@@ -1,5 +1,6 @@

 #

 #  Copyright (C) 2002 - 2007 Tomasz Kojm <tkojm@clamav.net>

+#  Copyright (C) 2008 - 2013 Sourcefire, Inc.

 #

 #  This program is free software; you can redistribute it and/or modify

 #  it under the terms of the GNU General Public License as published by

@@ -370,6 +371,10 @@ libclamav_la_SOURCES = \

 	builtin_bytecodes.h\

 	events.c\

 	events.h \

+	dmg.c \

+	dmg.h \

+	xar.c \

+	xar.h \

 	swf.c \

 	swf.h \

 	jpeg.c \

@@ -17,6 +17,7 @@

 #

 #  Copyright (C) 2002 - 2007 Tomasz Kojm <tkojm@clamav.net>

+#  Copyright (C) 2008 - 2013 Sourcefire, Inc.

 #

 #  This program is free software; you can redistribute it and/or modify

 #  it under the terms of the GNU General Public License as published by

@@ -184,7 +185,8 @@ am_libclamav_la_OBJECTS = libclamav_la-matcher-ac.lo \

 	libclamav_la-ishield.lo libclamav_la-bytecode_api.lo \

 	libclamav_la-bytecode_api_decl.lo libclamav_la-cache.lo \

 	libclamav_la-bytecode_detect.lo libclamav_la-events.lo \

-	libclamav_la-swf.lo libclamav_la-jpeg.lo libclamav_la-png.lo \

+	libclamav_la-dmg.lo libclamav_la-xar.lo libclamav_la-swf.lo \

+	libclamav_la-jpeg.lo libclamav_la-png.lo \

 	libclamav_la-iso9660.lo libclamav_la-arc4.lo \

 	libclamav_la-rijndael.lo libclamav_la-crtmgr.lo \

 	libclamav_la-asn1.lo libclamav_la-fp_add.lo \

@@ -706,12 +708,12 @@ libclamav_la_SOURCES = clamav.h matcher-ac.c matcher-ac.h matcher-bm.c \

 	bcfeatures.h bytecode_api.c bytecode_api_decl.c bytecode_api.h \

 	bytecode_api_impl.h bytecode_hooks.h cache.c cache.h \

 	bytecode_detect.c bytecode_detect.h builtin_bytecodes.h \

-	events.c events.h swf.c swf.h jpeg.c jpeg.h png.c png.h \

-	iso9660.c iso9660.h arc4.c arc4.h rijndael.c rijndael.h \

-	crtmgr.c crtmgr.h asn1.c asn1.h bignum.h bignum_fast.h \

-	tomsfastmath/addsub/fp_add.c tomsfastmath/addsub/fp_add_d.c \

-	tomsfastmath/addsub/fp_addmod.c tomsfastmath/addsub/fp_cmp.c \

-	tomsfastmath/addsub/fp_cmp_d.c \

+	events.c events.h dmg.c dmg.h xar.c xar.h swf.c swf.h jpeg.c \

+	jpeg.h png.c png.h iso9660.c iso9660.h arc4.c arc4.h \

+	rijndael.c rijndael.h crtmgr.c crtmgr.h asn1.c asn1.h bignum.h \

+	bignum_fast.h tomsfastmath/addsub/fp_add.c \

+	tomsfastmath/addsub/fp_add_d.c tomsfastmath/addsub/fp_addmod.c \

+	tomsfastmath/addsub/fp_cmp.c tomsfastmath/addsub/fp_cmp_d.c \

 	tomsfastmath/addsub/fp_cmp_mag.c tomsfastmath/addsub/fp_sub.c \

 	tomsfastmath/addsub/fp_sub_d.c tomsfastmath/addsub/fp_submod.c \

 	tomsfastmath/addsub/s_fp_add.c tomsfastmath/addsub/s_fp_sub.c \

@@ -931,6 +933,7 @@ distclean-compile:

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-dconf.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-disasm.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-dlp.Plo@am__quote@

+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-dmg.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-dsig.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-elf.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-entconv.Plo@am__quote@

@@ -1085,6 +1088,7 @@ distclean-compile:

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-vba_extract.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-version.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-wwunpack.Plo@am__quote@

+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-xar.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libclamav_la-yc.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/unrar.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/unrar15.Plo@am__quote@

@@ -1838,6 +1842,20 @@ libclamav_la-events.lo: events.c

 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@

 @am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libclamav_la_CFLAGS) $(CFLAGS) -c -o libclamav_la-events.lo `test -f 'events.c' || echo '$(srcdir)/'`events.c

