Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-32359

ClamAV integration does not correctly handle infected files, claiming for inability to execute antivirus process.

    Details

    • Type: Bug
    • Status: Closed
    • Resolution: Fixed
    • Affects Version/s: 6.1.1 CE GA2, 6.1.20 EE GA2
    • Component/s: Core Infrastructure
    • Labels:
    • Environment:
      ClamAV must be installed

      dl.store.antivirus.enabled=true
      dl.store.antivirus.impl=com.liferay.portlet.documentlibrary.antivirus.ClamAntivirusScannerImpl
    • Branch Version/s:
      6.1.x
    • Backported to Branch:
      Committed

      Description

      When using the antivirus feature, and com.liferay.portlet.documentlibrary.antivirus.ClamAntivirusScannerImpl as the implementation, if a file with a virus is uploaded, AntivirusScannerException is raised, incorrectly signaling an inability to execute antivirus process.

        Issue Links

          Activity

          Hide
          justin.choi Justin Choi added a comment - - edited

          Here is my 6.1.x EE test environment:
          1. CentOS 6. Tomcat 7 + MySQL 5. JDK 7. Portal 6.1.x EE GIT ID: 718a3c4fe6bba0e751ca458406d57b5b4b525f5f.

          Saw this error after loading a virus from eicar - eicar.com.txt

          17:05:45,752 ERROR [http-bio-9080-exec-10][render_portlet_jsp:154] com.liferay.portlet.documentlibrary.antivirus.AntivirusScannerException: Virus detected in /root/Desktop/6.1.x/tomcat-7.0.34/temp/20130412170540772IJBAWABL.avs
          	at com.liferay.portlet.documentlibrary.antivirus.ClamAntivirusScannerImpl.scan(ClamAntivirusScannerImpl.java:45)
          	at com.liferay.portlet.documentlibrary.antivirus.BaseFileAntivirusScanner.scan(BaseFileAntivirusScanner.java:65)
          	at com.liferay.portlet.documentlibrary.antivirus.AntivirusScannerWrapper.scan(AntivirusScannerWrapper.java:51)
          	at com.liferay.portlet.documentlibrary.antivirus.AntivirusScannerUtil.scan(AntivirusScannerUtil.java:66)
          	at com.liferay.portlet.documentlibrary.store.DLStoreImpl.addFile(DLStoreImpl.java:135)
          	at com.liferay.portal.security.pacl.PortalSecurityManagerImpl$DoBeanLocatorImplPACL$1.invoke(PortalSecurityManagerImpl.java:466)
          	at com.liferay.portal.security.pacl.PACLInvocationHandler.doInvoke(PACLInvocationHandler.java:61)
          	at com.liferay.portal.security.pacl.PACLInvocationHandler.invoke(PACLInvocationHandler.java:50)
          	at com.liferay.portlet.documentlibrary.store.DLStoreUtil.addFile(DLStoreUtil.java:145)
          	at com.liferay.portlet.documentlibrary.service.impl.DLFileEntryLocalServiceImpl.addFileEntry(DLFileEntryLocalServiceImpl.java:210)
          	at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:112)
          	at com.liferay.portal.spring.transaction.DefaultTransactionExecutor.execute(DefaultTransactionExecutor.java:61)
          	at com.liferay.portal.spring.transaction.TransactionInterceptor.invoke(TransactionInterceptor.java:51)
          	at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:108)
          	at com.liferay.portal.spring.aop.ChainableMethodAdvice.invoke(ChainableMethodAdvice.java:55)
          	at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:108)
          	at com.liferay.portal.spring.aop.ChainableMethodAdvice.invoke(ChainableMethodAdvice.java:55)
          	at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:108)
          	at com.liferay.portal.spring.aop.ChainableMethodAdvice.invoke(ChainableMethodAdvice.java:55)
          	at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:108)
          

          Basically, Liferay detected the infected file and stopped the upload. I checked the \...\home\data folder and there was no files there.

