_init(&state, normalized, SCANBUFF + maxpatlen); +- ret = CL_CLEAN; +- + + if ((ret = cli_ac_initdata(&tmdata, troot?troot->ac_partsigs:0, troot?troot->ac_lsigs:0, troot?troot->ac_reloff_num:0, CLI_DEFAULT_AC_TRACKLEN))) { +- free(tmpname); ++ free(normalized); + return ret; + } + + if ((ret = cli_ac_initdata(&gmdata, groot->ac_partsigs, groot->ac_lsigs, groot->ac_reloff_num, CLI_DEFAULT_AC_TRACKLEN))) { + cli_ac_freedata(&tmdata); +- free(tmpname); ++ free(normalized); + return ret; + } + ++ /* dump to disk only if explicitly asked to ++ * or if necessary to check relative offsets, ++ * otherwise we can process just in-memory */ ++ if(ctx->engine->keeptmp || (troot && troot->ac_reloff_num > 0)) { ++ if((ret = cli_gentempfd(ctx->engine->tmpdir, &tmpname, &ofd))) { ++ cli_dbgmsg("cli_scanscript: Can't generate temporary file/descriptor\n"); ++ goto done; ++ } ++ if (ctx->engine->keeptmp) ++ cli_dbgmsg("cli_scanscript: saving normalized file to %s\n", tmpname); ++ } ++ + mdata[0] = &tmdata; + mdata[1] = &gmdata; + +@@ -1388,9 +1384,8 @@ + + if (write(ofd, state.out, state.out_pos) == -1) { + cli_errmsg("cli_scanscript: can't write to file %s\n",tmpname); +- close(ofd); +- free(tmpname); +- return CL_EWRITE; ++ ret = CL_EWRITE; ++ goto done; + } + text_normalize_reset(&state); + } +@@ -1409,11 +1404,6 @@ + funmap(*ctx->fmap); + } + *ctx->fmap = map; +- +- /* If we aren't keeping temps, delete the normalized file after scan. */ +- if(!(ctx->engine->keeptmp)) +- if (cli_unlink(tmpname)) ret = CL_EUNLINK; +- + } else { + /* Since the above is moderately costly all in all, + * do the old stuff if there's no relative offsets. */ +@@ -1421,11 +1411,8 @@ + if (troot) { + cli_targetinfo(&info, 7, map); + ret = cli_ac_caloff(troot, &tmdata, &info); +- if (ret) { +- cli_ac_freedata(&tmdata); +- free(tmpname); +- return ret; +- } ++ if (ret) ++ goto done; + } + + while(1) { +@@ -1466,13 +1453,6 @@ + + } + +- if(ctx->engine->keeptmp) { +- free(tmpname); +- if (ofd >= 0) +- close(ofd); +- } +- free(normalized); +- + if(ret != CL_VIRUS || SCAN_ALL) { + if ((ret = cli_exp_eval(ctx, troot, &tmdata, NULL, NULL)) == CL_VIRUS) + viruses_found++; +@@ -1481,9 +1461,19 @@ + viruses_found++; + } + ++done: ++ free(normalized); + cli_ac_freedata(&tmdata); + cli_ac_freedata(&gmdata); + ++ if (ofd != -1) ++ close(ofd); ++ if (tmpname != NULL) { ++ if (!ctx->engine->keeptmp) ++ if (cli_unlink(tmpname)) ret = CL_EUNLINK; ++ free(tmpname); ++ } ++ + if (SCAN_ALL && viruses_found) + return CL_VIRUS; + |