mirror/clamav
1
0
Fork 0
mirror of https://github.com/Cisco-Talos/clamav.git synced 2026-02-02 11:01:38 -05:00
Code Issues Packages Projects Releases Wiki Activity
9,366 Commits 35 Branches 0 Tags
ea4ab2bccc9e8f200d38022667dfd323e4c28fa2
Commit Graph

91 Commits

Author SHA1 Message Date
Steven Morgan
ea4ab2bccc bb11742 fix compile error in bytecode_api.c on Mac OS X. 2017-02-15 14:07:50 -05:00
Mickey Sola
631cb6a005 Fixes and updates to intermediate container sig rules based on code review 2017-02-01 17:33:15 -05:00
klin
031fe00a4d restructure container typing system to use array (#2) 2017-01-19 12:24:46 -05:00
Mickey Sola
46a35abe56 mass update of copyright headers 2015-09-17 13:41:26 -04:00
Shawn Webb
cd94be7a52 Silence a bunch of compiler warnings in libclamav 2014-07-10 18:11:49 -04:00
Shawn Webb
60d8d2c352 Move all the crypto API to clamav.h 2014-07-01 19:38:01 -04:00
Steven Morgan
6c048b8a30 Use json_object_object_get_ex() rather than json_object_object_get(), which is deprecated in json-c 0.10 2014-06-06 14:38:45 -04:00
Kevin Lin
9048572cec bytecode_api: fixed variable assignment issue 2014-06-03 12:43:23 -04:00
Kevin Lin
c6a3b294a9 bytecode: fixed a compiler issue and warnings 2014-06-03 11:47:57 -04:00
Kevin Lin
3107a6c24f bytecode: fixed issue with older versions of g++ 2014-06-03 11:19:01 -04:00
Steven Morgan
51f8cc3c18 More json header includes. 2014-05-23 10:11:32 -04:00
Kevin Lin
546e168bb7 api: added safety checks 2014-05-06 18:18:05 -04:00
Kevin Lin
61e3637d08 bytecode api: added support for querying int and booleans from json properties 2014-05-06 16:15:08 -04:00
Kevin Lin
fa7ae4ccbc bytecode api: updated copyright information 
bytecode api: added json properties reading implementation
 2014-05-06 16:13:48 -04:00
Shawn Webb
b2e7c931d0 Use OpenSSL for hashing. 2014-02-08 00:31:12 -05:00
Kevin Lin
90c0acc762 formatted a number of bytecode files, converted tabs to spaces 2014-01-16 17:57:40 -05:00
Shawn Webb
9691454612 bb6091 - check lseek() return 2013-02-28 19:32:29 -05:00
David Raynor
4a836f4310 CID #10418 2013-02-13 14:21:37 -05:00
Ryan Pentney
791868e80e I don't always test my code, but when I do... I do it in production. 2013-02-07 11:23:31 -08:00
Steve Morgan
6ad45a2931 add initial allscan/allmatch mode to libclamav, clamd, clamdscan, and clamscan with unit tests 2012-10-18 14:12:58 -07:00
Shawn webb
6a049897d9 BB#5455 2012-07-10 13:17:45 -04:00
Török Edvin
cc4d540831 bb #4324 
memcpy() crashes because GCC sees 'struct cli_exe_section*'
and assumes that section is aligned to at least 4 bytes.
But it isn't, so change the parameter to just 'void*'.

(Casting doesn't help, as GCC sees through it).

Also fixes part 1 of bb #3789.
 2012-02-29 17:04:16 +02:00
Török Edvin
f304dc688a fmapify: fix const-ness warnings 2012-01-05 14:16:09 +02:00
Török Edvin
3d664817f6 fix recursion level crash (bb #3706). 
Thanks to Stephane Chazelas for the analysis.
 2011-10-08 12:12:22 +03:00
Török Edvin
acc8bccb89 bb #2307. 2010-10-19 16:23:19 +03:00
Török Edvin
e4fedabef4 Warn about zlib version mismatches (bb #2072). 
In libclamav: if zlib version at runtime is older than at compile time, warn.
If they are the same, or newer don't warn.

clamconf warns always on mismatch.

