* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) Tom Kistner <tom@duncanthrax.net> 2003 - 2015
+/*
+ * Copyright (c) The Exim Maintainers 2015 - 2022
+ * Copyright (c) Tom Kistner <tom@duncanthrax.net> 2003 - 2015
* License: GPL
- * Copyright (c) The Exim Maintainers 2015 - 2020
*/
/* Code for calling virus (malware) scanners. Called from acl.c. */
/* Under some fault conditions, FreeBSD 12.2 seen to send a (non-TFO) SYN
and, getting no response, wait for a long time. Impose a 5s max. */
if (fd >= 0)
- {
- struct timeval tv = {.tv_sec = 5};
- fd_set fds;
- FD_ZERO(&fds); FD_SET(fd, &fds); (void) select(fd+1, NULL, &fds, NULL, &tv);
- }
+ (void) poll_one_fd(fd, POLLOUT, 5 * 1000);
#endif
return fd;
}
const pcre2_code * cre;
if (!(cre = pcre2_compile((PCRE2_SPTR)re, PCRE2_ZERO_TERMINATED,
- PCRE_COPT, &err, &roffset, pcre_cmp_ctx)))
+ PCRE_COPT, &err, &roffset, pcre_gen_cmp_ctx)))
{
uschar errbuf[128];
pcre2_get_error_message(err, errbuf, sizeof(errbuf));
m_pcre_exec(const pcre2_code * cre, uschar * text)
{
pcre2_match_data * md = pcre2_match_data_create(2, pcre_gen_ctx);
-int i = pcre2_match(cre, text, PCRE2_ZERO_TERMINATED, 0, 0, md, pcre_mtc_ctx);
+int i = pcre2_match(cre, text, PCRE2_ZERO_TERMINATED, 0, 0, md, pcre_gen_mtc_ctx);
PCRE2_UCHAR * substr = NULL;
PCRE2_SIZE slen;
if (i >= 2) /* Got it */
- pcre2_substring_get_bynumber(md, 1, &substr, &slen);
+ pcre2_substring_get_bynumber(md, 1, &substr, &slen); /* uses same ctx as md */
+/* pcre2_match_data_free(md); gen ctx needs no free */
return US substr;
}
drweb_slen = ntohl(drweb_slen);
/* assume tainted, since it is external input */
- tmpbuf = store_get(drweb_slen, TRUE);
+ tmpbuf = store_get(drweb_slen, GET_TAINTED);
/* read report body */
if (!recv_len(malware_daemon_ctx.sock, tmpbuf, drweb_slen, tmo))
/* try matcher on the line, grab substring */
result = pcre2_match(drweb_re, (PCRE2_SPTR)tmpbuf, PCRE2_ZERO_TERMINATED,
- 0, 0, md, pcre_mtc_ctx);
+ 0, 0, md, pcre_gen_mtc_ctx);
if (result >= 2)
{
PCRE2_SIZE * ovec = pcre2_get_ovector_pointer(md);
g = string_catn(g, US ovec[2], ovec[3] - ovec[2]);
}
}
+ /* pcre2_match_data_free(md); gen ctx needs no free */
}
malware_name = string_from_gstring(g);
}
uschar av_buffer[1024];
uschar *hostname = US"";
host_item connhost;
- int clam_fd, result;
+ int clam_fd;
unsigned int fsize_uint;
BOOL use_scan_command = FALSE;
clamd_address * cv[MAX_CLAMD_SERVERS];
int subsep = ' ';
/* Local file; so we def want to use_scan_command and don't want to try
- * passing IP/port combinations */
+ passing IP/port combinations */
use_scan_command = TRUE;
- cd = (clamd_address *) store_get(sizeof(clamd_address), FALSE);
+ cd = (clamd_address *) store_get(sizeof(clamd_address), GET_UNTAINTED);
/* extract socket-path part */
sublist = scanner_options;
continue;
}
- cd = (clamd_address *) store_get(sizeof(clamd_address), FALSE);
+ cd = (clamd_address *) store_get(sizeof(clamd_address), GET_UNTAINTED);
/* extract host and port part */
sublist = scanner_options;
if (!use_scan_command)
{ cmd_str.data = US"zINSTREAM"; cmd_str.len = 10; }
else
- cmd_str.data = string_sprintf("SCAN %s\n%n", eml_filename, &cmd_str.len);
+ {
+ int n;
+ cmd_str.data = string_sprintf("SCAN %s\n%n", eml_filename, &n);
+ cmd_str.len = n; /* .len is a size_t */
+ }
/* We have some network servers specified */
if (num_servers)
if (*p) ++p;
/* colon in returned output? */
- if(!(p = Ustrchr(av_buffer,':')))
+ if (!(p = Ustrchr(av_buffer,':')))
return m_panic_defer(scanent, CUS callout_address, string_sprintf(
"ClamAV returned malformed result (missing colon): %s",
av_buffer));