Test: Add basic LDB Container & Intermediates tests

Add basic tests for the Container and Intermediates logical signature
features.

The Intermediates test verifies that a text file containing:
  v1rusv1rus
and wrapped in a 7z and then zip archives can be correctly detected when
Intermediates is set to: CL_TYPE_7Z>CL_TYPE_ZIP

The Container test just checks the container is CL_TYPE_ZIP

unit_tests/clamscan_test.py

@@ -500,3 +500,61 @@ rule regex
             'has_png_and_jpeg.xls: logo.png.good.UNOFFICIAL FOUND',
         ]
         self.verify_output(output.out, expected=expected_stdout)
+
+    def test_clamscan_15_container(self):
+        self.step_name('Test that clamav can successfully alert on jpeg image extracted from XLS documents')
+        # Note: we aren't testing PNG because the attached PNG is not properly fuzzy-hashed by clamav, yet.
+
+        os.mkdir(str(TC.path_db / '7z_zip_container'))
+
+        (TC.path_db / '7z_zip_container' / 'test.ldb').write_text(
+            "7z_zip_container_good;Engine:81-255,Container:CL_TYPE_7Z,Target:0;0;0:7631727573\n"
+            "7z_zip_container_bad;Engine:81-255,Container:CL_TYPE_ZIP,Target:0;0;0:7631727573\n"
+        )
+
+        testfiles = TC.path_source / 'unit_tests' / 'input' / 'other_scanfiles' / 'v1rusv1rus.7z.zip'
+        command = '{valgrind} {valgrind_args} {clamscan} -d {path_db} {testfiles} --gen-json --debug --allmatch'.format(
+            valgrind=TC.valgrind, valgrind_args=TC.valgrind_args, clamscan=TC.clamscan,
+            path_db=TC.path_db / '7z_zip_container' / 'test.ldb',
+            testfiles=testfiles,
+        )
+        output = self.execute_command(command)
+
+        assert output.ec == 1  # no virus, no failures
+
+        expected_stdout = [
+            'v1rusv1rus.7z.zip: 7z_zip_container_good.UNOFFICIAL FOUND',
+        ]
+        unexpected_stdout = [
+            'v1rusv1rus.7z.zip: 7z_zip_container_bad.UNOFFICIAL FOUND',
+        ]
+        self.verify_output(output.out, expected=expected_stdout, unexpected=unexpected_stdout)
+
+    def test_clamscan_16_intermediates(self):
+        self.step_name('Test that clamav can successfully alert on jpeg image extracted from XLS documents')
+        # Note: we aren't testing PNG because the attached PNG is not properly fuzzy-hashed by clamav, yet.
+
+        os.mkdir(str(TC.path_db / '7z_zip_intermediates'))
+
+        (TC.path_db / '7z_zip_intermediates' / 'test.ldb').write_text(
+            "7z_zip_intermediates_good;Engine:81-255,Intermediates:CL_TYPE_ZIP>CL_TYPE_7Z,Target:0;0;0:7631727573\n"
+            "7z_zip_intermediates;Engine:81-255,Intermediates:CL_TYPE_7Z>CL_TYPE_TEXT_ASCII,Target:0;0;0:7631727573\n"
+        )
+
+        testfiles = TC.path_source / 'unit_tests' / 'input' / 'other_scanfiles' / 'v1rusv1rus.7z.zip'
+        command = '{valgrind} {valgrind_args} {clamscan} -d {path_db} {testfiles} --gen-json --debug --allmatch'.format(
+            valgrind=TC.valgrind, valgrind_args=TC.valgrind_args, clamscan=TC.clamscan,
+            path_db=TC.path_db / '7z_zip_intermediates' / 'test.ldb',
+            testfiles=testfiles,
+        )
+        output = self.execute_command(command)
+
+        assert output.ec == 1  # no virus, no failures
+
+        expected_stdout = [
+            'v1rusv1rus.7z.zip: 7z_zip_intermediates_good.UNOFFICIAL FOUND',
+        ]
+        unexpected_stdout = [
+            'v1rusv1rus.7z.zip: 7z_zip_intermediates_bad.UNOFFICIAL FOUND',
+        ]
+        self.verify_output(output.out, expected=expected_stdout, unexpected=unexpected_stdout)