Package: clamav-getfiles Version: 0.4-2 Priority: important Tags: security
The clamav-getfiles script is vulnerable to symlink attacks since it creates a temporary file in an insecure manner (the process PID is not suffient to avoid an attack) and does not check if the temporary file exists before using it. The attached patch is an attempt to fix this behaviour using the mktemp tool. Regards Javier
--- clamav-getfiles.in.orig 2005-08-05 17:30:09.000000000 +0200
+++ clamav-getfiles.in 2005-08-05 17:31:44.000000000 +0200
@@ -114,7 +114,8 @@
fi
cd ..
-OUTPUTFILE="/tmp/clamscanoutput.$$"
+OUTPUTFILE=`mktemp -t clamscanoutput.XXXXXX` || { echo "$0: Cannot create
temporary file" >&2; exit 1; }
+trap " [ -f \"$OUTPUTFILE\" ] && /bin/rm -f -- \"$OUTPUTFILE\"" 0 1 2 3 13 15
if [ -x "$CLAMSCAN" ]; then
[ "$CLAMAVTESTFILES" ] || CLAMAVTESTFILES="/usr/share/clamav-testfiles"
@@ -125,13 +126,11 @@
cat $OUTPUTFILE
if [ $RET -ne 1 ] ; then
echo >&2 "An error ($RET) occured while scanning clamav test files."
- rm $OUTPUTFILE
exit 2
fi
NUMBADFILES=`< $OUTPUTFILE grep 'ClamAV-Test-File FOUND' | wc -l`
if [ $NUMBADFILES -ne $REFNUMBADFILES ]; then
echo >&2 "Wrong number ($NUMBADFILES/$REFNUMBADFILES) of 'infected'
files detected while scanning clamav test files"
- rm $OUTPUTFILE
exit 2
fi
@@ -143,13 +142,11 @@
cat $OUTPUTFILE
if [ $RET -ne 1 ] ; then
echo >&2 "An error ($RET) occured while scanning the EICAR
Anti-Virus test file."
- rm $OUTPUTFILE
exit 2
fi
NUMBADFILES=`< $OUTPUTFILE grep 'Eicar-Test-Signature FOUND' | wc
-l`
if [ $NUMBADFILES -ne 1 ]; then
echo >&2 "Wrong number ($NUMBADFILES/1) of 'infected' files
detected while scanning EICAR Anti-Virus test file"
- rm $OUTPUTFILE
exit 2
fi
else
@@ -157,7 +154,6 @@
echo "You might want to install eicar-testfile or manually put
eicar.com"
echo "to $EICAR"
fi
- rm $OUTPUTFILE
else
echo 'No test scan with new databases done, no clamscan in path.'
fi
signature.asc
Description: Digital signature
