GitList

clamscan/clamscan.c

e3aaff8e	/*
086eab5c	* Copyright (C) 2007-2009 Sourcefire, Inc. * * Authors: Tomasz Kojm
e3aaff8e	* * This program is free software; you can redistribute it and/or modify
bb34cb31	* it under the terms of the GNU General Public License version 2 as * published by the Free Software Foundation.
e3aaff8e	* * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software
48b7b4a7	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA.
e3aaff8e	*/
6d6e8271	#if HAVE_CONFIG_H #include "clamav-config.h" #endif
e3aaff8e	#include <stdio.h> #include <stdlib.h> #include <string.h>
9a03413e	#include <signal.h>
34f71e0e	#ifdef HAVE_UNISTD_H
e3aaff8e	#include <unistd.h>
34f71e0e	#endif
4cd80898	#ifndef _WIN32
e3aaff8e	#include <sys/time.h>
34f71e0e	#endif
e3aaff8e	#include <time.h>
7a2997f1	#ifdef C_LINUX #include <sys/resource.h> #endif
e3aaff8e	#include "others.h"
7a2997f1	#include "global.h"
e3aaff8e	#include "manager.h"
afb48b28
7a2997f1	#include "shared/misc.h" #include "shared/output.h"
ee6702ab	#include "shared/actions.h"
269d520d	#include "shared/optparser.h"
fc56deed
24555841	#include "libclamav/str.h"
ec6429ab	#include "libclamav/clamav.h"
24555841
e3aaff8e	void help(void);
7a2997f1	struct s_info info;
58bcf502	short recursion = 0, printinfected = 0, bell = 0;
7b8edc5c	int main(int argc, char **argv)
e3aaff8e	{ int ds, dms, ret;
5da3127b	double mb, rmb;
e3aaff8e	struct timeval t1, t2;
4cd80898	#ifndef _WIN32
9a03413e	sigset_t sigset;
34f71e0e	#endif
269d520d	struct optstruct opts; const struct optstruct opt;
e3aaff8e
bca0b679	if(check_flevel()) exit(2);
4cd80898	#if !defined(_WIN32) && !defined(C_BEOS)
9a03413e	sigemptyset(&sigset); sigaddset(&sigset, SIGXFSZ); sigprocmask(SIG_SETMASK, &sigset, NULL); #endif
269d520d
a68d5e2f	if((opts = optparse(NULL, argc, argv, 1, OPT_CLAMSCAN, 0, NULL)) == NULL) {
269d520d	mprintf("!Can't parse command line options\n");
8770404a	return 2;
7b8edc5c	}
269d520d	if(optget(opts, "verbose")->enabled) {
afb48b28	mprintf_verbose = 1; logg_verbose = 1; }
e3aaff8e
269d520d	if(optget(opts, "quiet")->enabled)
58bcf502	mprintf_quiet = 1;
e3aaff8e
269d520d	if(optget(opts, "stdout")->enabled)
58bcf502	mprintf_stdout = 1;
e3aaff8e
7b8edc5c
269d520d	if(optget(opts, "debug")->enabled) {
fc56deed	#if defined(C_LINUX) /* njh@bandsman.co.uk: create a dump if needed / struct rlimit rlim; rlim.rlim_cur = rlim.rlim_max = RLIM_INFINITY; if(setrlimit(RLIMIT_CORE, &rlim) < 0) perror("setrlimit"); #endif cl_debug(); / enable debug messages */ }
d4d14218
269d520d	if(optget(opts, "version")->enabled) { print_version(optget(opts, "database")->strarg); optfree(opts);
c32360c1	return 0;
e3aaff8e	}
269d520d	if(optget(opts, "help")->enabled) { optfree(opts);
e3aaff8e	help();
7b8edc5c	return 0;
e3aaff8e	}
269d520d	if(optget(opts, "recursive")->enabled)
58bcf502	recursion = 1;
e3aaff8e
269d520d	if(optget(opts, "infected")->enabled)
58bcf502	printinfected = 1;
e3aaff8e
269d520d	if(optget(opts, "bell")->enabled)
58bcf502	bell = 1;
af22ece1
e3aaff8e	/* initialize logger */
269d520d	if((opt = optget(opts, "log"))->enabled) { logg_file = opt->strarg;
914ce12d	if(logg("#\n-------------------------------------------------------------------------------\n\n")) {
