@@ -20,6 +20,14 @@ we've cooked up over the past 6 months.

   before, although our `libclamunrar_iface` supporting library has changed from

   LGPL to the BSD 3-Clause license.

 - Libclamav API changes:

+  - The following scanning functions now require a filename argument.

+    This will enable ClamAV to report more details warning and error

+    information in the future, and will also allow for more sensible temp

+    file names. The filename argument may be `NULL` if a filename is not

+    available.

+    - `cl_scandesc`

+    - `cl_scandesc_callback`

+    - `cl_scanmap_callback`

   - Scanning options have been converted from a single flag bit-field into

     a structure of multiple categorized flag bit-fields. This change enabled

     us to add new scanning options requested by the community. In addition,

@@ -44,6 +44,7 @@ int main(int argc, char **argv)

 	unsigned int sigs = 0;

 	long double mb;

 	const char *virname;

+    const char *filename;

 	struct cl_engine *engine;

     struct cl_scan_options options;

@@ -52,6 +53,8 @@ int main(int argc, char **argv)

 	return 2;

     }

+    filename = argv[1];

+

     if((fd = open(argv[1], O_RDONLY)) == -1) {

 	printf("Can't open file %s\n", argv[1]);

 	return 2;

@@ -90,7 +93,7 @@ int main(int argc, char **argv)

     options.parse |= ~0; /* enable all parsers */

     options.general |= CL_SCAN_GENERAL_HEURISTICS; /* enable heuristic alert options */

-    if((ret = cl_scandesc(fd, &virname, &size, engine, &options)) == CL_VIRUS) {

+    if((ret = cl_scandesc(fd, filename, &virname, &size, engine, &options)) == CL_VIRUS) {

 	printf("Virus detected: %s\n", virname);

     } else {

 	if(ret == CL_CLEAN) {

@@ -210,33 +210,62 @@ struct cl_scan_options {

 struct cl_engine;

 struct cl_settings;

+/* ----------------------------------------------------------------------------

+ * Enable global libclamav features.

+ */

+

+/**

+ * @brief Enable debug messages

+ */

+extern void cl_debug(void);

+

+/**

+ * @brief Set libclamav to always create section hashes for PE files.

+ *

+ * Section hashes are used in .mdb signature.

+ */

+extern void cl_always_gen_section_hash(void);

+

+/* ----------------------------------------------------------------------------

+ * Scan engine functions.

+ */

+

 /**

- * @brief This function initializes the openssl crypto system

+ * @brief This function initializes the openssl crypto system.

  *

  * Called by cl_init() and does not need to be cleaned up as de-init

  * is handled automatically by openssl 1.0.2.h and 1.1.0

  *

  * @return Always returns 0

- *

- */ 

+ */

 int cl_initialize_crypto(void);

 /**

- * @brief This is a deprecated function that used to clean up ssl crypto inits

- * 

- * Call to EVP_cleanup() has been removed since cleanup is now handled by 

- * auto-deinit as of openssl 1.0.2h and 1.1.0 

+ * @brief This is a deprecated function that used to clean up ssl crypto inits.

  *

+ * Call to EVP_cleanup() has been removed since cleanup is now handled by

+ * auto-deinit as of openssl 1.0.2h and 1.1.0

  */

 void cl_cleanup_crypto(void);

 #define CL_INIT_DEFAULT	0x0

+/**

+ * @brief Initialize the ClamAV library.

+ *

+ * @param initoptions   Unused.

+ * @return cl_error_t   CL_SUCCESS if everything initalized correctly.

+ */

 extern int cl_init(unsigned int initoptions);

+/**

+ * @brief Allocate a new scanning engine and initialize default settings.

+ *

+ * The engine should be freed with `cl_engine_free()`.

+ *

+ * @return struct cl_engine* Pointer to the scanning engine.

+ */

 extern struct cl_engine *cl_engine_new(void);

-extern void cl_always_gen_section_hash(void);

-

 enum cl_engine_field {

     CL_ENGINE_MAX_SCANSIZE,	    /* uint64_t */

     CL_ENGINE_MAX_FILESIZE,	    /* uint64_t */

@@ -301,193 +330,573 @@ typedef struct cli_stats_sections {

     struct cli_section_hash *sections;

 } stats_section_t;

+/**

+ * @brief Set a numerical engine option.

+ *

+ * @param engine            An initialized scan engine.

+ * @param cl_engine_field   A CL_ENGINE option.

