From 5311050e7c8a6f2b92807638862c27d37201a16a Mon Sep 17 00:00:00 2001
From: Andreas Romeyke <art1@andreas-romeyke.de>
Date: Thu, 27 May 2021 18:26:06 +0200
Subject: [PATCH] - uses
com.exlibris.dps.repository.plugin.virusChcek.VirusCheckPluginV2 interface -
adapted Status to changed type - added EXPLOIT detection - added EICAR
detection - adapted isVirusFree()
---
.../metadata_SLUBVirusCheckClamAVPlugin.xml | 4 +-
.../plugin/SLUBVirusCheckClamAVPlugin.java | 42 ++++++++++++-------
2 files changed, 30 insertions(+), 16 deletions(-)
diff --git a/PLUGIN-INF/metadata_SLUBVirusCheckClamAVPlugin.xml b/PLUGIN-INF/metadata_SLUBVirusCheckClamAVPlugin.xml
index 9a9891b..db86606 100644
--- a/PLUGIN-INF/metadata_SLUBVirusCheckClamAVPlugin.xml
+++ b/PLUGIN-INF/metadata_SLUBVirusCheckClamAVPlugin.xml
@@ -1,5 +1,5 @@
<pl:metadata-config xmlns:pl="http://www.exlibrisgroup.com/Plugins/1.0/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
- <pl:pluginTypeName>VirusCheckPlugin</pl:pluginTypeName>
+ <pl:pluginTypeName>VirusCheckPluginV2</pl:pluginTypeName>
<pl:deployName>SLUBVirusCheckClamAVPlugin</pl:deployName>
<pl:className>org.slub.rosetta.dps.repository.plugin.SLUBVirusCheckClamAVPlugin</pl:className>
<pl:initParameters>
@@ -49,7 +49,7 @@
</fr:x_form>
</pl:initParameters>
<pl:description>SLUB Virus Check Plugin using installed ClamAV daemon via tcp-sockets</pl:description>
- <pl:version>1.9</pl:version>
+ <pl:version>2.0</pl:version>
<pl:materialType>DIGITAL</pl:materialType>
<pl:module>Repository</pl:module>
<pl:generalType>TASK</pl:generalType>
diff --git a/java/org/slub/rosetta/dps/repository/plugin/SLUBVirusCheckClamAVPlugin.java b/java/org/slub/rosetta/dps/repository/plugin/SLUBVirusCheckClamAVPlugin.java
index 2c04872..5a33de4 100644
--- a/java/org/slub/rosetta/dps/repository/plugin/SLUBVirusCheckClamAVPlugin.java
+++ b/java/org/slub/rosetta/dps/repository/plugin/SLUBVirusCheckClamAVPlugin.java
@@ -24,7 +24,7 @@ package org.slub.rosetta.dps.repository.plugin;
import com.exlibris.core.infra.common.exceptions.logging.ExLogger;
-import com.exlibris.dps.repository.plugin.virusChcek.VirusCheckPlugin;
+import com.exlibris.dps.repository.plugin.virusChcek.VirusCheckPluginV2;
import java.io.DataOutputStream;
import java.io.FileInputStream;
@@ -47,9 +47,9 @@ import java.util.Map;
* code could also be copied from https://code.google.com/p/clamavj/source/browse/trunk/src/main/java/com/philvarner/clamavj/ClamScan.java?r=2
*
* @author andreas.romeyke@slub-dresden.de (Andreas Romeyke)
- * @see com.exlibris.dps.repository.plugin.virusChcek.VirusCheckPlugin
+ * @see com.exlibris.dps.repository.plugin.virusChcek.VirusCheckPluginV2
*/
-public class SLUBVirusCheckClamAVPlugin implements VirusCheckPlugin {
+public class SLUBVirusCheckClamAVPlugin implements VirusCheckPluginV2 {
//private static final ExLogger log = ExLogger.getExLogger(SLUBVirusCheckClamAVPlugin.class);
private static final int DEFAULT_CHUNK_SIZE = 4096;
private static final byte[] INSTREAM = "zINSTREAM\0".getBytes();
@@ -63,9 +63,14 @@ public class SLUBVirusCheckClamAVPlugin implements VirusCheckPlugin {
private String host;
private int port;
private String response;
- private Status status = Status.FAILED;
+ /* Status:
+ * @return 0 if last scan passed (means: virus free) -> PASSED
+ * @return 1 if last scan found a virus -> FAILED
+ * @return >1 if last scan result is undetermined -> UNDETERMINED
+ */
+ private enum Status {PASSED, FAILED, UNDETERMINED}; /* order is important, because we use .ordinal() in return code */
+ private Status status = Status.UNDETERMINED;
private String signature = "";
- private enum Status {PASSED, FAILED};
/** constructor */
public SLUBVirusCheckClamAVPlugin() {
//log.info("SLUBVirusCheckPlugin instantiated with host=" + host + " port=" + port + " timeout=" + timeout);
@@ -85,6 +90,7 @@ public class SLUBVirusCheckClamAVPlugin implements VirusCheckPlugin {
* @param args list of files which should be scanned
*/
public static void main(String[] args) {
+
SLUBVirusCheckClamAVPlugin plugin = new SLUBVirusCheckClamAVPlugin();
Map<String, String> initp = new HashMap<String, String>();
initp.put( "host", "127.0.0.1");
@@ -294,18 +300,26 @@ public class SLUBVirusCheckClamAVPlugin implements VirusCheckPlugin {
setStatus(Status.PASSED);
log.info("scan of file '" + fileFullPath + "' passed");
} else if (result.endsWith(FOUND_SUFFIX)) {
- setStatus(Status.FAILED);
+ if (result.contains(".Exploit.CVE")) { // we want to ignore CVE results
+ setStatus(Status.UNDETERMINED);
+ log.info("scan of file '" + fileFullPath + "' possibly failed, check manually if should be ignored!");
+ } else if (result.contains("eicar")) { // we want to ignore EICAR
+ setStatus(Status.UNDETERMINED);
+ log.info("scan of file '" + fileFullPath + "' possibly failed, because EICAR sequence detected, check manually if should be ignored!");
+ } else {
+ setStatus(Status.FAILED);
+ log.info("scan of file '" + fileFullPath + "' failed");
+ }
setSignature(result.substring(STREAM_PREFIX.length(), result.lastIndexOf(FOUND_SUFFIX) - 1));
- log.info("scan of file '" + fileFullPath + "' failed");
} else {
- setStatus(Status.FAILED);
+ setStatus(Status.UNDETERMINED);
log.warn("clamd protocol not fully implemented, result='" + result + "'");
//System.out.println("clamd protocol not fully implemented");
}
} catch (IOException e) {
log.error("exception creation socket in scan(), clamd not available at host=" + host + "port=" + port, e);
//System.out.println("exception creation socket, clamd not available at host=" + host + "port=" + port + " " + e);
- setStatus(Status.FAILED);
+ setStatus(Status.UNDETERMINED);
setSignature("ERROR: clamd not available");
}
}
@@ -341,11 +355,11 @@ public class SLUBVirusCheckClamAVPlugin implements VirusCheckPlugin {
/** result of last scan
*
- * @return true if last scan passed (means: virus free)
+ * @return 0 if last scan passed (means: virus free)
+ * @return 1 if last scan found a virus
+ * @return >1 if last scan result is undetermined
*/
- public boolean isVirusFree() {
- //return true; // dummy
- return (Status.PASSED == getStatus());
+ public int isVirusFree() {
+ return (getStatus().ordinal());
}
}
-
--
GitLab