Browse code
metadata JSON: Rename "Viruses" key to "Alerts"
The current name "Viruses" is incorrect both because not all malware
are viruses, but also because ClamAV may be used to classify other
data, not just to search for malware indicators.
Renaming to "Alerts" is more consistent with other language such as
the options "--alert-exceeds-max", etc.
It will match the new "IgnoredAlerts", "ContainedAlerts", and
"IgnoredContainedAlerts" JSON key names.
Valerie Snyder authored on 2025/08/08 02:31:09Showing 2 changed files
| ... | ... |
@@ -3831,7 +3831,7 @@ getHrefs(cli_ctx *ctx, message *m, tag_arguments_t *hrefs) |
| 3831 | 3831 |
|
| 3832 | 3832 |
/* TODO: make this size customisable */ |
| 3833 | 3833 |
if (len > 100 * 1024) {
|
| 3834 |
- cli_dbgmsg("Viruses pointed to by URLs not scanned in large message\n");
|
|
| 3834 |
+ cli_dbgmsg("HTML pointed to by URLs not scanned in large message\n");
|
|
| 3835 | 3835 |
blobDestroy(b); |
| 3836 | 3836 |
return NULL; |
| 3837 | 3837 |
} |
| ... | ... |
@@ -1575,7 +1575,7 @@ static cl_error_t append_virus(cli_ctx *ctx, const char *virname, IndicatorType |
| 1575 | 1575 |
|
| 1576 | 1576 |
if (SCAN_COLLECT_METADATA && ctx->this_layer_metadata_json) {
|
| 1577 | 1577 |
if (type == IndicatorType_Weak) {
|
| 1578 |
- // If this is a weak indicator, we don't add it to the "Viruses" array. |
|
| 1578 |
+ // If this is a weak indicator, we don't add it to the "Alerts" array. |
|
| 1579 | 1579 |
// Instead, we add it to the "WeakIndicators" array. |
| 1580 | 1580 |
json_object *arrobj, *virobj; |
| 1581 | 1581 |
if (!json_object_object_get_ex(ctx->this_layer_metadata_json, "WeakIndicators", &arrobj)) {
|
| ... | ... |
@@ -1595,16 +1595,16 @@ static cl_error_t append_virus(cli_ctx *ctx, const char *virname, IndicatorType |
| 1595 | 1595 |
} |
| 1596 | 1596 |
json_object_array_add(arrobj, virobj); |
| 1597 | 1597 |
} else {
|
| 1598 |
- // If this is a strong or potentially unwanted indicator, we add it to the "Viruses" array. |
|
| 1598 |
+ // If this is a strong or potentially unwanted indicator, we add it to the "Alerts" array. |
|
| 1599 | 1599 |
json_object *arrobj, *virobj; |
| 1600 |
- if (!json_object_object_get_ex(ctx->this_layer_metadata_json, "Viruses", &arrobj)) {
|
|
| 1600 |
+ if (!json_object_object_get_ex(ctx->this_layer_metadata_json, "Alerts", &arrobj)) {
|
|
| 1601 | 1601 |
arrobj = json_object_new_array(); |
| 1602 | 1602 |
if (NULL == arrobj) {
|
| 1603 | 1603 |
cli_errmsg("cli_append_virus: no memory for json virus array\n");
|
| 1604 | 1604 |
status = CL_EMEM; |
| 1605 | 1605 |
goto done; |
| 1606 | 1606 |
} |
| 1607 |
- json_object_object_add(ctx->this_layer_metadata_json, "Viruses", arrobj); |
|
| 1607 |
+ json_object_object_add(ctx->this_layer_metadata_json, "Alerts", arrobj); |
|
| 1608 | 1608 |
} |
| 1609 | 1609 |
virobj = json_object_new_string(virname); |
| 1610 | 1610 |
if (NULL == virobj) {
|
| ... | ... |
@@ -2740,7 +2740,7 @@ uint8_t cli_set_debug_flag(uint8_t debug_flag) |
| 2740 | 2740 |
/** |
| 2741 | 2741 |