+ * @param num               The new engine option value.

+ * @return cl_error_t       CL_SUCCESS if successfully set.

+ * @return cl_error_t       CL_EARG if the field number was incorrect.

+ * @return cl_error_t       CL_ENULLARG null arguments were provided.

+ */

 extern int cl_engine_set_num(struct cl_engine *engine, enum cl_engine_field field, long long num);

+/**

+ * @brief Get a numerical engine option.

+ *

+ * @param engine            An initialized scan engine.

+ * @param cl_engine_field   A CL_ENGINE option.

+ * @param err               (optional) A cl_error_t status code.

+ * @return long long        The numerical option value.

+ */

 extern long long cl_engine_get_num(const struct cl_engine *engine, enum cl_engine_field field, int *err);

+/**

+ * @brief Set a string engine option.

+ *

+ * @param engine            An initialized scan engine.

+ * @param cl_engine_field   A CL_ENGINE option.

+ * @param str               The new engine option value.

+ * @return cl_error_t       CL_SUCCESS if successfully set.

+ * @return cl_error_t       CL_EARG if the field number was incorrect.

+ * @return cl_error_t       CL_EMEM if a memory allocation error occurred.

+ * @return cl_error_t       CL_ENULLARG null arguments were provided.

+ */

 extern int cl_engine_set_str(struct cl_engine *engine, enum cl_engine_field field, const char *str);

+/**

+ * @brief Get a string engine option.

+ *

+ * @param engine            An initialized scan engine.

+ * @param cl_engine_field   A CL_ENGINE option.

+ * @param err               (optional) A cl_error_t status code.

+ * @return const char *     The string option value.

+ */

 extern const char *cl_engine_get_str(const struct cl_engine *engine, enum cl_engine_field field, int *err);

+/**

+ * @brief Copy the settings from an existing scan engine.

+ *

+ * The cl_settings pointer is allocated and must be freed with cl_engine_settings_free().

+ *

+ * @param engine                An configured scan engine.

+ * @return struct cl_settings*  The settings.

+ */

 extern struct cl_settings *cl_engine_settings_copy(const struct cl_engine *engine);

+/**

+ * @brief Apply settings from a settings structure to a scan engine.

+ *

+ * @param engine        A scan engine.

+ * @param settings      The settings.

+ * @return cl_error_t   CL_SUCCESS if successful.

+ * @return cl_error_t   CL_EMEM if a memory allocation error occurred.

+ */

 extern int cl_engine_settings_apply(struct cl_engine *engine, const struct cl_settings *settings);

+/**

+ * @brief Free a settings struct pointer.

+ *

+ * @param settings      The settings struct pointer.

+ * @return cl_error_t   CL_SUCCESS if successful.

+ * @return cl_error_t   CL_ENULLARG null arguments were provided.

+ */

 extern int cl_engine_settings_free(struct cl_settings *settings);

+/**

+ * @brief Prepare the scanning engine.

+ *

+ * Called this after all required databases have been loaded and settings have

+ * been applied.

+ *

+ * @param engine        A scan engine.

+ * @return cl_error_t   CL_SUCCESS if successful.

+ * @return cl_error_t   CL_ENULLARG null arguments were provided.

+ */

 extern int cl_engine_compile(struct cl_engine *engine);

+/**

+ * @brief Add a reference count to the engine.

+ *

+ * Thread safety mechanism so that the engine is not free'd by another thread.

+ *

+ * The engine is initialized with refcount = 1, so this only needs to be called

+ * for additional scanning threads.

+ *

+ * @param engine        A scan engine.

+ * @return cl_error_t   CL_SUCCESS if successful.

+ * @return cl_error_t   CL_ENULLARG null arguments were provided.

+ */

 extern int cl_engine_addref(struct cl_engine *engine);

+/**

+ * @brief Free an engine.

+ *

+ * Will lower the reference count on an engine. If the reference count hits

+ * zero, the engine will be freed.

+ *

+ * @param engine        A scan engine.

+ * @return cl_error_t   CL_SUCCESS if successful.

+ * @return cl_error_t   CL_ENULLARG null arguments were provided.

+ */

 extern int cl_engine_free(struct cl_engine *engine);

-extern void cli_cache_disable(void);

-

-extern int cli_cache_enable(struct cl_engine *engine);

-

-/* CALLBACKS */

-

-/* I certainly wish I could declare the callback protos stable and

-   move on to better things. But real life crossed my way enough times

-   already and what looked perfect had to evolve somehow.

