------- You are receiving this mail because: -------
You are on the CC list for the bug.
http://bugs.exim.org/show_bug.cgi?id=1549
Summary: possible endless loop in malware.c with fsecure
Product: Exim
Version: N/A
Platform: Other
OS/Version: Linux
Status: NEW
Severity: bug
Priority: medium
Component: Content Scanning
AssignedTo: tom@???
ReportedBy: lists@???
CC: exim-dev@???
Created an attachment (id=761)
--> (
http://bugs.exim.org/attachment.cgi?id=761)
timeout while reading fsavd's answer
Exim can use F-Secure as av_scanner. It uses a Unix socket to send a filename
to fsavd, and then reads with
do{
…
}
while (Ustrstr(av_buffer, "OK\tScan ok.") == NULL);
the answer. Unfortunately there are sometimes cases, in which fsavd simply
sends 'PING' and expects an answer on the socket. As there is no answer it will
send PING in end endless loop causing exim to loop endless too.
The F-Secure support stated „PING messages are a valid type of reply“ and
did not want to send documentation on the protocol, so second best option is to
force the malware scan to timeout after MALWARE_TIMEOUT. I'll attach a patch
for this. The downside is that the paniclog fills with timeout messages and the
affected messages won't be scanned.
The best solution of course would be to answer the PING request, but this would
require F-Secure to document the protocol.
--
Configure bugmail:
http://bugs.exim.org/userprefs.cgi?tab=email
