a9a7122b1a
Add more complete support for SHA384, SHA512 hashes
7 years ago
c714559526
Add support for MD5 and SHA256 hash-based validation of the exe code
...
Also refactors the code a bit to consolidate some duplicate functionality
7 years ago
4cd3d28491
Add minimal support for parsing SHA384-based certificates
...
This doesn't add support to actually verify whitelisting rules
against SHA384 signatures, but makes it so that verification
doesn't fail completely if there is a SHA384 certificate somewhere
in the signature.
7 years ago
12341e15de
Add more debug messages in fail cases, more comments, minor changes
7 years ago
d39cb6581f
Updating libclamunrar from legacy C implementation to modern unrar 5.6.5. API changes and supporting changes included to pass the filepath of the scanned file into libclamav through the cli_ctx structure, required by the unrar library to open archives. The filename argument may be optional for the scandesc scanning variant, but libclamav will make a best effort to identify the filename from the file descriptor if it was not provided. In addition, included the ability to prefix temp file and directory names with file basenames.
7 years ago
f61e92da8f
Changing numerous scan options' names, primarily those of heuristic signatature alert options. Original options (command line and clamd) will remain as deprecated & undocumented for a couple releases. Added 2 extra scan options to allow users to differentiate between alerting on encrypted archives vs encrypted documents (bb11911).
7 years ago
d7979d4ff7
Restructured scan options flags from a single bitflag field to a structure containing multiple bitflag fields. This also required adding a new function to the bytecode API to get scan options a la carte, and modifying the existing function to hand back scan options in the old/deprecated uint32_t bitflag format. Re-generated bytecode iface header files.
...
Updated libclamav documentation detailing new scan options structure.
Renamed references to 'algorithmic' detection to 'heuristic' detection. Renaming references to 'properties' to 'collect metadata'.
Renamed references to 'scan all' to 'scan all match'.
Renamed a couple of 'Hueristic.*' signature names as 'Heuristics.*' signatures (plural) to match majority of other heuristics.
7 years ago
89d5207b31
Added new pdf object stream parsing capability.
7 years ago
65ce67f911
0.101.0 - Removing call to EVP_cleanup since cleanup is now handled by auto-deinit
7 years ago
81b06239cc
Add missing const qualifier for "alg" (algorithm) parameter for various ClamAV crypto functions
7 years ago
f50f7f306e
Add missing const keyword in cl_update_hash()
7 years ago
7cd9337a70
Spelling Adjustments ( #30 )
...
* spelling: accessed
* spelling: alignment
* spelling: amalgamated
* spelling: answers
* spelling: another
* spelling: acquisition
* spelling: apitid
* spelling: ascii
* spelling: appending
* spelling: appropriate
* spelling: arbitrary
* spelling: architecture
* spelling: asynchronous
* spelling: attachments
* spelling: argument
* spelling: authenticode
* spelling: because
* spelling: boundary
* spelling: brackets
* spelling: bytecode
* spelling: calculation
* spelling: cannot
* spelling: changes
* spelling: check
* spelling: children
* spelling: codegen
* spelling: commands
* spelling: container
* spelling: concatenated
* spelling: conditions
* spelling: continuous
* spelling: conversions
* spelling: corresponding
* spelling: corrupted
* spelling: coverity
* spelling: crafting
* spelling: daemon
* spelling: definition
* spelling: delivered
* spelling: delivery
* spelling: delimit
* spelling: dependencies
* spelling: dependency
* spelling: detection
* spelling: determine
* spelling: disconnects
* spelling: distributed
* spelling: documentation
* spelling: downgraded
* spelling: downloading
* spelling: endianness
* spelling: entities
* spelling: especially
* spelling: empty
* spelling: expected
* spelling: explicitly
* spelling: existent
* spelling: finished
* spelling: flexibility
* spelling: flexible
* spelling: freshclam
* spelling: functions
* spelling: guarantee
* spelling: hardened
* spelling: headaches
* spelling: heighten
* spelling: improper
* spelling: increment
* spelling: indefinitely
* spelling: independent
* spelling: inaccessible
* spelling: infrastructure
Conflicts:
docs/html/node68.html
* spelling: initializing
* spelling: inited
* spelling: instream
* spelling: installed
* spelling: initialization
* spelling: initialize
* spelling: interface
* spelling: intrinsics
* spelling: interpreter
* spelling: introduced
* spelling: invalid
* spelling: latency
* spelling: lawyers
* spelling: libclamav
* spelling: likelihood
* spelling: loop
* spelling: maximum
* spelling: million
* spelling: milliseconds
* spelling: minimum
* spelling: minzhuan
* spelling: multipart
* spelling: misled
* spelling: modifiers
* spelling: notifying
* spelling: objects
* spelling: occurred
* spelling: occurs
* spelling: occurrences
* spelling: optimization
* spelling: original
* spelling: originated
* spelling: output
* spelling: overridden
* spelling: parenthesis
* spelling: partition
* spelling: performance
* spelling: permission
* spelling: phishing
* spelling: portions
* spelling: positives
* spelling: preceded
* spelling: properties
* spelling: protocol
* spelling: protos
* spelling: quarantine
* spelling: recursive
* spelling: referring
* spelling: reorder
* spelling: reset
* spelling: resources
* spelling: resume
* spelling: retrieval
* spelling: rewrite
* spelling: sanity
* spelling: scheduled
* spelling: search
* spelling: section
* spelling: separator
* spelling: separated
* spelling: specify
* spelling: special
* spelling: statement
* spelling: streams
* spelling: succession
* spelling: suggests
* spelling: superfluous
* spelling: suspicious
* spelling: synonym
* spelling: temporarily
* spelling: testfiles
* spelling: transverse
* spelling: turkish
* spelling: typos
* spelling: unable
* spelling: unexpected
* spelling: unexpectedly
* spelling: unfinished
* spelling: unfortunately
* spelling: uninitialized
* spelling: unlocking
* spelling: unnecessary
* spelling: unpack
* spelling: unrecognized
* spelling: unsupported
* spelling: usable
* spelling: wherever
* spelling: wishlist
* spelling: white
* spelling: infrastructure
* spelling: directories
* spelling: overridden
* spelling: permission
* spelling: yesterday
* spelling: initialization
* spelling: intrinsics
* space adjustment for spelling changes
* minor modifications by klin
7 years ago
165faf66eb
bb11741 - fix compiler warnings due to STAT64_BLACKLIST. Patch supplied by Ruga.
