[Qmail-scanner-general]Patch for Kaspersky kavscanner 5.0.1.0/RELEASE

Wed, 28 Jan 2004 14:13:24 -0800 

I've got here a patch fixing the problems of Qmail-scanner with the 
Kaspersky virus scanner[1].

The following things are fixed:
- The "-v" flag is now supported.
- The calling parameters are now correct.
- Problems fixed with CR in the STDOUT of kavscanner.
- The name of the virus is now recognized correctly
- The TEMP enviroment variable used by kavscanner is now
  supported.
- Return values are now checked correctly.

I would be very happy I my changes find the way into the next release of 
Qmail-scanner.

[1] Here the exact version:

% kavscanner  -h
Kaspersky Virus Scanner for linux. Version 5.0.1.0/RELEASE
Copyright (C) Kaspersky Lab. 1998-2003.
%

[2] The patch: see attachment kavscanner-5.0.x.0.patch

-- 
So long... Fuzz

--- sub-avp.pl.orig	2003-09-29 02:17:21.000000000 +0200
+++ sub-avp.pl	2004-01-28 21:38:42.000000000 +0100
@@ -3,18 +3,22 @@
   &debug("kasp: starting scan of directory \"$ENV{'TMPDIR'}\"...");
   my ($start_avp_time)=[gettimeofday];
   my ($avp_verbose,$DD,$avp_status,$stop_avp_time,$avp_time);
-  $avp_verbose="-O" if ($DEBUG);
-  &debug("run $avp_binary  -Y -P -B -MP -MD -* $avp_verbose $ENV{'TMPDIR'}  2>&1");
-  $DD=`$avp_binary -Y -P -B -MP -MD -* $avp_verbose $ENV{'TMPDIR'} 2>&1`;
+  $avp_verbose="-j2" if ($DEBUG);
+  &debug("Setting enviroment \$TEMP to $tempdir");
+  $ENV{'TEMP'} = $tempdir;
+  &debug("run $avp_binary -i0 -xp $avp_verbose $ENV{'TMPDIR'}  2>&1");
+  $DD=`$avp_binary -i0 -xp $avp_verbose $ENV{'TMPDIR'}  2>&1`;
+  # Removing CRLF windows shit
+  $DD =~ s/\r//g;
   $avp_status=($? >> 8);
   &debug("--output of avp was:\n$DD--");
   if ( $avp_status > 0 ) {
-    if ($avp_status =~ /^(2|3|4|8)$/) {
+    if ($avp_status =~ /^(0|5|20|21|25)$/) {
       #This covers the potential viruses
       $quarantine_description="suspicious";
-      if ($DD =~ /\n[\s|](.*) (infected): (.*)\n/) {
+      if ($DD =~ /\n(.*) (infected):? (.*)\n/i) {
 	$quarantine_description=$3;
-      } elsif ($DD =~ /\n[\s|](.*) (suspicion): (.*)\n/) {
+      } elsif ($DD =~ /\n(.*) (suspicion):? (.*)\n/i) {
 	#This covers the specific
 	$destring='Suspicious file:';
 	$quarantine_description=$3;
@@ -28,5 +32,7 @@
   }
   $stop_avp_time=[gettimeofday];
   $avp_time = tv_interval ($start_avp_time, $stop_avp_time);
+  &debug("Deleting enviroment \$TEMP");
+  delete $ENV{'TEMP'};
   &debug("kasp: finished scan of dir \"$ENV{'TMPDIR'}\" in $avp_time secs");
 }

Reply via email to