Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Failing to create temporary directory results in "Clean" result #1353

Open
Xulunix opened this issue Aug 30, 2024 · 3 comments
Open

Failing to create temporary directory results in "Clean" result #1353

Xulunix opened this issue Aug 30, 2024 · 3 comments
Labels
🐛bug

Comments

@Xulunix
Copy link

Xulunix commented Aug 30, 2024

Describe the bug

I'm using libclamav to integrate virus scanning into a custom application.
During tests i noticed, that cl_scanfile_callback() returns clean if the scanner fails to create a temporary directory to scan an archive.
This leads to files being marked as 'clean' if the configured tmpdir (CL_ENGINE_TMPDIR) becomes unavailable. I've tested the location becoming read-only and an invalid/non-existing path. Both resulted in 'CL_CLEAN'.
Shouldn't be the default behavior be something other than clean in that case?
From my point of view, silently skipping the scan and returning a clean result without scan seems dangerous to me.

The same behavior applies to clamscan, example below.

Is observing the log message callback the only/intended way to handle such errors during a scan?

How to reproduce the problem

Configure the temporary directory to an invalid or read-only path.
Scan an archive
Scan is skipped, clean-result returned.

ClamAvNative> .\clamscan.exe -v --tempdir=Z:\nonexisting "D:\temp\zipToScan.zip"
Loading: 9s, ETA: 0s [========================>] 8.70M/8.70M sigs
Compiling: 2s, ETA: 0s [========================>] 41/41 tasks

Scanning D:\temp\zipToScan.zip
LibClamAV Error: Can't create temporary directory for scan: Z:\nonexisting\20240830_104446-scantemp.fd38b98d39.
D:\temp\zipToScan.zip: OK

----------- SCAN SUMMARY -----------
Known viruses: 8697916
Engine version: 1.4.0
Scanned directories: 0
Scanned files: 1
Infected files: 0
Data scanned: 0.00 MB
Data read: 43.29 MB (ratio 0.00:1)
Time: 11.098 sec (0 m 11 s)
Start Date: 2024:08:30 10:44:35
End Date: 2024:08:30 10:44:46
@micahsnyder
Copy link
Contributor

Interesting! Thanks for the report. This should definitely cause an error. I think ideally we'd check it on startup rather than having every scan fail.

@Xulunix
Copy link
Author

Xulunix commented Sep 2, 2024

Thanks for the reply.
Checking on startup and returning an error wouldn't hurt for sure.
However a scan should still fail if creating temp files is not possible. for example due to no space left on the device.

@micahsnyder
Copy link
Contributor

Agreed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
🐛bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Xulunix @micahsnyder