Mismatch can happen if:
 - you build zlib yourself, but as static lib and compiler picks old shared lib
 (but new headers!)
 - you have 2 zlibs installed, and the old one takes precedence

Libclamav doesn't warn about mismatches due to zlib upgrades since this is
normal.
 2010-10-18 14:16:43 +03:00
Török Edvin
4116c65d1b Add bytecode API to determine whether running under JIT. 2010-10-18 12:35:39 +03:00
Török Edvin
d7531f2ad2 Fix warnings. 2010-10-18 12:24:11 +03:00
Török Edvin
ae8dc8c2bc Gather bytecode events from bytecode API. 2010-10-18 10:48:18 +03:00
Török Edvin
f73212dc62 Fix bytecode virusname reporting (bb #2255). 
Also adds possibility to stop a hook from executing, and set
a virus as heuristic (by using BC.Heuristic* name)
 2010-09-10 22:11:32 +03:00
Török Edvin
1dae00ebf4 bytecode: add icon match API. 2010-08-02 18:21:24 +03:00
Török Edvin
dc200c6b19 Add bytecode API for pdf. 2010-08-02 18:21:24 +03:00
Török Edvin
69650bea38 win32 build fix. 
forgot to commit.
 2010-07-29 22:17:30 +03:00
Török Edvin
88d54dcb72 Fix distcheck warnings. 2010-07-29 18:22:57 +03:00
Török Edvin
9f1715ccea Add new bytecode APIs to access the environment. 
check_platform(...) is an API that can be used to:
 - blacklist JIT/bytecode on just a very specific platform (not recommended)
 - mask (with 0xf/0xff) some fields, and keep just the flags that uniquely
 identify the system where a bug occurs (for example linux + ppc32).
 - it returns a bool so you can do further checks if needed.

The bytecode also has access to all the information collected from the
environment, so it can make more detailed decisions (based on CPU, presence of
SELinux/PaX, etc.).
You can't introduce new detections via bytecode, but you can write new
conditions using existing ones.

The previously added builtin bytecode moved all the JIT disable logic to
bytecode for easy updating.
 2010-07-29 14:06:59 +03:00
Török Edvin
51d25fde43 Solaris9 doesn't have round. 
Use a simple implementation instead, this is not performance critical.
 2010-05-14 11:09:16 +03:00
Török Edvin
da91503d8e Properly round ilog/iexp/... 2010-05-14 10:41:42 +03:00
Török Edvin
aadccfd1c8 Fix valgrind warnings. 2010-05-13 23:35:47 +03:00
Török Edvin
fc01c6476f Fix interpreter. 2010-05-13 23:25:11 +03:00
Török Edvin
e01a81ba2a Fix map API. 2010-05-13 20:37:06 +03:00
Török Edvin
3de9627110 Fixes for bytecode debug api. 2010-05-13 20:02:02 +03:00
Török Edvin
a5b201c81f Fix distcheck. 2010-05-13 00:27:00 +03:00
Török Edvin
7a7365efe9 0.96.1 new APIs (cli_map etc.) 2010-05-12 23:51:20 +03:00
Török Edvin
db219b5051 Make buffer_pipe read cursor independent of ctx->off. 2010-05-12 23:51:20 +03:00
Török Edvin
e4a0f2c94f fix compiler warnings (bb #1872, bb #1934, bb #1935) 2010-04-13 16:19:47 +03:00
Török Edvin
b00a7cc8f8 jsnorm api. 2010-03-31 10:53:11 +03:00
Török Edvin
349e6e118b More interpreter fixes, pdf.cbc seems to be running now. 2010-03-30 00:04:38 +03:00
Török Edvin
d11cced291 Fix some possible uninitialized value uses. 2010-03-28 20:15:48 +03:00
Török Edvin
ded1cddc8c Add missing function. 2010-03-24 17:59:41 +02:00
Török Edvin
7f6b55a124 Downgrade some messages to debug. 2010-03-24 17:55:04 +02:00