@@ -208,71 +208,76 @@ int main(int argc, char *argv[])

     fclose(f);

     printf("Bytecode loaded\n");

-    ctx = cli_bytecode_context_alloc();

-    if (!ctx) {

-	fprintf(stderr,"Out of memory\n");

-	exit(3);

-    }

-    memset(&dbg_state, 0, sizeof(dbg_state));

-    dbg_state.file = "<libclamav>";

-    dbg_state.line = 0;

-    dbg_state.col = 0;

-    dbg_state.showline = !optget(opts, "no-trace-showsource")->enabled;

-    tracelevel = optget(opts, "trace")->numarg;

-    cli_bytecode_context_set_trace(ctx, tracelevel,

-				   tracehook,

-				   tracehook_op,

-				   tracehook_val,

-				   tracehook_ptr);

+    if (optget(opts, "describe")->enabled) {

+	cli_bytecode_describe(bc);

+    } else {

-    if (opts->filename[1]) {

-	funcid = atoi(opts->filename[1]);

-    }

-    cli_bytecode_context_setfuncid(ctx, bc, funcid);

-    printf("Running bytecode function :%u\n", funcid);

+	ctx = cli_bytecode_context_alloc();

+	if (!ctx) {

+	    fprintf(stderr,"Out of memory\n");

+	    exit(3);

+	}

+	memset(&dbg_state, 0, sizeof(dbg_state));

+	dbg_state.file = "<libclamav>";

+	dbg_state.line = 0;

+	dbg_state.col = 0;

+	dbg_state.showline = !optget(opts, "no-trace-showsource")->enabled;

+	tracelevel = optget(opts, "trace")->numarg;

+	cli_bytecode_context_set_trace(ctx, tracelevel,

+				       tracehook,

+				       tracehook_op,

+				       tracehook_val,

+				       tracehook_ptr);

-    if (opts->filename[1]) {

-	i=2;

-	while (opts->filename[i]) {

-	    rc = cli_bytecode_context_setparam_int(ctx, i-2, atoi(opts->filename[i]));

-	    if (rc != CL_SUCCESS) {

-		fprintf(stderr,"Unable to set param %u: %s\n", i-2, cl_strerror(rc));

-	    }

-	    i++;

+	if (opts->filename[1]) {

+	    funcid = atoi(opts->filename[1]);

 	}

-    }

+	cli_bytecode_context_setfuncid(ctx, bc, funcid);

+	printf("Running bytecode function :%u\n", funcid);

-    if ((opt = optget(opts,"input"))->enabled) {

-	fmap_t *map;

-	fd = open(opt->strarg, O_RDONLY);

-	if (fd == -1) {

-	    fprintf(stderr, "Unable to open input file %s: %s\n", opt->strarg, strerror(errno));

-	    optfree(opts);

-	    exit(5);

+	if (opts->filename[1]) {

+	    i=2;

+	    while (opts->filename[i]) {

+		rc = cli_bytecode_context_setparam_int(ctx, i-2, atoi(opts->filename[i]));

+		if (rc != CL_SUCCESS) {

+		    fprintf(stderr,"Unable to set param %u: %s\n", i-2, cl_strerror(rc));

+		}

+		i++;

+	    }

 	}

-	map = fmap(fd, 0, 0);

-	if (!map) {

-	    fprintf(stderr, "Unable to map input file %s\n", opt->strarg);

+

+	if ((opt = optget(opts,"input"))->enabled) {

+	    fmap_t *map;

+	    fd = open(opt->strarg, O_RDONLY);

+	    if (fd == -1) {

+		fprintf(stderr, "Unable to open input file %s: %s\n", opt->strarg, strerror(errno));

+		optfree(opts);

+		exit(5);

+	    }

+	    map = fmap(fd, 0, 0);

+	    if (!map) {

+		fprintf(stderr, "Unable to map input file %s\n", opt->strarg);

+	    }

+	    rc = cli_bytecode_context_setfile(ctx, map);

+	    if (rc != CL_SUCCESS) {

+		fprintf(stderr, "Unable to set file %s: %s\n", opt->strarg, cl_strerror(rc));

+		optfree(opts);

+		exit(5);

+	    }

+	    funmap(map);

 	}

-	rc = cli_bytecode_context_setfile(ctx, map);

+

+	rc = cli_bytecode_run(&bcs, bc, ctx);

 	if (rc != CL_SUCCESS) {

-	    fprintf(stderr, "Unable to set file %s: %s\n", opt->strarg, cl_strerror(rc));

-	    optfree(opts);

-	    exit(5);

+	    fprintf(stderr,"Unable to run bytecode: %s\n", cl_strerror(rc));

+	} else {

+	    uint64_t v;

+	    printf("Bytecode run finished\n");

+	    v = cli_bytecode_context_getresult_int(ctx);

