... | ... |
@@ -373,6 +373,10 @@ typedef cl_error_t (*clcb_meta)(const char* container_type, unsigned long fsize_ |
373 | 373 |
unsigned long fsize_real, int is_encrypted, unsigned int filepos_container, void *context); |
374 | 374 |
extern void cl_engine_set_clcb_meta(struct cl_engine *engine, clcb_meta callback); |
375 | 375 |
|
376 |
+/* File properties callback */ |
|
377 |
+typedef int (*clcb_file_props)(const char *j_propstr, int rc, void *cbdata); |
|
378 |
+extern void cl_engine_set_clcb_file_props(struct cl_engine *engine, clcb_file_props callback, void * cbdata); |
|
379 |
+ |
|
376 | 380 |
/* Statistics/intelligence gathering callbacks */ |
377 | 381 |
extern void cl_engine_set_stats_set_cbdata(struct cl_engine *engine, void *cbdata); |
378 | 382 |
|
... | ... |
@@ -1311,3 +1311,9 @@ void cl_engine_set_clcb_meta(struct cl_engine *engine, clcb_meta callback) |
1311 | 1311 |
{ |
1312 | 1312 |
engine->cb_meta = callback; |
1313 | 1313 |
} |
1314 |
+ |
|
1315 |
+ void cl_engine_set_clcb_file_props(struct cl_engine *engine, clcb_file_props callback, void * cbdata) |
|
1316 |
+{ |
|
1317 |
+ engine->cb_file_props = callback; |
|
1318 |
+ engine->cb_file_props_data = cbdata; |
|
1319 |
+} |
... | ... |
@@ -309,6 +309,8 @@ struct cl_engine { |
309 | 309 |
void *cb_sigload_ctx; |
310 | 310 |
clcb_hash cb_hash; |
311 | 311 |
clcb_meta cb_meta; |
312 |
+ clcb_file_props cb_file_props; |
|
313 |
+ void *cb_file_props_data; |
|
312 | 314 |
|
313 | 315 |
/* Used for bytecode */ |
314 | 316 |
struct cli_all_bc bcs; |
... | ... |
@@ -375,6 +377,8 @@ struct cl_settings { |
375 | 375 |
clcb_msg cb_msg; |
376 | 376 |
clcb_hash cb_hash; |
377 | 377 |
clcb_meta cb_meta; |
378 |
+ clcb_file_props cb_file_props; |
|
379 |
+ void *cb_file_props_data; |
|
378 | 380 |
|
379 | 381 |
/* Engine max settings */ |
380 | 382 |
uint64_t maxembeddedpe; /* max size to scan MSEXE for PE */ |
... | ... |
@@ -3396,42 +3396,48 @@ static int scan_common(int desc, cl_fmap_t *map, const char **virname, unsigned |
3396 | 3396 |
|
3397 | 3397 |
#if HAVE_JSON |
3398 | 3398 |
if (ctx.options & CL_SCAN_FILE_PROPERTIES && ctx.properties!=NULL) { |
3399 |
- // serialize, etc. |
|
3400 |
- const char * jstring = json_object_to_json_string(ctx.properties); |
|
3399 |
+ /* serialize json properties to string */ |
|
3400 |
+ const char *jstring = json_object_to_json_string(ctx.properties); |
|
3401 | 3401 |
if (NULL == jstring) { |
3402 | 3402 |
cli_errmsg("scan_common: no memory for json serialization.\n"); |
3403 | 3403 |
rc = CL_EMEM; |
3404 | 3404 |
} |
3405 |
- else if (rc != CL_VIRUS) { |
|
3406 |
- ctx.options &= ~CL_SCAN_FILE_PROPERTIES; |
|
3407 |
- rc = cli_mem_scandesc(jstring, strlen(jstring), &ctx); |
|
3408 |
- } |
|
3405 |
+ else { |
|
3406 |
+ int ret = CL_SUCCESS; |
|
3407 |
+ cli_dbgmsg("%s\n", jstring); |
|
3408 |
+ |
|
3409 |
+ /* Scan the json string unless a virus was detected */ |
|
3410 |
+ if (rc != CL_VIRUS) { |
|
3411 |
+ ctx.options &= ~CL_SCAN_FILE_PROPERTIES; |
|
3412 |
+ rc = cli_mem_scandesc(jstring, strlen(jstring), &ctx); |
|
3413 |
+ } |
|
3409 | 3414 |
|
3410 |
- if (ctx.engine->keeptmp && NULL!=jstring) { |
|
3411 |
- int ret = CL_SUCCESS, fd = -1; |
|
3412 |
- char * tmpname = NULL; |
|
3413 |
- if ((ret = cli_gentempfd(ctx.engine->tmpdir, &tmpname, &fd)) != CL_SUCCESS) { |
|
3414 |
- cli_dbgmsg("scan_common: Can't create json properties file.\n"); |
|
3415 |
- } else { |
|
3416 |
- if (cli_writen(fd, jstring, strlen(jstring)) < 0) { |
|
3417 |
- cli_dbgmsg("scan_common: cli_writen error writing json properties file.\n"); |
|
3418 |
- ret = CL_EWRITE; |
|
3415 |
+ /* Invoke file props callback */ |
|
3416 |
+ if (ctx.engine->cb_file_props != NULL) { |
|
3417 |
+ ret = ctx.engine->cb_file_props(jstring, rc, ctx.engine->cb_file_props_data); |
|
3418 |
+ if (ret != CL_SUCCESS) |
|
3419 |
+ rc = ret; |
|
3420 |
+ } |
|
3421 |
+ |
|
3422 |
+ /* keeptmp file processing for file properties json string */ |
|
3423 |
+ if (ctx.engine->keeptmp) { |
|
3424 |
+ int fd = -1; |
|
3425 |
+ char * tmpname = NULL; |
|
3426 |
+ if ((ret = cli_gentempfd(ctx.engine->tmpdir, &tmpname, &fd)) != CL_SUCCESS) { |
|
3427 |
+ cli_dbgmsg("scan_common: Can't create json properties file, ret = %i.\n", ret); |
|
3419 | 3428 |
} else { |
3420 |
- cli_errmsg("json written to: %s\n", tmpname); |
|
3429 |
+ if (cli_writen(fd, jstring, strlen(jstring)) < 0) |
|
3430 |
+ cli_dbgmsg("scan_common: cli_writen error writing json properties file.\n"); |
|
3431 |
+ else |
|
3432 |
+ cli_dbgmsg("json written to: %s\n", tmpname); |
|
3421 | 3433 |
} |
3434 |
+ if (fd != -1) |
|
3435 |
+ close(fd); |
|
3436 |
+ if (NULL != tmpname) |
|
3437 |
+ free(tmpname); |
|
3422 | 3438 |
} |
3423 |
- if (fd != -1) |
|
3424 |
- close(fd); |
|
3425 |
- if (NULL != tmpname) |
|
3426 |
- free(tmpname); |
|
3427 |
- if (rc == CL_SUCCESS) |
|
3428 |
- rc = ret; |
|
3429 |
- } else { |
|
3430 |
- if ((jstring)) |
|
3431 |
- cli_errmsg("%s\n", jstring); //temp |
|
3432 | 3439 |
} |
3433 |
- |
|
3434 |
- json_object_put(ctx.properties); // frees |
|
3440 |
+ json_object_put(ctx.properties); /* frees all json memory */ |
|
3435 | 3441 |
} |
3436 | 3442 |
#endif |
3437 | 3443 |
|