8 years ago
678421af5d
remove incorrcet comment.
9 years ago
5eaf0b320a
bb#11003 - fix dconf and option handling for nocert and dumpcert
9 years ago
ea9ffd291b
add scanning options for scanning xml-based documents (MSXML, OOXML, HWPML) and HWP3
9 years ago
731c8e6213
hwp3.x: add support for maximum recursive calls to hwp3 parsing
9 years ago
1f1bf36b8e
Add 'virus found' callback. Refactor scan-all API.
10 years ago
46a35abe56
mass update of copyright headers
10 years ago
bbfac25813
bb11343: Adding yara-rules (yes|no|only) runtime option for clamscan.
10 years ago
20a3b53b6c
converted cb_file_props from using engine-based ctx to file-based ctx
10 years ago
3741573205
added option to limit pcre execution based on filesize
11 years ago
5c2c723361
added pcre execution time and match performance tracking
...
fixed an issue with statistics reporting with no signatures loaded
11 years ago
9bc7c13882
pcre: added and linked options to set match_limit and match_limit_recursion
...
pcre: separated parsing function into parsing and compiling functions
11 years ago
fc6678733f
Add macro to help with unused parameter compiler warnings
11 years ago
634bf28479
Fix Windows build
11 years ago
9363412bbb
bb11041 - Add cl_initialize_crypto() to the example file
11 years ago
60d8d2c352
Move all the crypto API to clamav.h
11 years ago
49b33289e0
Add timeout facility for file property scanning and clamscan timeout testing parameter.
11 years ago
6606d05000
Add callback for user processing of json string and result of json scan.
11 years ago
f944b68243
Fix typo
11 years ago
221825fd59
Update copyright information.
11 years ago
e56f094920
Add build support for libjson and initial json work for properties file.
11 years ago
387021619b
Turn stats into an opt-in feature rather than an opt-out feature for the 0.98.2 release
11 years ago
067bce5fbc
engine: added max-iconspe(MaxIconsPE) option and docs
11 years ago
97fbb02b58
libclamav: added an engine option to set max partitions in raw dmgs
...
libclamav: added partition intersection checking support
clamd/clamscan: added max-partitions and partition-intersection options
11 years ago
4e1236c802
Add option for configuring the timeout for stats submissions
11 years ago
e8a1a9056c
Add ability to disable stats
11 years ago
3c29ca0b10
Phase 1 of reporting hashes of PE sections
...
Conflicts:
libclamav/stats.h
11 years ago
4473a0a954
Add more callbacks. Simplify the checks for submitting stats in the add sample callback
11 years ago
f2571e344b
First initial commit of the stats gathering feature
...
Conflicts:
libclamav/Makefile.am
libclamav/Makefile.in
libclamav/others.c
libclamav/others.h
unit_tests/Makefile.in
11 years ago
ca06899223
Add cl_always_gen_section_hash to clamav.h
12 years ago
05d4767e84
Hex-ify the engine_options bit flags
12 years ago
f456c5ad1b
Convert the ForceToDisk option to use the engine_options bitfield
12 years ago
34e9acb098
Add option to disable the cache. Add a new bitfield in the engine struct that will govern options relating to engine internals.
12 years ago
3cab931d78
Add ForceToDisk option for clamd and force-to-disk arg for clamscan
12 years ago
d9b6b8c757
bb#8993 - Rename the STAT macro to CLAMSTAT to avoid name conflicts on AIX
12 years ago
e542ad454d
freshclam mods for enhanced signatures
12 years ago
181f2f01d8
bb6718 - Add OSX to the stat64 blacklist
12 years ago
1e41fdba27
bb #6678 : Add runtime enable/disable of SWF scanning via option CL_SCAN_SWF
12 years ago
Andrew