6a591aa48e
Prevent shared libraries from being loaded by libclam when statically linking unrar libraries ( #148 )
7 years ago
d39cb6581f
Updating libclamunrar from legacy C implementation to modern unrar 5.6.5. API changes and supporting changes included to pass the filepath of the scanned file into libclamav through the cli_ctx structure, required by the unrar library to open archives. The filename argument may be optional for the scandesc scanning variant, but libclamav will make a best effort to identify the filename from the file descriptor if it was not provided. In addition, included the ability to prefix temp file and directory names with file basenames.
7 years ago
d7979d4ff7
Restructured scan options flags from a single bitflag field to a structure containing multiple bitflag fields. This also required adding a new function to the bytecode API to get scan options a la carte, and modifying the existing function to hand back scan options in the old/deprecated uint32_t bitflag format. Re-generated bytecode iface header files.
...
Updated libclamav documentation detailing new scan options structure.
Renamed references to 'algorithmic' detection to 'heuristic' detection. Renaming references to 'properties' to 'collect metadata'.
Renamed references to 'scan all' to 'scan all match'.
Renamed a couple of 'Hueristic.*' signature names as 'Heuristics.*' signatures (plural) to match majority of other heuristics.
7 years ago
7cd9337a70
Spelling Adjustments ( #30 )
...
* spelling: accessed
* spelling: alignment
* spelling: amalgamated
* spelling: answers
* spelling: another
* spelling: acquisition
* spelling: apitid
* spelling: ascii
* spelling: appending
* spelling: appropriate
* spelling: arbitrary
* spelling: architecture
* spelling: asynchronous
* spelling: attachments
* spelling: argument
* spelling: authenticode
* spelling: because
* spelling: boundary
* spelling: brackets
* spelling: bytecode
* spelling: calculation
* spelling: cannot
* spelling: changes
* spelling: check
* spelling: children
* spelling: codegen
* spelling: commands
* spelling: container
* spelling: concatenated
* spelling: conditions
* spelling: continuous
* spelling: conversions
* spelling: corresponding
* spelling: corrupted
* spelling: coverity
* spelling: crafting
* spelling: daemon
* spelling: definition
* spelling: delivered
* spelling: delivery
* spelling: delimit
* spelling: dependencies
* spelling: dependency
* spelling: detection
* spelling: determine
* spelling: disconnects
* spelling: distributed
* spelling: documentation
* spelling: downgraded
* spelling: downloading
* spelling: endianness
* spelling: entities
* spelling: especially
* spelling: empty
* spelling: expected
* spelling: explicitly
* spelling: existent
* spelling: finished
* spelling: flexibility
* spelling: flexible
* spelling: freshclam
* spelling: functions
* spelling: guarantee
* spelling: hardened
* spelling: headaches
* spelling: heighten
* spelling: improper
* spelling: increment
* spelling: indefinitely
* spelling: independent
* spelling: inaccessible
* spelling: infrastructure
Conflicts:
docs/html/node68.html
* spelling: initializing
* spelling: inited
* spelling: instream
* spelling: installed
* spelling: initialization
* spelling: initialize
* spelling: interface
* spelling: intrinsics
* spelling: interpreter
* spelling: introduced
* spelling: invalid
* spelling: latency
* spelling: lawyers
* spelling: libclamav
* spelling: likelihood
* spelling: loop
* spelling: maximum
* spelling: million
* spelling: milliseconds
* spelling: minimum
* spelling: minzhuan
* spelling: multipart
* spelling: misled
* spelling: modifiers
* spelling: notifying
* spelling: objects
* spelling: occurred
* spelling: occurs
* spelling: occurrences
* spelling: optimization
* spelling: original
* spelling: originated
* spelling: output
* spelling: overridden
* spelling: parenthesis
* spelling: partition
* spelling: performance
* spelling: permission
* spelling: phishing
* spelling: portions
* spelling: positives
* spelling: preceded
* spelling: properties
* spelling: protocol
* spelling: protos
* spelling: quarantine
* spelling: recursive
* spelling: referring
* spelling: reorder
* spelling: reset
* spelling: resources
* spelling: resume
* spelling: retrieval
* spelling: rewrite
* spelling: sanity
* spelling: scheduled
* spelling: search
* spelling: section
* spelling: separator
* spelling: separated
* spelling: specify
* spelling: special
* spelling: statement
* spelling: streams
* spelling: succession
* spelling: suggests
* spelling: superfluous
* spelling: suspicious
* spelling: synonym
* spelling: temporarily
* spelling: testfiles
* spelling: transverse
* spelling: turkish
* spelling: typos
* spelling: unable
* spelling: unexpected
* spelling: unexpectedly
* spelling: unfinished
* spelling: unfortunately
* spelling: uninitialized
* spelling: unlocking
* spelling: unnecessary
* spelling: unpack
* spelling: unrecognized
* spelling: unsupported
* spelling: usable
* spelling: wherever
* spelling: wishlist
* spelling: white
* spelling: infrastructure
* spelling: directories
* spelling: overridden
* spelling: permission
* spelling: yesterday
* spelling: initialization
* spelling: intrinsics
* space adjustment for spelling changes
* minor modifications by klin
8 years ago
d0cba11ea7
adding back changes to eliminate warnings from mspack, matcher, others, and readdb.
