Heiko Schlittermann <hs@???> (So 30 Nov 2014 23:38:25 CET):
> Hello Jeremy,
>
> in b1f8e4f8ec26ecb99e56a0ed3a5140b65ec95a97 you introduced a check
> for the pclose() return value in the cmdline scanner.
>
> While this is a good idea generally, it may slightly break existing
> deployments. At least one cmdline scanner (avast) uses it's exit code
> to signal that a virus was found.
Using
av_scanner = cmdline:/bin/scan %s || true:<trigger>:<re>
may work. But since the complete command gets translated to
popen("/bin/scan %s || true 2>&1", "r")
the above line needs to be:
av_scanner = cmdline:{ /bin/scan %s || true; }:<trigger>:<re>
which is quite ugly. At least it should find it's way into the spec
that we're using popen() and /bin/sh and that such commands will work.
(I'm not sure about security implications from using popen() and
/bin/sh).
Greetings
--
Heiko