[exim-cvs] Fix malware regression for cmdline scanner introd…

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Exim Git Commits Mailing List
Data:  
Para: exim-cvs
Asunto: [exim-cvs] Fix malware regression for cmdline scanner introduced in PP/08.
Gitweb: http://git.exim.org/exim.git;a=commit;h=3346ab0144239462a8690e011bff1df8fd504076
Commit:     3346ab0144239462a8690e011bff1df8fd504076
Parent:     fdab5d492a9e928d2535bb021e8e044a16affa55
Author:     Phil Pennock <pdp@???>
AuthorDate: Sun Jul 4 13:42:34 2010 -0700
Committer:  Phil Pennock <pdp@???>
CommitDate: Sun Jul 4 13:42:34 2010 -0700


    Fix malware regression for cmdline scanner introduced in PP/08.
    Notification from Dr Andrew Aitchison.


    (Also: make the PP/08 description more complete)
---
 doc/doc-txt/ChangeLog |    6 ++++++
 src/src/malware.c     |    3 ++-
 2 files changed, 8 insertions(+), 1 deletions(-)


diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index b0e013c..9feb5a7 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -31,6 +31,8 @@ PP/07 If TLS negotiated an anonymous cipher, we could end up with SSL but
 PP/08 Bugzilla 926: switch ClamAV to use the new zINSTREAM API for content
       filtering; old API available if built with WITH_OLD_CLAMAV_STREAM=yes
       NB: ClamAV planning to remove STREAM in "middle of 2010".
+      CL also introduces -bmalware, various -d+acl logging additions and
+      more caution in buffer sizes.


PP/09 Implemented reverse_ip expansion operator.

@@ -55,6 +57,10 @@ JJ/02 prevent non-panic DKIM error from being sent to paniclog
 JJ/03 added tcp_wrappers_daemon_name to allow host entries other than
       "exim" to be used


+PP/17 Fix malware regression for cmdline scanner introduced in PP/08.
+      Notification from Dr Andrew Aitchison.
+
+
 Exim version 4.72
 -----------------


diff --git a/src/src/malware.c b/src/src/malware.c
index f82bef6..6e8b3f3 100644
--- a/src/src/malware.c
+++ b/src/src/malware.c
@@ -1098,7 +1098,8 @@ static int malware_internal(uschar **listptr, uschar *eml_filename, BOOL faking)
             "malware filename does not fit in buffer [malware_internal() cmdline]");
         return DEFER;
         }
-      p = Ustrrchr(eml_filename, '/');
+      Ustrcpy(file_name, eml_filename);
+      p = Ustrrchr(file_name, '/');
       if (p)
         *p = '\0';
       fits = string_format(commandline, sizeof(commandline), CS cmdline_scanner, file_name);