-   So all I can say is I'll try my best not to break these things in the long run.

-   But I just can't guarantee that won't happen (again). */

+/* ----------------------------------------------------------------------------

+ * Callback function type definitions.

+ */

+/**

+ * @brief Pre-cache callback.

+ *

+ * Called for each processed file (both the entry level - AKA 'outer' - file and

+ * inner files - those generated when processing archive and container files), before

+ * the actual scanning takes place.

+ *

+ * @param fd        File descriptor which is about to be scanned.

+ * @param type      File type detected via magic - i.e. NOT on the fly - (e.g. "CL_TYPE_MSEXE").

+ * @param context   Opaque application provided data.

+ * @return          CL_CLEAN = File is scanned.

+ * @return          CL_BREAK = Whitelisted by callback - file is skipped and marked as clean.

+ * @return          CL_VIRUS = Blacklisted by callback - file is skipped and marked as infected.

+ */

 typedef cl_error_t (*clcb_pre_cache)(int fd, const char *type, void *context);

-/* PRE-CACHE

-   Called for each processed file (both the entry level - AKA 'outer' - file and

-   inner files - those generated when processing archive and container files), before

-   the actual scanning takes place.

-

-Input:

-fd      = File descriptor which is about to be scanned

-type    = File type detected via magic - i.e. NOT on the fly - (e.g. "CL_TYPE_MSEXE")

-context = Opaque application provided data

-

-Output:

-CL_CLEAN = File is scanned

-CL_BREAK = Whitelisted by callback - file is skipped and marked as clean

-CL_VIRUS = Blacklisted by callback - file is skipped and marked as infected

-*/

+/**

+ * @brief Set a custom pre-cache callback function.

+ *

+ * @param engine    The initialized scanning engine.

+ * @param callback  The callback function pointer.

+ */

 extern void cl_engine_set_clcb_pre_cache(struct cl_engine *engine, clcb_pre_cache callback);

+/**

+ * @brief Pre-scan callback.

+ *

+ * Called for each NEW file (inner and outer) before the scanning takes place. This is

+ * roughly the the same as clcb_before_cache, but it is affected by clean file caching.

+ * This means that it won't be called if a clean cached file (inner or outer) is

+ * scanned a second time.

+ *

+ * @param fd        File descriptor which is about to be scanned.

+ * @param type      File type detected via magic - i.e. NOT on the fly - (e.g. "CL_TYPE_MSEXE").

+ * @param context   Opaque application provided data.

+ * @return          CL_CLEAN = File is scanned.

+ * @return          CL_BREAK = Whitelisted by callback - file is skipped and marked as clean.

+ * @return          CL_VIRUS = Blacklisted by callback - file is skipped and marked as infected.

+ */

 typedef cl_error_t (*clcb_pre_scan)(int fd, const char *type, void *context);

-/* PRE-SCAN

-   Called for each NEW file (inner and outer) before the scanning takes place. This is

-   roughly the the same as clcb_before_cache, but it is affected by clean file caching.

-   This means that it won't be called if a clean cached file (inner or outer) is

-   scanned a second time.

-

-Input:

-fd      = File descriptor which is about to be scanned

-type    = File type detected via magic - i.e. NOT on the fly - (e.g. "CL_TYPE_MSEXE")

-context = Opaque application provided data

-

-Output:

-CL_CLEAN = File is scanned

-CL_BREAK = Whitelisted by callback - file is skipped and marked as clean

-CL_VIRUS = Blacklisted by callback - file is skipped and marked as infected

-*/

+/**

+ * @brief Set a custom pre-scan callback function.

+ *

+ * @param engine    The initialized scanning engine.

+ * @param callback  The callback function pointer.

+ */

 extern void cl_engine_set_clcb_pre_scan(struct cl_engine *engine, clcb_pre_scan callback);

+/**

+ * @brief Post-scan callback.

+ *

+ * Called for each processed file (inner and outer), after the scanning is complete.

+ * In all-match mode, the virname will be one of the matches, but there is no

+ * guarantee in which order the matches will occur, thus the final virname may

+ * be any one of the matches.

+ *

+ * @param fd        File descriptor which was scanned.

+ * @param result    The scan result for the file.

+ * @param virname   A signature name if there was one or more matches.

+ * @param context   Opaque application provided data.

+ * @return          Scan result is not overridden.

+ * @return          CL_BREAK = Whitelisted by callback - scan result is set to CL_CLEAN.

