Re: [Exim] ANNOUNCE: exiscan-4.12-22

Top Page
Delete this message
Reply to this message
Author: Sheldon Hearn
Date:  
To: Tom Kistner
CC: exim-users
Subject: Re: [Exim] ANNOUNCE: exiscan-4.12-22
On (2003/02/04 16:10), Sheldon Hearn wrote:

> Thanks, I've included your comments in the commit message for the update
> of the port (PORTREVISION 2), so FreeBSD users have no excuse. :-)


And now I regret it. I hate it when I commit untested changes and they
break things for users of the port.

You've broken exiscan virus scanning with Sophos Sweep, because you now
fail out if a command-line scanner returns no output, but in the
documentation, you've left this unchanged:

Example: this works for Sophos Sweep

    exiscan_av_scanner_options = -all -archive -ss |


The -ss option to sweep tells it to produce no output unless a virus is
found.

If I remove -ss from exiscan_av_scanner_options, a debugging instance of
the SMTP listener tells me that the debug buffer was too big, because
sweep gets a LOT more noisy without -ss. That's good, because it means
you've closed a buffer overflow. But now I'm worried about whether
exiscan's actually looking through the whole of Sweep's output for the
scanner regexp. -ss.

Why did you change exiscan to start failing when no output is received
from a command-line scanner?

  //error handling (no output is treated as an error)
  if((i == -1) || (offset == 0)) {
    snprintf(CS info, INFO_LEN,"error reading from child process \
scanner output): %s", strerror(errno));
    exiscan_debug_printf(info);
    return 2;
  }


Ciao,
Sheldon.