+	    printf("Bytecode returned: 0x%llx\n", (long long)v);

 	}

-	funmap(map);

-    }

-

-    rc = cli_bytecode_run(&bcs, bc, ctx);

-    if (rc != CL_SUCCESS) {

-	fprintf(stderr,"Unable to run bytecode: %s\n", cl_strerror(rc));

-    } else {

-	uint64_t v;

-	printf("Bytecode run finished\n");

-	v = cli_bytecode_context_getresult_int(ctx);

-	printf("Bytecode returned: 0x%llx\n", (long long)v);

+	cli_bytecode_context_destroy(ctx);

     }

-    cli_bytecode_context_destroy(ctx);

     cli_bytecode_destroy(bc);

     cli_bytecode_done(&bcs);

     free(bc);

@@ -438,14 +438,14 @@ static int parseHeader(struct cli_bc *bc, unsigned char *buffer, unsigned *linel

 	return CL_BREAK;

     }

     // Optimistic parsing, check for error only at the end.

-    bc->verifier = readNumber(buffer, &offset, len, &ok);

-    bc->sigmaker = readString(buffer, &offset, len, &ok);

-    bc->id = readNumber(buffer, &offset, len, &ok);

+    bc->metadata.timestamp = readNumber(buffer, &offset, len, &ok);

+    bc->metadata.sigmaker = readString(buffer, &offset, len, &ok);

+    bc->metadata.targetExclude = readNumber(buffer, &offset, len, &ok);

     bc->kind = readNumber(buffer, &offset, len, &ok);

     bc->metadata.maxStack = readNumber(buffer, &offset, len, &ok);

     bc->metadata.maxMem = readNumber(buffer, &offset, len, &ok);

     bc->metadata.maxTime = readNumber(buffer, &offset, len, &ok);

-    bc->metadata.targetExclude = readString(buffer, &offset, len, &ok);

+    bc->metadata.compiler = readString(buffer, &offset, len, &ok);

     bc->num_types = readNumber(buffer, &offset, len, &ok);

     bc->num_func = readNumber(buffer, &offset, len, &ok);

     bc->state = bc_loaded;

@@ -1405,8 +1405,8 @@ uint64_t cli_bytecode_context_getresult_int(struct cli_bc_ctx *ctx)

 void cli_bytecode_destroy(struct cli_bc *bc)

 {

     unsigned i, j, k;

-    free(bc->sigmaker);

-    free(bc->metadata.targetExclude);

+    free(bc->metadata.compiler);

+    free(bc->metadata.sigmaker);

     for (i=0;i<bc->num_func;i++) {

 	struct cli_bc_func *f = &bc->funcs[i];

@@ -1742,3 +1742,88 @@ void cli_bytecode_context_setctx(struct cli_bc_ctx *ctx, void *cctx)

 {

     ctx->ctx = cctx;

 }

+

+void cli_bytecode_describe(const struct cli_bc *bc)

+{

+    char buf[128];

+    int cols;

+    unsigned i;

+    time_t stamp;

+    int had;

+

+    if (!bc) {

+	printf("(null bytecode)\n");

+	return;

+    }

+

+    stamp = bc->metadata.timestamp;

+    printf("Bytecode format functionality level: %u\n", BC_FUNC_LEVEL);

+    printf("Bytecode metadata:\n\tcompiler version: %s\n",

+	   bc->metadata.compiler ? bc->metadata.compiler : "N/A");

+    printf("\tcompiled on: %s\n",

+	   cli_ctime(&stamp, buf, sizeof(buf)));

+    printf("\tcompiled by: %s\n", bc->metadata.sigmaker ? bc->metadata.sigmaker : "N/A");

+    //TODO: parse and display arch name, also take it into account when

+    //JITing!

+    printf("\ttarget exclude: %d\n", bc->metadata.targetExclude);

+    printf("\tbytecode type: ");

+    switch (bc->kind) {

+	case BC_GENERIC:

+	    puts("generic, not loadable by clamscan/clamd");

+	    break;

+	case BC_LOGICAL:

+	    puts("logical only");

+	    break;

+	case BC_PE_UNPACKER:

+	    puts("PE hook");

+	    break;

+	default:

+	    printf("Unknown (type %u)", bc->kind);

+	    break;

+    }

+    printf("\tbytecode logical signature: %s\n",

+	       bc->lsig ? bc->lsig : "<none>");

+    printf("\tvirusname prefix: %s\n",

+	   bc->vnameprefix);

+    printf("\tvirusnames: %u\n", bc->vnames_cnt);

+    printf("\tbytecode triggered on: ");

+    switch (bc->kind) {

+	case BC_GENERIC:

+	    puts("N/A (loaded in clambc only)");

+	    break;

+	case BC_LOGICAL:

+	    puts("files matching logical signature");