+ * @return          Blacklisted by callback - scan result is set to CL_VIRUS.

+ */

 typedef cl_error_t (*clcb_post_scan)(int fd, int result, const char *virname, void *context);

-/* POST-SCAN

-   Called for each processed file (inner and outer), after the scanning is complete.

-

-Input:

-fd      = File descriptor which is was scanned

-result  = The scan result for the file

-virname = Virus name if infected

-context = Opaque application provided data

-

-Output:

-CL_CLEAN = Scan result is not overridden

-CL_BREAK = Whitelisted by callback - scan result is set to CL_CLEAN

-CL_VIRUS = Blacklisted by callback - scan result is set to CL_VIRUS

-*/

+/**

+ * @brief Set a custom post-scan callback function.

+ *

+ * @param engine    The initialized scanning engine.

+ * @param callback  The callback function pointer.

+ */

 extern void cl_engine_set_clcb_post_scan(struct cl_engine *engine, clcb_post_scan callback);

+/**

+ * @brief Post-scan callback.

+ *

+ * Called for each signature match.

+ * If all-match is enabled, clcb_virus_found() may be called multiple times per

+ * scan.

+ *

+ * In addition, clcb_virus_found() does not have a return value and thus.

+ * can not be used to whitelist the match.

+ *

+ * @param fd        File descriptor which was scanned.

+ * @param virname   Virus name.

+ * @param context   Opaque application provided data.

+ */

 typedef void (*clcb_virus_found)(int fd, const char *virname, void *context);

-/* VIRUS FOUND

-   Called for each virus found.

-

-Input:

-fd      = File descriptor which is was scanned

-virname = Virus name 

-context = Opaque application provided data

-

-Output:

-none

-*/

+/**

+ * @brief Set a custom virus-found callback function.

+ *

+ * @param engine    The initialized scanning engine.

+ * @param callback  The callback function pointer.

+ */

 extern void cl_engine_set_clcb_virus_found(struct cl_engine *engine, clcb_virus_found callback);

+/**

+ * @brief Signature-load callback.

+ *

+ * May be used to ignore signatures at database load time.

+ *

+ * WARNING: Some signatures (notably ldb, cbc) can be dependent upon other signatures.

+ *          Failure to preserve dependency chains will result in database loading failure.

+ *          It is the implementor's responsibility to guarantee consistency.

+ *

+ * @param type      The signature type (e.g. "db", "ndb", "mdb", etc.)

+ * @param name      Signature name.

+ * @param custom    The signature is official (custom == 0) or custom (custom != 0)

+ * @param context   Opaque application provided data

+ * @return          0 to load the current signature.

+ * @return          Non-0 to skip the current signature.

+ */

 typedef int (*clcb_sigload)(const char *type, const char *name, unsigned int custom, void *context);

-/* SIGNATURE LOAD

-Input:

-type = The signature type (e.g. "db", "ndb", "mdb", etc.)

-name = The virus name

-custom = The signature is official (custom == 0) or custom (custom != 0)

-context = Opaque application provided data

-

-Output:

-0     = Load the current signature

-Non 0 = Skip the current signature

-

-WARNING: Some signatures (notably ldb, cbc) can be dependent upon other signatures.

-         Failure to preserve dependency chains will result in database loading failure.

-         It is the implementor's responsibility to guarantee consistency.

-*/

+/**

+ * @brief Set a custom signature-load callback function.

+ *

+ * @param engine    The initialized scanning engine.

+ * @param callback  The callback function pointer.

+ * @param context   Opaque application provided data.

+ */

 extern void cl_engine_set_clcb_sigload(struct cl_engine *engine, clcb_sigload callback, void *context);

-/* LibClamAV messages callback

+enum cl_msg {

+    /* leave room for more message levels in the future */

+    CL_MSG_INFO_VERBOSE = 32, /* verbose */

+    CL_MSG_WARN = 64, /* LibClamAV WARNING: */

+    CL_MSG_ERROR = 128/* LibClamAV ERROR: */

+};

+

+/**

+ * @brief Logging message callback for info, warning, and error messages.

+ *

  * The specified callback will be called instead of logging to stderr.

  * Messages of lower severity than specified are logged as usual.

  *

+ * Callback may be used to silence logging by assigning a do-nothing function.

+ * Does not affect debug log messages.

+ *

  * Just like with cl_debug() this must be called before going multithreaded.

  * Callable before cl_init, if you want to log messages from cl_init() itself.

