-
Notifications
You must be signed in to change notification settings - Fork 24
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bugfix #23 and improvements as suggested in #48 #50
base: master
Are you sure you want to change the base?
Conversation
… the first file's status regardless of the next files. It now returns the most severe status (virus detected) and only 200OK if all files are clean
…calculating http status later
… security issues w/ 1.22.3
…2/scan endpoint response
I got this working on my local machine yesterday after merging the original repo's |
@davosian Do you have any insights into this issue parsing the config files? It seems lilke the version that gets installed in alpine 3.20 is 1.22.r0 which is a little bit weird considering it's not a LTS release, but a release candidate. |
Bugfix and suggestions for improvement implemented
Fixes #23 by checking for error from clamd.ScanStream, which closes the connection if the file size is exceeded. The error was previously ignored. This PR includes code that assumes that a closed connection is caused by file size exceeded. Unfortunately, there is no way to detect the ^INSTREAM: file size limit exceeded error from the clamd process in the api. A custom clamd.ScanResult is created inside the error handling if statement, to handle the response in the same switch/case logic as other responses. This is also handled in the scanHandlerBody func the same way, so the client actually get a response.
Fixes #48 by creating a new endpoint (
/v2/scan
) and a scanResult struct that contains status, description and httpStatus (httpStatus is ignored in the json annotation, and only used in the code logic). An array of all scanned files (as[]scanResult
) is then marshalled to json, creating a proper json response for one to many files, returning an array of json objects to the client. The old/scan
endpoint will also use this response (which is formatted the same way as before) but it will not be returned in an array, but as before, one to many json objects without proper json array structure, to keep previous behavior intact. Although, deprecation and link headers indicating that there's a new endpoint available, is returned from the old endpoint.Previously, the first file's status would be the http status of the entire response, this PR includes code that will always return a 406 http status if any file contains a virus, and only return a 200 OK status if all files are clean, for both the old and new endpoint. I figured this was a bug.
I also added a prometheus metrics counter that increments on each found virus.
I also added go.mod and go.sum to use go modules instead of vendor directory etc.