* @brief Update the metadata JSON object to reflect that the current layer was trusted. |
| 2742 | 2742 |
* |
| 2743 |
- * This involves renaming the "ContainedIndicators" array to "IgnoredIndicators" and the "Viruses" array to "IgnoredAlerts". |
|
| 2743 |
+ * This involves renaming the "ContainedIndicators" array to "IgnoredIndicators" and the "Alerts" array to "IgnoredAlerts". |
|
| 2744 | 2744 |
* It also recursively processes any contained or embedded objects to rename their arrays as well. |
| 2745 | 2745 |
* |
| 2746 | 2746 |
* @param scan_layer_json The JSON object representing the current scan layer's metadata. |
| ... | ... |
@@ -2758,7 +2758,7 @@ static cl_error_t metadata_json_trust_this_layer(json_object *scan_layer_json) |
| 2758 | 2758 |
goto done; |
| 2759 | 2759 |
} |
| 2760 | 2760 |
|
| 2761 |
- // Trust the current layer's metadata by renaming the "ContainedIndicators" and "Viruses" arrays. |
|
| 2761 |
+ // Trust the current layer's metadata by renaming the "ContainedIndicators" and "Alerts" arrays. |
|
| 2762 | 2762 |
json_object *contained_indicators = NULL; |
| 2763 | 2763 |
if (json_object_object_get_ex(scan_layer_json, "ContainedIndicators", &contained_indicators)) {
|
| 2764 | 2764 |
// Rename "ContainedIndicators" to "IgnoredIndicators" to indicate these indicators were ignored because the layer was trusted. |
| ... | ... |
@@ -2809,20 +2809,20 @@ static cl_error_t metadata_json_trust_this_layer(json_object *scan_layer_json) |
| 2809 | 2809 |
} |
| 2810 | 2810 |
|
| 2811 | 2811 |
json_object *viruses = NULL; |
| 2812 |
- if (json_object_object_get_ex(scan_layer_json, "Viruses", &viruses)) {
|
|
| 2813 |
- // Rename "Viruses" to "IgnoredAlerts" to indicate these alerts were ignored because the layer was trusted. |
|
| 2812 |
+ if (json_object_object_get_ex(scan_layer_json, "Alerts", &viruses)) {
|
|
| 2813 |
+ // Rename "Alerts" to "IgnoredAlerts" to indicate these alerts were ignored because the layer was trusted. |
|
| 2814 | 2814 |
ret = json_object_object_add(scan_layer_json, "IgnoredAlerts", viruses); |
| 2815 | 2815 |
if (ret != 0) {
|
| 2816 |
- cli_errmsg("metadata_json_trust_this_layer: failed to rename Viruses to IgnoredAlerts in metadata JSON\n");
|
|
| 2816 |
+ cli_errmsg("metadata_json_trust_this_layer: failed to rename Alerts to IgnoredAlerts in metadata JSON\n");
|
|
| 2817 | 2817 |
status = CL_ERROR; |
| 2818 | 2818 |
goto done; |
| 2819 | 2819 |
} |
| 2820 | 2820 |
|
| 2821 |
- // Increment the reference count of the "Viruses" array since json_object_object_add() does not do that. |
|
| 2821 |
+ // Increment the reference count of the "Alerts" array since json_object_object_add() does not do that. |
|
| 2822 | 2822 |
json_object_get(viruses); |
| 2823 | 2823 |
|
| 2824 |
- // Remove the original "Viruses" entry. |
|
| 2825 |
- json_object_object_del(scan_layer_json, "Viruses"); |
|
| 2824 |
+ // Remove the original "Alerts" entry. |
|
| 2825 |
+ json_object_object_del(scan_layer_json, "Alerts"); |
|
| 2826 | 2826 |
} |
| 2827 | 2827 |
|
| 2828 | 2828 |
status = CL_SUCCESS; |