  *

- * You can use context of cl_scandesc_callback to convey more information to the callback (such as the filename!)

+ * You can use context of cl_scandesc_callback to convey more information to

+ * the callback (such as the filename!).

+ *

  * Note: setting a 2nd callbacks overwrites previous, multiple callbacks are not

- * supported

+ * supported.

+ *

+ * @param severity  Message severity (CL_MSG_INFO_VERBOSE, CL_MSG_WARN, or CL_MSG_ERROR).

+ * @param fullmsg   The log message including the "LibClamAV <severity>: " prefix.

+ * @param msg       The log message.

+ * @param context   Opaque application provided data.

  */

-enum cl_msg {

-    /* leave room for more message levels in the future */

-    CL_MSG_INFO_VERBOSE = 32, /* verbose */

-    CL_MSG_WARN = 64, /* LibClamAV WARNING: */

-    CL_MSG_ERROR = 128/* LibClamAV ERROR: */

-};

 typedef void (*clcb_msg)(enum cl_msg severity, const char *fullmsg, const char *msg, void *context);

+/**

+ * @brief Set a custom logging message callback function for all of libclamav.

+ *

+ * @param callback  The callback function pointer.

+ */

 extern void cl_set_clcb_msg(clcb_msg callback);

-/* LibClamAV hash stats callback */

+/**

+ * @brief LibClamAV hash stats callback.

+ *

+ * Callback that provides the hash of a scanned sample if a signature alerted.

+ * Provides a mechanism to record detection statistics.

+ *

+ * @param fd        File descriptor if available, else -1.

+ * @param size      Sample size

+ * @param md5       Sample md5 hash

+ * @param virname   Signature name that the sample matched against

+ * @param context   Opaque application provided data

+ */

 typedef void (*clcb_hash)(int fd, unsigned long long size, const unsigned char *md5, const char *virname, void *context);

+/**

+ * @brief Set a custom hash stats callback function.

+ *

+ * @param engine    The initialized scanning engine.

+ * @param callback  The callback function pointer.

+ */

 extern void cl_engine_set_clcb_hash(struct cl_engine *engine, clcb_hash callback);

-/* Archive member metadata callback. Return CL_VIRUS to blacklist, CL_CLEAN to

- * continue scanning */

+/**

+ * @brief Archive meta matching callback function.

+ *

+ * May be used to blacklist archive/container samples based on archive metadata.

+ * Function is invoked multiple times per archive. Typically once per contained file.

+ *

+ * Note: Used by the --archive-verbose clamscan option. Overriding this will alter

+ * the output from --archive-verbose.

+ *

+ * @param container_type    String name of type (CL_TYPE).

+ * @param fsize_container   Sample size

+ * @param filename          Filename associated with the data in archive.

+ * @param fsize_real        Size of file after decompression (according to the archive).

+ * @param is_encrypted      Boolean non-zero if the contained file is encrypted.

+ * @param filepos_container File index in container.

+ * @param context           Opaque application provided data.

+ * @return                  CL_VIRUS to blacklist

+ * @return                  CL_CLEAN to continue scanning

+ */

 typedef cl_error_t (*clcb_meta)(const char* container_type, unsigned long fsize_container, const char *filename,

 			  unsigned long fsize_real,  int is_encrypted, unsigned int filepos_container, void *context);

+/**

+ * @brief Set a custom archive metadata matching callback function.

+ *

+ * @param engine    The initialized scanning engine.

+ * @param callback  The callback function pointer.

+ */

 extern void cl_engine_set_clcb_meta(struct cl_engine *engine, clcb_meta callback);

-/* File properties callback */

+/**

+ * @brief File properties callback function.

+ *

+ * Invoked after a scan the CL_SCAN_GENERAL_COLLECT_METADATA general scan option

+ * is enabled and libclamav was built with json support.

+ *

+ * @param j_propstr File properties/metadata in a JSON encoded string.

+ * @param rc        The cl_error_t return code from the scan.

+ * @param cbdata    Opaque application provided data.

+ */

 typedef int (*clcb_file_props)(const char *j_propstr, int rc, void *cbdata);

+/**

+ * @brief Set a custom file properties callback function.

+ *

+ * @param engine    The initialized scanning engine.

+ * @param callback  The callback function pointer.

+ */

 extern void cl_engine_set_clcb_file_props(struct cl_engine *engine, clcb_file_props callback);

-/* Statistics/intelligence gathering callbacks */

+/* ----------------------------------------------------------------------------

+ * Statistics/telemetry gathering callbacks.

