Cisco-Talos / clamav

ClamAV - Documentation is here: https://docs.clamav.net
https://www.clamav.net/
GNU General Public License v2.0
4.47k stars 707 forks source link

Failing to create temporary directory results in "Clean" result #1353

Open Xulunix opened 2 months ago

Xulunix commented 2 months ago

Describe the bug

I'm using libclamav to integrate virus scanning into a custom application. During tests i noticed, that cl_scanfile_callback() returns clean if the scanner fails to create a temporary directory to scan an archive. This leads to files being marked as 'clean' if the configured tmpdir (CL_ENGINE_TMPDIR) becomes unavailable. I've tested the location becoming read-only and an invalid/non-existing path. Both resulted in 'CL_CLEAN'. Shouldn't be the default behavior be something other than clean in that case? From my point of view, silently skipping the scan and returning a clean result without scan seems dangerous to me.

The same behavior applies to clamscan, example below.

Is observing the log message callback the only/intended way to handle such errors during a scan?

How to reproduce the problem

Configure the temporary directory to an invalid or read-only path. Scan an archive Scan is skipped, clean-result returned.

ClamAvNative> .\clamscan.exe -v --tempdir=Z:\nonexisting "D:\temp\zipToScan.zip" Loading: 9s, ETA: 0s [========================>] 8.70M/8.70M sigs Compiling: 2s, ETA: 0s [========================>] 41/41 tasks

Scanning D:\temp\zipToScan.zip LibClamAV Error: Can't create temporary directory for scan: Z:\nonexisting\20240830_104446-scantemp.fd38b98d39. D:\temp\zipToScan.zip: OK

----------- SCAN SUMMARY ----------- Known viruses: 8697916 Engine version: 1.4.0 Scanned directories: 0 Scanned files: 1 Infected files: 0 Data scanned: 0.00 MB Data read: 43.29 MB (ratio 0.00:1) Time: 11.098 sec (0 m 11 s) Start Date: 2024:08:30 10:44:35 End Date: 2024:08:30 10:44:46

micahsnyder commented 2 months ago

Interesting! Thanks for the report. This should definitely cause an error. I think ideally we'd check it on startup rather than having every scan fail.

Xulunix commented 2 months ago

Thanks for the reply. Checking on startup and returning an error wouldn't hurt for sure. However a scan should still fail if creating temp files is not possible. for example due to no space left on the device.

micahsnyder commented 2 months ago

Agreed