clamav/libclamav/bytecode_api.h

/*
 *  ClamAV bytecode API.
 *
 *  Copyright (C) 2009 Sourcefire, Inc.
 *
 *  Authors: Török Edvin
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License version 2 as
 *  published by the Free Software Foundation.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
 *  MA 02110-1301, USA.
 */
#ifndef BYTECODE_API_H
#define BYTECODE_API_H

#ifdef __CLAMBC__
#include "bytecode_execs.h"
//#include "bytecode_pe.h"
#endif

#ifndef __CLAMBC__
#include "execs.h"
#include "pe.h"
#endif

struct foo {
    struct foo *nxt;
};

enum BytecodeKind {
    BC_GENERIC=0,/* generic bytecode, not tied to a specific hook */
    _BC_START_HOOKS=256,
    BC_LOGICAL=256,/* triggered by a logical signature */
    BC_PE_UNPACKER,/* a PE unpacker */
    _BC_LAST_HOOK
};

#ifdef __CLAMBC__

extern const uint32_t __clambc_match_counts[64];
extern const struct cli_exe_info __clambc_exeinfo;
extern const struct cli_pe_hook_data __clambc_pedata;

const uint16_t __clambc_kind;

uint32_t test0(struct foo*, uint32_t);
uint32_t test1(uint32_t, uint32_t);

/* reads @size bytes from current file (if any) to @data, returns amount read */
int32_t read(uint8_t *data, int32_t size);

enum {
    SEEK_SET=0,
    SEEK_CUR,
    SEEK_END
};

/* seeks current position to @pos, from @whence, returns current position from
 * start of file */
int32_t seek(int32_t pos, uint32_t whence);

/* Set the name of the virus we have found */
uint32_t setvirusname(const uint8_t *name, uint32_t len);

uint32_t debug_print_str(const uint8_t *str, uint32_t len);
uint32_t debug_print_uint(uint32_t a, uint32_t b);
//const char *LogicalSignature;

#endif
#endif
Add hidden ctx param to APIcalls. 17 years ago			`/*`
			`* ClamAV bytecode API.`
			`*`
			`* Copyright (C) 2009 Sourcefire, Inc.`
			`*`
			`* Authors: Török Edvin`
			`*`
			`* This program is free software; you can redistribute it and/or modify`
			`* it under the terms of the GNU General Public License version 2 as`
			`* published by the Free Software Foundation.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU General Public License`
			`* along with this program; if not, write to the Free Software`
			`* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,`
			`* MA 02110-1301, USA.`
			`*/`
Add generic and PE hooks. 16 years ago			`#ifndef BYTECODE_API_H`
			`#define BYTECODE_API_H`
Add hidden ctx param to APIcalls. 17 years ago
Sync with compiler. 16 years ago			`#ifdef __CLAMBC__`
			`#include "bytecode_execs.h"`
WiP 16 years ago			`//#include "bytecode_pe.h"`
Sync with compiler. 16 years ago			`#endif`

			`#ifndef __CLAMBC__`
			`#include "execs.h"`
WiP 16 years ago			`#include "pe.h"`
Sync with compiler. 16 years ago			`#endif`
Add hidden ctx param to APIcalls. 17 years ago
Implement API calls from bytecode. 17 years ago			`struct foo {`
			`struct foo *nxt;`
			`};`

Add generic and PE hooks. 16 years ago			`enum BytecodeKind {`
			`BC_GENERIC=0,/* generic bytecode, not tied to a specific hook */`
			`_BC_START_HOOKS=256,`
			`BC_LOGICAL=256,/* triggered by a logical signature */`
			`BC_PE_UNPACKER,/* a PE unpacker */`
			`_BC_LAST_HOOK`
			`};`

Add draft file API, doesn't work yet. 17 years ago			`#ifdef __CLAMBC__`

Sync with compiler. 16 years ago			`extern const uint32_t __clambc_match_counts[64];`
			`extern const struct cli_exe_info __clambc_exeinfo;`
WiP 16 years ago			`extern const struct cli_pe_hook_data __clambc_pedata;`
Sync with compiler. 16 years ago
WiP 16 years ago			`const uint16_t __clambc_kind;`
Sync with compiler. 16 years ago
ctx param to APIs 17 years ago			`uint32_t test0(struct foo*, uint32_t);`
			`uint32_t test1(uint32_t, uint32_t);`
Add draft file API, doesn't work yet. 17 years ago
			`/* reads @size bytes from current file (if any) to @data, returns amount read */`
Update to latest bytecode format. 16 years ago			`int32_t read(uint8_t *data, int32_t size);`
Add draft file API, doesn't work yet. 17 years ago
			`enum {`
			`SEEK_SET=0,`
			`SEEK_CUR,`
			`SEEK_END`
			`};`

			`/* seeks current position to @pos, from @whence, returns current position from`
			`* start of file */`
			`int32_t seek(int32_t pos, uint32_t whence);`

Logical signature hook for bytecode. 16 years ago			`/* Set the name of the virus we have found */`
			`uint32_t setvirusname(const uint8_t *name, uint32_t len);`

Update to latest bytecode format. 16 years ago			`uint32_t debug_print_str(const uint8_t *str, uint32_t len);`
WiP on debug APi. 16 years ago			`uint32_t debug_print_uint(uint32_t a, uint32_t b);`
Update to latest bytecode format. 16 years ago			`//const char *LogicalSignature;`
WiP on debug APi. 16 years ago
Add draft file API, doesn't work yet. 17 years ago			`#endif`
Add generic and PE hooks. 16 years ago			`#endif`