[gentoo-commits] repo/gentoo:master commit in: app-antivirus/clamav/, app-antivirus/clamav/files/

[Michael Orlitzky]

commit:     2de1bdef8744c467630be10ee4d2c723a05e708d
Author:     Michael Orlitzky <mjo <AT> gentoo <DOT> org>
AuthorDate: Fri Dec 18 00:52:39 2020 +0000
Commit:     Michael Orlitzky <mjo <AT> gentoo <DOT> org>
CommitDate: Fri Dec 18 00:52:39 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2de1bdef

app-antivirus/clamav: new revision with an upstream freshclam patch.

This -r2 adds a patch to ensure that freshclam does not validate
invalid databases and crash your clamd on the subsequent reload.

Upstream-bug: https://bugzilla.clamav.net/show_bug.cgi?id=12522
Package-Manager: Portage-3.0.9, Repoman-3.0.2
Signed-off-by: Michael Orlitzky <mjo <AT> gentoo.org>

 ...-0.103.0-r1.ebuild => clamav-0.103.0-r2.ebuild} |  1 +
 .../clamav-0.103.0-freshclam-db-test-fix.patch     | 27 ++++++++++++++++++++++
 2 files changed, 28 insertions(+)

diff --git a/app-antivirus/clamav/clamav-0.103.0-r1.ebuild 
b/app-antivirus/clamav/clamav-0.103.0-r2.ebuild
similarity index 99%
rename from app-antivirus/clamav/clamav-0.103.0-r1.ebuild
rename to app-antivirus/clamav/clamav-0.103.0-r2.ebuild
index 52721c9856a..1ebe1bd96d9 100644
--- a/app-antivirus/clamav/clamav-0.103.0-r1.ebuild
+++ b/app-antivirus/clamav/clamav-0.103.0-r2.ebuild
@@ -55,6 +55,7 @@ PATCHES=(
        "${FILESDIR}/${PN}-0.102.2-fix-curl-detection.patch" #709616
        "${FILESDIR}/${PN}-0.103.0-system-tomsfastmath.patch" # 649394
        "${FILESDIR}/${PN}-0.103.0-upstream-openrc.patch"
+       "${FILESDIR}/${PN}-0.103.0-freshclam-db-test-fix.patch"
 )
 
 src_prepare() {

diff --git 
a/app-antivirus/clamav/files/clamav-0.103.0-freshclam-db-test-fix.patch 
b/app-antivirus/clamav/files/clamav-0.103.0-freshclam-db-test-fix.patch
new file mode 100644
index 00000000000..25ae94b9fb8
--- /dev/null
+++ b/app-antivirus/clamav/files/clamav-0.103.0-freshclam-db-test-fix.patch
@@ -0,0 +1,27 @@
+diff --git a/freshclam/freshclam.c b/freshclam/freshclam.c
+index 8db3b8001..8cde8c9a8 100644
+--- a/freshclam/freshclam.c
++++ b/freshclam/freshclam.c
+@@ -280,6 +280,14 @@ fc_error_t download_complete_callback(const char 
*dbFilename, void *context)
+                 goto done;
+             }
+         } else {
++            /*
++             * Attempt to test database in a child process.
++             */
++
++            /* We need to be able to wait for the child process ourselves.
++             * We'll re-enable wait in the global handler when we're done. */
++            g_sigchildWait = 0;
++
+             switch (pid = fork()) {
+                 case -1: {
+                     /*
+@@ -391,6 +399,7 @@ done:
+         logg("!Database test FAILED.\n");
+     }
+ 
++    /* Re-enable the global handler's child process wait */
+     g_sigchildWait = 1;
+ 
+     return status;