8 years ago
169af0fc67
Revert "eliminating warnings. mostly correcting variable types. also correcting struct initialization in a couple instances (var = {0} does not zero the memory on all platforms). Also some minor formatting corrections in areas I was already working. eliminated some unused variables."
...
This reverts commit 84a7f40288
8 years ago
84a7f40288
eliminating warnings. mostly correcting variable types. also correcting struct initialization in a couple instances (var = {0} does not zero the memory on all platforms). Also some minor formatting corrections in areas I was already working. eliminated some unused variables.
8 years ago
48d3f284db
fix for 0.99.3 false negative of Andr.Trojan.SMSsend-2.
9 years ago
167c007929
fix 0.99.3 false negative of virus Pdf.Exploit.CVE_2016_1046-1.
9 years ago
56eed3edf7
Fix for regression FN's.
9 years ago
cbf5017a7d
bb11805 fix multiple results. Refactor false positive and heuristic precedence logic.
9 years ago
631cb6a005
Fixes and updates to intermediate container sig rules based on code review
9 years ago
031fe00a4d
restructure container typing system to use array ( #2 )
9 years ago
90f29efa62
Suppress multiple viruses for BLOCKMAX edge case.
9 years ago
312b7e5391
bb11522 - enable clamscan option --blockmax to flag files as virus Heuristic.Limits.Exceeded when --max-filesize, --max-scansize, or --max-recursion is exceeded.
9 years ago
5eaf0b320a
bb#11003 - fix dconf and option handling for nocert and dumpcert
10 years ago
059ca61484
compiler warning suppression
10 years ago
731c8e6213
hwp3.x: add support for maximum recursive calls to hwp3 parsing
10 years ago
1f1bf36b8e
Add 'virus found' callback. Refactor scan-all API.
10 years ago
46a35abe56
mass update of copyright headers
10 years ago
a6d2b523d0
bb#11377 - stub pcre functions for dynamic library mapping
11 years ago
4fd82eb0fb
cid 12213 - fix error state for pwdb intialization
11 years ago
baeb625351
bb11343: Adding configure option to remove yara at compile-time.
11 years ago
038cb67a35
pwdb: restructured storage for time efficiency
11 years ago
ac0cbde82b
engine: added .pwdb handler and storage
11 years ago
b289385d32
various fixes for windows build
11 years ago
b6ad432280
Fix for unit test failure.
11 years ago
5842265fd9
Enable YARA include directives, import YARA compiler struct and functions, improve YARA parse/lex error messages.
11 years ago
d03c18bed3
Fix YARA arena management, improve error reporting, clean up some code.
11 years ago
20a3b53b6c
converted cb_file_props from using engine-based ctx to file-based ctx
11 years ago
3741573205
added option to limit pcre execution based on filesize
11 years ago
7af020b27c
fixed undefined reference if pcre is disabled
11 years ago
effb4f51fc
pcre: intialization function
11 years ago
9bc7c13882
pcre: added and linked options to set match_limit and match_limit_recursion
...
pcre: separated parsing function into parsing and compiling functions
12 years ago
cd94be7a52
Silence a bunch of compiler warnings in libclamav
12 years ago
78ee2250ae
Call cl_initialize_crypto() in cl_init()
12 years ago
60d8d2c352
Move all the crypto API to clamav.h
12 years ago
49b33289e0
Add timeout facility for file property scanning and clamscan timeout testing parameter.
12 years ago
6c048b8a30
Use json_object_object_get_ex() rather than json_object_object_get(), which is deprecated in json-c 0.10
12 years ago
152a0e3900
added cl_engine_set_clcb_file_props to libclamav map
...
added file_props_cb and data settings transfer
12 years ago
6606d05000
Add callback for user processing of json string and result of json scan.
12 years ago
e198df77ab
bb#10988 - fixed stats overwrite on settings transfer
...
stats: fixed issue with mutex unlocking
12 years ago
bbab63daec
Initialize OpenSSL within the application, not within libclamav
12 years ago
2f84284606
Add virus names to preclass properties json file.
12 years ago
09fcff6a0d
Revert "Re-enable the intelligence gathering framework"
...
This reverts commit 487f270148
12 years ago
487f270148
Re-enable the intelligence gathering framework
12 years ago
241c1c7b00
Don't use CTORs or DTORs on Windows
12 years ago
d47db07a3d
Disable stats in preparation for the QA drop
12 years ago
067bce5fbc
engine: added max-iconspe(MaxIconsPE) option and docs
12 years ago
da6e06dd68
Provide further abstractions to the OpenSSL integration work
12 years ago
Russ Kubik