          Show
          justin.choi Justin Choi added a comment - - edited Here is my 6.1.x EE test environment: 1. CentOS 6. Tomcat 7 + MySQL 5. JDK 7. Portal 6.1.x EE GIT ID: 718a3c4fe6bba0e751ca458406d57b5b4b525f5f. Saw this error after loading a virus from eicar - eicar.com.txt 17:05:45,752 ERROR [http-bio-9080-exec-10][render_portlet_jsp:154] com.liferay.portlet.documentlibrary.antivirus.AntivirusScannerException: Virus detected in /root/Desktop/6.1.x/tomcat-7.0.34/temp/20130412170540772IJBAWABL.avs at com.liferay.portlet.documentlibrary.antivirus.ClamAntivirusScannerImpl.scan(ClamAntivirusScannerImpl.java:45) at com.liferay.portlet.documentlibrary.antivirus.BaseFileAntivirusScanner.scan(BaseFileAntivirusScanner.java:65) at com.liferay.portlet.documentlibrary.antivirus.AntivirusScannerWrapper.scan(AntivirusScannerWrapper.java:51) at com.liferay.portlet.documentlibrary.antivirus.AntivirusScannerUtil.scan(AntivirusScannerUtil.java:66) at com.liferay.portlet.documentlibrary.store.DLStoreImpl.addFile(DLStoreImpl.java:135) at com.liferay.portal.security.pacl.PortalSecurityManagerImpl$DoBeanLocatorImplPACL$1.invoke(PortalSecurityManagerImpl.java:466) at com.liferay.portal.security.pacl.PACLInvocationHandler.doInvoke(PACLInvocationHandler.java:61) at com.liferay.portal.security.pacl.PACLInvocationHandler.invoke(PACLInvocationHandler.java:50) at com.liferay.portlet.documentlibrary.store.DLStoreUtil.addFile(DLStoreUtil.java:145) at com.liferay.portlet.documentlibrary.service.impl.DLFileEntryLocalServiceImpl.addFileEntry(DLFileEntryLocalServiceImpl.java:210) at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:112) at com.liferay.portal.spring.transaction.DefaultTransactionExecutor.execute(DefaultTransactionExecutor.java:61) at com.liferay.portal.spring.transaction.TransactionInterceptor.invoke(TransactionInterceptor.java:51) at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:108) at com.liferay.portal.spring.aop.ChainableMethodAdvice.invoke(ChainableMethodAdvice.java:55) at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:108) at com.liferay.portal.spring.aop.ChainableMethodAdvice.invoke(ChainableMethodAdvice.java:55) at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:108) at com.liferay.portal.spring.aop.ChainableMethodAdvice.invoke(ChainableMethodAdvice.java:55) at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:108) Basically, Liferay detected the infected file and stopped the upload. I checked the \...\home\data folder and there was no files there.
          Hide
          justin.choi Justin Choi added a comment -

          Same goes for 6.2.x.
          Reproduced on:
          1. CentOS 6. Tomcat 7 + MySQL 5. JDK 7. Portal 6.1.x EE GIT ID: 718a3c4fe6bba0e751ca458406d57b5b4b525f5f.
          2. CentOS 6. Tomcat 7 + MySQL 5. JDK 7. Portal 6.2.x GIT ID: 021a8cb9069e1ec916adc0a0201db658e5e795e4.

          – Although Liferay blocks the infected file from loading, the portlet becomes unavailable and there is a stack trace error.

