clamav

Commit Graph

Author	SHA1	Message	Date
Steven Morgan	1c2b8bd6a4	Support wildcard alternate strings of identical length in Aho-Corasick pattern matcher.	12 years ago
Steve Morgan	6ad45a2931	add initial allscan/allmatch mode to libclamav, clamd, clamdscan, and clamscan with unit tests	13 years ago
Tomasz Kojm	0d71068897	libclamav: pass array with initial matches to bytecode (bb#2397)	15 years ago
Tomasz Kojm	b87fe3858e	libclamav/matcher-ac.c: optimize handling of multi-part signatures (bb#2322)	15 years ago
Tomasz Kojm	2db3514c4c	fix warning	15 years ago
Tomasz Kojm	04ec2e1977	libclamav: versioninfo hashset was not properly cached (bb#2065)	15 years ago
Tomasz Kojm	294558a535	libclamav: minimize header parsing (bb#2065)	15 years ago
Török Edvin	2545f9767c	Rearrange some fields in structs to avoid holes.	15 years ago
Török Edvin	5b74e89a35	enable prefiltering, and add to dconf. Also downgrade some warnings to debug messages.	16 years ago
Török Edvin	ab89360583	Support for macros in logical subsignatures (bb #164 ). In the LDB there is (one or more) special subsignature ${min-max}MACROID$, which means: must match any signature from group MACROID (for current filetype), and the match must occur at a distance of min-max from the start(!) of the previous logical subsignature match. It also has the sideeffect of making the previous subsignature considered a match only if both that and the macro matches. The offset of first match for the previous logical subsig will be the offset where the {min-max} distance is satisfied. The macro logical subsignature will have a count of 0 (if it didn't match together with the previous subsig), or a count of 1 if it did. The matches can occur anywhere (even in different ac scan buffers), since I don't call cli_ac_scanbuff I just use the offset of first match (which we have for the bytecode anyway). There can be at most 32 macro groups, signatures are added to a macro group by using $MACROID$ as offset. For example pdb entries could be converted to PDB:3:$0:<hexsig of domainname> if we assign macro id 0 to PDB (and we can assign 31 more macro ids to whatever). Example: test.ldb: TestMacro;Target:0;0&1;616161;${3-4}12$ test.ndb: D:0:$12:6262 D:0:$12:6363 D:0:$11:6262 test.dat: aaaaxccdd test-nomatch.dat: aaaaxxxccdd	16 years ago
Tomasz Kojm	baf2e702e2	libclamav: provide information about lsig matches to bytecode (bb#1799)	16 years ago
Tomasz Kojm	2e4fd44f4f	libclamav: provide offset in cli_ac_result (bb#1799)	16 years ago
aCaB	d2ba6f98bb	matching complete	16 years ago
aCaB	49cc1e3c35	s/struct F_MAP/fmap_t/	16 years ago
Tomasz Kojm	8c3c77b49c	libclamav/matcher-ac.c: implement word delimiter (B) as requested in bb#1631	16 years ago
Tomasz Kojm	a6d4c62ee5	libclamav/matcher-ac.c: initial limited support for word boundary (bb#1631)	16 years ago
Tomasz Kojm	95ac9effe4	libclamav/matcher-ac.c: alternatives can now be negated: !(aa\|bb\|cc)	16 years ago
aCaB	048d76777f	scanners to fmap - hackish peheader to fmap lacks review + elf + macho	16 years ago
Tomasz Kojm	aca9ea82df	libclamav: handle relative offsets with cli_ac_data; fix offset logic	16 years ago
Tomasz Kojm	33872a43de	libclamav: improve handling of signature offsets	16 years ago
Tomasz Kojm	589d8d8e99	libclamav: add default.h git-svn: trunk@4578	17 years ago
Tomasz Kojm	ab0d2f054d	libclamav, clamd, clamscan: use cl_engine_set() to control AC settings git-svn: trunk@4404	17 years ago
