search

kylefarris / clamscan

A robust ClamAV virus scanning library supporting scanning files, directories, and streams with local sockets, local/remote TCP, and local clamscan/clamdscan binaries (with failover).
MIT License
236 stars 69 forks source link

ClamAv produces a warning then file is assumed to be clean #21

Closed richj79 closed 6 years ago

richj79 commented 6 years ago

Hi,

Wondering if this has ever cropped up before:

If you were to run the example is_infected code on the repo page, and ClamAv was to produce a single warning in it's output the file been checked would be assumed to be clean without it looking at the scanning result from stdout.

This is because if any warnings are raised they are received on stdErr. Resulting in line 216 been invoked: 

return callback(err, '', null);   ** Note:  err === null, if the error comes from stderr  **

Following through to the example on the main repo page. 'File is clean' would be returned.

clam.is_infected('/a/picture/for_example.jpg', function(err, file, is_infected) { if(err) { console.log(err); return false; } if(is_infected) { res.send({msg: "File is infected!"}); } else { res.send({msg: "File is clean!"}); } });

Thanks Rich.

richj79 commented 6 years ago

I had missed the fact that the handling of status codes from the exe - would ensure a virus would be reported when warnings have been written to stderr.