db_escape_string(jcr, jcr->db, source_esc.c_str(), source, slen);
/* We keep track of the infected files in the FileEvents table */
- Mmsg(q, "INSERT INTO FileEvents (SourceJobId, JobId, FileId, Type, Description, Severity, Source) "
- "SELECT %ld, JobId, FileId, 'M', 'Malware found', 100, '%s' FROM File JOIN Malware%s USING (MD5) "
+ Mmsg(q, "INSERT INTO FileEvents (SourceJobId, JobId, FileIndex, Type, Description, Severity, Source) "
+ "SELECT %ld, JobId, FileIndex, 'M', 'Malware found', 100, '%s' FROM File JOIN Malware%s USING (MD5) "
"WHERE JobId IN (%s)", jcr->JobId, source_esc.c_str(), type, jobids);
if (!db_sql_query(jcr->db, q.c_str(), NULL, NULL)) {
}
uint32_t nb=0;
- Mmsg(q, "SELECT 1 FROM FileEvents JOIN File USING (FileId) "
+ Mmsg(q, "SELECT 1 FROM FileEvents JOIN File USING (JobId, FileIndex) "
"WHERE FileEvents.JobId IN (%s) AND Type = 'M' LIMIT 1\n", jobids);
if (!db_sql_query(jcr->db, q.c_str(), db_int_handler, &nb)) {
#if 0
char *f;
lst.destroy();
- Mmsg(q, "SELECT Filename FROM SecurityEvents JOIN File USING (FileId) WHERE SecurityEvents.JobId IN (%s) LIMIT 1000\n", jobids);
+ Mmsg(q, "SELECT Filename FROM SecurityEvents JOIN File USING (JobId, FileIndex) WHERE SecurityEvents.JobId IN (%s) LIMIT 1000\n", jobids);
if (!db_sql_query(jcr->db, q.c_str(), db_string_list_handler, &l)) {
Mmsg(errmsg, "[DE0006] Unable to check malware for JobIds %s\n", jobids);
return false;
}
Jmsg(jcr, M_INFO, 0, _("Verifying against JobId=%d Job=%s\n"),
jcr->previous_jr.JobId, jcr->previous_jr.Job);
+
+ /* Check for Malware */
+ if ( jcr->previous_jr.JobFiles > 0 &&
+ !jcr->previous_jr.PurgedFiles &&
+ jcr->job->CheckMalware)
+ {
+ POOL_MEM buf;
+ Jmsg(jcr, M_INFO, 0, _("[DI0002] Checking file metadata for Malwares\n"));
+ edit_int64(jcr->previous_jr.JobId, ed1);
+ if (check_malware(jcr, ed1, buf.handle()) != 0) {
+ Jmsg(jcr, M_ERROR, 0, "%s", buf.c_str());
+
+ } else {
+ Jmsg(jcr, M_INFO, 0, "%s", buf.c_str());
+ }
+ }
}
/*
projects / thirdparty / bacula.git / commitdiff