+ *

+ * The statistics callback functions may be used to implement a telemetry

+ * gathering feature.

+ *

+ * The structure definition for `cbdata` is entirely up to the caller, as are

+ * the implementations of each of the callback functions defined below.

+ */

+

+/**

+ * @brief Set a pointer the caller-defined cbdata structure.

+ *

+ * The data must persist at least until `clcb_stats_submit()` is called, or

+ * `clcb_stats_flush()` is called (optional).

+ *

+ * @param engine The scanning engine.

+ * @param cbdata The statistics data. Probably a pointer to a malloc'd struct.

+ */

 extern void cl_engine_set_stats_set_cbdata(struct cl_engine *engine, void *cbdata);

+/**

+ * @brief Add sample metadata to the statistics for a sample that matched on a signature.

+ *

+ * @param virname   Name of the signature that matched.

+ * @param md5       Sample hash.

+ * @param size      Sample size.

+ * @param sections  PE section data, if applicable.

+ * @param cbdata    The statistics data. Probably a pointer to a malloc'd struct.

+ */

 typedef void (*clcb_stats_add_sample)(const char *virname, const unsigned char *md5, size_t size, stats_section_t *sections, void *cbdata);

+/**

+ * @brief Set a custom callback function to add sample metadata to a statistics report.

+ *

+ * @param engine    The initialized scanning engine.

+ * @param callback  The callback function pointer.

+ */

 extern void cl_engine_set_clcb_stats_add_sample(struct cl_engine *engine, clcb_stats_add_sample callback);

+/**

+ * @brief Remove a specific sample from the statistics report.

+ *

+ * @param virname   Name of the signature that matched.

+ * @param md5       Sample hash.

+ * @param size      Sample size.

+ * @param cbdata    The statistics data. Probably a pointer to a malloc'd struct.

+ */

 typedef void (*clcb_stats_remove_sample)(const char *virname, const unsigned char *md5, size_t size, void *cbdata);

+/**

+ * @brief Set a custom callback function to remove sample metadata from a statistics report.

+ *

+ * @param engine    The initialized scanning engine.

+ * @param callback  The callback function pointer.

+ */

 extern void cl_engine_set_clcb_stats_remove_sample(struct cl_engine *engine, clcb_stats_remove_sample callback);

+/**

+ * @brief Decrement the hit count listed in the statistics report for a specific sample.

+ *

+ * @param virname   Name of the signature that matched.

+ * @param md5       Sample hash.

+ * @param size      Sample size.

+ * @param cbdata    The statistics data. Probably a pointer to a malloc'd struct.

+ */

 typedef void (*clcb_stats_decrement_count)(const char *virname, const unsigned char *md5, size_t size, void *cbdata);

+/**

+ * @brief Set a custom callback function to decrement the hit count listed in the statistics report for a specific sample.

+ *

+ * This function may remove the sample from the report if the hit count is decremented to 0.

+ *

+ * @param engine    The initialized scanning engine.

+ * @param callback  The callback function pointer.

+ */

 extern void cl_engine_set_clcb_stats_decrement_count(struct cl_engine *engine, clcb_stats_decrement_count callback);

+/**

+ * @brief Function to submit a statistics report.

+ *

+ * @param engine    The initialized scanning engine.

+ * @param cbdata    The statistics data. Probably a pointer to a malloc'd struct.

+ */

 typedef void (*clcb_stats_submit)(struct cl_engine *engine, void *cbdata);

+/**

+ * @brief Set a custom callback function to submit the statistics report.

+ *

+ * @param engine    The initialized scanning engine.

+ * @param callback  The callback function pointer.

+ */

 extern void cl_engine_set_clcb_stats_submit(struct cl_engine *engine, clcb_stats_submit callback);

+/**

+ * @brief Function to flush/free the statistics report data.

+ *

+ * @param engine    The initialized scanning engine.

+ * @param cbdata    The statistics data. Probably a pointer to a malloc'd struct.

+ */

 typedef void (*clcb_stats_flush)(struct cl_engine *engine, void *cbdata);

+/**

+ * @brief Set a custom callback function to flush/free the statistics report data.

+ *

+ * @param engine    The initialized scanning engine.

+ * @param callback  The callback function pointer.

+ */

 extern void cl_engine_set_clcb_stats_flush(struct cl_engine *engine, clcb_stats_flush callback);

+/**

+ * @brief Function to get the number of samples listed in the statistics report.

