philvarner / clamavj Goto Github PK

View Code? Open in Web Editor NEW

31.0 31.0 16.0 34 KB

ClamAV clamd Java library

License: Apache License 2.0

Java 100.00%

clamavj's People

Contributors

Stargazers

Watchers

Forkers

dmmd java4tiger antonyh unc-libraries oakman jmcarter9t skalio stevanrose zhaoxunyong customweb orionhealth lorangf empinator suman-anandan vickieluo-bj

clamavj's Issues

Timing issues

Using the following tcp dump:

tcpdump not port 2287 and not port 80 and not port 443 and not port 8080 and not port 3306 and not port 53 -i any -X -s0 -n and not arp

we discovered, that there can be different delayes between the last package being sent and the returned status from clamav daemon:

E.g. in this example - nothing happened for 4 seconds until stream OK was sent...


        0x3ef0:  d644 299b ce8f 75b3 3a17 eead 0126 d844  .D)...u.:....&.D
        0x3f00:  723b 7f42 b8ad e5b0 6474 dc9d 531f 8df4  r;.B....dt..S...
        0x3f10:  9127 539b 200d ce84 41de da14 5371 009c  .'S.....A...Sq..
        0x3f20:  6b19 c894 a718 0fa6 1370 661f 842f 1281  k........pf../..
        0x3f30:  5ce0 9da2 aa6e 0e04 504d 254c dff7 7015  \....n..PM%L..p.
        0x3f40:  b861 15e3 5a7c b29c 7efb ae86 16a0 cd7b  .a..Z|..~......{
        0x3f50:  e7fd 507b 3478 133f 02a5 84d1 2d71 1f88  ..P{4x.?....-q..
        0x3f60:  4eee fe78 69e5 b735 80f3 96b0 2568 a3ee  N..xi..5....%h..
        0x3f70:  a451 dcfd 7198 bd4c 7b4c 43fe 618a 5436  .Q..q..L{LC.a.T6
        0x3f80:  c566 3aca db06 0687 b170 f9cc c6e2 4cc2  .f:......p....L.
        0x3f90:  0b39 e499 449c 4e16 c624 40d5 300d 97c8  [email protected]...
        0x3fa0:  6bba 310b 9cee fbbe bdaa dfc6 8c03 45c9  k.1...........E.
        0x3fb0:  0373 e0aa ae1f 5130 40b9 8846 59a7 73bd  [email protected].
        0x3fc0:  500f 575f aa5c 060c 5c99 3694 372f f6a2  P.W_.\..\.6.7/..
        0x3fd0:  bdc7 6222 bbbf 5238 83b2 18f4 6b7d 5761  ..b"..R8....k}Wa
        0x3fe0:  9496 b957 8ed1 70b3 9c70 b48b 86f3 bac6  ...W..p..p......
        0x3ff0:  7a4b 541d 924f 24bd 6aac 8d83 b02b 84a3  zKT..O$.j....+..
        0x4000:  1e66 7107 80dc c184 6e7e 3138 f0d6 5ca4  .fq.....n~18..\.
        0x4010:  7cf8 140b 1f25 f82c 9510 76b4 4fee 2663  |....%.,..v.O.&c
        0x4020:  d6b5 99d6 639a ab05 5d8d 71d0 dd21 afca  ....c...].q..!..
        0x4030:  1923 0c20                                .#..
16:05:53.451347 IP 81.24.70.152.67 > 255.255.255.255.68: BOOTP/DHCP, Reply, length 548
        0x0000:  4500 0240 50c7 0000 4011 9036 5118 4698  E..@[email protected].
        0x0010:  ffff ffff 0043 0044 022c d1e2 0201 0600  .....C.D.,......
        0x0020:  3a0e 4357 0000 0000 0000 0000 0000 0000  :.CW............
        0x0030:  0000 0000 0000 0000 001e b808 ac3b 0000  .............;..
        0x0040:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0050:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0060:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0070:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0080:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0090:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x00a0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x00b0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x00c0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x00d0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x00e0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x00f0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0100:  0000 0000 0000 0000 6382 5363 3501 0636  ........c.Sc5..6
        0x0110:  0451 1846 98ff 0000 0000 0000 0000 0000  .Q.F............
        0x0120:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0130:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0140:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0150:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0160:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0170:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0180:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0190:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x01a0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x01b0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x01c0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x01d0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x01e0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x01f0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0200:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0210:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0220:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0230:  0000 0000 0000 0000 0000 0000 0000 0000  ................
16:05:53.845258 IP 127.0.0.1.38346 > 127.0.0.1.9321: Flags [F.], seq 112433199, ack 1, win 257, options [nop,nop,TS val 2223325 ecr 2223079], length 0
