@@ -1010,6 +1010,20 @@ int recvloop_th(int *socketds, unsigned nsockets, struct cl_engine *engine, unsi

 	logg("HTML support disabled.\n");

     }

+    if(optget(opts, "ScanXMLDOCS")->enabled) {

+	logg("XMLDOCS support enabled.\n");

+	options |= CL_SCAN_XMLDOCS;

+    } else {

+	logg("XMLDOCS support disabled.\n");

+    }

+

+    if(optget(opts, "ScanHWP3")->enabled) {

+	logg("HWP3 support enabled.\n");

+	options |= CL_SCAN_HWP3;

+    } else {

+	logg("HWP3 support disabled.\n");

+    }

+

     if(optget(opts,"PhishingScanURLs")->enabled) {

 	if(optget(opts,"PhishingAlwaysBlockCloak")->enabled) {

@@ -262,6 +262,8 @@ void help(void)

     mprintf("    --scan-pdf[=yes(*)/no]               Scan PDF files\n");

     mprintf("    --scan-swf[=yes(*)/no]               Scan SWF files\n");

     mprintf("    --scan-html[=yes(*)/no]              Scan HTML files\n");

+    mprintf("    --scan-xmldocs[=yes(*)/no]           Scan xml-based document files\n");

+    mprintf("    --scan-hwp3[=yes(*)/no]              Scan HWP3 files\n");

     mprintf("    --scan-archive[=yes(*)/no]           Scan archive files (supported by libclamav)\n");

     mprintf("    --detect-broken[=yes/no(*)]          Try to detect broken executable files\n");

     mprintf("    --block-encrypted[=yes/no(*)]        Block encrypted archives\n");

@@ -1076,6 +1076,12 @@ int scanmanager(const struct optstruct *opts)

     if(optget(opts, "scan-mail")->enabled)

         options |= CL_SCAN_MAIL;

+    if(optget(opts, "scan-xmldocs")->enabled)

+        options |= CL_SCAN_XMLDOCS;

+

+    if(optget(opts, "scan-hwp3")->enabled)

+        options |= CL_SCAN_HWP3;

+

     if(optget(opts, "algorithmic-detection")->enabled)

         options |= CL_SCAN_ALGORITHMIC;

@@ -467,6 +467,20 @@ If you turn off this option, the original files will still be scanned, but witho

 .br 

 Default: yes

 .TP

+\fBScanXMLDOCS BOOL\fR

+This option enables scanning xml-based document files supported by libclamav.

+.br

+If you turn off this option, the original files will still be scanned, but without additional processing.

+.br

+Default: yes

+.TP

+\fBScanHWP3 BOOL\fR

+This option enables scanning HWP3 files.

+.br

+If you turn off this option, the original files will still be scanned, but without additional processing.

+.br

+Default: yes

+.TP 

 \fBScanArchive BOOL\fR

 Scan within archives and compressed files.

 .br

@@ -168,6 +168,12 @@ Scan SWF files. If you turn off this option, the original files will still be sc

 \fB\-\-scan\-html[=yes(*)/no]\fR

 Detect, normalize/decrypt and scan HTML files and embedded scripts. If you turn off this option, the original files will still be scanned, but without additional processing.

 .TP 

+\fB\-\-scan\-xmldocs[=yes(*)/no]\fR

+Scan xml-based document files supported by libclamav. If you turn off this option, the original files will still be scanned, but without additional processing.

+.TP 

+\fB\-\-scan\-hwp3[=yes(*)/no]\fR

+Scan HWP3 files. If you turn off this option, the original files will still be scanned, but without additional processing.

+.TP 

 \fB\-\-scan\-archive[=yes(*)/no]\fR

 Scan archives supported by libclamav. If you turn off this option, the original files will still be scanned, but without unpacking and additional processing.

 .TP 

@@ -318,6 +318,18 @@ Example

 # Default: yes

 #ScanSWF yes

+# This option enables scanning xml-based document files supported by libclamav.

+# If you turn off this option, the original files will still be scanned, but

+# without additional processing.

+# Default: yes

+#ScanXMLDOCS yes

+

+# This option enables scanning of HWP3 files.

+# If you turn off this option, the original files will still be scanned, but

+# without additional processing.

+# Default: yes

+#ScanHWP3 yes

+

 ##

 ## Mail files

@@ -166,13 +166,15 @@ typedef enum {

 #define CL_SCAN_ALLMATCHES		0x200000

 #define CL_SCAN_SWF			0x400000

 #define CL_SCAN_PARTITION_INTXN         0x800000

+#define CL_SCAN_XMLDOCS                 0x1000000

+#define CL_SCAN_HWP3                    0x2000000

 #define CL_SCAN_FILE_PROPERTIES         0x10000000

 //#define UNUSED                        0x20000000

 #define CL_SCAN_PERFORMANCE_INFO        0x40000000 /* collect performance timings */

 #define CL_SCAN_INTERNAL_COLLECT_SHA    0x80000000 /* Enables hash output in sha-collect builds - for internal use only */

 /* recommended scan settings */

-#define CL_SCAN_STDOPT		(CL_SCAN_ARCHIVE | CL_SCAN_MAIL | CL_SCAN_OLE2 | CL_SCAN_PDF | CL_SCAN_HTML | CL_SCAN_PE | CL_SCAN_ALGORITHMIC | CL_SCAN_ELF | CL_SCAN_SWF)

