commit: 194c79e18139961a9411a22566eb29d764081ef2
Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
AuthorDate: Fri Jan 26 15:23:29 2018 +0000
Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
CommitDate: Fri Jan 26 15:23:43 2018 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=194c79e1
app-antivirus/clamav: rev bump to fix fd leak in cli_scanscript
Package-Manager: Portage-2.3.20, Repoman-2.3.6
...lamav-0.99.3.ebuild => clamav-0.99.3-r1.ebuild} | 1 +
...mav-0.99.3-fix-fd-leaks-in-cli_scanscript.patch | 132 +++++++++++++++++++++
2 files changed, 133 insertions(+)
diff --git a/app-antivirus/clamav/clamav-0.99.3.ebuild
b/app-antivirus/clamav/clamav-0.99.3-r1.ebuild
similarity index 98%
rename from app-antivirus/clamav/clamav-0.99.3.ebuild
rename to app-antivirus/clamav/clamav-0.99.3-r1.ebuild
index 3a577d05ac2..adb446d1472 100644
--- a/app-antivirus/clamav/clamav-0.99.3.ebuild
+++ b/app-antivirus/clamav/clamav-0.99.3-r1.ebuild
@@ -40,6 +40,7 @@ PATCHES=(
"${FILESDIR}"/${PN}-0.99.2-tinfo.patch
"${FILESDIR}"/${PN}-0.99.2-bytecode_api.patch
"${FILESDIR}"/${PN}-0.99.2-pcre2-compile-erroffset.patch
+ "${FILESDIR}"/${PN}-0.99.3-fix-fd-leaks-in-cli_scanscript.patch
)
pkg_setup() {
diff --git
a/app-antivirus/clamav/files/clamav-0.99.3-fix-fd-leaks-in-cli_scanscript.patch
b/app-antivirus/clamav/files/clamav-0.99.3-fix-fd-leaks-in-cli_scanscript.patch
new file mode 100644
index 00000000000..a457a71758c
--- /dev/null
+++
b/app-antivirus/clamav/files/clamav-0.99.3-fix-fd-leaks-in-cli_scanscript.patch
@@ -0,0 +1,132 @@
+Author: Manuel Mausz <[email protected]>
+
+http://lists.clamav.net/pipermail/clamav-users/2018-January/005687.html
+
+--- clamav-0.99.3/libclamav/scanners.c.orig 2018-01-26 14:35:23.299386703
+0100
++++ clamav-0.99.3/libclamav/scanners.c 2018-01-26 14:47:44.422451335 +0100
+@@ -1342,39 +1342,35 @@
+ return CL_CLEAN;
+ }
+
+- /* dump to disk only if explicitly asked to
+- * or if necessary to check relative offsets,
+- * otherwise we can process just in-memory */
+- if(ctx->engine->keeptmp || (troot && troot->ac_reloff_num > 0)) {
+- if((ret = cli_gentempfd(ctx->engine->tmpdir, &tmpname, &ofd))) {
+- cli_dbgmsg("cli_scanscript: Can't generate temporary
file/descriptor\n");
+- return ret;
+- }
+- if (ctx->engine->keeptmp)
+- cli_dbgmsg("cli_scanscript: saving normalized file to
%s\n", tmpname);
+- }
+-
+ if(!(normalized = cli_malloc(SCANBUFF + maxpatlen))) {
+ cli_dbgmsg("cli_scanscript: Unable to malloc %u bytes\n",
SCANBUFF);
+- free(tmpname);
+ return CL_EMEM;
+ }
+-
+ text_normalize_init(&state, normalized, SCANBUFF + maxpatlen);
+- ret = CL_CLEAN;
+-
+
+ if ((ret = cli_ac_initdata(&tmdata, troot?troot->ac_partsigs:0,
troot?troot->ac_lsigs:0, troot?troot->ac_reloff_num:0,
CLI_DEFAULT_AC_TRACKLEN))) {
+- free(tmpname);
++ free(normalized);
+ return ret;
+ }
+
+ if ((ret = cli_ac_initdata(&gmdata, groot->ac_partsigs,
groot->ac_lsigs, groot->ac_reloff_num, CLI_DEFAULT_AC_TRACKLEN))) {
+ cli_ac_freedata(&tmdata);
+- free(tmpname);
++ free(normalized);
+ return ret;
+ }
+
++ /* dump to disk only if explicitly asked to
++ * or if necessary to check relative offsets,
++ * otherwise we can process just in-memory */
++ if(ctx->engine->keeptmp || (troot && troot->ac_reloff_num > 0)) {
++ if((ret = cli_gentempfd(ctx->engine->tmpdir, &tmpname, &ofd))) {
++ cli_dbgmsg("cli_scanscript: Can't generate temporary
file/descriptor\n");
++ goto done;
++ }
++ if (ctx->engine->keeptmp)
++ cli_dbgmsg("cli_scanscript: saving normalized file to
%s\n", tmpname);
++ }
++
+ mdata[0] = &tmdata;
+ mdata[1] = &gmdata;
+
+@@ -1388,9 +1384,8 @@
+
+ if (write(ofd, state.out, state.out_pos) == -1) {
+ cli_errmsg("cli_scanscript: can't write to file
%s\n",tmpname);
+- close(ofd);
+- free(tmpname);
+- return CL_EWRITE;
++ ret = CL_EWRITE;
++ goto done;
+ }
+ text_normalize_reset(&state);
+ }
+@@ -1409,11 +1404,6 @@
+ funmap(*ctx->fmap);
+ }
+ *ctx->fmap = map;
+-
+- /* If we aren't keeping temps, delete the normalized file after
scan. */
+- if(!(ctx->engine->keeptmp))
+- if (cli_unlink(tmpname)) ret = CL_EUNLINK;
+-
+ } else {
+ /* Since the above is moderately costly all in all,
+ * do the old stuff if there's no relative offsets. */
+@@ -1421,11 +1411,8 @@
+ if (troot) {
+ cli_targetinfo(&info, 7, map);
+ ret = cli_ac_caloff(troot, &tmdata, &info);
+- if (ret) {
+- cli_ac_freedata(&tmdata);
+- free(tmpname);
+- return ret;
+- }
++ if (ret)
++ goto done;
+ }
+
+ while(1) {
+@@ -1466,13 +1453,6 @@
+
+ }
+
+- if(ctx->engine->keeptmp) {
+- free(tmpname);
+- if (ofd >= 0)
+- close(ofd);
+- }
+- free(normalized);
+-
+ if(ret != CL_VIRUS || SCAN_ALL) {
+ if ((ret = cli_exp_eval(ctx, troot, &tmdata, NULL, NULL)) ==
CL_VIRUS)
+ viruses_found++;
+@@ -1481,9 +1461,19 @@
+ viruses_found++;
+ }
+
++done:
++ free(normalized);
+ cli_ac_freedata(&tmdata);
+ cli_ac_freedata(&gmdata);
+
++ if (ofd != -1)
++ close(ofd);
++ if (tmpname != NULL) {
++ if (!ctx->engine->keeptmp)
++ if (cli_unlink(tmpname)) ret = CL_EUNLINK;
++ free(tmpname);
++ }
++
+ if (SCAN_ALL && viruses_found)
+ return CL_VIRUS;
+
