From: Eric Bollengier Date: Tue, 20 Dec 2022 17:38:29 +0000 (+0100) Subject: Fix #9712 about SHA256 size detection for malware X-Git-Tag: Beta-15.0.0~301 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8057fe029e3ce9d67691a8cf4d9805451041dbd6;p=thirdparty%2Fbacula.git Fix #9712 about SHA256 size detection for malware --- diff --git a/bacula/src/dird/malware.c b/bacula/src/dird/malware.c index 29bcd6c02..2aac9e7a0 100644 --- a/bacula/src/dird/malware.c +++ b/bacula/src/dird/malware.c @@ -32,7 +32,7 @@ static const char *hash_get_type(int len) switch(len) { case 22: return "MD5"; - case 44: + case 43: return "SHA256"; default: Dmsg1(dbglvl, "Unknown hash len %d\n", len); @@ -240,7 +240,7 @@ int check_malware(JCR *jcr, const char *jobids, POOLMEM **errmsg) } /* We need at least one checksum to determine the hash type */ if (i == 0) { - Mmsg(errmsg, "[DI0052] Nothing to check for JobIds %s [%s]\n", jobids, q.c_str()); + Mmsg(errmsg, "[DI0052] Nothing to check for JobId %s [%s]\n", jobids, q.c_str()); Dmsg1(dbglvl, "%s", *errmsg); return 0; } @@ -257,13 +257,13 @@ int check_malware(JCR *jcr, const char *jobids, POOLMEM **errmsg) /* We need at least one checksum to determine the hash type */ if (lst.size() != 1) { - Mmsg(errmsg, "[DE0054] Unable to find a checksum for JobIds %s. Use Signature = MD5/SHA256 FileSet option\n", jobids); + Mmsg(errmsg, "[DE0054] Unable to find a checksum for JobId %s. Use Signature = MD5/SHA256 FileSet option\n", jobids); return -1; } type = hash_get_type(strlen((char *)lst[0])); if (!type) { - Mmsg(errmsg, "[DE0055] Unable to find a valid checksum database for JobIds %s\n", jobids); + Mmsg(errmsg, "[DE0055] Unable to find a valid checksum database for JobId %s\n", jobids); return -1; } @@ -328,7 +328,7 @@ int check_malware(JCR *jcr, const char *jobids, POOLMEM **errmsg) events_send_msg(jcr, "DD0007", EVENTS_TYPE_SECURITY, "*Director*", (intptr_t)jcr, - "Unable to update Malware hash database from %s. %s", source, errmsg); + "Unable to update malware hash database from %s. %s", source, errmsg); return -1; } @@ -361,16 +361,16 @@ int check_malware(JCR *jcr, const char *jobids, POOLMEM **errmsg) "WHERE FileEvents.JobId IN (%s) AND Type = 'M' LIMIT 1\n", jobids); if (!db_sql_query(jcr->db, q.c_str(), db_int_handler, &nb)) { - Mmsg(errmsg, "[DE0056] Unable to check malware for JobIds %s\n", jobids); + Mmsg(errmsg, "[DE0056] Unable to check malware for JobId %s\n", jobids); return -1; } if (nb > 0) { - Mmsg(errmsg, _("[DE0056] Found Malware(s) on JobIds %s"), jobids); + Mmsg(errmsg, _("[DE0056] Found malware(s) on JobId %s"), jobids); return 1; } /* Leave a message */ - Mmsg(errmsg, _("[DI0050] No known Malware reported by \"%s\"\n"), source); + Mmsg(errmsg, _("[DI0050] No known malware reported by \"%s\"\n"), source); return 0; } @@ -379,11 +379,11 @@ int check_malware(JCR *jcr, const char *jobids, POOLMEM **errmsg) lst.destroy(); Mmsg(q, "SELECT Filename FROM SecurityEvents JOIN File USING (JobId, FileIndex) WHERE SecurityEvents.JobId IN (%s) LIMIT 1000\n", jobids); if (!db_sql_query(jcr->db, q.c_str(), db_string_list_handler, &l)) { - Mmsg(errmsg, "[DE0056] Unable to check malware for JobIds %s\n", jobids); + Mmsg(errmsg, "[DE0056] Unable to check malware for JobId %s\n", jobids); return false; } if (lst.size() > 0) { - Jmsg(jcr, M_ERROR, 0, _("Found %s %d Malware(s) on\n"), (lst.size() == 1000) ? _("more than") : "", lst.size()); + Jmsg(jcr, M_ERROR, 0, _("Found %s %d malware(s) on\n"), (lst.size() == 1000) ? _("more than") : "", lst.size()); foreach_alist(f, &lst) { Jmsg(jcr, M_INFO, 0, " %s\n", f); }