function _clamav_scan_via_daemon in ClamAV 6
Same name and namespace in other branches
- 7 clamav.inc \_clamav_scan_via_daemon()
Scan a single file using a daemon. TODO: support INSTREAM, so the clamav-daemon does not need access to the file. This will allow a separate clamav-daemon to service a number of web-instances.
Parameters
String $filepath:
Return value
int one of:
1 call to _clamav_scan_via_daemon()
- clamav_scan_file in ./
clamav.inc - Scan a single file
File
- ./
clamav.inc, line 62 - API and helper functions for the ClamAV module.
Code
function _clamav_scan_via_daemon($filepath) {
$host = variable_get('clamav_daemon_host', CLAMAV_DEFAULT_HOST);
$port = variable_get('clamav_daemon_port', CLAMAV_DEFAULT_PORT);
// try to open a socket to clamav
$handler = $host && $port ? @fsockopen($host, $port) : FALSE;
if (!$handler) {
watchdog('clamav', "The clamav module is not configured for daemon mode. The uploaded file could not be scanned.", WATCHDOG_WARNING);
return CLAMAV_SCANRESULT_UNCHECKED;
}
// request a scan from the daemon
fwrite($handler, "SCAN {$filepath}\n");
$response = fgets($handler);
fclose($handler);
// clamd returns a string response in the format:
// filename: OK
// filename: <name of virus> FOUND
// filename: <error string> ERROR
if (preg_match('/.*: OK$/', $response)) {
return CLAMAV_SCANRESULT_CLEAN;
}
elseif (preg_match('/.*: (.*) FOUND$/', $response, $matches)) {
$virus_name = $matches[1];
watchdog('clamav', 'Virus detected in uploaded file. Clamav-daemon reported the virus:<br />@virus_name', array(
'@virus_name' => $virus_name,
), WATCHDOG_CRITICAL);
return CLAMAV_SCANRESULT_INFECTED;
}
else {
// try to extract the error message from the response.
preg_match('/.*: (.*) ERROR$/', $response, $matches);
$error_string = $matches[1];
// the error message given by the daemon
watchdog('clamav', 'Uploaded file could not be scanned. Clamscan reported:<br />@error_string', array(
'@error_string' => $error_string,
), WATCHDOG_WARNING);
return CLAMAV_SCANRESULT_UNCHECKED;
}
}