PUBLIC - Liferay Portal Community Edition
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-32359

ClamAV integration does not correctly handle infected files, claiming for inability to execute antivirus process.

    Details

    • Type: Bug Bug
    • Status: Closed
    • Resolution: Fixed
    • Affects Version/s: 6.1.1 CE GA2, 6.1.20 EE GA2
    • Component/s: Core Infrastructure
    • Labels:
    • Environment:
      ClamAV must be installed

      dl.store.antivirus.enabled=true
      dl.store.antivirus.impl=com.liferay.portlet.documentlibrary.antivirus.ClamAntivirusScannerImpl
    • Branch Version/s:
      6.1.x
    • Backported to Branch:
      Committed
    • Similar Issues:
      Show 5 results 

      Description

      When using the antivirus feature, and com.liferay.portlet.documentlibrary.antivirus.ClamAntivirusScannerImpl as the implementation, if a file with a virus is uploaded, AntivirusScannerException is raised, incorrectly signaling an inability to execute antivirus process.

        Activity

        Hide
        Justin Choi added a comment - - edited

        Here is my 6.1.x EE test environment:
        1. CentOS 6. Tomcat 7 + MySQL 5. JDK 7. Portal 6.1.x EE GIT ID: 718a3c4fe6bba0e751ca458406d57b5b4b525f5f.

        Saw this error after loading a virus from eicar - eicar.com.txt

        17:05:45,752 ERROR [http-bio-9080-exec-10][render_portlet_jsp:154] com.liferay.portlet.documentlibrary.antivirus.AntivirusScannerException: Virus detected in /root/Desktop/6.1.x/tomcat-7.0.34/temp/20130412170540772IJBAWABL.avs
        	at com.liferay.portlet.documentlibrary.antivirus.ClamAntivirusScannerImpl.scan(ClamAntivirusScannerImpl.java:45)
        	at com.liferay.portlet.documentlibrary.antivirus.BaseFileAntivirusScanner.scan(BaseFileAntivirusScanner.java:65)
        	at com.liferay.portlet.documentlibrary.antivirus.AntivirusScannerWrapper.scan(AntivirusScannerWrapper.java:51)
        	at com.liferay.portlet.documentlibrary.antivirus.AntivirusScannerUtil.scan(AntivirusScannerUtil.java:66)
        	at com.liferay.portlet.documentlibrary.store.DLStoreImpl.addFile(DLStoreImpl.java:135)
        	at com.liferay.portal.security.pacl.PortalSecurityManagerImpl$DoBeanLocatorImplPACL$1.invoke(PortalSecurityManagerImpl.java:466)
        	at com.liferay.portal.security.pacl.PACLInvocationHandler.doInvoke(PACLInvocationHandler.java:61)
        	at com.liferay.portal.security.pacl.PACLInvocationHandler.invoke(PACLInvocationHandler.java:50)
        	at com.liferay.portlet.documentlibrary.store.DLStoreUtil.addFile(DLStoreUtil.java:145)
        	at com.liferay.portlet.documentlibrary.service.impl.DLFileEntryLocalServiceImpl.addFileEntry(DLFileEntryLocalServiceImpl.java:210)
        	at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:112)
        	at com.liferay.portal.spring.transaction.DefaultTransactionExecutor.execute(DefaultTransactionExecutor.java:61)
        	at com.liferay.portal.spring.transaction.TransactionInterceptor.invoke(TransactionInterceptor.java:51)
        	at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:108)
        	at com.liferay.portal.spring.aop.ChainableMethodAdvice.invoke(ChainableMethodAdvice.java:55)
        	at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:108)
        	at com.liferay.portal.spring.aop.ChainableMethodAdvice.invoke(ChainableMethodAdvice.java:55)
        	at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:108)
        	at com.liferay.portal.spring.aop.ChainableMethodAdvice.invoke(ChainableMethodAdvice.java:55)
        	at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:108)
        

        Basically, Liferay detected the infected file and stopped the upload. I checked the \...\home\data folder and there was no files there.

        Show
        Justin Choi added a comment - - edited Here is my 6.1.x EE test environment: 1. CentOS 6. Tomcat 7 + MySQL 5. JDK 7. Portal 6.1.x EE GIT ID: 718a3c4fe6bba0e751ca458406d57b5b4b525f5f. Saw this error after loading a virus from eicar - eicar.com.txt 17:05:45,752 ERROR [http-bio-9080-exec-10][render_portlet_jsp:154] com.liferay.portlet.documentlibrary.antivirus.AntivirusScannerException: Virus detected in /root/Desktop/6.1.x/tomcat-7.0.34/temp/20130412170540772IJBAWABL.avs at com.liferay.portlet.documentlibrary.antivirus.ClamAntivirusScannerImpl.scan(ClamAntivirusScannerImpl.java:45) at com.liferay.portlet.documentlibrary.antivirus.BaseFileAntivirusScanner.scan(BaseFileAntivirusScanner.java:65) at com.liferay.portlet.documentlibrary.antivirus.AntivirusScannerWrapper.scan(AntivirusScannerWrapper.java:51) at com.liferay.portlet.documentlibrary.antivirus.AntivirusScannerUtil.scan(AntivirusScannerUtil.java:66) at com.liferay.portlet.documentlibrary.store.DLStoreImpl.addFile(DLStoreImpl.java:135) at com.liferay.portal.security.pacl.PortalSecurityManagerImpl$DoBeanLocatorImplPACL$1.invoke(PortalSecurityManagerImpl.java:466) at com.liferay.portal.security.pacl.PACLInvocationHandler.doInvoke(PACLInvocationHandler.java:61) at com.liferay.portal.security.pacl.PACLInvocationHandler.invoke(PACLInvocationHandler.java:50) at com.liferay.portlet.documentlibrary.store.DLStoreUtil.addFile(DLStoreUtil.java:145) at com.liferay.portlet.documentlibrary.service.impl.DLFileEntryLocalServiceImpl.addFileEntry(DLFileEntryLocalServiceImpl.java:210) at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:112) at com.liferay.portal.spring.transaction.DefaultTransactionExecutor.execute(DefaultTransactionExecutor.java:61) at com.liferay.portal.spring.transaction.TransactionInterceptor.invoke(TransactionInterceptor.java:51) at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:108) at com.liferay.portal.spring.aop.ChainableMethodAdvice.invoke(ChainableMethodAdvice.java:55) at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:108) at com.liferay.portal.spring.aop.ChainableMethodAdvice.invoke(ChainableMethodAdvice.java:55) at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:108) at com.liferay.portal.spring.aop.ChainableMethodAdvice.invoke(ChainableMethodAdvice.java:55) at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:108) Basically, Liferay detected the infected file and stopped the upload. I checked the \...\home\data folder and there was no files there.
        Hide
        Justin Choi added a comment -