+libclamav_la-dmg.lo: dmg.c

+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libclamav_la_CFLAGS) $(CFLAGS) -MT libclamav_la-dmg.lo -MD -MP -MF $(DEPDIR)/libclamav_la-dmg.Tpo -c -o libclamav_la-dmg.lo `test -f 'dmg.c' || echo '$(srcdir)/'`dmg.c

+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libclamav_la-dmg.Tpo $(DEPDIR)/libclamav_la-dmg.Plo

+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='dmg.c' object='libclamav_la-dmg.lo' libtool=yes @AMDEPBACKSLASH@

+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@

+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libclamav_la_CFLAGS) $(CFLAGS) -c -o libclamav_la-dmg.lo `test -f 'dmg.c' || echo '$(srcdir)/'`dmg.c

+

+libclamav_la-xar.lo: xar.c

+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libclamav_la_CFLAGS) $(CFLAGS) -MT libclamav_la-xar.lo -MD -MP -MF $(DEPDIR)/libclamav_la-xar.Tpo -c -o libclamav_la-xar.lo `test -f 'xar.c' || echo '$(srcdir)/'`xar.c

+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libclamav_la-xar.Tpo $(DEPDIR)/libclamav_la-xar.Plo

+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='xar.c' object='libclamav_la-xar.lo' libtool=yes @AMDEPBACKSLASH@

+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@

+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libclamav_la_CFLAGS) $(CFLAGS) -c -o libclamav_la-xar.lo `test -f 'xar.c' || echo '$(srcdir)/'`xar.c

+

 libclamav_la-swf.lo: swf.c

 @am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libclamav_la_CFLAGS) $(CFLAGS) -MT libclamav_la-swf.lo -MD -MP -MF $(DEPDIR)/libclamav_la-swf.Tpo -c -o libclamav_la-swf.lo `test -f 'swf.c' || echo '$(srcdir)/'`swf.c

 @am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libclamav_la-swf.Tpo $(DEPDIR)/libclamav_la-swf.Plo

@@ -96,6 +96,8 @@ static struct dconf_module modules[] = {

     { "ARCHIVE",    "ISHIELD",	    ARCH_CONF_ISHIELD,	    1 },

     { "ARCHIVE",    "7zip",	    ARCH_CONF_7Z,	    1 },

     { "ARCHIVE",    "ISO9660",	    ARCH_CONF_ISO9660,	    1 },

+    { "ARCHIVE",    "DMG",	    ARCH_CONF_DMG,	    1 },

+    { "ARCHIVE",    "XAR",	    ARCH_CONF_XAR,	    1 },

     { "DOCUMENT",   "HTML",	    DOC_CONF_HTML,	    1 },

     { "DOCUMENT",   "RTF",	    DOC_CONF_RTF,	    1 },

@@ -82,6 +82,8 @@ struct cli_dconf {

 #define ARCH_CONF_ISHIELD   0x8000

 #define ARCH_CONF_7Z        0x10000

 #define ARCH_CONF_ISO9660   0x20000

+#define ARCH_CONF_DMG       0x40000

+#define ARCH_CONF_XAR       0x80000

 /* Document flags */

 #define DOC_CONF_HTML		0x1

new file mode 100644

@@ -0,0 +1,76 @@

+/*

+ *  Copyright (C) 2013 Sourcefire, Inc.

+ *

+ *  Authors: David Raynor <draynor@sourcefire.com>

+ *

+ *  This program is free software; you can redistribute it and/or modify

+ *  it under the terms of the GNU General Public License version 2 as

+ *  published by the Free Software Foundation.

+ *

+ *  This program is distributed in the hope that it will be useful,

+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of

+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+ *  GNU General Public License for more details.

+ *

+ *  You should have received a copy of the GNU General Public License

+ *  along with this program; if not, write to the Free Software

+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

+ *  MA 02110-1301, USA.

+ */

+

+#if HAVE_CONFIG_H

+#include "clamav-config.h"

+#endif

+

+#include <stdio.h>

+#include <ctype.h>

+

+#include "cltypes.h"

+#include "others.h"

+#include "dmg.h"

+#include "scanners.h"

+

+int cli_scandmg(cli_ctx *ctx)

+{

+    struct dmg_koly_block hdr;

+    int ret, conv;

+    size_t maplen;

+

+    char name[513];

+    unsigned int file = 0, trailer = 0;

+    uint32_t filesize, namesize, hdr_namesize;

+    off_t pos = 0;

+

+    if (!ctx || !ctx->fmap) {

+        cli_errmsg("cli_scandmg: Invalid context\n");

