BXC-3225 - Virus max stream and filepath quoting (#1285)

bbpennel · web-flow · commit a9e320a72447 · 2021-08-25T14:38:48.000-04:00
* Set max stream size for virus scanning when using INSTREAM

* Quote filepath during FITS commandline call, improve error output
diff --git a/deposit/src/main/java/edu/unc/lib/deposit/validate/ExtractTechnicalMetadataJob.java b/deposit/src/main/java/edu/unc/lib/deposit/validate/ExtractTechnicalMetadataJob.java
@@ -378,10 +378,15 @@ private Document extractUsingWebService(PID objPid, Path stagedPath) {
 
     private Document extractUsingCLI(PID objPid, Path stagedPath) {
         try {
-            Process process = Runtime.getRuntime().exec(fitsCommandPath + " -i " + stagedPath);
+            String escapedPath = stagedPath.toString().replaceAll("\"", "\\\\\"");
+            String command = fitsCommandPath + " -i \"" + escapedPath + "\"";
+            Process process = Runtime.getRuntime().exec(command);
             if (process.waitFor() != 0) {
-                failJob(null, "Failed to generate report for {0}, script returned {1} with output:\n{2}",
-                        objPid, process.exitValue(), IOUtils.toString(process.getInputStream(), UTF_8));
+                String stdout = IOUtils.toString(process.getInputStream(), UTF_8);
+                String stderr = IOUtils.toString(process.getErrorStream(), UTF_8);
+                failJob(null, "Failed to generate report for {0}, using command:\n{1}\n"
+                        + "Script returned {3} with output:\n{4} {5}",
+                        objPid, command, process.exitValue(), stdout, stderr);
             }
             return createSAXBuilder().build(process.getInputStream());
         } catch (IOException | JDOMException | InterruptedException e) {
diff --git a/deposit/src/main/webapp/WEB-INF/deposit-jobs-context.xml b/deposit/src/main/webapp/WEB-INF/deposit-jobs-context.xml
@@ -197,6 +197,7 @@
         <constructor-arg type="java.lang.String" value="${clamd.host:localhost}" index="0" />
         <constructor-arg type="int" value="${clamd.port:3310}" index="1" />
         <constructor-arg type="int" value="${clamd.timeout:60000}" index="2" />
+        <property name="maxStreamSize" value="${clamd.maxStreamSize:64000000}" />
     </bean>
     
     <bean id="fileValidationExecutor" class="java.util.concurrent.Executors"
