21
21
<LINK REL="next" HREF="node52.html">
22
22
<LINK REL="previous" HREF="node50.html">
23
<LINK REL="up" HREF="node48.html">
23
<LINK REL="up" HREF="node43.html">
24
24
<LINK REL="next" HREF="node52.html">
29
29
<DIV CLASS="navigation"><!--Navigation Panel-->
31
31
HREF="node52.html">
32
32
<IMG WIDTH="37" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="next" SRC="next.png"></A>
35
35
<IMG WIDTH="26" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="up" SRC="up.png"></A>
37
37
HREF="node50.html">
38
38
<IMG WIDTH="63" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="previous" SRC="prev.png"></A>
41
41
<IMG WIDTH="65" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="contents" SRC="contents.png"></A>
43
<B> Next:</B> <A NAME="tex2html871"
44
HREF="node52.html">clamav-config</A>
45
<B> Up:</B> <A NAME="tex2html867"
46
HREF="node48.html">Database reloading</A>
47
<B> Previous:</B> <A NAME="tex2html861"
48
HREF="node50.html">Memory</A>
49
<B> <A NAME="tex2html869"
43
<B> Next:</B> <A NAME="tex2html882"
44
HREF="node52.html">Memory</A>
45
<B> Up:</B> <A NAME="tex2html878"
46
HREF="node43.html">API</A>
47
<B> Previous:</B> <A NAME="tex2html872"
48
HREF="node50.html">Database checks</A>
49
<B> <A NAME="tex2html880"
50
50
HREF="node1.html">Contents</A></B>
53
53
<!--End of Navigation Panel-->
55
<H3><A NAME="SECTION00076300000000000000">
55
<H3><A NAME="SECTION00073800000000000000">
56
Data scan functions</A>
58
If you're using libclamav with a forking daemon you should call
59
<code>srand()</code> inside a forked child before making any calls to the
60
libclamav functions. This will avoid possible collisions with temporary
61
filenames created by other processes of the daemon. This procedure
62
is not required for multi-threaded daemons.
58
It's possible to scan a file or descriptor using:
60
int cl_scanfile(const char *filename, const char **virname,
61
unsigned long int *scanned, const struct cl_engine *engine,
62
unsigned int options);
64
int cl_scandesc(int desc, const char **virname, unsigned
65
long int *scanned, const struct cl_engine *engine,
66
unsigned int options);
68
Both functions will store a virus name under the pointer <code>virname</code>,
69
the virus name is part of the engine structure and must not be released
70
directly. If the third argument (<code>scanned</code>) is not NULL, the
71
functions will increase its value with the size of scanned data (in
72
<code>CL_COUNT_PRECISION</code> units).
73
The last argument (<code>options</code>) specified the scan options and supports
74
the following flags (which can be combined using bit operators):
77
<LI><SPAN CLASS="textbf">CL_SCAN_STDOPT</SPAN>
79
This is an alias for a recommended set of scan options. You
80
should use it to make your software ready for new features
81
in the future versions of libclamav.
83
<LI><SPAN CLASS="textbf">CL_SCAN_RAW</SPAN>
85
Use it alone if you want to disable support for special files.
87
<LI><SPAN CLASS="textbf">CL_SCAN_ARCHIVE</SPAN>
89
This flag enables transparent scanning of various archive formats.
91
<LI><SPAN CLASS="textbf">CL_SCAN_BLOCKENCRYPTED</SPAN>
93
With this flag the library will mark encrypted archives as viruses
94
(Encrypted.Zip, Encrypted.RAR).
96
<LI><SPAN CLASS="textbf">CL_SCAN_MAIL</SPAN>
98
Enable support for mail files.
100
<LI><SPAN CLASS="textbf">CL_SCAN_OLE2</SPAN>
102
Enables support for OLE2 containers (used by MS Office and .msi
105
<LI><SPAN CLASS="textbf">CL_SCAN_PDF</SPAN>
107
Enables scanning within PDF files.
