41
41
<IMG WIDTH="65" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="contents" SRC="contents.png"></A>
43
43
<B> Next:</B> <A NAME="tex2html752"
44
HREF="node44.html">Data scan functions</A>
44
HREF="node44.html">Memory</A>
45
45
<B> Up:</B> <A NAME="tex2html748"
46
HREF="node29.html">LibClamAV</A>
46
HREF="node42.html">Database reloading</A>
47
47
<B> Previous:</B> <A NAME="tex2html742"
48
HREF="node42.html">Engine structure</A>
48
HREF="node42.html">Database reloading</A>
49
49
  <B> <A NAME="tex2html750"
50
50
HREF="node1.html">Contents</A></B>
53
53
<!--End of Navigation Panel-->
55
<H2><A NAME="SECTION00075000000000000000">
56
Database reloading</A>
58
The most important thing is to keep the internal instance of the database
59
up to date. You can watch database changes with the <code>cl_stat</code>
62
int cl_statinidir(const char *dirname, struct cl_stat *dbstat);
63
int cl_statchkdir(const struct cl_stat *dbstat);
64
int cl_statfree(struct cl_stat *dbstat);
55
<H3><A NAME="SECTION00074100000000000000">
56
Data scan functions</A>
58
It's possible to scan a file or descriptor using:
60
int cl_scanfile(const char *filename, const char **virname,
61
unsigned long int *scanned, const struct cl_engine *engine,
62
const struct cl_limits *limits, unsigned int options);
64
int cl_scandesc(int desc, const char **virname, unsigned
65
long int *scanned, const struct cl_engine *engine, const
66
struct cl_limits *limits, unsigned int options);
68
Both functions will save a virus name under the pointer <code>virname</code>,
69
the virus name is part of the engine structure and must not be released
70
directly. If the third argument (<code>scanned</code>) is not NULL, the
71
functions will increase its value with the size of scanned data (in
72
<code>CL_COUNT_PRECISION</code> units). Both functions have support for archive
73
limits in order to protect against Denial of Service attacks.
76
unsigned int maxreclevel; /* maximum recursion level for archives */
77
unsigned int maxfiles; /* maximum number of files to be scanned
78
* within a single archive
80
unsigned int maxmailrec; /* maximum recursion level for mail files */
81
unsigned int maxratio; /* maximum compression ratio */
82
unsigned long int maxfilesize;/* compressed files larger than this limit
85
unsigned short archivememlim; /* limit memory usage for some unpackers */
88
The last argument (<code>options</code>) configures the scan engine and supports
89
the following flags (that can be combined using bit operators):
92
<LI><B>CL_SCAN_STDOPT</B>
94
This is an alias for a recommended set of scan options. You
95
should use it to make your software ready for new features
96
in the future versions of libclamav.
98
<LI><B>CL_SCAN_RAW</B>
100
Use it alone if you want to disable support for special files.
102
<LI><B>CL_SCAN_ARCHIVE</B>
104
This flag enables transparent scanning of various archive formats.
106
<LI><B>CL_SCAN_BLOCKENCRYPTED</B>
108
With this flag the library will mark encrypted archives as viruses
109
(Encrypted.Zip, Encrypted.RAR).
111
<LI><B>CL_SCAN_BLOCKMAX</B>
113
Mark archives as viruses if <code>maxfiles</code>, <code>maxfilesize</code>,
114
or <code>maxreclevel</code> limit is reached.
116
<LI><B>CL_SCAN_MAIL</B>
118
Enable support for mail files.
120
<LI><B>CL_SCAN_MAILURL</B>
122
The mail scanner will download and scan URLs listed in a mail
123
body. This flag should not be used on loaded servers. Due to
124
potential problems please do not enable it by default but make
127
<LI><B>CL_SCAN_OLE2</B>
129
Enables support for OLE2 containers (used by MS Office and .msi
132
<LI><B>CL_SCAN_PDF</B>
134
Enables scanning within PDF files.