        Same goes for 6.2.x.
        Reproduced on:
        1. CentOS 6. Tomcat 7 + MySQL 5. JDK 7. Portal 6.1.x EE GIT ID: 718a3c4fe6bba0e751ca458406d57b5b4b525f5f.
        2. CentOS 6. Tomcat 7 + MySQL 5. JDK 7. Portal 6.2.x GIT ID: 021a8cb9069e1ec916adc0a0201db658e5e795e4.

        – Although Liferay blocks the infected file from loading, the portlet becomes unavailable and there is a stack trace error.

        Show
        Justin Choi added a comment - Same goes for 6.2.x. Reproduced on: 1. CentOS 6. Tomcat 7 + MySQL 5. JDK 7. Portal 6.1.x EE GIT ID: 718a3c4fe6bba0e751ca458406d57b5b4b525f5f. 2. CentOS 6. Tomcat 7 + MySQL 5. JDK 7. Portal 6.2.x GIT ID: 021a8cb9069e1ec916adc0a0201db658e5e795e4. – Although Liferay blocks the infected file from loading, the portlet becomes unavailable and there is a stack trace error.
        Hide
        Justin Choi added a comment -

        Same goes for 6.2.x.
        Reproduced on:
        1. CentOS 6. Tomcat 7 + MySQL 5. JDK 7. Portal 6.1.x EE GIT ID: 718a3c4fe6bba0e751ca458406d57b5b4b525f5f.
        2. CentOS 6. Tomcat 7 + MySQL 5. JDK 7. Portal 6.2.x GIT ID: 021a8cb9069e1ec916adc0a0201db658e5e795e4.

        – Although Liferay blocks the infected file from loading, the portlet becomes unavailable and there is a stack trace error.

        Show
        Justin Choi added a comment - Same goes for 6.2.x. Reproduced on: 1. CentOS 6. Tomcat 7 + MySQL 5. JDK 7. Portal 6.1.x EE GIT ID: 718a3c4fe6bba0e751ca458406d57b5b4b525f5f. 2. CentOS 6. Tomcat 7 + MySQL 5. JDK 7. Portal 6.2.x GIT ID: 021a8cb9069e1ec916adc0a0201db658e5e795e4. – Although Liferay blocks the infected file from loading, the portlet becomes unavailable and there is a stack trace error.
        Hide
        Alberto Montero added a comment -

        Hi Justin,

        As reported by the customer, they only wanted to change the exception message. When a virus is found, it originally said that the antivirus process could not be executed, while it meant that a virus had been found. The actual commit just changes the exception message. Changing the message in UI may require approval from PM, so it was left out on purpose to not block ticket resolution.

        I can create a new LPS for changing the UI message.

        Does this make sense to you Justin?

        Alberto

        Show
        Alberto Montero added a comment - Hi Justin, As reported by the customer, they only wanted to change the exception message. When a virus is found, it originally said that the antivirus process could not be executed, while it meant that a virus had been found. The actual commit just changes the exception message. Changing the message in UI may require approval from PM, so it was left out on purpose to not block ticket resolution. I can create a new LPS for changing the UI message. Does this make sense to you Justin? Alberto
        Hide
        Justin Choi added a comment -

        Hi Alberto,

        Yes, that makes sense to me. When the D&M portlet became "unavailable" and the user has to refresh the page, that doesn't really help the user who is looking at the UI. You're right; we should have a different UI message, something like "Virus Detected by ClamAV. Please check the file."

        Thanks again,
        Justin

        Show
        Justin Choi added a comment - Hi Alberto, Yes, that makes sense to me. When the D&M portlet became "unavailable" and the user has to refresh the page, that doesn't really help the user who is looking at the UI. You're right; we should have a different UI message, something like "Virus Detected by ClamAV. Please check the file." Thanks again, Justin
        Hide
        Sophia Zhang added a comment -

        Hey Alberto,

        Looks like Justin aggrees with creating a new LPS, so I will close this ticket. Please link this ticket when you are done. Thanks.

        Show
        Sophia Zhang added a comment - Hey Alberto, Looks like Justin aggrees with creating a new LPS, so I will close this ticket. Please link this ticket when you are done. Thanks.
        Hide
        Edward Gonzales added a comment -

        Hello everyone! We are in the process of moving component "Third Party Libraries" to "Infrastructure" in LPS. Please make the necessary adjustments to your filters. Thanks!

        Show
        Edward Gonzales added a comment - Hello everyone! We are in the process of moving component "Third Party Libraries" to "Infrastructure" in LPS. Please make the necessary adjustments to your filters. Thanks!

          People

          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:
              Days since last comment:
              2 years, 20 weeks ago

              Development

                Subcomponents

                  Structure Helper Panel