Browse code
sigtool: patch hybrid cvd generation
Kevin Lin authored on 2016/07/15 06:31:04Showing 2 changed files
| ... | ... |
@@ -136,6 +136,7 @@ const struct clam_option __clam_options[] = {
|
| 136 | 136 |
{ NULL, "compare", 'c', CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_SIGTOOL, "", "" },
|
| 137 | 137 |
{ NULL, "run-cdiff", 'r', CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_SIGTOOL, "", "" },
|
| 138 | 138 |
{ NULL, "verify-cdiff", 0, CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_SIGTOOL, "", "" },
|
| 139 |
+ { NULL, "hybrid", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_SIGTOOL, "Create a hybrid (standard and bytecode) database file", ""},
|
|
| 139 | 140 |
{ NULL, "defaultcolors", 'd', CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMDTOP, "", "" },
|
| 140 | 141 |
|
| 141 | 142 |
{ NULL, "config-dir", 'c', CLOPT_TYPE_STRING, NULL, 0, CONFDIR, FLAG_REQUIRED, OPT_CLAMCONF, "", "" },
|
| ... | ... |
@@ -661,7 +661,8 @@ static int writeinfo(const char *dbname, const char *builder, const char *header |
| 661 | 661 |
} |
| 662 | 662 |
free(pt); |
| 663 | 663 |
} |
| 664 |
- } else {
|
|
| 664 |
+ } |
|
| 665 |
+ if(!dblist2cnt || optget(opts, "hybrid")->enabled) {
|
|
| 665 | 666 |
for(i = 0; dblist[i].ext; i++) {
|
| 666 | 667 |
snprintf(dbfile, sizeof(dbfile), "%s.%s", dbname, dblist[i].ext); |
| 667 | 668 |
if(strcmp(dblist[i].ext, "info") && !access(dbfile, R_OK)) {
|
| ... | ... |
@@ -842,7 +843,7 @@ static int qcompare(const void *a, const void *b) |
| 842 | 842 |
|
| 843 | 843 |
static int build(const struct optstruct *opts) |
| 844 | 844 |
{
|
| 845 |
- int ret, bc = 0; |
|
| 845 |
+ int ret, bc = 0, hy = 0; |
|
| 846 | 846 |
size_t bytes; |
| 847 | 847 |
unsigned int i, sigs = 0, oldsigs = 0, entries = 0, version, real_header, fl, maxentries; |
| 848 | 848 |
STATBUF foo; |
| ... | ... |
@@ -883,6 +884,9 @@ static int build(const struct optstruct *opts) |
| 883 | 883 |
if(!strcmp(dbname, "bytecode")) |
| 884 | 884 |
bc = 1; |
| 885 | 885 |
|
| 886 |
+ if(optget(opts, "hybrid")->enabled) |
|
| 887 |
+ hy = 1; |
|
| 888 |
+ |
|
| 886 | 889 |
if(!(engine = cl_engine_new())) {
|
| 887 | 890 |
mprintf("!build: Can't initialize antivirus engine\n");
|
| 888 | 891 |
return 50; |
| ... | ... |
@@ -898,7 +902,7 @@ static int build(const struct optstruct *opts) |
| 898 | 898 |
if(!sigs) {
|
| 899 | 899 |
mprintf("!build: There are no signatures in database files\n");
|
| 900 | 900 |
} else {
|
| 901 |
- if(bc) {
|
|
| 901 |
+ if(bc || hy) {
|
|
| 902 | 902 |
if((dd = opendir(".")) == NULL) {
|
| 903 | 903 |
mprintf("!build: Can't open current directory\n");
|
| 904 | 904 |
return -1; |
| ... | ... |
@@ -947,7 +951,8 @@ static int build(const struct optstruct *opts) |
| 947 | 947 |
dblist2cnt++; |
| 948 | 948 |