+#define CL_SCAN_STDOPT		(CL_SCAN_ARCHIVE | CL_SCAN_MAIL | CL_SCAN_OLE2 | CL_SCAN_PDF | CL_SCAN_HTML | CL_SCAN_PE | CL_SCAN_ALGORITHMIC | CL_SCAN_ELF | CL_SCAN_SWF | CL_SCAN_XMLDOCS | CL_SCAN_HWP3)

 /* cl_countsigs options */

 #define CL_COUNTSIGS_OFFICIAL	    0x1

@@ -473,6 +473,8 @@ extern int have_rar;

 #define SCAN_ALL            (ctx->options & CL_SCAN_ALLMATCHES)

 #define SCAN_SWF            (ctx->options & CL_SCAN_SWF)

 #define SCAN_PROPERTIES     (ctx->options & CL_SCAN_FILE_PROPERTIES)

+#define SCAN_XMLDOCS        (ctx->options & CL_SCAN_XMLDOCS)

+#define SCAN_HWP3           (ctx->options & CL_SCAN_HWP3)

 /* based on macros from A. Melnikoff */

 #define cbswap16(v) (((v & 0xff) << 8) | (((v) >> 8) & 0xff))

@@ -2273,19 +2273,19 @@ static int cli_scanraw(cli_ctx *ctx, cli_file_t type, uint8_t typercg, cli_file_

                     }

                     break;

                 case CL_TYPE_XML_WORD:

-                    if(DCONF_DOC & DOC_CONF_MSXML) {

+                    if(SCAN_XMLDOCS && (DCONF_DOC & DOC_CONF_MSXML)) {

                         cli_dbgmsg("XML-WORD signature found at %u\n", (unsigned int) fpt->offset);

                         ret = cli_scanmsxml(ctx);

                     }

                     break;

                 case CL_TYPE_XML_XL:

-                    if(DCONF_DOC & DOC_CONF_MSXML) {

+                    if(SCAN_XMLDOCS && (DCONF_DOC & DOC_CONF_MSXML)) {

                         cli_dbgmsg("XML-XL signature found at %u\n", (unsigned int) fpt->offset);

                         ret = cli_scanmsxml(ctx);

                     }

                     break;

                 case CL_TYPE_XML_HWP:

-                    if(DCONF_DOC & DOC_CONF_HWP) {

+                    if(SCAN_XMLDOCS && (DCONF_DOC & DOC_CONF_HWP)) {

                         cli_dbgmsg("XML-HWP signature found at %u\n", (unsigned int) fpt->offset);

                         ret = cli_scanhwpml(ctx);

                     }

@@ -2858,7 +2858,7 @@ static int magic_scandesc(cli_ctx *ctx, cli_file_t type)

 	    break;

 	case CL_TYPE_HWP3:

-	    if(DCONF_DOC & DOC_CONF_HWP)

+	    if(SCAN_HWP3 && (DCONF_DOC & DOC_CONF_HWP))

 		ret = cli_scanhwp3(ctx);

 	    break;

@@ -2868,17 +2868,17 @@ static int magic_scandesc(cli_ctx *ctx, cli_file_t type)

 	    break;

 	case CL_TYPE_XML_WORD:

-	    if(DCONF_DOC & DOC_CONF_MSXML)

+	    if(SCAN_XMLDOCS && (DCONF_DOC & DOC_CONF_MSXML))

 		ret = cli_scanmsxml(ctx);

 	    break;

 	case CL_TYPE_XML_XL:

-	    if(DCONF_DOC & DOC_CONF_MSXML)

+	    if(SCAN_XMLDOCS && (DCONF_DOC & DOC_CONF_MSXML))

 		ret = cli_scanmsxml(ctx);

 	    break;

 	case CL_TYPE_XML_HWP:

-	    if(DCONF_DOC & DOC_CONF_HWP)

+	    if(SCAN_XMLDOCS && (DCONF_DOC & DOC_CONF_HWP))

 		ret = cli_scanhwpml(ctx);

 	    break;

@@ -2914,7 +2914,7 @@ static int magic_scandesc(cli_ctx *ctx, cli_file_t type)

 	case CL_TYPE_OOXML_XL:

 	case CL_TYPE_OOXML_HWP:

 #if HAVE_JSON

-	    if(DCONF_DOC & DOC_CONF_OOXML) {

+	    if(SCAN_XMLDOCS && (DCONF_DOC & DOC_CONF_OOXML)) {

 		if ((ctx->options & CL_SCAN_FILE_PROPERTIES) && (ctx->wrkproperty != NULL)) {

 		    ret = cli_process_ooxml(ctx, type);

@@ -353,6 +353,10 @@ const struct clam_option __clam_options[] = {

     { "ScanSWF", "scan-swf", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 1, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN, "This option enables scanning within SWF files.\nIf you turn off this option, the original files will still be scanned, but\nwithout decoding and additional processing.", "yes" },

+    { "ScanXMLDOCS", "scan-xmldocs", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 1, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN, "This option enables scanning xml-based document files supported by libclamav.\nIf you turn off this option, the original files will still be scanned, but\nwithout additional processing.", "yes" },

+

+    { "ScanHWP3", "scan-hwp3", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 1, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN, "This option enables scanning HWP3 files.\nIf you turn off this option, the original files will still be scanned, but\nwithout additional processing.", "yes" },

+

     { "ScanArchive", "scan-archive", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 1, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN, "Scan within archives and compressed files.\nIf you turn off this option, the original files will still be scanned, but\nwithout unpacking and additional processing.", "yes" },

     { "ArchiveBlockEncrypted", "block-encrypted", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN, "Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).", "no" },