        0x0000:  4500 0034 4faf 4000 4006 ed12 7f00 0001  E..4O.@.@.......
        0x0010:  7f00 0001 95ca 2469 edbc 758d 48d9 4c0a  ......$i..u.H.L.
        0x0020:  8011 0101 fe28 0000 0101 080a 0021 ecdd  .....(.......!..
        0x0030:  0021 ebe7                                .!..
16:05:53.883041 IP 127.0.0.1.9321 > 127.0.0.1.38346: Flags [.], ack 112433200, win 2048, options [nop,nop,TS val 2223335 ecr 2223325], length 0
        0x0000:  4500 0034 c068 4000 4006 7c59 7f00 0001  E..4.h@.@.|Y....
        0x0010:  7f00 0001 2469 95ca 48d9 4c0a edbc 758e  ....$i..H.L...u.
        0x0020:  8010 0800 fe28 0000 0101 080a 0021 ece7  .....(.......!..
        0x0030:  0021 ecdd                                .!..
16:05:57.433426 IP 81.24.70.169.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:1e:b8:08:ac:3b, length 259
        0x0000:  4500 011f 0000 4000 4011 a20d 5118 46a9  E.....@[email protected].
        0x0010:  ffff ffff 0044 0043 010b 9fb2 0101 0600  .....D.C........
        0x0020:  3a0e 4357 0b00 0000 0000 0000 0000 0000  :.CW............
        0x0030:  0000 0000 0000 0000 001e b808 ac3b 0000  .............;..
        0x0040:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0050:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0060:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0070:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0080:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0090:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x00a0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x00b0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x00c0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x00d0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x00e0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x00f0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0100:  0000 0000 0000 0000 6382 5363 3501 0332  ........c.Sc5..2
        0x0110:  0451 1846 a937 0701 0203 060c 0f1c ff    .Q.F.7.........
16:05:59.451183 IP 81.24.70.152.67 > 255.255.255.255.68: BOOTP/DHCP, Reply, length 548
        0x0000:  4500 0240 1901 0000 4011 c7fc 5118 4698  E..@[email protected].
        0x0010:  ffff ffff 0043 0044 022c d1e2 0201 0600  .....C.D.,......
        0x0020:  3a0e 4357 0000 0000 0000 0000 0000 0000  :.CW............
        0x0030:  0000 0000 0000 0000 001e b808 ac3b 0000  .............;..
        0x0040:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0050:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0060:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0070:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0080:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0090:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x00a0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x00b0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x00c0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x00d0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x00e0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x00f0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0100:  0000 0000 0000 0000 6382 5363 3501 0636  ........c.Sc5..6
        0x0110:  0451 1846 98ff 0000 0000 0000 0000 0000  .Q.F............
        0x0120:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0130:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0140:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0150:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0160:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0170:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0180:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0190:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x01a0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x01b0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x01c0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x01d0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x01e0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x01f0:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0200:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0210:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0220:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0230:  0000 0000 0000 0000 0000 0000 0000 0000  ................
16:06:03.999155 IP 127.0.0.1.9321 > 127.0.0.1.38346: Flags [P.], seq 1:12, ack 112433200, win 2048, options [nop,nop,TS val 2225864 ecr 2223325], length 11
        0x0000:  4500 003f c069 4000 4006 7c4d 7f00 0001  E..?.i@.@.|M....
        0x0010:  7f00 0001 2469 95ca 48d9 4c0a edbc 758e  ....$i..H.L...u.
        0x0020:  8018 0800 fe33 0000 0101 080a 0021 f6c8  .....3.......!..
        0x0030:  0021 ecdd 7374 7265 616d 3a20 4f4b 00    .!..stream:.OK.

