NOTE: This replaces my previous patch. I fixed it up to use the more compatible putenv() function which is POSIX. The setenv() function I was using before was not POSIX.
Summary: This adds two environment variables for the purpose of VirusEvent when executing an external command.
CLAM_VIRUSEVENT_FILENAME CLAM_VIRUSEVENT_VIRUSNAME
Hopefully this will make writing VirusEvent scripts easier as parsing log files no longer is required..
-Calin
diff -ur clamav-devel/clamd/clamuko.c clamav-devel-modified/clamd/clamuko.c
--- clamav-devel/clamd/clamuko.c 2005-03-09 12:32:41.156896336 -0500
+++ clamav-devel-modified/clamd/clamuko.c 2005-03-09 12:17:53.000000000
-0500
@@ -173,7 +173,7 @@
if(scan && cl_scanfile(acc->filename, &virname, NULL, tharg->root,
tharg->limits, tharg->options) == CL_VIRUS) {
logg("Clamuko: %s: %s FOUND\n", acc->filename, virname);
- virusaction(virname, tharg->copt);
+ virusaction(acc->filename, virname, tharg->copt);
acc->deny = 1;
} else
acc->deny = 0;
diff -ur clamav-devel/clamd/others.c clamav-devel-modified/clamd/others.c
--- clamav-devel/clamd/others.c 2005-03-09 12:32:41.393860312 -0500
+++ clamav-devel-modified/clamd/others.c 2005-03-09 14:33:31.801630792
-0500
@@ -69,10 +69,15 @@
#include "cfgparser.h"
#include "session.h"
-void virusaction(const char *virname, const struct cfgstruct *copt)
+#define ENV_PREFIX "CLAM_VIRUSEVENT_"
+#define ENV_FILENAME (ENV_PREFIX "FILENAME")
+#define ENV_VIRUSNAME (ENV_PREFIX "VIRUSNAME")
+
+void virusaction(const char *filename, const char *virname, const struct
cfgstruct *copt)
{
- char *buffer, *pt, *cmd;
+ char *buffer, *pt, *cmd, *env_filename, *env_virusname;
struct cfgstruct *cpt;
+ int len;
if(!(cpt = cfgopt(copt, "VirusEvent")))
@@ -90,10 +95,23 @@
cmd = strdup(buffer);
free(buffer);
}
+ /* Setup environment, note that because of SUSv2 specs the strings
+ needs to be non-const and the actual buffers themselves become part of
+ the environemnt. */
+ len = strlen(ENV_FILENAME) + strlen(filename) + sizeof(char)*2;
+ env_filename = (char *) mcalloc(len, sizeof(char));
+ snprintf(env_filename, len, "%s=%s", ENV_FILENAME, filename);
+ len = strlen(ENV_VIRUSNAME) + strlen(virname) + sizeof(char)*2;
+ env_virusname = (char *) mcalloc(len, sizeof(char));
+ snprintf(env_virusname, len, "%s=%s", ENV_VIRUSNAME, virname);
+ putenv(env_filename);
+ putenv(env_virusname);
/* WARNING: this is uninterruptable ! */
system(cmd);
+ free(env_filename);
+ free(env_virusname);
free(cmd);
}
diff -ur clamav-devel/clamd/others.h clamav-devel-modified/clamd/others.h
--- clamav-devel/clamd/others.h 2005-03-09 12:32:41.397859704 -0500
+++ clamav-devel-modified/clamd/others.h 2005-03-09 12:16:53.000000000
-0500
@@ -28,7 +28,7 @@
int poll_fd(int fd, int timeout_sec);
int is_fd_connected(int fd);
-void virusaction(const char *virname, const struct cfgstruct *copt);
+void virusaction(const char *filename, const char *virname, const struct
cfgstruct *copt);
int writen(int fd, void *buff, unsigned int count);
#if defined(HAVE_RECVMSG) && (defined(HAVE_ACCRIGHTS_IN_MSGHDR) ||
defined(HAVE_CONTROL_IN_MSGHDR)) && !defined(C_CYGWIN) && !defined(C_OS2)
diff -ur clamav-devel/clamd/scanner.c clamav-devel-modified/clamd/scanner.c
--- clamav-devel/clamd/scanner.c 2005-03-09 12:32:41.433854232 -0500
+++ clamav-devel-modified/clamd/scanner.c 2005-03-09 12:27:45.000000000
-0500
@@ -159,7 +159,7 @@
mdprintf(odesc, "%s: %s FOUND\n", fname,
*virname);
logg("%s: %s FOUND\n", fname, *virname);
- virusaction(*virname, copt);
+ virusaction(fname, *virname, copt);
if(!contscan) {
closedir(dd);
free(fname);
@@ -237,7 +237,7 @@
if(ret == CL_VIRUS) {
mdprintf(odesc, "%s: %s FOUND\n", filename, virname);
logg("%s: %s FOUND\n", filename, virname);
- virusaction(virname, copt);
+ virusaction(filename, virname, copt);
} else if(ret != CL_CLEAN) {
mdprintf(odesc, "%s: %s ERROR\n", filename, cl_strerror(ret));
logg("%s: %s ERROR\n", filename, cl_strerror(ret));
@@ -266,6 +266,7 @@
int ret;
const char *virname;
struct stat statbuf;
+ char fdstr[32];
if(fstat(fd, &statbuf) == -1)
@@ -274,19 +275,21 @@
if(!S_ISREG(statbuf.st_mode))
return -1;
+ snprintf(fdstr, sizeof(fdstr), "fd[%d]", fd);
+
ret = cl_scandesc(fd, &virname, scanned, root, limits, options);
if(ret == CL_VIRUS) {
- mdprintf(odesc, "fd[%d]: %s FOUND\n", fd, virname);
- logg("fd[%d]: %s FOUND\n", fd, virname);
- virusaction(virname, copt);
+ mdprintf(odesc, "%s: %s FOUND\n", fdstr, virname);
+ logg("%s: %s FOUND\n", fdstr, virname);
+ virusaction(fdstr, virname, copt);
} else if(ret != CL_CLEAN) {
- mdprintf(odesc, "fd[%d]: %s ERROR\n", fd, cl_strerror(ret));
- logg("fd[%d]: %s ERROR\n", fd, cl_strerror(ret));
+ mdprintf(odesc, "%s: %s ERROR\n", fdstr, cl_strerror(ret));
+ logg("%s: %s ERROR\n", fdstr, cl_strerror(ret));
} else {
- mdprintf(odesc, "fd[%d]: OK\n", fd);
+ mdprintf(odesc, "%s: OK\n", fdstr);
if(logok)
- logg("fd[%d]: OK\n", fd);
+ logg("%s: OK\n", fdstr);
}
return ret;
@@ -467,7 +470,7 @@
if(ret == CL_VIRUS) {
mdprintf(odesc, "stream: %s FOUND\n", virname);
logg("stream: %s FOUND\n", virname);
- virusaction(virname, copt);
+ virusaction("stream", virname, copt);
} else if(ret != CL_CLEAN) {
mdprintf(odesc, "stream: %s ERROR\n", cl_strerror(ret));
logg("stream: %s ERROR\n", cl_strerror(ret));
_______________________________________________ http://lurker.clamav.net/list/clamav-devel.html