136
<LI><B>CL_SCAN_PE</B>
138
This flag enables deep scanning of Portable Executable files and
139
allows libclamav to unpack executables compressed with run-time
142
<LI><B>CL_SCAN_ELF</B>
144
Enable support for ELF files.
146
<LI><B>CL_SCAN_BLOCKBROKEN</B>
148
libclamav will try to detect broken executables and mark them as
151
<LI><B>CL_SCAN_HTML</B>
153
This flag enables HTML normalisation (including ScrEnc
156
<LI><B>CL_SCAN_ALGORITHMIC</B>
158
Enable algorithmic detection of viruses.
160
<LI><B>CL_SCAN_PHISHING_DOMAINLIST</B>
162
Phishing module: restrict URL scanning to domains from .pdf
165
<LI><B>CL_SCAN_PHISHING_BLOCKSSL</B>
167
Phishing module: always block SSL mismatches in URLs.
169
<LI><B>CL_SCAN_PHISHING_BLOCKCLOAK</B>
171
Phishing module: always block cloaked URLs.
175
All functions return 0 (<code>CL_CLEAN</code>) when the file seems clean,
176
<code>CL_VIRUS</code> when a virus is detected and another value on failure.
69
struct cl_stat dbstat;
71
memset(&dbstat, 0, sizeof(struct cl_stat));
72
cl_statinidir(dbdir, &dbstat);
74
To check for a change you just need to call <code>cl_statchkdir</code> and check
77
if(cl_statchkdir(&dbstat) == 1) {
79
cl_statfree(&dbstat);
80
cl_statinidir(cl_retdbdir(), &dbstat);
179
struct cl_limits limits;
182
memset(&limits, 0, sizeof(struct cl_limits));
183
limits.maxfiles = 1000; /* max files */
184
limits.maxfilesize = 10 * 1048576; /* maximum size of archived or
185
* compressed file (files exceeding
186
* this limit will be ignored)
188
limits.maxreclevel = 5; /* maximum recursion level for archives */
189
limits.maxmailrec = 64; /* maximum recursion level for mail files */
190
limits.maxratio = 200; /* maximum compression ratio */
192
if((ret = cl_scanfile("/tmp/test.exe", &virname, NULL, engine,
193
&limits, CL_STDOPT)) == CL_VIRUS) {
194
printf("Virus detected: %s\n", virname);
196
printf("No virus detected.\n");
198
printf("Error: %s\n", cl_strerror(ret));
83
Remember to reset the <code>cl_stat</code> structure after reload.
87
<!--Table of Child-Links-->
88
<A NAME="CHILD_LINKS"><STRONG>Subsections</STRONG></A>
91
<LI><A NAME="tex2html753"
92
HREF="node44.html">Data scan functions</A>
93
<LI><A NAME="tex2html754"
94
HREF="node45.html">Memory</A>
95
<LI><A NAME="tex2html755"
96
HREF="node46.html">clamav-config</A>
97
<LI><A NAME="tex2html756"
98
HREF="node47.html">Example</A>
100
<!--End of Table of Child-Links-->
204
<!--Navigation Panel-->
205
<A NAME="tex2html751"
207
<IMG WIDTH="37" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="next" SRC="next.png"></A>
208
<A NAME="tex2html747"
210
<IMG WIDTH="26" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="up" SRC="up.png"></A>
211
<A NAME="tex2html741"
213
<IMG WIDTH="63" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="previous" SRC="prev.png"></A>
214
<A NAME="tex2html749"
216
<IMG WIDTH="65" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="contents" SRC="contents.png"></A>
218
<B> Next:</B> <A NAME="tex2html752"
219
HREF="node44.html">Memory</A>
220
<B> Up:</B> <A NAME="tex2html748"
221
HREF="node42.html">Database reloading</A>
222
<B> Previous:</B> <A NAME="tex2html742"
223
HREF="node42.html">Database reloading</A>
224
  <B> <A NAME="tex2html750"
225
HREF="node1.html">Contents</A></B>
226
<!--End of Navigation Panel-->