This leads to an error in:

   stream = file.getStream();
    ScanResult scan = clamScan.scan(stream);

    if (!scan.getStatus().equals(ScanResult.Status.PASSED)) {
    }

...as the Status was not PASSED - although it passed - just 4 seconds later.

Maybe we need to have an additional timeout for "idle" connections?

Refactor tests

Move existing tests that are really integration tests (against real clamd) to be integration tests.
Mock/stub existing unit tests.

Passing a FileInputStream always gives an Stream: OK

Hi,

first thanks for this great clamav java implementation. I'm trying to use a FileInputStream to pass a file to ClamScan.scan like this:

ClamScan scan = new ClamScan("localhost", 3310, 10000);
File f = new File("/path/to/file");
InputStream is = new FileInputStream(f);
ScanResult result = scan.scan(is);
System.out.println(result.getResult())

When scanning a file with the EICAR test file (the file has some more text lines in it and has about 480 bytes) it always shows an Stream: OK as the result.

But when using the ByteArrayInputStream as used in the ClamScanTestCase.java the test virus is found.

Any hints what i'm doing wrong?

Thanks in advance for a reply.

Stats test fails intermittently

Stats test fails intermittently.

Scanning an InputStream ends when read() doesn't return CHUNK_SIZE

From ClamScan (line 197)

read = in.read(buffer);

This code expects the InputStream to read all bytes into the buffer in a series of bytes of CHUNK_SIZE length. The end of the InputStream is signalled by less than CHUNK_SIZE bytes being read (line 195)

while (read == CHUNK_SIZE) {

The assumption that the InputStream will always read CHUNK_SIZE bytes into the buffer is incorrect. This occurs for FileInputStream however not with CipherInputStream and probably some other InputStreams. From the documentation https://docs.oracle.com/javase/7/docs/api/java/io/InputStream.html:

Returns:
the total number of bytes read into the buffer, or -1 if there is no more data because the end of the stream has been reached.

Therefore end condition should probably be

while (read != -1) {

ArrayIndexOutOfBoundsException when file is multiple of DEFAULT_CHUNK_SIZE

What steps will reproduce the problem?

Construct a FileInputStream that points to a file that is 4096 bytes long.
Call ClamScan.scan() and pass that stream.

What is the expected output? What do you see instead?

An ArrayIndexOutOfBoundsException happens with the following stack trace:

java.lang.ArrayIndexOutOfBoundsException
at java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:104)
at java.net.SocketOutputStream.write(SocketOutputStream.java:153)
at java.io.DataOutputStream.write(DataOutputStream.java:107)
at com.philvarner.clamavj.ClamScan.scan(ClamScan.java:203)

What version of the product are you using? On what operating system?

Using version 0.1

Please provide any additional information below.

The problem here is that InputStream.read() is returning -1 because it reached the end of the stream. When that -1 is passed to DataOutputStream.write() on line 203, we get an exception. The loop should break if read is less than or equal to zero.
Delete comment Comment 1 by [email protected], Aug 1, 2011
Adding write in a if(read != -1) solve the problem :

line 208 :

if (read != -1) {
// we may exceed the clamd size limit, so we don't immediately return
// if we get an error here.
try {
dos.writeInt(read);
dos.write(buffer, 0, read);
} catch (IOException e) {
log.debug("error writing data to socket", e);
break;
}
}

Publish at a maven repository

Any plans to publish the app in one of the maven repositories?

Tutorial

Hello

Your project is very interesting, I would like to use it. But I did not found a good tutorial. What is the point of the host and port?

Thank you in advance

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.