... | ... |
@@ -1,4 +1,8 @@ |
1 | 1 |
|
2 |
+Tue Feb 5 19:38:35 EDT 2013 (dar) |
|
3 |
+------------------------------------ |
|
4 |
+ * Add runtime enable/disable of SWF scanning |
|
5 |
+ |
|
2 | 6 |
Tue Jan 8 12:18:35 EDT 2013 (morgan) |
3 | 7 |
------------------------------------ |
4 | 8 |
* Fix for CL_ENULLARG reported in regression run of 0021468992.gz |
... | ... |
@@ -925,6 +925,13 @@ int recvloop_th(int *socketds, unsigned nsockets, struct cl_engine *engine, unsi |
925 | 925 |
logg("PDF support disabled.\n"); |
926 | 926 |
} |
927 | 927 |
|
928 |
+ if(optget(opts, "ScanSWF")->enabled) { |
|
929 |
+ logg("SWF support enabled.\n"); |
|
930 |
+ options |= CL_SCAN_SWF; |
|
931 |
+ } else { |
|
932 |
+ logg("SWF support disabled.\n"); |
|
933 |
+ } |
|
934 |
+ |
|
928 | 935 |
if(optget(opts, "ScanHTML")->enabled) { |
929 | 936 |
logg("HTML support enabled.\n"); |
930 | 937 |
options |= CL_SCAN_HTML; |
... | ... |
@@ -250,6 +250,7 @@ void help(void) |
250 | 250 |
mprintf(" --scan-elf[=yes(*)/no] Scan ELF files\n"); |
251 | 251 |
mprintf(" --scan-ole2[=yes(*)/no] Scan OLE2 containers\n"); |
252 | 252 |
mprintf(" --scan-pdf[=yes(*)/no] Scan PDF files\n"); |
253 |
+ mprintf(" --scan-swf[=yes(*)/no] Scan SWF files\n"); |
|
253 | 254 |
mprintf(" --scan-html[=yes(*)/no] Scan HTML files\n"); |
254 | 255 |
mprintf(" --scan-archive[=yes(*)/no] Scan archive files (supported by libclamav)\n"); |
255 | 256 |
mprintf(" --detect-broken[=yes/no(*)] Try to detect broken executable files\n"); |
... | ... |
@@ -821,6 +821,9 @@ int scanmanager(const struct optstruct *opts) |
821 | 821 |
if(optget(opts, "scan-pdf")->enabled) |
822 | 822 |
options |= CL_SCAN_PDF; |
823 | 823 |
|
824 |
+ if(optget(opts, "scan-swf")->enabled) |
|
825 |
+ options |= CL_SCAN_SWF; |
|
826 |
+ |
|
824 | 827 |
if(optget(opts, "scan-html")->enabled) |
825 | 828 |
options |= CL_SCAN_HTML; |
826 | 829 |
|
... | ... |
@@ -1035,6 +1035,8 @@ const char *cl_engine_get_str(const struct cl_engine *engine, |
1035 | 1035 |
files). |
1036 | 1036 |
\item \textbf{CL\_SCAN\_PDF}\\ |
1037 | 1037 |
Enables scanning within PDF files. |
1038 |
+ \item \textbf{CL\_SCAN\_SWF}\\ |
|
1039 |
+ Enables scanning within SWF files, notably compressed SWF. |
|
1038 | 1040 |
\item \textbf{CL\_SCAN\_PE}\\ |
1039 | 1041 |
This flag enables deep scanning of Portable Executable files and |
1040 | 1042 |
allows libclamav to unpack executables compressed with run-time |
... | ... |
@@ -296,6 +296,12 @@ Example |
296 | 296 |
# Default: yes |
297 | 297 |
#ScanPDF yes |
298 | 298 |
|
299 |
+# This option enables scanning within SWF files. |
|
300 |
+# If you turn off this option, the original files will still be scanned, but |
|
301 |
+# without decoding and additional processing. |
|
302 |
+# Default: yes |
|
303 |
+#ScanSWF yes |
|
304 |
+ |
|
299 | 305 |
|
300 | 306 |
## |
301 | 307 |
## Mail files |
... | ... |
@@ -148,12 +148,13 @@ typedef enum { |
148 | 148 |
#define CL_SCAN_HEURISTIC_PRECEDENCE 0x80000 |
149 | 149 |
#define CL_SCAN_BLOCKMACROS 0x100000 |
150 | 150 |
#define CL_SCAN_ALLMATCHES 0x200000 |
151 |
+#define CL_SCAN_SWF 0x400000 |
|
151 | 152 |
|
152 | 153 |
#define CL_SCAN_PERFORMANCE_INFO 0x40000000 /* collect performance timings */ |
153 | 154 |
#define CL_SCAN_INTERNAL_COLLECT_SHA 0x80000000 /* Enables hash output in sha-collect builds - for internal use only */ |
154 | 155 |
|
155 | 156 |
/* recommended scan settings */ |
156 |
-#define CL_SCAN_STDOPT (CL_SCAN_ARCHIVE | CL_SCAN_MAIL | CL_SCAN_OLE2 | CL_SCAN_PDF | CL_SCAN_HTML | CL_SCAN_PE | CL_SCAN_ALGORITHMIC | CL_SCAN_ELF) |
|
157 |
+#define CL_SCAN_STDOPT (CL_SCAN_ARCHIVE | CL_SCAN_MAIL | CL_SCAN_OLE2 | CL_SCAN_PDF | CL_SCAN_HTML | CL_SCAN_PE | CL_SCAN_ALGORITHMIC | CL_SCAN_ELF | CL_SCAN_SWF) |