e3aaff8e	mprintf("!Problem with internal logger.\n");
269d520d	optfree(opts);
8770404a	return 2;
e3aaff8e	} } else
afb48b28	logg_file = NULL;
e3aaff8e
ee6702ab	if(actsetup(opts)) { optfree(opts); logg_close(); exit(2); }
7b8edc5c
7a2997f1	memset(&info, 0, sizeof(struct s_info));
e3aaff8e
b8f3f028	gettimeofday(&t1, NULL);
34f71e0e
269d520d	ret = scanmanager(opts);
e3aaff8e
269d520d	if(!optget(opts, "no-summary")->enabled) {
b8f3f028	gettimeofday(&t2, NULL);
be4bf7f4	ds = t2.tv_sec - t1.tv_sec;
e3aaff8e	dms = t2.tv_usec - t1.tv_usec; ds -= (dms < 0) ? (1):(0); dms += (dms < 0) ? (1000000):(0);
0ae41a2d	logg("\n----------- SCAN SUMMARY -----------\n");
7a2997f1	logg("Known viruses: %u\n", info.sigs);
add738d2	logg("Engine version: %s\n", get_version());
7a2997f1	logg("Scanned directories: %u\n", info.dirs); logg("Scanned files: %u\n", info.files); logg("Infected files: %u\n", info.ifiles);
8770404a	if(info.errors) logg("Total errors: %u\n", info.errors);
ee6702ab	if(notremoved) { logg("Not removed: %u\n", notremoved);
e3aaff8e	}
ee6702ab	if(notmoved) { logg("Not %s: %u\n", optget(opts, "copy")->enabled ? "moved" : "copied", notmoved);
e3aaff8e	}
7a2997f1	mb = info.blocks * (CL_COUNT_PRECISION / 1024) / 1024.0;
0ae41a2d	logg("Data scanned: %2.2lf MB\n", mb);
5da3127b	rmb = info.rblocks * (CL_COUNT_PRECISION / 1024) / 1024.0; logg("Data read: %2.2lf MB (ratio %.2f:1)\n", rmb, info.rblocks ? (double)info.blocks/(double)info.rblocks : 0);
7a2997f1	logg("Time: %u.%3.3u sec (%u m %u s)\n", ds, dms/1000, ds/60, ds%60);
e3aaff8e	}
269d520d	optfree(opts);
34f71e0e
c32360c1	return ret;
e3aaff8e	} void help(void) { mprintf_stdout = 1; mprintf("\n");
add738d2	mprintf(" Clam AntiVirus Scanner %s\n", get_version());
6670464f	printf(" By The ClamAV Team: http://www.clamav.net/team\n"); printf(" (C) 2007-2009 Sourcefire, Inc.\n\n");
5def21ff
a36e6e5c	mprintf(" --help -h Print this help screen\n"); mprintf(" --version -V Print version number\n");
5def21ff	mprintf(" --verbose -v Be verbose\n");
a36e6e5c	mprintf(" --debug Enable libclamav's debug messages\n"); mprintf(" --quiet Only output error messages\n");
5def21ff	mprintf(" --stdout Write to stdout instead of stderr\n");
a36e6e5c	mprintf(" --no-summary Disable summary at end of scanning\n"); mprintf(" --infected -i Only print infected files\n"); mprintf(" --bell Sound bell on virus detection\n");
e3aaff8e	mprintf("\n");
a9082ea2	mprintf(" --tempdir=DIRECTORY Create temporary files in DIRECTORY\n");
269d520d	mprintf(" --leave-temps[=yes/no(*)] Do not remove temporary files\n");
5def21ff	mprintf(" --database=FILE/DIR -d FILE/DIR Load virus database from FILE or load\n");
269d520d	mprintf(" all supported db files from DIR\n");
208ceae5	mprintf(" --official-db-only[=yes/no(*)] Only load official signatures\n");
a9ebff44	mprintf(" --log=FILE -l FILE Save scan report to FILE\n");
269d520d	mprintf(" --recursive[=yes/no(*)] -r Scan subdirectories recursively\n");
2086dc5c	mprintf(" --cross-fs[=yes(*)/no] Scan files and directories on other filesystems\n");
8c57a6c1	mprintf(" --follow-dir-symlinks[=0/1()/2] Follow directory symlinks (0 = never, 1 = direct, 2 = always)\n"); mprintf(" --follow-file-symlinks[=0/1()/2] Follow file symlinks (0 = never, 1 = direct, 2 = always)\n");