109
<LI><SPAN CLASS="textbf">CL_SCAN_PE</SPAN>
111
This flag enables deep scanning of Portable Executable files and
112
allows libclamav to unpack executables compressed with run-time
115
<LI><SPAN CLASS="textbf">CL_SCAN_ELF</SPAN>
117
Enable support for ELF files.
119
<LI><SPAN CLASS="textbf">CL_SCAN_BLOCKBROKEN</SPAN>
121
libclamav will try to detect broken executables and mark them as
124
<LI><SPAN CLASS="textbf">CL_SCAN_HTML</SPAN>
126
This flag enables HTML normalisation (including ScrEnc
129
<LI><SPAN CLASS="textbf">CL_SCAN_ALGORITHMIC</SPAN>
131
Enable algorithmic detection of viruses.
133
<LI><SPAN CLASS="textbf">CL_SCAN_PHISHING_BLOCKSSL</SPAN>
135
Phishing module: always block SSL mismatches in URLs.
137
<LI><SPAN CLASS="textbf">CL_SCAN_PHISHING_BLOCKCLOAK</SPAN>
139
Phishing module: always block cloaked URLs.
141
<LI><SPAN CLASS="textbf">CL_SCAN_STRUCTURED</SPAN>
143
Enable the DLP module which scans for credit card and SSN
146
<LI><SPAN CLASS="textbf">CL_SCAN_STRUCTURED_SSN_NORMAL</SPAN>
148
Search for SSNs formatted as xx-yy-zzzz.
150
<LI><SPAN CLASS="textbf">CL_SCAN_STRUCTURED_SSN_STRIPPED</SPAN>
152
Search for SSNs formatted as xxyyzzzz.
154
<LI><SPAN CLASS="textbf">CL_SCAN_PARTIAL_MESSAGE</SPAN>
156
Scan RFC1341 messages split over many emails. You will need to
157
periodically clean up <code>$TemporaryDirectory/clamav-partial</code>
160
<LI><SPAN CLASS="textbf">CL_SCAN_HEURISTIC_PRECEDENCE</SPAN>
162
Allow heuristic match to take precedence. When enabled, if
163
a heuristic scan (such as phishingScan) detects a possible
164
virus/phish it will stop scan immediately. Recommended, saves CPU
165
scan-time. When disabled, virus/phish detected by heuristic scans
166
will be reported only at the end of a scan. If an archive
167
contains both a heuristically detected virus/phishing, and a real
168
malware, the real malware will be reported.
172
All functions return <code>CL_CLEAN</code> when the file seems clean,
173
<code>CL_VIRUS</code> when a virus is detected and another value on failure.
178
if((ret = cl_scanfile("/tmp/test.exe", &virname, NULL, engine,
179
CL_STDOPT)) == CL_VIRUS) {
180
printf("Virus detected: %s\n", virname);
182
printf("No virus detected.\n");
184
printf("Error: %s\n", cl_strerror(ret));
190
<DIV CLASS="navigation"><HR>
191
<!--Navigation Panel-->
192
<A NAME="tex2html881"
194
<IMG WIDTH="37" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="next" SRC="next.png"></A>
195
<A NAME="tex2html877"
197
<IMG WIDTH="26" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="up" SRC="up.png"></A>
198
<A NAME="tex2html871"
200
<IMG WIDTH="63" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="previous" SRC="prev.png"></A>
201
<A NAME="tex2html879"
203
<IMG WIDTH="65" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="contents" SRC="contents.png"></A>
205
<B> Next:</B> <A NAME="tex2html882"
206
HREF="node52.html">Memory</A>
207
<B> Up:</B> <A NAME="tex2html878"
208
HREF="node43.html">API</A>
209
<B> Previous:</B> <A NAME="tex2html872"
210
HREF="node50.html">Database checks</A>
211
<B> <A NAME="tex2html880"
212
HREF="node1.html">Contents</A></B> </DIV>
213
<!--End of Navigation Panel-->