Skip to content

Commit

Permalink
clamav: fix fd leakage
Browse files Browse the repository at this point in the history
  • Loading branch information
@globin
globin committed Jan 26, 2018
1 parent 31e388d commit 15ce244
Show file tree
Hide file tree
Showing 2 changed files with 51 additions and 0 deletions.
2 changes: 2 additions & 0 deletions pkgs/tools/security/clamav/default.nix
View file
Expand Up @@ -21,6 +21,8 @@ stdenv.mkDerivation rec {
zlib bzip2 libxml2 openssl ncurses curl libiconv libmilter pcre
];

patches = [ ./fd-leak.patch ];

configureFlags = [
"--sysconfdir=/etc/clamav"
"--disable-llvm" # enabling breaks the build at the moment
Expand Down
49 changes: 49 additions & 0 deletions pkgs/tools/security/clamav/fd-leak.patch
View file
@@ -0,0 +1,49 @@
--- a/libclamav/scanners.c 2018-01-26 16:59:00.820231425 +0100
+++ b/libclamav/scanners.c 2018-01-26 17:39:07.523633805 +0100
@@ -1366,12 +1366,14 @@

if ((ret = cli_ac_initdata(&tmdata, troot?troot->ac_partsigs:0, troot?troot->ac_lsigs:0, troot?troot->ac_reloff_num:0, CLI_DEFAULT_AC_TRACKLEN))) {
free(tmpname);
+ free(normalized);
return ret;
}

if ((ret = cli_ac_initdata(&gmdata, groot->ac_partsigs, groot->ac_lsigs, groot->ac_reloff_num, CLI_DEFAULT_AC_TRACKLEN))) {
cli_ac_freedata(&tmdata);
free(tmpname);
+ free(normalized);
return ret;
}

@@ -1390,6 +1392,7 @@
cli_errmsg("cli_scanscript: can't write to file %s\n",tmpname);
close(ofd);
free(tmpname);
+ free(normalized);
return CL_EWRITE;
}
text_normalize_reset(&state);
@@ -1424,6 +1427,8 @@
if (ret) {
cli_ac_freedata(&tmdata);
free(tmpname);
+ free(normalized);
+ close(ofd);
return ret;
}
}
@@ -1466,11 +1471,9 @@

}

- if(ctx->engine->keeptmp) {
- free(tmpname);
- if (ofd >= 0)
- close(ofd);
- }
+ if (ofd >= 0)
+ close(ofd);
+ free(tmpname);
free(normalized);

if(ret != CL_VIRUS || SCAN_ALL) {

0 comments on commit 15ce244

Please sign in to comment.