+        return CL_ENULLARG;

+    }

+

+    maplen = (*ctx->fmap)->real_len;

+    pos = maplen - 512;

+    if (pos <= 0) {

+        cli_dbgmsg("cli_scandmg: Sizing problem for DMG archive.\n");

+        return CL_CLEAN;

+    }

+

+    /* Grab koly block */

+    if (fmap_readn(*ctx->fmap, &hdr, pos, sizeof(hdr)) != sizeof(hdr)) {

+        cli_dbgmsg("cli_scandmg: Invalid DMG trailer block\n");

+        return CL_EFORMAT;

+    }

+

+    /* Check magic */

+    hdr.magic = be32_to_host(hdr.magic);

+    if (hdr.magic == 0x6b6f6c79) {

+        cli_dbgmsg("cli_scandmg: Found koly block @ %ld\n", (long) pos);

+    }

+    else {

+        cli_dbgmsg("cli_scandmg: No koly magic, %8x\n", hdr.magic);

+        return CL_EFORMAT;

+    }

+

+    /* TODO: the rest of the unpacking */

+

+    return CL_CLEAN;

+}

+

new file mode 100644

@@ -0,0 +1,100 @@

+/*

+ *  Copyright (C) 2013 Sourcefire, Inc.

+ *

+ *  Authors: David Raynor <draynor@sourcefire.com>

+ *

+ *  This program is free software; you can redistribute it and/or modify

+ *  it under the terms of the GNU General Public License version 2 as

+ *  published by the Free Software Foundation.

+ *

+ *  This program is distributed in the hope that it will be useful,

+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of

+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+ *  GNU General Public License for more details.

+ *

+ *  You should have received a copy of the GNU General Public License

+ *  along with this program; if not, write to the Free Software

+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

+ *  MA 02110-1301, USA.

+ */

+

+#ifndef __DMG_H

+#define __DMG_H

+

+#if HAVE_CONFIG_H

+#include "clamav-config.h"

+#endif

+

+#include "cltypes.h"

+#include "others.h"

+

+#ifndef HAVE_ATTRIB_PACKED

+#define __attribute__(x)

+#endif

+

+#ifdef HAVE_PRAGMA_PACK

+#pragma pack(1)

+#endif

+

+#ifdef HAVE_PRAGMA_PACK_HPPA

+#pragma pack 1

+#endif

+

+/* 512-byte block, remember these are big-endian! */

+struct dmg_koly_block {

+    uint32_t magic  __attribute__ ((packed));

+    uint32_t version __attribute__ ((packed));

+    uint32_t headerLength __attribute__ ((packed));

+    uint32_t flags __attribute__ ((packed));

+    uint64_t runningOffset __attribute__ ((packed));

+    uint64_t dataForkOffset __attribute__ ((packed));

+    uint64_t dataForkLength __attribute__ ((packed));

+    uint64_t resourceForkOffset __attribute__ ((packed));

+    uint64_t resourceForkLength __attribute__ ((packed));

+    uint32_t segment __attribute__ ((packed));

+    uint32_t segmentCount __attribute__ ((packed));

+    /* technically uuid */

+    uint8_t  segmentID[16];

+

+    uint32_t dataChecksumFields[34] __attribute__ ((packed));

+

+    uint64_t xmlOffset __attribute__ ((packed));

+    uint64_t xmlLength __attribute__ ((packed));

+    uint8_t  padding[120];

+

+    uint32_t masterChecksumFields[34] __attribute__ ((packed));

+

+    uint32_t imageVariant __attribute__ ((packed));

+    uint64_t sectorCount __attribute__ ((packed));

+

+    uint32_t reserved[3] __attribute__ ((packed));

+};

+

+/* 204-byte block, still big-endian */

+struct dmg_mish_block {

+    uint32_t magic;

+    uint32_t version;

+

+    uint64_t startSector;

+    uint64_t sectorCount;

+    uint64_t dataOffset;

+    uint32_t bufferCount;

+    uint32_t descriptorBlocks;

+

+    uint8_t  reserved[24];

+

+    uint32_t checksum[34];

+    uint64_t blockDescriptorCount;

+};

+

+#ifdef HAVE_PRAGMA_PACK

+#pragma pack()

+#endif

+

+#ifdef HAVE_PRAGMA_PACK_HPPA

+#pragma pack

+#endif

+

+int cli_scandmg(cli_ctx *ctx);