+ *

+ * @param cbdata    The statistics data. Probably a pointer to a malloc'd struct.

+ */

 typedef size_t (*clcb_stats_get_num)(void *cbdata);

+/**

+ * @brief Set a custom callback function to get the number of samples listed in the statistics report.

+ *

+ * @param engine    The initialized scanning engine.

+ * @param callback  The callback function pointer.

+ */

 extern void cl_engine_set_clcb_stats_get_num(struct cl_engine *engine, clcb_stats_get_num callback);

+/**

+ * @brief Function to get the size of memory used to store the statistics report.

+ *

+ * @param cbdata    The statistics data. Probably a pointer to a malloc'd struct.

+ */

 typedef size_t (*clcb_stats_get_size)(void *cbdata);

+/**

+ * @brief Set a custom callback function to get the size of memory used to store the statistics report.

+ *

+ * @param engine    The initialized scanning engine.

+ * @param callback  The callback function pointer.

+ */

 extern void cl_engine_set_clcb_stats_get_size(struct cl_engine *engine, clcb_stats_get_size callback);

+/**

+ * @brief Function to get the machine's unique host ID.

+ *

+ * @param cbdata    The statistics data. Probably a pointer to a malloc'd struct.

+ */

 typedef char * (*clcb_stats_get_hostid)(void *cbdata);

+/**

+ * @brief Set a custom callback function to get the machine's unique host ID.

+ *

+ * @param engine    The initialized scanning engine.

+ * @param callback  The callback function pointer.

+ */

 extern void cl_engine_set_clcb_stats_get_hostid(struct cl_engine *engine, clcb_stats_get_hostid callback);

+/**

+ * @brief Function enables the built-in statistics reporting feature.

+ *

+ * @param engine    The initialized scanning engine.

+ */

 extern void cl_engine_stats_enable(struct cl_engine *engine);

-struct cl_stat {

-    char *dir;

-    STATBUF *stattab;

-    char **statdname;

-    unsigned int entries;

-};

+/* ----------------------------------------------------------------------------

+ * File scanning.

+ */

+

+/**

+ * @brief Scan a file, given a file descriptor.

+ *

+ * @param desc              File descriptor of an open file. The caller must provide this or the map.

+ * @param filename          (optional) Filepath of the open file descriptor or file map.

+ * @param[out] virname      Will be set to a statically allocated (i.e. needs not be freed) signature name if the scan matches against a signature.

+ * @param[out] scanned      The number of bytes scanned.

+ * @param engine            The scanning engine.

+ * @param scanoptions       Scanning options.

+ * @return cl_error_t       CL_CLEAN, CL_VIRUS, or an error code if an error occured during the scan.

+ */

+extern int cl_scandesc(int desc, const char *filename, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, struct cl_scan_options* scanoptions);

+

+/**

+ * @brief Scan a file, given a file descriptor.

+ *

+ * This callback variant allows the caller to provide a context structure that caller provided callback functions can interpret.

+ *

+ * @param desc              File descriptor of an open file. The caller must provide this or the map.

+ * @param filename          (optional) Filepath of the open file descriptor or file map.

+ * @param[out] virname      Will be set to a statically allocated (i.e. needs not be freed) signature name if the scan matches against a signature.

+ * @param[out] scanned      The number of bytes scanned.

+ * @param engine            The scanning engine.

+ * @param scanoptions       Scanning options.

+ * @param[in/out] context   An opaque context structure allowing the caller to record details about the sample being scanned.

+ * @return cl_error_t       CL_CLEAN, CL_VIRUS, or an error code if an error occured during the scan.

+ */

+extern int cl_scandesc_callback(int desc, const char *filename, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, struct cl_scan_options* scanoptions, void *context);

+

+/**

+ * @brief Scan a file, given a filename.

+ *

+ * @param filename          Filepath of the file to be scanned.

+ * @param[out] virname      Will be set to a statically allocated (i.e. needs not be freed) signature name if the scan matches against a signature.

+ * @param[out] scanned      The number of bytes scanned.

+ * @param engine            The scanning engine.

+ * @param scanoptions       Scanning options.

+ * @return cl_error_t       CL_CLEAN, CL_VIRUS, or an error code if an error occured during the scan.

+ */

+extern int cl_scanfile(const char *filename, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, struct cl_scan_options* scanoptions);

+

+/**

+ * @brief Scan a file, given a filename.