entries += countlines("last.hdb");
|
| 949 | 949 |
} |
| 950 |
- } else {
|
|
| 950 |
+ } |
|
| 951 |
+ if(!bc || hy) {
|
|
| 951 | 952 |
for(i = 0; dblist[i].ext; i++) {
|
| 952 | 953 |
snprintf(dbfile, sizeof(dbfile), "%s.%s", dbname, dblist[i].ext); |
| 953 | 954 |
if(dblist[i].count && !access(dbfile, R_OK)) |
| ... | ... |
@@ -958,15 +963,15 @@ static int build(const struct optstruct *opts) |
| 958 | 958 |
if(entries != sigs) |
| 959 | 959 |
mprintf("^build: Signatures in %s db files: %u, loaded by libclamav: %u\n", dbname, entries, sigs);
|
| 960 | 960 |
|
| 961 |
- maxentries = optget(opts, "max-bad-sigs")->numarg; |
|
| 961 |
+ maxentries = optget(opts, "max-bad-sigs")->numarg; |
|
| 962 | 962 |
|
| 963 |
- if (maxentries) {
|
|
| 964 |
- if(!entries || (sigs > entries && sigs - entries >= maxentries)) {
|
|
| 965 |
- mprintf("!Bad number of signatures in database files\n");
|
|
| 966 |
- FREE_LS(dblist2); |
|
| 967 |
- return -1; |
|
| 968 |
- } |
|
| 969 |
- } |
|
| 963 |
+ if (maxentries) {
|
|
| 964 |
+ if(!entries || (sigs > entries && sigs - entries >= maxentries)) {
|
|
| 965 |
+ mprintf("!Bad number of signatures in database files\n");
|
|
| 966 |
+ FREE_LS(dblist2); |
|
| 967 |
+ return -1; |
|
| 968 |
+ } |
|
| 969 |
+ } |
|
| 970 | 970 |
} |
| 971 | 971 |
|
| 972 | 972 |
/* try to read cvd header of current database */ |
| ... | ... |
@@ -1086,8 +1091,8 @@ static int build(const struct optstruct *opts) |
| 1086 | 1086 |
return -1; |
| 1087 | 1087 |
} |
| 1088 | 1088 |
|
| 1089 |
- if(bc) {
|
|
| 1090 |
- if(tar_addfile(-1, tar, "bytecode.info") == -1) {
|
|
| 1089 |
+ if(bc || hy) {
|
|
| 1090 |
+ if(!hy && tar_addfile(-1, tar, "bytecode.info") == -1) {
|
|
| 1091 | 1091 |
gzclose(tar); |
| 1092 | 1092 |
unlink(tarfile); |
| 1093 | 1093 |
free(tarfile); |
| ... | ... |
@@ -1103,7 +1108,8 @@ static int build(const struct optstruct *opts) |
| 1103 | 1103 |
return -1; |
| 1104 | 1104 |
} |
| 1105 | 1105 |
} |
| 1106 |
- } else {
|
|
| 1106 |
+ } |
|
| 1107 |
+ if(!bc || hy) {
|
|
| 1107 | 1108 |
for(i = 0; dblist[i].ext; i++) {
|
| 1108 | 1109 |
snprintf(dbfile, sizeof(dbfile), "%s.%s", dbname, dblist[i].ext); |
| 1109 | 1110 |
if(!access(dbfile, R_OK)) {
|
| ... | ... |
@@ -3513,6 +3519,7 @@ static void help(void) |
| 3513 | 3513 |
mprintf(" this value is ignored.\n");
|
| 3514 | 3514 |
mprintf(" --no-cdiff Don't generate .cdiff file\n");
|
| 3515 | 3515 |
mprintf(" --unsigned Create unsigned database file (.cud)\n");
|
| 3516 |
+ mprintf(" --hybrid Create a hybrid (standard and bytecode) database file\n");
|
|
| 3516 | 3517 |
mprintf(" --print-certs=FILE Print Authenticode details from a PE\n");
|
| 3517 | 3518 |
mprintf(" --server=ADDR ClamAV Signing Service address\n");
|
| 3518 | 3519 |
mprintf(" --datadir=DIR Use DIR as default database directory\n");
|