+

+#endif

@@ -101,6 +101,8 @@ static const struct ftmap_s {

     { "CL_TYPE_SWF",		CL_TYPE_SWF		},

     { "CL_TYPE_ISO9660",	CL_TYPE_ISO9660		},

     { "CL_TYPE_JAVA",		CL_TYPE_JAVA		},

+    { "CL_TYPE_DMG",		CL_TYPE_DMG		},

+    { "CL_TYPE_XAR",		CL_TYPE_XAR		},

     { NULL,			CL_TYPE_IGNORED		}

 };

@@ -74,6 +74,7 @@ typedef enum {

     CL_TYPE_7Z,

     CL_TYPE_SWF,

     CL_TYPE_JAVA,

+    CL_TYPE_XAR,

     /* bigger numbers have higher priority (in o-t-f detection) */

     CL_TYPE_HTML, /* on the fly */

@@ -88,6 +89,7 @@ typedef enum {

     CL_TYPE_AUTOIT,

     CL_TYPE_ISHIELD_MSI,

     CL_TYPE_ISO9660,

+    CL_TYPE_DMG,

     CL_TYPE_IGNORED /* please don't add anything below */

 } cli_file_t;

@@ -172,6 +172,8 @@ static const char *ftypes_int[] = {

   "1:0:cafebabe0000001?:Universal Binary:CL_TYPE_ANY:CL_TYPE_MACHO_UNIBIN:73",

   "1:0:cafebabe0000002?:Java class file:CL_TYPE_ANY:CL_TYPE_JAVA:73",

   "1:0:cafebabe0000003?:Java class file:CL_TYPE_ANY:CL_TYPE_JAVA:73",

+  "1:EOF-512:6b6f6c79:DMG container file:CL_TYPE_ANY:CL_TYPE_DMG:73",

+  "0:0:78617221:XAR container file:CL_TYPE_ANY:CL_TYPE_XAR:73",

   NULL

 };

@@ -94,6 +94,8 @@

 #include "jpeg.h"

 #include "png.h"

 #include "iso9660.h"

+#include "dmg.h"

+#include "xar.h"

 #ifdef HAVE_BZLIB_H

 #include <bzlib.h>

@@ -595,7 +597,6 @@ static int cli_scangzip(cli_ctx *ctx)

     return ret;

 }

-

 #ifndef HAVE_BZLIB_H

 static int cli_scanbzip(cli_ctx *ctx) {

     cli_warnmsg("cli_scanbzip: bzip2 support not compiled in\n");

@@ -2114,6 +2115,14 @@ static int cli_scanraw(cli_ctx *ctx, cli_file_t type, uint8_t typercg, cli_file_

 			}

 			break;

+		    case CL_TYPE_DMG:

+			if(SCAN_ARCHIVE && (DCONF_ARCH & ARCH_CONF_DMG)) {

+			    ctx->container_type = CL_TYPE_DMG;

+			    nret = cli_scandmg(ctx);

+			    cli_dbgmsg("DMG signature found at %u\n", (unsigned int) fpt->offset);

+			}

+			break;

+

 		    case CL_TYPE_PDF:

 			if(type != CL_TYPE_PDF && SCAN_PDF && (DCONF_DOC & DOC_CONF_PDF)) {

 			    ctx->container_type = CL_TYPE_PDF;

@@ -2650,6 +2659,12 @@ static int magic_scandesc(cli_ctx *ctx, cli_file_t type)

 		ret = cli_scan_structured(ctx);

 	    break;

+	case CL_TYPE_XAR:

+	    ctx->container_type = CL_TYPE_XAR;

+	    if(SCAN_ARCHIVE && (DCONF_ARCH & ARCH_CONF_XAR))

+		ret = cli_scanxar(ctx);

+	    break;

+

 	default:

 	    break;

     }

new file mode 100644

@@ -0,0 +1,57 @@

+/*

+ *  Copyright (C) 2013 Sourcefire, Inc.

+ *

+ *  Authors: David Raynor <draynor@sourcefire.com>

+ *

+ *  This program is free software; you can redistribute it and/or modify

+ *  it under the terms of the GNU General Public License version 2 as

+ *  published by the Free Software Foundation.

+ *

+ *  This program is distributed in the hope that it will be useful,

+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of

+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+ *  GNU General Public License for more details.

+ *

+ *  You should have received a copy of the GNU General Public License

+ *  along with this program; if not, write to the Free Software

+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

+ *  MA 02110-1301, USA.

