[Pkg-clamav-devel] A few bugs that could be closed

[acab at digitalfuture.it]

On Thu, Apr 29, 2010 at 12:47:22AM +0200, Michael Tautschnig wrote:
> > Rationale: The "z" prefix in clamd commands addresses the reported
> > issue.
> > 
> 
> [...]
> 
> What exactly do you mean by a "z" prefix? Have commands been renamed to, e.g.,
> zSCAN? How does that fix what the user requested? It's conceivable to craft a
> filename that has zSCAN in it...

Clamd proto consists of a few ascii commands like SCAN, RELOAD, CONTSCAN
etc.
In the original implementation, however, there was no clear marker for
the end of the command.
So clamd was simply reading a packet of data as returned by recv() and
assume it was the full line.
This was not very smart but was not a big problem since most commands
were pretty short and anyway clamd was processing a single command on
each connection: e.g.
client: SCAN file
clamd: file OK
clamd: <close connection>

When sessions were added troubles started to appear because clamd had to
figure where a command would end and the next command would start.
Since packets can be cached, merged, splitted etc. along the line, the
one command per recv() rule wasn't good anymore.
So the "n" notation was added: by prepending a "n" to the command - e.g.
nSCAN - the client tells clamd that the end of command is denoted by an
end of line char - i.e. "\n".

Similarly the "z" notation is available where a binary zero (aka NUL or
'\0') marks the end of a command. This allows scanning of filenames
which includes a \n char (which is legal under most unices and FS's).

Since the problem exists on the client side as well, at least for
requests resulting in multiple replies (like contscan), clamd replies to
commands using the same notation as the request. So n-commands are
replied with a \n separator and z-commands with a \0.

As of 0.95 clamd handles the 3 versions of the protocol described
above, hovewver the no-prefix one is deprecated and some newer
commands (like IDSESSION) are only allowed in the "n" or "z" form.

-acab