+	    break;

+	case BC_PE_UNPACKER:

+	    if (bc->lsig)

+		puts("PE files matching logical signature");

+	    else

+		puts("all PE files!");

+	    break;

+	default:

+	    puts("N/A (unknown type)\n");

+	    break;

+    }

+    printf("\tnumber of functions: %u\n\tnumber of types: %u\n",

+	   bc->num_func, bc->num_types);

+    printf("\tnumber of global constants: %u\n", bc->num_globals);

+    printf("\tnumber of debug nodes: %u\n", bc->dbgnode_cnt);

+    printf("\tbytecode APIs used:");

+    cols = 0; /* remaining */

+    had = 0;

+    for (i=0;i<cli_apicall_maxapi;i++) {

+	if (cli_bitset_test(bc->uses_apis, i)) {

+	    unsigned len = strlen(cli_apicalls[i].name);

+	    if (had)

+		printf(",");

+	    if (len > cols) {

+		printf("\n\t");

+		cols = 72;

+	    }

+	    printf(" %s", cli_apicalls[i].name);

+	    had = 1;

+	    cols -= len;

+	}

+    }

+    printf("\n");

+}

@@ -45,11 +45,9 @@ enum bc_state {

 };

 struct cli_bc {

-  unsigned verifier;

-  char *sigmaker;

+  struct bytecode_metadata metadata;

   unsigned id;

   unsigned kind;

-  struct bytecode_metadata metadata;

   unsigned num_types;

   unsigned num_func;

   struct cli_bc_func *funcs;

@@ -105,6 +103,7 @@ int cli_bytecode_prepare(struct cli_all_bc *allbc);

 int cli_bytecode_run(const struct cli_all_bc *bcs, const struct cli_bc *bc, struct cli_bc_ctx *ctx);

 void cli_bytecode_destroy(struct cli_bc *bc);

 int cli_bytecode_done(struct cli_all_bc *allbc);

+void cli_bytecode_describe(const struct cli_bc *bc);

 /* Hooks */

 struct cli_exe_info;

@@ -23,9 +23,12 @@

 #define CLAMBC_H

 struct bytecode_metadata {

-  unsigned long maxStack, maxMem;

-  unsigned long maxTime;

-  char *targetExclude;

+    char *compiler;

+    char *sigmaker;

+    uint64_t timestamp;

+    unsigned long maxStack, maxMem;

+    unsigned long maxTime;

+    unsigned targetExclude;

 };

 #define BC_FUNC_LEVEL 5

@@ -170,6 +170,7 @@ CLAMAV_PRIVATE {

     cli_bytecode_context_set_trace;

     cli_bytecode_debug_printsrc;

     cli_bytecode_printversion;

+    cli_bytecode_describe;

   local:

     *;

 };

@@ -1333,6 +1333,7 @@ static int cli_loadcbc(FILE *fs, struct cl_engine *engine, unsigned int *signo,

     }

     bcs->count++;

     bc = &bcs->all_bcs[bcs->count-1];

+    bc->id = bcs->count;

     switch (engine->bytecode_security) {

 	case CL_BYTECODE_TRUST_ALL:

@@ -1362,7 +1363,7 @@ static int cli_loadcbc(FILE *fs, struct cl_engine *engine, unsigned int *signo,

 	    cli_errmsg("Bytecode %s has logical kind, but missing logical signature!\n", dbname);

 	    return CL_EMALFDB;

 	}

-	cli_dbgmsg("Bytecode %s has logical signature: %s\n", dbname, bc->lsig);

+	cli_dbgmsg("Bytecode %s(%u) has logical signature: %s\n", dbname, bc->id, bc->lsig);

 	rc = load_oneldb(bc->lsig, 0, 0, engine, options, dbname, 0, &sigs, bc, NULL);

 	if (rc != CL_SUCCESS) {

 	    cli_errmsg("Problem parsing logical signature %s for bytecode %s: %s\n",

@@ -121,6 +121,7 @@ const struct clam_option __clam_options[] = {

     { NULL, "generate-config", 'g', TYPE_STRING, NULL, -1, NULL, 0, OPT_CLAMCONF, "", "" },

     { NULL, "force-interpreter", 'f', TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMBC, "Force using the interpreter instead of the JIT", "" },

+    { NULL, "describe", 'd', TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMBC, "Load and describe bytecode without executing", ""},

     { NULL, "input", 'i', TYPE_STRING, NULL, -1, NULL, 0, OPT_CLAMBC, "Input file to run the bytecode n", ""},

     { NULL, "trace", 't', TYPE_NUMBER, MATCH_NUMBER, 7, NULL, 0, OPT_CLAMBC, "bytecode trace level",""},

     { NULL, "no-trace-showsource", 's', TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMBC, "Don't show source line during tracing",""},