Some user upload fixes

This commit is contained in:
Michiel Broek 2001-12-07 22:19:55 +00:00
parent 2d6d902f2a
commit 09e5cd8230
5 changed files with 31 additions and 28 deletions

View File

@ -4303,6 +4303,11 @@ v0.33.19 26-Oct-2001
File search is done on long and short filenames.
Uploaded files are accepted with long filenames, the short
name is created when the upload is processed.
The virus scan after files upload tried also to use scanners
that were not available.
The upload virus file scan now also scans files that are not
known archives. Should catch macro viri and worms.
The file CRC is now set when importing an uploaded file.
mbnewusr:
New program, run by user bbs. This is only to register a new

View File

@ -51,6 +51,7 @@ install:
mkdir ${PREFIX}/log ; \
${CHOWN} ${OWNER}.${GROUP} ${PREFIX}/log ; \
fi
@chmod 0775 ${PREFIX}/log
@if [ ! -d ${PREFIX}/magic ] ; then \
mkdir ${PREFIX}/magic ; \
${CHOWN} ${OWNER}.${GROUP} ${PREFIX}/magic ; \

View File

@ -40,7 +40,7 @@
extern int do_quiet; /* Supress screen output */
extern int do_index; /* Reindex filebases */
/*
@ -92,7 +92,7 @@ void PackFileBase(void)
Marker();
sprintf(fAreas, "%s/fdb/fdb%d.data", getenv("MBSE_ROOT"), i);
sprintf(fTmp, "%s/fdb/fdbtmp.data", getenv("MBSE_ROOT"));
sprintf(fTmp, "%s/fdb/fdb%d.temp", getenv("MBSE_ROOT"), i);
if ((pFile = fopen(fAreas, "r")) == NULL) {
Syslog('!', "Creating new %s", fAreas);
@ -115,16 +115,17 @@ void PackFileBase(void)
fwrite(&file, sizeof(file), 1, fp);
} else {
iRemoved++;
Syslog('+', "Removed file \"%s\" from area %d", file.Name, i);
sprintf(fn, "%s/%s", area.Path, file.Name);
Syslog('+', "Removed file \"%s\" from area %d", file.LName, i);
sprintf(fn, "%s/%s", area.Path, file.LName);
rc = unlink(fn);
if (rc)
Syslog('+', "Unlink %s result %d", fn, rc);
Syslog('+', "Unlink %s failed, result %d", fn, rc);
/*
* If a dotted version (thumbnail) exists, remove it silently
*/
sprintf(fn, "%s/.%s", area.Path, file.Name);
sprintf(fn, "%s/.%s", area.Path, file.LName);
unlink(fn);
do_index = TRUE;
}
}

View File

@ -1201,8 +1201,10 @@ int Upload()
case 3:
/*
* No valid unarchiver found, just import
* No valid unarchiver found, just import after scanning,
* may catch macro viri.
*/
if (!ScanDirect(dp->d_name))
ImportFile(dp->d_name, Area, FALSE, iTime, statfile.st_size);
break;
}

