19
19
<LINK REL="STYLESHEET" HREF="clamdoc.css">
21
<LINK REL="next" HREF="node44.html">
22
21
<LINK REL="previous" HREF="node42.html">
23
<LINK REL="up" HREF="node42.html">
22
<LINK REL="up" HREF="node39.html">
24
23
<LINK REL="next" HREF="node44.html">
29
28
<DIV CLASS="navigation"><!--Navigation Panel-->
31
30
HREF="node44.html">
32
31
<IMG WIDTH="37" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="next" SRC="next.png"></A>
35
34
<IMG WIDTH="26" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="up" SRC="up.png"></A>
37
36
HREF="node42.html">
38
37
<IMG WIDTH="63" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="previous" SRC="prev.png"></A>
41
40
<IMG WIDTH="65" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="contents" SRC="contents.png"></A>
43
<B> Next:</B> <A NAME="tex2html754"
44
HREF="node44.html">Memory</A>
45
<B> Up:</B> <A NAME="tex2html750"
46
HREF="node42.html">Database reloading</A>
47
<B> Previous:</B> <A NAME="tex2html744"
48
HREF="node42.html">Database reloading</A>
49
<B> <A NAME="tex2html752"
42
<B> Next:</B> <A NAME="tex2html760"
43
HREF="node44.html">Database reloading</A>
44
<B> Up:</B> <A NAME="tex2html756"
45
HREF="node39.html">API</A>
46
<B> Previous:</B> <A NAME="tex2html752"
47
HREF="node42.html">Error handling</A>
48
<B> <A NAME="tex2html758"
50
49
HREF="node1.html">Contents</A></B>
53
52
<!--End of Navigation Panel-->
55
<H3><A NAME="SECTION00074100000000000000">
56
Data scan functions</A>
54
<H3><A NAME="SECTION00073400000000000000">
58
It's possible to scan a file or descriptor using:
60
int cl_scanfile(const char *filename, const char **virname,
61
unsigned long int *scanned, const struct cl_engine *engine,
62
const struct cl_limits *limits, unsigned int options);
64
int cl_scandesc(int desc, const char **virname, unsigned
65
long int *scanned, const struct cl_engine *engine, const
66
struct cl_limits *limits, unsigned int options);
68
Both functions will store a virus name under the pointer <code>virname</code>,
69
the virus name is part of the engine structure and must not be released
70
directly. If the third argument (<code>scanned</code>) is not NULL, the
71
functions will increase its value with the size of scanned data (in
72
<code>CL_COUNT_PRECISION</code> units). Both functions have support for archive
73
limits in order to protect against Denial of Service attacks.
76
unsigned long int maxscansize; /* during the scanning of archives this
77
* size will never be exceeded
79
unsigned long int maxfilesize; /* compressed files will only be
80
* decompressed and scanned up to this size
82
unsigned int maxreclevel; /* maximum recursion level for archives */
83
unsigned int maxfiles; /* maximum number of files to be scanned
84
* within a single archive
86
unsigned short archivememlim; /* limit memory usage for some unpackers */
89
The last argument (<code>options</code>) configures the scan engine and supports
90
the following flags (that can be combined using bit operators):
93
<LI><SPAN CLASS="textbf">CL_SCAN_STDOPT</SPAN>
95
This is an alias for a recommended set of scan options. You
96
should use it to make your software ready for new features
97
in the future versions of libclamav.
99
<LI><SPAN CLASS="textbf">CL_SCAN_RAW</SPAN>
101
Use it alone if you want to disable support for special files.
103
<LI><SPAN CLASS="textbf">CL_SCAN_ARCHIVE</SPAN>
105
This flag enables transparent scanning of various archive formats.
107
<LI><SPAN CLASS="textbf">CL_SCAN_BLOCKENCRYPTED</SPAN>
109
With this flag the library will mark encrypted archives as viruses
110
(Encrypted.Zip, Encrypted.RAR).
112
<LI><SPAN CLASS="textbf">CL_SCAN_MAIL</SPAN>
114
Enable support for mail files.
