- uses com.exlibris.dps.repository.plugin.virusChcek.VirusCheckPluginV2 interface

- adapted Status to changed type
- added EXPLOIT detection
- added EICAR detection
- adapted isVirusFree()

PLUGIN-INF/metadata_SLUBVirusCheckClamAVPlugin.xml

 <pl:metadata-config xmlns:pl="http://www.exlibrisgroup.com/Plugins/1.0/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-	<pl:pluginTypeName>VirusCheckPlugin</pl:pluginTypeName>
+	<pl:pluginTypeName>VirusCheckPluginV2</pl:pluginTypeName>
 	<pl:deployName>SLUBVirusCheckClamAVPlugin</pl:deployName>
 	<pl:className>org.slub.rosetta.dps.repository.plugin.SLUBVirusCheckClamAVPlugin</pl:className>
 	<pl:initParameters>
@@ -49,7 +49,7 @@
 		</fr:x_form>
 	</pl:initParameters>
 	<pl:description>SLUB Virus Check Plugin using installed ClamAV daemon via tcp-sockets</pl:description>
-	<pl:version>1.9</pl:version>
+	<pl:version>2.0</pl:version>
 	<pl:materialType>DIGITAL</pl:materialType>
 	<pl:module>Repository</pl:module>
 	<pl:generalType>TASK</pl:generalType>

java/org/slub/rosetta/dps/repository/plugin/SLUBVirusCheckClamAVPlugin.java

@@ -24,7 +24,7 @@ package org.slub.rosetta.dps.repository.plugin;
 
 
 import com.exlibris.core.infra.common.exceptions.logging.ExLogger;
-import com.exlibris.dps.repository.plugin.virusChcek.VirusCheckPlugin;
+import com.exlibris.dps.repository.plugin.virusChcek.VirusCheckPluginV2;
 
 import java.io.DataOutputStream;
 import java.io.FileInputStream;
@@ -47,9 +47,9 @@ import java.util.Map;
  * code could also be copied from https://code.google.com/p/clamavj/source/browse/trunk/src/main/java/com/philvarner/clamavj/ClamScan.java?r=2
  *
  * @author andreas.romeyke@slub-dresden.de (Andreas Romeyke)
- * @see com.exlibris.dps.repository.plugin.virusChcek.VirusCheckPlugin 
+ * @see com.exlibris.dps.repository.plugin.virusChcek.VirusCheckPluginV2
  */
-public class SLUBVirusCheckClamAVPlugin implements VirusCheckPlugin {
+public class SLUBVirusCheckClamAVPlugin implements VirusCheckPluginV2 {
     //private static final ExLogger log = ExLogger.getExLogger(SLUBVirusCheckClamAVPlugin.class);
     private static final int DEFAULT_CHUNK_SIZE = 4096;
     private static final byte[] INSTREAM = "zINSTREAM\0".getBytes();
@@ -63,9 +63,14 @@ public class SLUBVirusCheckClamAVPlugin implements VirusCheckPlugin {
     private String host;
     private int port;
     private String response;
-    private Status status = Status.FAILED;
+    /* Status:
+     * @return 0 if last scan passed (means: virus free) -> PASSED
+     * @return 1 if last scan found a virus              -> FAILED
+     * @return >1 if last scan result is undetermined    -> UNDETERMINED
+     */
+    private enum Status {PASSED, FAILED, UNDETERMINED}; /* order is important, because we use .ordinal() in return code */
+    private Status status = Status.UNDETERMINED;
     private String signature = "";
-    private enum Status {PASSED, FAILED};
     /** constructor */
     public SLUBVirusCheckClamAVPlugin() {
         //log.info("SLUBVirusCheckPlugin instantiated with host=" + host + " port=" + port + " timeout=" + timeout);
@@ -85,6 +90,7 @@ public class SLUBVirusCheckClamAVPlugin implements VirusCheckPlugin {
      * @param args list of files which should be scanned
      */
     public static void main(String[] args) {
+
         SLUBVirusCheckClamAVPlugin plugin = new SLUBVirusCheckClamAVPlugin();
         Map<String, String> initp = new HashMap<String, String>();
         initp.put( "host", "127.0.0.1");
@@ -294,18 +300,26 @@ public class SLUBVirusCheckClamAVPlugin implements VirusCheckPlugin {
                 setStatus(Status.PASSED);
                 log.info("scan of file '" + fileFullPath + "' passed");
             } else if (result.endsWith(FOUND_SUFFIX)) {
-                setStatus(Status.FAILED);
+                if (result.contains(".Exploit.CVE")) { // we want to ignore CVE results
+                    setStatus(Status.UNDETERMINED);
+                    log.info("scan of file '" + fileFullPath + "' possibly failed, check manually if should be ignored!");
+                } else if (result.contains("eicar")) { // we want to ignore EICAR
+                    setStatus(Status.UNDETERMINED);
+                    log.info("scan of file '" + fileFullPath + "' possibly failed, because EICAR sequence detected, check manually if should be ignored!");
+                } else {
+                    setStatus(Status.FAILED);
+                    log.info("scan of file '" + fileFullPath + "' failed");
+                }
                 setSignature(result.substring(STREAM_PREFIX.length(), result.lastIndexOf(FOUND_SUFFIX) - 1));
-                log.info("scan of file '" + fileFullPath + "' failed");
             } else {
-                setStatus(Status.FAILED);
+                setStatus(Status.UNDETERMINED);
                 log.warn("clamd protocol not fully implemented, result='" + result + "'");
                 //System.out.println("clamd protocol not fully implemented");
             }
         } catch (IOException e) {
             log.error("exception creation socket in scan(), clamd not available at host=" + host + "port=" + port, e);
             //System.out.println("exception creation socket, clamd not available at host=" + host + "port=" + port + " " + e);
-            setStatus(Status.FAILED);
+            setStatus(Status.UNDETERMINED);
             setSignature("ERROR: clamd not available");
         }
     }
@@ -341,11 +355,11 @@ public class SLUBVirusCheckClamAVPlugin implements VirusCheckPlugin {
 
     /** result of last scan
      *
-     * @return true if last scan passed (means: virus free)
+     * @return 0 if last scan passed (means: virus free)
+     * @return 1 if last scan found a virus
+     * @return >1 if last scan result is undetermined
      */
-    public boolean isVirusFree() {
-        //return true; // dummy
-        return (Status.PASSED == getStatus());
+    public int isVirusFree() {
+        return (getStatus().ordinal());
     }
 }
-