          Show
          justin.choi Justin Choi added a comment - Same goes for 6.2.x. Reproduced on: 1. CentOS 6. Tomcat 7 + MySQL 5. JDK 7. Portal 6.1.x EE GIT ID: 718a3c4fe6bba0e751ca458406d57b5b4b525f5f. 2. CentOS 6. Tomcat 7 + MySQL 5. JDK 7. Portal 6.2.x GIT ID: 021a8cb9069e1ec916adc0a0201db658e5e795e4. – Although Liferay blocks the infected file from loading, the portlet becomes unavailable and there is a stack trace error.
          Hide
          justin.choi Justin Choi added a comment -

          Same goes for 6.2.x.
          Reproduced on:
          1. CentOS 6. Tomcat 7 + MySQL 5. JDK 7. Portal 6.1.x EE GIT ID: 718a3c4fe6bba0e751ca458406d57b5b4b525f5f.
          2. CentOS 6. Tomcat 7 + MySQL 5. JDK 7. Portal 6.2.x GIT ID: 021a8cb9069e1ec916adc0a0201db658e5e795e4.

          – Although Liferay blocks the infected file from loading, the portlet becomes unavailable and there is a stack trace error.

          Show
          justin.choi Justin Choi added a comment - Same goes for 6.2.x. Reproduced on: 1. CentOS 6. Tomcat 7 + MySQL 5. JDK 7. Portal 6.1.x EE GIT ID: 718a3c4fe6bba0e751ca458406d57b5b4b525f5f. 2. CentOS 6. Tomcat 7 + MySQL 5. JDK 7. Portal 6.2.x GIT ID: 021a8cb9069e1ec916adc0a0201db658e5e795e4. – Although Liferay blocks the infected file from loading, the portlet becomes unavailable and there is a stack trace error.
          Hide
          alberto.montero Alberto Montero added a comment -

          Hi Justin,

          As reported by the customer, they only wanted to change the exception message. When a virus is found, it originally said that the antivirus process could not be executed, while it meant that a virus had been found. The actual commit just changes the exception message. Changing the message in UI may require approval from PM, so it was left out on purpose to not block ticket resolution.

          I can create a new LPS for changing the UI message.

          Does this make sense to you Justin?

          Alberto

          Show
          alberto.montero Alberto Montero added a comment - Hi Justin, As reported by the customer, they only wanted to change the exception message. When a virus is found, it originally said that the antivirus process could not be executed, while it meant that a virus had been found. The actual commit just changes the exception message. Changing the message in UI may require approval from PM, so it was left out on purpose to not block ticket resolution. I can create a new LPS for changing the UI message. Does this make sense to you Justin? Alberto
          Hide
          justin.choi Justin Choi added a comment -

          Hi Alberto,

          Yes, that makes sense to me. When the D&M portlet became "unavailable" and the user has to refresh the page, that doesn't really help the user who is looking at the UI. You're right; we should have a different UI message, something like "Virus Detected by ClamAV. Please check the file."

          Thanks again,
          Justin

          Show
          justin.choi Justin Choi added a comment - Hi Alberto, Yes, that makes sense to me. When the D&M portlet became "unavailable" and the user has to refresh the page, that doesn't really help the user who is looking at the UI. You're right; we should have a different UI message, something like "Virus Detected by ClamAV. Please check the file." Thanks again, Justin
          Hide
          sophia.zhang Sophia Zhang added a comment -

          Hey Alberto,

          Looks like Justin aggrees with creating a new LPS, so I will close this ticket. Please link this ticket when you are done. Thanks.

          Show
          sophia.zhang Sophia Zhang added a comment - Hey Alberto, Looks like Justin aggrees with creating a new LPS, so I will close this ticket. Please link this ticket when you are done. Thanks.
          Hide
          edward.gonzales Edward Gonzales (Inactive) added a comment -

          Hello everyone! We are in the process of moving component "Third Party Libraries" to "Infrastructure" in LPS. Please make the necessary adjustments to your filters. Thanks!

          Show
          edward.gonzales Edward Gonzales (Inactive) added a comment - Hello everyone! We are in the process of moving component "Third Party Libraries" to "Infrastructure" in LPS. Please make the necessary adjustments to your filters. Thanks!

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Days since last comment:
                4 years, 1 week, 5 days ago

                Development

                  Subcomponents