View File

@ -527,15 +527,15 @@ int ScanDirect(char *fn)
while (fread(&virscan, virscanhdr.recsize, 1, fp) == 1) {
if (virscan.available) {
sprintf(temp1, "%s %s %s >/dev/null", virscan.scanner, virscan.options, temp);
colour(CFG.TextColourF, CFG.TextColourB);
/* Scanning */ /* with */
printf("%s %s %s %s ", (char *) Language(132), fn, (char *) Language(133), virscan.comment);
fflush(stdout);
Syslog('b', "%s ", temp1);
if ((err = system(temp1))) {
Syslog('?', "VIRUS ALERT: Result %d", err);
WriteError("VIRUS ALERT: Result %d (%s)", err, virscan.comment);
colour(CFG.HiliteF, CFG.HiliteB);
/* Possible VIRUS found! */
printf("%s\n", (char *) Language(199));
@ -545,6 +545,7 @@ int ScanDirect(char *fn)
printf("%s\n", (char *) Language(200));
fflush(stdout);
}
}
fclose(fp);
}
@ -594,10 +595,7 @@ int ScanArchive(char *fn, char *ftype)
return 3;
}
Syslog('b', "Archiver %s", archiver.comment);
cwd = getcwd(cwd, 80);
Syslog('b', "Current directory is %s", cwd);
sprintf(temp, "%s/%s/tmp", CFG.bbs_usersdir, exitinfo.Name);
if (chdir(temp)) {
@ -611,7 +609,6 @@ int ScanArchive(char *fn, char *ftype)
printf("%s %s ", (char *) Language(201), fn);
fflush(stdout);
sprintf(temp, "%s %s/%s >/dev/null", archiver.funarc, cwd, fn);
Syslog('b', "Unarc %s", temp);
if ((err = system(temp))) {
WriteError("$Failed %s", temp);
@ -635,15 +632,15 @@ int ScanArchive(char *fn, char *ftype)
while (fread(&virscan, virscanhdr.recsize, 1, fp) == 1) {
if (virscan.available) {
sprintf(temp, "%s %s * >/dev/null", virscan.scanner, virscan.options);
colour(CFG.TextColourF, CFG.TextColourB);
/* Scanning */ /* with */
printf("%s %s %s %s ", (char *) Language(132), fn, (char *) Language(133), virscan.comment);
fflush(stdout);
Syslog('b', "%s ", temp);
if ((err = system(temp))) {
Syslog('?', "VIRUS ALERT: Result %d", err);
WriteError("VIRUS ALERT: Result %d (%s)", err, virscan.comment);
colour(CFG.HiliteF, CFG.HiliteB);
/* Possible VIRUS found! */
printf("%s\n", (char *) Language(199));
@ -653,6 +650,7 @@ int ScanArchive(char *fn, char *ftype)
printf("%s\n", (char *) Language(200));
fflush(stdout);
}
}
fclose(fp);
}
@ -697,8 +695,6 @@ char *GetFileType(char *fn)
else
sprintf((char*)dbuf+strlen(dbuf), " %02x", buf[i]);
Syslog('b', "file head: %s", dbuf);
/*
* Various expected uploads. Not that the standard MS-DOS archivers
* must return the exact format, ie "ZIP" for PKZIP. These strings
@ -724,7 +720,7 @@ char *GetFileType(char *fn)
if (memcmp(buf, "RIFF", 4) == 0) return (char *)"WAV";
if (memcmp(buf, "EMOD", 4) == 0) return (char *)"MOD";
if (memcmp(buf, "MTM", 3) == 0) return (char *)"MTM";
if (memcmp(buf, "#/bin/", 6) == 0) return (char *)"UNIX script";
if (memcmp(buf, "#!/bin/", 7) == 0) return (char *)"UNIX script";
if (memcmp(buf, "\037\235", 2) == 0) return (char *)"Compressed data";
if (memcmp(buf, "\037\213", 2) == 0) return (char *)"gzip compress";
if (memcmp(buf, "\177ELF", 4) == 0) return (char *)"ELF";
@ -763,7 +759,6 @@ int ImportFile(char *fn, int Area, int fileid, time_t iTime, off_t Size)
sprintf(temp, "%s/%s", area.Path, fn);
sprintf(temp1, "%s/%s/upl/%s", CFG.bbs_usersdir, exitinfo.Name, fn);
Syslog('b', "Move %s to %s", temp1, temp);
if ((file_mv(temp1, temp))) {
WriteError("$Can't move %s to %s", fn, area.Path);
} else {
@ -874,9 +869,9 @@ int Addfile(char *File, int AreaNum, int fileid)
strcpy(temp1, File);
name_mangle(temp1);
strcpy(file.Name, temp1);
sprintf(temp1,"%ld",(long)(statfile.st_size));
file.Size = atoi(temp1);
file.Size = (long)(statfile.st_size);
file.FileDate = statfile.st_mtime;
file.Crc32 = file_crc(Filename, TRUE);
strcpy(file.Uploader, exitinfo.sUserName);
file.UploadDate = time(NULL);
@ -899,13 +894,12 @@ int Addfile(char *File, int AreaNum, int fileid)
}
}
if (fileid) {
if (fileid && strlen(archiver.iunarc)) {
/*
* The right unarchiver is still in memory,
* get the FILE_ID.DIZ if it exists.
*/
sprintf(temp, "%s %s/%s FILE_ID.DIZ >/dev/null", archiver.iunarc, area.Path, File);
Syslog('b', "%s", temp);
if ((err = system(temp))) {
WriteError("$Unpack error %s", temp);
} else {