+ *

+ * This callback variant allows the caller to provide a context structure that caller provided callback functions can interpret.

+ *

+ * @param filename          Filepath of the file to be scanned.

+ * @param[out] virname      Will be set to a statically allocated (i.e. needs not be freed) signature name if the scan matches against a signature.

+ * @param[out] scanned      The number of bytes scanned.

+ * @param engine            The scanning engine.

+ * @param scanoptions       Scanning options.

+ * @param[in/out] context   An opaque context structure allowing the caller to record details about the sample being scanned.

+ * @return cl_error_t       CL_CLEAN, CL_VIRUS, or an error code if an error occured during the scan.

+ */

+extern int cl_scanfile_callback(const char *filename, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, struct cl_scan_options* scanoptions, void *context);

+

+/* ----------------------------------------------------------------------------

+ * Database handling.

+ */

+extern int cl_load(const char *path, struct cl_engine *engine, unsigned int *signo, unsigned int dboptions);

+extern const char *cl_retdbdir(void);

+

+/* ----------------------------------------------------------------------------

+ * CVD / database functions

+ */

 struct cl_cvd {		    /* field no. */

     char *time;		    /* 2 */

@@ -501,332 +910,526 @@ struct cl_cvd {		    /* field no. */

     unsigned int stime;	    /* 9 */

 };

-/* file scanning */

-extern int cl_scandesc(int desc, const char *filename, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, struct cl_scan_options* scanoptions);

-extern int cl_scandesc_callback(int desc, const char *filename, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, struct cl_scan_options* scanoptions, void *context);

-

-extern int cl_scanfile(const char *filename, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, struct cl_scan_options* scanoptions);

-extern int cl_scanfile_callback(const char *filename, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, struct cl_scan_options* scanoptions, void *context);

-

-/* database handling */

-extern int cl_load(const char *path, struct cl_engine *engine, unsigned int *signo, unsigned int dboptions);

-extern const char *cl_retdbdir(void);

-

-/* engine handling */

-

-/* CVD */

+/**

+ * @brief Read the CVD header data from a file.

+ *

+ * The returned pointer must be free'd with cl_cvdfree().

+ *

+ * @param file              Filepath of CVD file.

+ * @return struct cl_cvd*   Pointer to an allocated CVD header data structure.

+ */

 extern struct cl_cvd *cl_cvdhead(const char *file);

+

+/**

+ * @brief Parse the CVD header.

+ *

+ * Buffer length is not an argument, and the check must be done

+ * by the caller cl_cvdhead().

+ *

+ * The returned pointer must be free'd with cl_cvdfree().

+ *

+ * @param head              Pointer to the header data buffer.

+ * @return struct cl_cvd*   Pointer to an allocated CVD header data structure.

+ */

 extern struct cl_cvd *cl_cvdparse(const char *head);

+

+/**

+ * @brief Verify a CVD file by loading and unloading it.

+ *

+ * @param file          Filepath of CVD file.

+ * @return cl_error_t   CL_SUCCESS if success, else a CL_E* error code.

+ */

 extern int cl_cvdverify(const char *file);

+

+/**

+ * @brief Free a CVD header struct.

+ *

+ * @param cvd   Pointer to a CVD header struct.

+ */

 extern void cl_cvdfree(struct cl_cvd *cvd);

-/* db dir stat functions */

+/* ----------------------------------------------------------------------------

+ * DB directory stat functions.

+ * Use these functions to watch for database changes.

+ */

+

+struct cl_stat {

+    char *dir;

+    STATBUF *stattab;

+    char **statdname;

+    unsigned int entries;

+};

+

+/**

+ * @brief Initialize a directory to be watched for database changes.

+ *

+ * The dbstat out variable is allocated and must be freed using cl_statfree().

+ *

+ * @param dirname       Pathname of the database directory.

+ * @param[out] dbstat   dbstat handle.

+ * @return cl_error_t   CL_SUCCESS if successfully initialized.

+ */

 extern int cl_statinidir(const char *dirname, struct cl_stat *dbstat);

+

+/**

+ * @brief Check the database directory for changes.

+ *

+ * @param dbstat dbstat handle.

+ * @return int   0 No change.

+ * @return int   1 Some change occured.

+ */

 extern int cl_statchkdir(const struct cl_stat *dbstat);

+

+/**

+ * @brief Free the dbstat handle.

+ *

+ * @param dbstat        dbstat handle.