[Pkg-clamav-devel] Bug#774686: ClamAV: Can't create new file

[Sebastian Andrzej Siewior]

severity 774686 important
tags 774686 + patch
thanks

* Sebastian Andrzej Siewior | 2015-01-08 15:33:19 [+0100]:

>* =?UTF-8?Q?B=C3=BCschel at buxtehude.debian.org | 2015-01-06 10:09:21 [+0100]:
>
>>On some files clamav reports an error.
>>Example:
>>root at host:~# clamscan projectlibre-1.5.9.msi
>>projectlibre-1.5.9.msi: Can't create new file ERROR
>
>If you start with --debug you see
>
>I will check later how the old
>library handles the unpacking error.

The old implementation reports an error as well:
| LibClamAV debug: CDBNAME:CL_TYPE_MSCAB:0:ANTLR*TXT:0:1208:0:1:0:(nil)
| LibClamAV debug: CAB: Extracting file ANTLR*TXT to /tmp/clamav-1ede6fca14a6572195edff162795ac54.tmp, size 1208, max_size: 26214400
| LibClamAV debug: CAB: Compression method: MSZIP
| LibClamAV debug: cab_read: WARNING: partial data block
| LibClamAV debug: mszip_decompress: inflate error -2
| LibClamAV debug: mszip_decompress: MSZIP error, 32768 bytes of data lost
| LibClamAV debug: in cli_magic_scandesc (reclevel: 1/16)
| LibClamAV debug: Recognized binary data
| LibClamAV debug: cache_check: e6cac7c8bbd43fe2143bfd898b8482ed is negative
| LibClamAV debug: in cli_check_mydoom_log()
| LibClamAV debug: hashtab: Freeing hashset, elements: 0, capacity: 0
| LibClamAV debug: cli_magic_scandesc: returning 0  at line 2470
| LibClamAV debug: cache_add: e6cac7c8bbd43fe2143bfd898b8482ed (level 0)
| LibClamAV debug: CDBNAME:CL_TYPE_MSCAB:0:APACHE*LICENSE*2*0*TXT:0:11358:0:2:0:(nil)
| LibClamAV debug: CAB: Extracting file APACHE*LICENSE*2*0*TXT to /tmp/clamav-e1d62e231a5e0d816a76dc36df124b0e.tmp, size 11358, max_size: 26214400
| LibClamAV debug: CAB: Compression method: MSZIP
| LibClamAV debug: CAB: Length from header 11358 but wrote 0 bytes
| LibClamAV debug: in cli_magic_scandesc (reclevel: 1/16)
| LibClamAV debug: Recognized binary data
| LibClamAV debug: cache_check: c1de3d128ba264ad4b1e9d0f5b8ba4a3 is negative
| LibClamAV debug: in cli_check_mydoom_log()
| LibClamAV debug: hashtab: Freeing hashset, elements: 0, capacity: 0
| LibClamAV debug: cli_magic_scandesc: returning 0  at line 2470
| LibClamAV debug: cache_add: c1de3d128ba264ad4b1e9d0f5b8ba4a3 (level 0)

but continues scanning. I will do the same change here by applying the
patch at the end of this email. I upgraded the severity here to important
since we have here some loss of functionality. 

I can prepare you a Wheezy package with this change if you like. I will
have to check with the team if this is something we want to address now
or wait for the next clamav release.

diff --git a/libclamav/libmspack.c b/libclamav/libmspack.c
index e94312e..92338d5 100644
--- a/libclamav/libmspack.c
+++ b/libclamav/libmspack.c
@@ -350,8 +350,8 @@ int cli_scanmscab(cli_ctx *ctx, off_t sfx_offset)
 		if (ret) {
 			if (ret == CL_VIRUS) {
 				virus_num++;
-				if (!SCAN_ALL)
-					break;
+				if (SCAN_ALL)
+					continue;
 			}
 			goto out_close;
 		}
@@ -382,14 +382,12 @@ int cli_scanmscab(cli_ctx *ctx, off_t sfx_offset)
 		ops_ex.max_size = max_size;
 		/* scan */
 		ret = cab_d->extract(cab_d, cab_f, tmp_fname);
-		if (ret) {
-			/* Failed to extract */
+		if (ret)
+			/* Failed to extract. Try to scan what is there */
 			cli_dbgmsg("%s() failed to extract %d\n", __func__, ret);
-		} else {
-			ret = cli_scanfile(tmp_fname, ctx);
-			if (ret == CL_VIRUS)
-				virus_num++;
-		}
+		ret = cli_scanfile(tmp_fname, ctx);
+		if (ret == CL_VIRUS)
+			virus_num++;
 		if (!ctx->engine->keeptmp) {
 			if (!access(tmp_fname, R_OK) && cli_unlink(tmp_fname)) {
 				free(tmp_fname);
@@ -399,8 +397,12 @@ int cli_scanmscab(cli_ctx *ctx, off_t sfx_offset)
 		}
 		free(tmp_fname);
 		files++;
-		if (ret == CL_VIRUS && SCAN_ALL)
-			continue;
+		if (ret == CL_VIRUS) {
+		       if (SCAN_ALL)
+			       continue;
+		       else
+			       break;
+		}
 		if (ret)
 			break;
 	}
@@ -457,8 +459,8 @@ int cli_scanmschm(cli_ctx *ctx)
 		if (ret) {
 			if (ret == CL_VIRUS) {
 				virus_num++;
-				if (!SCAN_ALL)
-					break;
+				if (SCAN_ALL)
+					continue;
 			}
 			goto out_close;
 		}
@@ -490,14 +492,13 @@ int cli_scanmschm(cli_ctx *ctx)
 
 		/* scan */
 		ret = mschm_d->extract(mschm_d, mschm_f, tmp_fname);
-		if (ret) {
-			/* Failed to extract */
+		if (ret)
+			/* Failed to extract. Try to scan what is there */
 			cli_dbgmsg("%s() failed to extract %d\n", __func__, ret);
-		} else {
-			ret = cli_scanfile(tmp_fname, ctx);
-			if (ret == CL_VIRUS)
-				virus_num++;
-		}
+		ret = cli_scanfile(tmp_fname, ctx);
+		if (ret == CL_VIRUS)
+			virus_num++;
+
 		if (!ctx->engine->keeptmp) {
 			if (!access(tmp_fname, R_OK) && cli_unlink(tmp_fname)) {
 				free(tmp_fname);
@@ -507,8 +508,12 @@ int cli_scanmschm(cli_ctx *ctx)
 		}
 		free(tmp_fname);
 		files++;
-		if (ret == CL_VIRUS && SCAN_ALL)
-			continue;
+		if (ret == CL_VIRUS) {
+		       if (SCAN_ALL)
+			       continue;
+		       else
+			       break;
+		}
 		if (ret)
 			break;
 	}
-- 
1.7.10.4

Sebastian