From e74241f1884cdddd4756e07c2d67b895e8b79f0b Mon Sep 17 00:00:00 2001
From: Andreas Romeyke <andreas.romeyke@slub-dresden.de>
Date: Mon, 13 Feb 2023 11:51:08 +0100
Subject: [PATCH] - set Status to undetermined regardless if fails by different
 reasons.   This allows the technical analyst in Rosetta to approve the result
   manually and to call auto correction rules, if needed.

---
 .../plugin/SLUBVirusCheckClamAVPlugin.java         | 14 +++-----------
 1 file changed, 3 insertions(+), 11 deletions(-)

diff --git a/java/org/slub/rosetta/dps/repository/plugin/SLUBVirusCheckClamAVPlugin.java b/java/org/slub/rosetta/dps/repository/plugin/SLUBVirusCheckClamAVPlugin.java
index 759cef5..d643391 100644
--- a/java/org/slub/rosetta/dps/repository/plugin/SLUBVirusCheckClamAVPlugin.java
+++ b/java/org/slub/rosetta/dps/repository/plugin/SLUBVirusCheckClamAVPlugin.java
@@ -275,41 +275,33 @@ public class SLUBVirusCheckClamAVPlugin implements VirusCheckPluginV2 {
      * @param fileFullPath scans given file via clamd
      */
     public void scan(String fileFullPath) {
+        setStatus(Status.UNDETERMINED); /* default */
         try {
             Socket socket = openSocket();
-
             InputStream in = new FileInputStream(fileFullPath);
             // send stream
             String result = callSocketCommand_Stream(socket, in);
             in.close();
-            log.debug( "Response: " + result);
+            //log.debug( "Response: " + result);
             //System.out.println("Response: " + result);
             // parse return code
-
             if (RESPONSEOK.equals(result)) {
                 setStatus(Status.PASSED);
                 log.info("scan of file '" + fileFullPath + "' passed");
             } else if (result.endsWith(FOUND_SUFFIX)) {
-                if (result.contains(".Exploit.CVE")) { // we want to ignore CVE results
-                    setStatus(Status.UNDETERMINED);
-                    log.info("scan of file '" + fileFullPath + "' possibly failed, check manually if should be ignored!");
-                } else if (result.contains("Eicar-Signature")) { // we want to ignore EICAR
-                    setStatus(Status.UNDETERMINED);
+                if (result.contains("Eicar-Signature")) { // we want to ignore EICAR
                     log.info("scan of file '" + fileFullPath + "' possibly failed, because EICAR sequence detected, check manually if should be ignored!");
                 } else {
-                    setStatus(Status.FAILED);
                     log.info("scan of file '" + fileFullPath + "' failed");
                 }
                 setSignature(result.substring(STREAM_PREFIX.length(), result.lastIndexOf(FOUND_SUFFIX) - 1));
             } else {
-                setStatus(Status.UNDETERMINED);
                 log.warn("clamd protocol not fully implemented, result='" + result + "'");
                 //System.out.println("clamd protocol not fully implemented");
             }
         } catch (IOException e) {
             log.error("exception creation socket in scan(), clamd not available at host=" + host + "port=" + port, e);
             //System.out.println("exception creation socket, clamd not available at host=" + host + "port=" + port + " " + e);
-            setStatus(Status.UNDETERMINED);
             setSignature("ERROR: clamd not available");
         }
     }
-- 
GitLab