- Package:
- exim4-daemon-heavy
- Source:
- exim4
- Description:
- Exim MTA (v4) daemon with extended features, including exiscan-acl
- Submitter:
- Martin Schirrmacher
- Date:
- 2015-05-21 10:15:10 UTC
- Severity:
- minor
Dear Maintainer,
I use following line in my exim config for av_scanner
av_scanner = cmdline: /usr/bin/bdscan_exim_wrapper %s: infected: (.+)
The wrapper is a simple bash script. If I exit the script with "exit 0"
all is fine. If I exit the script with "exit 1", I'll get the following
line in /var/log/exim4/mainlog:
"malware acl condition: cmdline: scanner returned error code: 256"
If I exit the script with "exit 2", I'll get these line in log:
"malware acl condition: cmdline: scanner returned error code: 512"
I think the bug is in src/malware.c
sep = pclose(scanner_out);
This should be:
sep = WEXITSTATUS(pclose(scanner_out));
This is a patch for 4.85
--- src/malware.c 2015-05-21 10:52:43.676273516 +0200
+++ src/malware.c 2015-05-21 10:53:00.868563036 +0200
@@ -951,7 +951,7 @@
}
(void)fclose(scanner_record);
- sep = pclose(scanner_out);
+ sep = WEXITSTATUS(pclose(scanner_out));
signal(SIGCHLD,eximsigchld); signal(SIGPIPE,eximsigpipe);
if (sep != 0)
return m_errlog_defer(scanent,
I don't know how to attach this as a file?!?
Apologize if I have made false or erroneous information, this is my
first bug report
Regards
Martin Schirrmacher
tags #786392 upstream wontfix thanks [Not sure whether this is an actual bug, and if it is, it's upstream, the fix would change exim's behavior in Debian quite strongly] Hi, This is the expected behavior of the wait system call. If we applied your change, we would mask out other error possibilities. The av_scanner configuration item uses a regular expression to find out about infection anyway, so I guess that it just expects the error code to be always zero or it is a reportable error issue. spec.txt isn't very explicit about this. I don't think we are going to locally apply a change this disruptive locally in Debian. Please take this issue upstream. exim.org has a bugzilla installation. Should they actually make changes, we'll happily apply this to Debian and of course take the upstream patch with one of the next upstream versions. I am tagging this bug wontfix in the mean time. You can just do this with your mail client. If you have used reportbug, it asks you whether to attach a file after you have exited the editor. Greetings Marc