Török Edvin	fc0493d2ca	reduce memory usage of AC nodes git-svn: trunk@4363	17 years ago
Tomasz Kojm	341faf6051	libclamav: drop obsolete code in matcher-ac git-svn: trunk@4140	17 years ago
Tomasz Kojm	710a22f179	libclamav/matcher-ac.c: add support for returning multiple matches in cli_ac_scanbuff() git-svn: trunk@4017	17 years ago
Tomasz Kojm	ee8bd2fb14	libclamav: lsigs: handle extended block modifiers (bb#896) git-svn: trunk@3998	17 years ago
Török Edvin	10290ba3eb	allow custom data to be associated with patterns (such as a regex) via a void* field. Fix memory leaks, and valgrind problems in regex_list_done. git-svn: trunk@3994	17 years ago
Tomasz Kojm	677fc4ba3b	libclamav: add initial support for logical signatures (bb#896) git-svn: trunk@3993	17 years ago
Tomasz Kojm	b5513f8ddf	libclamav: add ".UNOFFICIAL" suffix to 3rd party signatures (bb#1061) git-svn: trunk@3903	17 years ago
Tomasz Kojm	2023340a41	update copyrights and stick more files to GPLv2; move and add more credits to the AUTHORS file; add COPYING.BSD git-svn: trunk@3749	17 years ago
Tomasz Kojm	5025967e6d	use limits->maxfiles instead of MAX_EMBEDDED_OBJ for ZIP-SFX git-svn: trunk@3668	18 years ago
Tomasz Kojm	6038397ea6	filetype detection improvements git-svn: trunk@3662	18 years ago
aCaB	2455584143	sync to trunk git-svn-id: file:///var/lib/svn/clamav-devel/branches/newlimits@3599 77e5149b-7576-45b1-b177-96237e5ba77b	18 years ago
Tomasz Kojm	1a2906f432	add support for matching single bytes anchored to sub-signatures; bump f-level git-svn: trunk@3588	18 years ago
Tomasz Kojm	9381324adf	avoid holes in often used data structures (bb#748); git-svn: trunk@3495	18 years ago
Tomasz Kojm	73843a79b9	add missing prototype for cli_ac_setdepth() (bb#711) git-svn: trunk@3397	18 years ago
Tomasz Kojm	3d53538b51	add cli_ac_setdepth(), --dev-ac-depth, DevACOnly, DevACDepth git-svn: trunk@3365	18 years ago
Tomasz Kojm	20c2455d14	minor tidy git-svn: trunk@3268	18 years ago
Tomasz Kojm	1a648b3717	add basic support for string alternatives; optimise bfs_enqueue/dequeue git-svn: trunk@3262	18 years ago
Tomasz Kojm	e38ab7c147	various speed optimisations git-svn: trunk@3218	18 years ago
Tomasz Kojm	fbcef1b0b5	new implementation of the Aho-Corasick pattern matcher git-svn: trunk@3038	18 years ago
Tomasz Kojm	bb34cb31fe	update some copyrights and stick to GPL v2 git-svn: trunk@3003	18 years ago
Tomasz Kojm	bedc58dee1	make some cleanups and add support for nibble matching git-svn: trunk@2992	18 years ago
Tomasz Kojm	ee99255a6d	extract and scan PE files embedded into other executables or fake zip files generated by some worms git-svn: trunk@2934	18 years ago
Sven Strickroth	a99111f050	remove old CVS-stuff and make the repository look more like SVN git-svn: trunk@2755	19 years ago
Tomasz Kojm	73218de24b	improve scanning of files whose types are detected on-the-fly git-svn: trunk@2601	19 years ago
Tomasz Kojm	227f8f7c02	multipart signatures: give higher priority to new sub-matches git-svn: trunk@2507	19 years ago
Tomasz Kojm	4e9ab8ed2f	pattern matcher accuracy improvements git-svn: trunk@2505	19 years ago
Tomasz Kojm	b58fdfc292	apply w32 patches from NJH git-svn: trunk@2359	19 years ago
Tomasz Kojm	48b7b4a747	update GPL headers with new address for FSF git-svn: trunk@1901	19 years ago

46 Commits (b842e8bf75c7f44609828657a55db54af8321e75)