|
157 | 158 |
|
158 | 159 |
/* cl_countsigs options */ |
159 | 160 |
#define CL_COUNTSIGS_OFFICIAL 0x1 |
... | ... |
@@ -341,6 +341,7 @@ extern int have_rar; |
341 | 341 |
#define BLOCK_MACROS (ctx->options & CL_SCAN_BLOCKMACROS) |
342 | 342 |
#define SCAN_STRUCTURED (ctx->options & CL_SCAN_STRUCTURED) |
343 | 343 |
#define SCAN_ALL (ctx->options & CL_SCAN_ALLMATCHES) |
344 |
+#define SCAN_SWF (ctx->options & CL_SCAN_SWF) |
|
344 | 345 |
|
345 | 346 |
/* based on macros from A. Melnikoff */ |
346 | 347 |
#define cbswap16(v) (((v & 0xff) << 8) | (((v) >> 8) & 0xff)) |
... | ... |
@@ -325,6 +325,8 @@ const struct clam_option __clam_options[] = { |
325 | 325 |
|
326 | 326 |
{ "ScanPDF", "scan-pdf", 0, TYPE_BOOL, MATCH_BOOL, 1, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN, "This option enables scanning within PDF files.\nIf you turn off this option, the original files will still be scanned, but\nwithout decoding and additional processing.", "yes" }, |
327 | 327 |
|
328 |
+ { "ScanSWF", "scan-swf", 0, TYPE_BOOL, MATCH_BOOL, 1, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN, "This option enables scanning within SWF files.\nIf you turn off this option, the original files will still be scanned, but\nwithout decoding and additional processing.", "yes" }, |
|
329 |
+ |
|
328 | 330 |
{ "ScanArchive", "scan-archive", 0, TYPE_BOOL, MATCH_BOOL, 1, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN, "Scan within archives and compressed files.\nIf you turn off this option, the original files will still be scanned, but\nwithout unpacking and additional processing.", "yes" }, |
329 | 331 |
|
330 | 332 |
{ "ArchiveBlockEncrypted", "block-encrypted", 0, TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN, "Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).", "no" }, |
... | ... |
@@ -65,7 +65,8 @@ enum CLAM_SCAN_OPTIONS { |
65 | 65 |
CLAM_OPTION_SCAN_PE, /* Enable/disable scanning of archive PE (aka windows) executables */ |
66 | 66 |
CLAM_OPTION_SCAN_ALGORITHMIC, /* Enable/disable scanning for certain viruses and exploits */ |
67 | 67 |
CLAM_OPTION_SCAN_ELF, /* Enable/disable scanning of archive ELF (aka linux) executables */ /* FIXME: is this needed */ |
68 |
- CLAM_OPTION_SCAN_PDF /* Enable/disable scanning of Adobe PDF files */ |
|
68 |
+ CLAM_OPTION_SCAN_PDF, /* Enable/disable scanning of Adobe PDF files */ |
|
69 |
+ CLAM_OPTION_SCAN_SWF /* Enable/disable scanning of Adobe Flash files */ |
|
69 | 70 |
}; |
70 | 71 |
/* NOTE: by default (i.e. before calling Scan_SetOption) ALL the options are ENABLED! */ |
71 | 72 |
|
... | ... |
@@ -647,6 +647,10 @@ int CLAMAPI Scan_SetOption(CClamAVScanner *pScanner, int option, void *value, un |
647 | 647 |
logg("CLAM_OPTION_SCAN_ELF: %s on instance %p\n", newval ? "enabled" : "disabled", inst); |
648 | 648 |
whichopt = CL_SCAN_ELF; |
649 | 649 |
break; |
650 |
+ case CLAM_OPTION_SCAN_SWF: |
|
651 |
+ logg("CLAM_OPTION_SCAN_SWF: %s on instance %p\n", newval ? "enabled" : "disabled", inst); |
|
652 |
+ whichopt = CL_SCAN_SWF; |
|
653 |
+ break; |
|
650 | 654 |
default: |
651 | 655 |
unlock_instances(); |
652 | 656 |
FAIL(CL_EARG, "Unsupported option: %d", option); |
... | ... |
@@ -702,6 +706,9 @@ int CLAMAPI Scan_GetOption(CClamAVScanner *pScanner, int option, void *value, un |
702 | 702 |
case CLAM_OPTION_SCAN_ELF: |
703 | 703 |
whichopt = CL_SCAN_ELF; |
704 | 704 |
break; |
705 |
+ case CLAM_OPTION_SCAN_SWF: |
|
706 |
+ whichopt = CL_SCAN_SWF; |
|
707 |
+ break; |
|
705 | 708 |
default: |
706 | 709 |
unlock_instances(); |
707 | 710 |
FAIL(CL_EARG, "Unsupported option: %d", option); |