jmaimon at ttec
Mar 31, 2004, 12:31 PM
Post #1 of 2
(641 views)
Permalink
|
|
clamav-milter StreamMaxLength option
|
|
I saw the below patch in cvs. I just want to point out that I dont think
will work.
A) len will typically be a "chunk" of size MILTER_CHUNK_SIZE (65535)
B) sendmail libmilter calls the xxfi_body callback once for each chunk
of body
C) clamfi_send should only be called if len > 0 and from then on we
should just continue, returning SMFIS_CONTINUE
D) however, we do not want to return until after the code which stores
the body for the signature addition. The whole body needs to be sent
back to sendmail for that to work. So we need to store it all.
E)its logVerbose, not legVerboze
F) we need to check that we only do the syslog statement once per body,
not once per body chunk.
Attached is a patch that does the above for me.
I have also attached a patch which demonstrates how clamd can actualy
accept up to the StreamMaxLength option and scan it, instead of aborting.
Thanks for your consideration and (hopefully) feedback.
Joe
cvs diff -u -D yesterday clamav-milter/clamav-milter.c
Index: clamav-milter/clamav-milter.c
===================================================================
RCS file: /cvsroot/clamav/clamav-devel/clamav-milter/clamav-milter.c,v
retrieving revision 1.65
diff -u -r1.65 clamav-milter.c
--- clamav-milter/clamav-milter.c 27 Mar 2004 21:44:21 -0000 1.65
+++ clamav-milter/clamav-milter.c 31 Mar 2004 19:59:27 -0000
@@ -1785,12 +1785,24 @@
clamfi_body(SMFICTX *ctx, u_char *bodyp, size_t len)
{
struct privdata *privdata = (struct privdata *)smfi_getpriv(ctx);
+ size_t maxzise = 0;
+ struct cfgstruct *cpt = NULL;
if(logVerbose)
syslog(LOG_DEBUG, "clamfi_envbody: %u bytes", len);
#ifdef CL_DEBUG
cli_dbgmsg("clamfi_envbody: %u bytes\n", len);
#endif
+ if((cpt = cfgopt(copt, "StreamMaxLength")))
+ {
+ if(cpt->numarg < len)
+ {
+ if(logVerboze)
+ syslog(LOG_INFO, "clamfi_envbody: %u is
more than StreamMaxLength option of %u",len, cpt->numarg);
+ len = cpt->numarg;
+ }
+ }
+
if(clamfi_send(privdata, len, (char *)bodyp) < 0) {
clamfi_cleanup(ctx);
|
clamav-milter.streammaxlength.jm.patch
