Fix for CVE-2008-3914, applied upstream in 0.94
svn diff -c 4123 http://svn.clamav.net/svn/clamav-devel/trunk/
svn diff -c 4124 http://svn.clamav.net/svn/clamav-devel/trunk/

Invalid fd close, not really part of the CVE
svn diff -c 4125 http://svn.clamav.net/svn/clamav-devel/trunk/

diff -pruN clamav-0.93.3.orig/libclamav/others.c clamav-0.93.3/libclamav/others.c
--- clamav-0.93.3.orig/libclamav/others.c	2008-07-07 13:06:30.000000000 +0200
+++ clamav-0.93.3/libclamav/others.c	2008-11-13 19:02:13.000000000 +0100
@@ -799,8 +799,11 @@ int cli_filecopy(const char *src, const 
 	return -1;
     }
 
-    if(!(buffer = cli_malloc(FILEBUFF)))
+    if(!(buffer = cli_malloc(FILEBUFF))) {
+	close(s);
+	close(d);
 	return -1;
+    }
 
     while((bytes = cli_readn(s, buffer, FILEBUFF)) > 0)
 	cli_writen(d, buffer, bytes);
diff -pruN clamav-0.93.3.orig/libclamav/sis.c clamav-0.93.3/libclamav/sis.c
--- clamav-0.93.3.orig/libclamav/sis.c	2008-04-02 22:17:27.000000000 +0200
+++ clamav-0.93.3/libclamav/sis.c	2008-11-13 19:02:13.000000000 +0100
@@ -506,6 +506,7 @@ static int real_scansis(FILE *f, cli_ctx
 	    return CL_EIO;
 	  }
 	  if (cli_writen(fd, decomp, olen)!=(int)olen) {
+	    close(fd);
 	    free(decomp);
 	    free(ptrs);
 	    free(alangs);
diff -pruN clamav-0.93.3.orig/shared/tar.c clamav-0.93.3/shared/tar.c
--- clamav-0.93.3.orig/shared/tar.c	2008-05-27 13:45:19.000000000 +0200
+++ clamav-0.93.3/shared/tar.c	2008-11-13 19:02:13.000000000 +0100
@@ -60,10 +60,8 @@ int tar_addfile(int fd, gzFile *gzs, con
 	unsigned int i, chksum = 0;
 
 
-    if((s = open(file, O_RDONLY|O_BINARY)) == -1) {
-	close(s);
+    if((s = open(file, O_RDONLY|O_BINARY)) == -1)
 	return -1;
-    }
 
     if(fstat(s, &sb) == -1) {
 	close(s);