c2b6681b	mprintf(" --file-list=FILE -f FILE Scan files from FILE\n");
269d520d	mprintf(" --remove[=yes/no(*)] Remove infected files. Be careful!\n");
5def21ff	mprintf(" --move=DIRECTORY Move infected files into DIRECTORY\n");
c6d2bbbc	mprintf(" --copy=DIRECTORY Copy infected files into DIRECTORY\n");
266f3967	mprintf(" --exclude=REGEX Don't scan file names matching REGEX\n");
66ceca09	mprintf(" --exclude-dir=REGEX Don't scan directories matching REGEX\n");
266f3967	mprintf(" --include=REGEX Only scan file names matching REGEX\n");
66ceca09	mprintf(" --include-dir=REGEX Only scan directories matching REGEX\n");
e3aaff8e	mprintf("\n");
c4910836	mprintf(" --bytecode[=yes(*)/no] Load bytecode from the database\n");
a2a739aa	mprintf(" --bytecode-unsigned[=yes/no(*)] Load unsigned bytecode\n");
8c57a6c1	mprintf(" --bytecode-timeout=N Set bytecode timeout (in milliseconds)\n");
269d520d	mprintf(" --detect-pua[=yes/no(*)] Detect Possibly Unwanted Applications\n");
b023c36d	mprintf(" --exclude-pua=CAT Skip PUA sigs of category CAT\n"); mprintf(" --include-pua=CAT Load PUA sigs of category CAT\n");
269d520d	mprintf(" --detect-structured[=yes/no(*)] Detect structured data (SSN, Credit Card)\n");
5fe6e72b	mprintf(" --structured-ssn-format=X SSN format (0=normal,1=stripped,2=both)\n"); mprintf(" --structured-ssn-count=N Min SSN count to generate a detect\n"); mprintf(" --structured-cc-count=N Min CC count to generate a detect\n");
269d520d	mprintf(" --scan-mail[=yes()/no] Scan mail files\n"); mprintf(" --phishing-sigs[=yes()/no] Signature-based phishing detection\n"); mprintf(" --phishing-scan-urls[=yes()/no] URL-based phishing detection\n"); mprintf(" --heuristic-scan-precedence[=yes/no()] Stop scanning as soon as a heuristic match is found\n"); mprintf(" --phishing-ssl[=yes/no()] Always block SSL mismatches in URLs (phishing module)\n"); mprintf(" --phishing-cloak[=yes/no()] Always block cloaked URLs (phishing module)\n"); mprintf(" --algorithmic-detection[=yes()/no] Algorithmic detection\n"); mprintf(" --scan-pe[=yes()/no] Scan PE files\n"); mprintf(" --scan-elf[=yes()/no] Scan ELF files\n"); mprintf(" --scan-ole2[=yes()/no] Scan OLE2 containers\n"); mprintf(" --scan-pdf[=yes()/no] Scan PDF files\n"); mprintf(" --scan-html[=yes()/no] Scan HTML files\n"); mprintf(" --scan-archive[=yes()/no] Scan archive files (supported by libclamav)\n"); mprintf(" --detect-broken[=yes/no()] Try to detect broken executable files\n"); mprintf(" --block-encrypted[=yes/no(*)] Block encrypted archives\n");
a36e6e5c	mprintf("\n");
a5d91be7	mprintf(" --max-filesize=#n Files larger than this will be skipped and assumed clean\n");
269d520d	mprintf(" --max-scansize=#n The maximum amount of data to scan for each container file ()\n"); mprintf(" --max-files=#n The maximum number of files to scan for each container file ()\n"); mprintf(" --max-recursion=#n Maximum archive recursion level for container file (**)\n");
14dee074	mprintf(" --max-dir-recursion=#n Maximum directory recursion level\n");
ec6429ab	mprintf("\n");
269d520d	mprintf("() Default scan settings\n"); mprintf("(*) Certain files (e.g. documents, archives, etc.) may in turn contain other\n"); mprintf(" files inside. The above options ensure safe processing of this kind of data.\n\n");
e3aaff8e	}