+ */

+

+#if HAVE_CONFIG_H

+#include "clamav-config.h"

+#endif

+

+#include "cltypes.h"

+#include "others.h"

+#include "xar.h"

+#include "fmap.h"

+#include "scanners.h"

+

+int cli_scanxar(cli_ctx *ctx)

+{

+    struct xar_header hdr;

+    char name[513];

+    unsigned int file = 0, trailer = 0;

+    uint32_t filesize, namesize, hdr_namesize;

+    int ret, conv;

+    off_t pos = 0;

+

+    if (fmap_readn(*ctx->fmap, &hdr, pos, sizeof(hdr)) != sizeof(hdr)) {

+        cli_dbgmsg("cli_scanxar: Invalid header, too short.\n");

+        return CL_EFORMAT;

+    }

+    hdr.magic = be32_to_host(hdr.magic);

+    if (hdr.magic == 0x78617221) {

+        cli_dbgmsg("cli_scanxar: Matched magic\n");

+    }

+    else {

+        cli_dbgmsg("cli_scanxar: Invalid magic\n");

+        return CL_EFORMAT;

+    }

+

+    /* TODO: First grab the TOC, parse that, and then unpack the rest. */

+

+    return CL_CLEAN;

+}

+

new file mode 100644

@@ -0,0 +1,62 @@

+/*

+ *  Copyright (C) 2013 Sourcefire, Inc.

+ *

+ *  Authors: David Raynor <draynor@sourcefire.com>

+ *

+ *  This program is free software; you can redistribute it and/or modify

+ *  it under the terms of the GNU General Public License version 2 as

+ *  published by the Free Software Foundation.

+ *

+ *  This program is distributed in the hope that it will be useful,

+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of

+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+ *  GNU General Public License for more details.

+ *

+ *  You should have received a copy of the GNU General Public License

+ *  along with this program; if not, write to the Free Software

+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

+ *  MA 02110-1301, USA.

+ */

+

+#ifndef __XAR_H

+#define __XAR_H

+

+#if HAVE_CONFIG_H

+#include "clamav-config.h"

+#endif

+

+#include "cltypes.h"

+#include "others.h"

+

+#ifndef HAVE_ATTRIB_PACKED

+#define __attribute__(x)

+#endif

+

+#ifdef HAVE_PRAGMA_PACK

+#pragma pack(1)

+#endif

+

+#ifdef HAVE_PRAGMA_PACK_HPPA

+#pragma pack 1

+#endif

+

+struct xar_header {

+    uint32_t magic;

+    uint16_t size;

+    uint16_t version;

+    uint64_t toc_length_compressed;

+    uint64_t toc_length_decompressed;

+    uint32_t chksum_alg; /* 0 = none */

+};

+

+#ifdef HAVE_PRAGMA_PACK

+#pragma pack()

+#endif

+

+#ifdef HAVE_PRAGMA_PACK_HPPA

+#pragma pack

+#endif

+

+int cli_scanxar(cli_ctx *ctx);

+

+#endif

@@ -298,6 +298,7 @@

     <ClCompile Include="..\libclamav\dconf.c"/>

     <ClCompile Include="..\libclamav\disasm.c"/>

     <ClCompile Include="..\libclamav\dlp.c"/>

+    <ClCompile Include="..\libclamav\dmg.c"/>

     <ClCompile Include="..\libclamav\dsig.c"/>

     <ClCompile Include="..\libclamav\elf.c"/>

     <ClCompile Include="..\libclamav\entconv.c"/>

@@ -372,6 +373,7 @@

     <ClCompile Include="..\libclamav\vba_extract.c"/>

     <ClCompile Include="..\libclamav\version.c"/>

     <ClCompile Include="..\libclamav\wwunpack.c"/>

+    <ClCompile Include="..\libclamav\xar.c"/>

     <ClCompile Include="..\libclamav\yc.c"/>

     <ClCompile Include="..\shared\getopt.c"/>

     <ClCompile Include="..\shared\misc.c"/>

@@ -102,6 +102,9 @@

     <ClCompile Include="..\libclamav\dlp.c">

       <Filter>Source Files</Filter>

     </ClCompile>

+    <ClCompile Include="..\libclamav\dmg.c">

+      <Filter>Source Files</Filter>

+    </ClCompile>

     <ClCompile Include="..\libclamav\dsig.c">

       <Filter>Source Files</Filter>

     </ClCompile>

@@ -282,6 +285,9 @@

     <ClCompile Include="..\libclamav\wwunpack.c">

       <Filter>Source Files</Filter>

     </ClCompile>

+    <ClCompile Include="..\libclamav\xar.c">

+      <Filter>Source Files</Filter>

+    </ClCompile>

     <ClCompile Include="..\libclamav\sha256.c">

       <Filter>Source Files</Filter>

     </ClCompile>