NOTE: This replaces my previous patch. I fixed it up to use the more compatible putenv() function which is POSIX. The setenv() function I was using before was not POSIX.
Summary: This adds two environment variables for the purpose of VirusEvent when executing an external command.
CLAM_VIRUSEVENT_FILENAME CLAM_VIRUSEVENT_VIRUSNAME
Hopefully this will make writing VirusEvent scripts easier as parsing log files no longer is required..
-Calin
diff -ur clamav-devel/clamd/clamuko.c clamav-devel-modified/clamd/clamuko.c --- clamav-devel/clamd/clamuko.c 2005-03-09 12:32:41.156896336 -0500 +++ clamav-devel-modified/clamd/clamuko.c 2005-03-09 12:17:53.000000000 -0500 @@ -173,7 +173,7 @@ if(scan && cl_scanfile(acc->filename, &virname, NULL, tharg->root, tharg->limits, tharg->options) == CL_VIRUS) { logg("Clamuko: %s: %s FOUND\n", acc->filename, virname); - virusaction(virname, tharg->copt); + virusaction(acc->filename, virname, tharg->copt); acc->deny = 1; } else acc->deny = 0; diff -ur clamav-devel/clamd/others.c clamav-devel-modified/clamd/others.c --- clamav-devel/clamd/others.c 2005-03-09 12:32:41.393860312 -0500 +++ clamav-devel-modified/clamd/others.c 2005-03-09 14:33:31.801630792 -0500 @@ -69,10 +69,15 @@ #include "cfgparser.h" #include "session.h" -void virusaction(const char *virname, const struct cfgstruct *copt) +#define ENV_PREFIX "CLAM_VIRUSEVENT_" +#define ENV_FILENAME (ENV_PREFIX "FILENAME") +#define ENV_VIRUSNAME (ENV_PREFIX "VIRUSNAME") + +void virusaction(const char *filename, const char *virname, const struct cfgstruct *copt) { - char *buffer, *pt, *cmd; + char *buffer, *pt, *cmd, *env_filename, *env_virusname; struct cfgstruct *cpt; + int len; if(!(cpt = cfgopt(copt, "VirusEvent"))) @@ -90,10 +95,23 @@ cmd = strdup(buffer); free(buffer); } + /* Setup environment, note that because of SUSv2 specs the strings + needs to be non-const and the actual buffers themselves become part of + the environemnt. */ + len = strlen(ENV_FILENAME) + strlen(filename) + sizeof(char)*2; + env_filename = (char *) mcalloc(len, sizeof(char)); + snprintf(env_filename, len, "%s=%s", ENV_FILENAME, filename); + len = strlen(ENV_VIRUSNAME) + strlen(virname) + sizeof(char)*2; + env_virusname = (char *) mcalloc(len, sizeof(char)); + snprintf(env_virusname, len, "%s=%s", ENV_VIRUSNAME, virname); + putenv(env_filename); + putenv(env_virusname); /* WARNING: this is uninterruptable ! */ system(cmd); + free(env_filename); + free(env_virusname); free(cmd); } diff -ur clamav-devel/clamd/others.h clamav-devel-modified/clamd/others.h --- clamav-devel/clamd/others.h 2005-03-09 12:32:41.397859704 -0500 +++ clamav-devel-modified/clamd/others.h 2005-03-09 12:16:53.000000000 -0500 @@ -28,7 +28,7 @@ int poll_fd(int fd, int timeout_sec); int is_fd_connected(int fd); -void virusaction(const char *virname, const struct cfgstruct *copt); +void virusaction(const char *filename, const char *virname, const struct cfgstruct *copt); int writen(int fd, void *buff, unsigned int count); #if defined(HAVE_RECVMSG) && (defined(HAVE_ACCRIGHTS_IN_MSGHDR) || defined(HAVE_CONTROL_IN_MSGHDR)) && !defined(C_CYGWIN) && !defined(C_OS2) diff -ur clamav-devel/clamd/scanner.c clamav-devel-modified/clamd/scanner.c --- clamav-devel/clamd/scanner.c 2005-03-09 12:32:41.433854232 -0500 +++ clamav-devel-modified/clamd/scanner.c 2005-03-09 12:27:45.000000000 -0500 @@ -159,7 +159,7 @@ mdprintf(odesc, "%s: %s FOUND\n", fname, *virname); logg("%s: %s FOUND\n", fname, *virname); - virusaction(*virname, copt); + virusaction(fname, *virname, copt); if(!contscan) { closedir(dd); free(fname); @@ -237,7 +237,7 @@ if(ret == CL_VIRUS) { mdprintf(odesc, "%s: %s FOUND\n", filename, virname); logg("%s: %s FOUND\n", filename, virname); - virusaction(virname, copt); + virusaction(filename, virname, copt); } else if(ret != CL_CLEAN) { mdprintf(odesc, "%s: %s ERROR\n", filename, cl_strerror(ret)); logg("%s: %s ERROR\n", filename, cl_strerror(ret)); @@ -266,6 +266,7 @@ int ret; const char *virname; struct stat statbuf; + char fdstr[32]; if(fstat(fd, &statbuf) == -1) @@ -274,19 +275,21 @@ if(!S_ISREG(statbuf.st_mode)) return -1; + snprintf(fdstr, sizeof(fdstr), "fd[%d]", fd); + ret = cl_scandesc(fd, &virname, scanned, root, limits, options); if(ret == CL_VIRUS) { - mdprintf(odesc, "fd[%d]: %s FOUND\n", fd, virname); - logg("fd[%d]: %s FOUND\n", fd, virname); - virusaction(virname, copt); + mdprintf(odesc, "%s: %s FOUND\n", fdstr, virname); + logg("%s: %s FOUND\n", fdstr, virname); + virusaction(fdstr, virname, copt); } else if(ret != CL_CLEAN) { - mdprintf(odesc, "fd[%d]: %s ERROR\n", fd, cl_strerror(ret)); - logg("fd[%d]: %s ERROR\n", fd, cl_strerror(ret)); + mdprintf(odesc, "%s: %s ERROR\n", fdstr, cl_strerror(ret)); + logg("%s: %s ERROR\n", fdstr, cl_strerror(ret)); } else { - mdprintf(odesc, "fd[%d]: OK\n", fd); + mdprintf(odesc, "%s: OK\n", fdstr); if(logok) - logg("fd[%d]: OK\n", fd); + logg("%s: OK\n", fdstr); } return ret; @@ -467,7 +470,7 @@ if(ret == CL_VIRUS) { mdprintf(odesc, "stream: %s FOUND\n", virname); logg("stream: %s FOUND\n", virname); - virusaction(virname, copt); + virusaction("stream", virname, copt); } else if(ret != CL_CLEAN) { mdprintf(odesc, "stream: %s ERROR\n", cl_strerror(ret)); logg("stream: %s ERROR\n", cl_strerror(ret));
_______________________________________________ http://lurker.clamav.net/list/clamav-devel.html