diff options
author | Robin Gloster <mail@glob.in> | 2018-01-26 18:01:26 +0100 |
---|---|---|
committer | Robin Gloster <mail@glob.in> | 2018-01-26 18:29:55 +0100 |
commit | 15ce244d0cb123648e6a99086d10af122834fc41 (patch) | |
tree | 2ea49f742fc07b3cb293614f4e0b4feb7bb48931 /pkgs/tools | |
parent | 31e388dff243efc6c0acd26a49ce59b1075a9a56 (diff) |
clamav: fix fd leakage
Diffstat (limited to 'pkgs/tools')
-rw-r--r-- | pkgs/tools/security/clamav/default.nix | 2 | ||||
-rw-r--r-- | pkgs/tools/security/clamav/fd-leak.patch | 49 |
2 files changed, 51 insertions, 0 deletions
diff --git a/pkgs/tools/security/clamav/default.nix b/pkgs/tools/security/clamav/default.nix index 4222f7d33dee..976c58eb1e32 100644 --- a/pkgs/tools/security/clamav/default.nix +++ b/pkgs/tools/security/clamav/default.nix @@ -21,6 +21,8 @@ stdenv.mkDerivation rec { zlib bzip2 libxml2 openssl ncurses curl libiconv libmilter pcre ]; + patches = [ ./fd-leak.patch ]; + configureFlags = [ "--sysconfdir=/etc/clamav" "--disable-llvm" # enabling breaks the build at the moment diff --git a/pkgs/tools/security/clamav/fd-leak.patch b/pkgs/tools/security/clamav/fd-leak.patch new file mode 100644 index 000000000000..2c147901e446 --- /dev/null +++ b/pkgs/tools/security/clamav/fd-leak.patch @@ -0,0 +1,49 @@ +--- a/libclamav/scanners.c 2018-01-26 16:59:00.820231425 +0100 ++++ b/libclamav/scanners.c 2018-01-26 17:39:07.523633805 +0100 +@@ -1366,12 +1366,14 @@ + + if ((ret = cli_ac_initdata(&tmdata, troot?troot->ac_partsigs:0, troot?troot->ac_lsigs:0, troot?troot->ac_reloff_num:0, CLI_DEFAULT_AC_TRACKLEN))) { + free(tmpname); ++ free(normalized); + return ret; + } + + if ((ret = cli_ac_initdata(&gmdata, groot->ac_partsigs, groot->ac_lsigs, groot->ac_reloff_num, CLI_DEFAULT_AC_TRACKLEN))) { + cli_ac_freedata(&tmdata); + free(tmpname); ++ free(normalized); + return ret; + } + +@@ -1390,6 +1392,7 @@ + cli_errmsg("cli_scanscript: can't write to file %s\n",tmpname); + close(ofd); + free(tmpname); ++ free(normalized); + return CL_EWRITE; + } + text_normalize_reset(&state); +@@ -1424,6 +1427,8 @@ + if (ret) { + cli_ac_freedata(&tmdata); + free(tmpname); ++ free(normalized); ++ close(ofd); + return ret; + } + } +@@ -1466,11 +1471,9 @@ + + } + +- if(ctx->engine->keeptmp) { +- free(tmpname); +- if (ofd >= 0) +- close(ofd); +- } ++ if (ofd >= 0) ++ close(ofd); ++ free(tmpname); + free(normalized); + + if(ret != CL_VIRUS || SCAN_ALL) { |