ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
class.ilVirusScannerSophos.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
11 require_once "./Services/VirusScanner/classes/class.ilVirusScanner.php";
12 
13 class ilVirusScannerSophos extends ilVirusScanner
14 {
20  public function __construct($a_scancommand, $a_cleancommand)
21  {
22  parent::__construct($a_scancommand, $a_cleancommand);
23  $this->type = "sophos";
24  $this->scanZipFiles = true;
25  }
26 
34  public function scanFile($a_filepath, $a_origname = "")
35  {
36  // This function should:
37  // - call the external scanner for a_filepath
38  // - set scanFilePath to a_filepath
39  // - set scanFileOrigName to a_origname
40  // - set scanFileIsInfected according the scan result
41  // - set scanResult to the scanner output message
42  // - call logScanResult() if file is infected
43  // - return the scanResult, if file is infected
44  // - return an empty string, if file is not infected
45 
46  $this->scanFilePath = $a_filepath;
47  $this->scanFileOrigName = $a_origname;
48 
49  // Call of scan_file from Sophie (www.vanja.com/tools/sophie)
50  // sophie must run as a process
51  $cmd = $this->scanCommand . " " . $a_filepath . " 2>&1";
52  exec($cmd, $out, $ret);
53  $this->scanResult = implode("\n", $out);
54 
55  // sophie could be called
56  if ($ret == 0) {
57  if (preg_match("/FILE INFECTED/", $this->scanResult)) {
58  $this->scanFileIsInfected = true;
59  $this->logScanResult();
60  return $this->scanResult;
61  } else {
62  $this->scanFileIsInfected = false;
63  return "";
64  }
65  }
66 
67  // sophie has failed (probably the daemon doesn't run)
68  $this->log->write("ERROR (Virus Scanner failed): "
69  . $this->scanResult
70  . "; COMMAMD=" . $cmd);
71 
72  // try fallback: scan by cleaner command (sweep)
73  // -ss: Don't display anything except on error or virus
74  // -archive: sweep inside archives
75  unset($out, $ret);
76  $cmd = $this->cleanCommand . " -ss -archive " . $a_filepath . " 2>&1";
77  exec($cmd, $out, $ret);
78  $this->scanResult = implode("\n", $out) . " [" . $ret . "]";
79 
80  // error codes from sweep:
81  // 0 If no errors are encountered and no viruses are found.
82  // 1 If the user interrupts SWEEP (usually by pressing control-C) or kills the process.
83  // 2 If some error preventing further execution is discovered.
84  // 3 If viruses or virus fragments are discovered.
85  if ($ret == 0) {
86  $this->scanFileIsCleaned = false;
87  return "";
88  } elseif ($ret == 3) {
89  $this->scanFileIsInfected = true;
90  $this->logScanResult();
91  return $this->scanResult;
92  } else {
93  $this->ilias->raiseError(
94  $this->lng->txt("virus_scan_error") . " "
95  . $this->lng->txt("virus_scan_message") . " "
96  . $this->scanResult,
97  $this->ilias->error_obj->WARNING
98  );
99  }
100  }
101 
109  public function cleanFile($a_filepath, $a_origname = "")
110  {
111  // This function should:
112  // - call the external cleaner
113  // - set cleanFilePath to a_filepath
114  // - set cleanFileOrigName to a_origname
115  // - set cleanFileIsCleaned according the clean result
116  // - set cleanResult to the cleaner output message
117  // - call logCleanResult in any case
118  // - return the cleanResult, if file is cleaned
119  // - return an empty string, if file is not cleaned
120 
121  $this->cleanFilePath = $a_filepath;
122  $this->cleanFileOrigName = $a_origname;
123 
124  // Call of sweep from Sophos (www.sophos.com)
125  // -di: Disinfect infected items
126  // -nc: Don't ask for confirmation before disinfection/deletion
127  // -ss: Don't display anything except on error or virus
128  // -eec: Use extended error codes
129  // -archive: sweep inside archives
130 
131  $cmd = $this->cleanCommand . " -di -nc -ss -eec -archive " . $a_filepath . " 2>&1";
132  exec($cmd, $out, $ret);
133  $this->cleanResult = implode("\n", $out) . " [" . $ret . "]";
134 
135  // always log the result from a clean attempt
136  $this->logCleanResult();
137 
138  // Extended error codes from sweep:
139  // 0 If no errors are encountered and no viruses are found.
140  // 8 If survivable errors have occurred.
141  // 12 If compressed files have been found and decompressed.
142  // 16 If compressed files have been found and not decompressed.
143  // 20 If viruses have been found and disinfected.
144  // 24 If viruses have been found and not disinfected.
145  // 28 If viruses have been found in memory.
146  // 32 If there has been an integrity check failure.
147  // 36 If unsurvivable errors have occurred.
148  // 40 If execution has been interrupted.
149  if ($ret == 20) {
150  $this->cleanFileIsCleaned = true;
151  return $this->cleanResult;
152  } else {
153  $this->cleanFileIsCleaned = false;
154  return "";
155  }
156  }
157 }
ilVirusScannerSophos\cleanFile
cleanFile($a_filepath, $a_origname="")
clean an infected file
Definition: class.ilVirusScannerSophos.php:109
ilVirusScanner\logScanResult
logScanResult()
write the result of the last scan to the log public
Definition: class.ilVirusScanner.php:277
ilVirusScannerSophos\__construct
__construct($a_scancommand, $a_cleancommand)
Constructor public.
Definition: class.ilVirusScannerSophos.php:20
ilVirusScanner\logCleanResult
logCleanResult()
write the result of the last clean to the log public
Definition: class.ilVirusScanner.php:292
ilias
redirection script todo: (a better solution should control the processing via a xml file) ...
ilVirusScannerSophos\scanFile
scanFile($a_filepath, $a_origname="")
scan a file for viruses
Definition: class.ilVirusScannerSophos.php:34
ilVirusScanner
Base class for the interface to an external virus scanner This class is abstract and needs to be exte...
Definition: class.ilVirusScanner.php:14
ilVirusScannerSophos
Interface to the sophos virus protector.
Definition: class.ilVirusScannerSophos.php:13
$ret
$ret
Definition: parser.php:6