116
<LI><SPAN CLASS="textbf">CL_SCAN_MAILURL</SPAN>
118
The mail scanner will download and scan URLs listed in a mail
119
body. This flag should not be used on loaded servers. Due to
120
potential problems please do not enable it by default but make
123
<LI><SPAN CLASS="textbf">CL_SCAN_OLE2</SPAN>
125
Enables support for OLE2 containers (used by MS Office and .msi
128
<LI><SPAN CLASS="textbf">CL_SCAN_PDF</SPAN>
130
Enables scanning within PDF files.
132
<LI><SPAN CLASS="textbf">CL_SCAN_PE</SPAN>
134
This flag enables deep scanning of Portable Executable files and
135
allows libclamav to unpack executables compressed with run-time
138
<LI><SPAN CLASS="textbf">CL_SCAN_ELF</SPAN>
140
Enable support for ELF files.
142
<LI><SPAN CLASS="textbf">CL_SCAN_BLOCKBROKEN</SPAN>
144
libclamav will try to detect broken executables and mark them as
147
<LI><SPAN CLASS="textbf">CL_SCAN_HTML</SPAN>
149
This flag enables HTML normalisation (including ScrEnc
152
<LI><SPAN CLASS="textbf">CL_SCAN_ALGORITHMIC</SPAN>
154
Enable algorithmic detection of viruses.
156
<LI><SPAN CLASS="textbf">CL_SCAN_PHISHING_BLOCKSSL</SPAN>
158
Phishing module: always block SSL mismatches in URLs.
160
<LI><SPAN CLASS="textbf">CL_SCAN_PHISHING_BLOCKCLOAK</SPAN>
162
Phishing module: always block cloaked URLs.
166
All functions return 0 (<code>CL_CLEAN</code>) when the file seems clean,
167
<code>CL_VIRUS</code> when a virus is detected and another value on failure.
170
struct cl_limits limits;
173
memset(&limits, 0, sizeof(struct cl_limits));
174
limits.maxfiles = 10000;
175
limits.maxscansize = 100 * 1048576; /* 100 MB */
176
limits.maxfilesize = 10 * 1048576; /* 10 MB */
177
limits.maxreclevel = 16;
179
if((ret = cl_scanfile("/tmp/test.exe", &virname, NULL, engine,
180
&limits, CL_STDOPT)) == CL_VIRUS) {
181
printf("Virus detected: %s\n", virname);
183
printf("No virus detected.\n");
185
printf("Error: %s\n", cl_strerror(ret));
57
When all required databases are loaded you should prepare the detection
58
engine by calling <code>cl_build</code>. In the case of failure you should
59
free the memory occupied by the engine with <code>cl_free</code>:
61
int cl_build(struct cl_engine *engine);
62
void cl_free(struct cl_engine *engine);
66
if((ret = cl_build(engine))) {
67
printf("cl_build() error: %s\n", cl_strerror(ret));
191
<DIV CLASS="navigation"><HR>
192
<!--Navigation Panel-->
193
<A NAME="tex2html753"
195
<IMG WIDTH="37" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="next" SRC="next.png"></A>
196
<A NAME="tex2html749"
198
<IMG WIDTH="26" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="up" SRC="up.png"></A>
199
<A NAME="tex2html743"
201
<IMG WIDTH="63" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="previous" SRC="prev.png"></A>
202
<A NAME="tex2html751"
204
<IMG WIDTH="65" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="contents" SRC="contents.png"></A>
206
<B> Next:</B> <A NAME="tex2html754"
207
HREF="node44.html">Memory</A>
208
<B> Up:</B> <A NAME="tex2html750"
209
HREF="node42.html">Database reloading</A>
210
<B> Previous:</B> <A NAME="tex2html744"
211
HREF="node42.html">Database reloading</A>
212
<B> <A NAME="tex2html752"
213
HREF="node1.html">Contents</A></B> </DIV>
214
<!--End of Navigation Panel-->