Dateien mit ClamAV und Java scannen
Kleines Beispiel, wie man auf dem Server Dateien beim Upload auf Viren überprüfen kann:
Das Scanner-Interface:
public interface Scanner { ScannerResults scan(File source); }
Die ClamAV-Implementierung
public class ClamAvScannerImpl implements Scanner { private static final Logger logger = Logger.getLogger(ClamAvScannerImpl.class); private ScannerResults scannerResults; /** * Scans the file and returns the result. */ @Override public synchronized ScannerResults scan(File source) { try { Process process = new ProcessBuilder("clamscan",source.getAbsolutePath()).start(); int code = process.waitFor(); switch (code) { case 0: scannerResults.setOk(true); break; case 1: logger.info("Virus found in: "+source.getAbsolutePath()); scannerResults.setMessage("Virus found!"); scannerResults.setOk(false); break; default: logger.warn("Unexpected return code from ClamAV"); break; } } catch (IOException e) { logger.error("Problem starting ClamAV!"); } catch (InterruptedException e) { logger.error("Problem waiting for ClamAV"); } return scannerResults; } public void setScannerResults(ScannerResults scannerResults) { this.scannerResults = scannerResults; } }
Die Ergebnisse:
public interface ScannerResults { boolean isOk(); List getMessages(); void setOk(boolean ok); void setMessage(String message); }
public class ClamAVScannerResultsImpl implements ScannerResults { private boolean ok; private String message; public boolean isOk() { return ok; } public List getMessages() { if (message == null) return new ArrayList(0); else return Arrays.asList(new String[]{message}); } public void setOk(boolean ok) { this.ok = ok; } public void setMessage(String message) { this.message = message; } }
Dann im Controller/Service beim Upload aufrufen:
... try { MultipartHttpServletRequest req = multiPartResolver.resolveMultipart(request); MultipartFile file = req.getFile("file"); ScannerResults result = scanner.scan(new File(file.getName())); if(result.isOk()) { //save it! } else mv.addObject("error","file.virus"); } catch (MaxUploadSizeExceededException e) { mv.addObject("error","file.maxupload"); } ...
Vorher natürlich ClamAV installieren!