[Pkg-clamav-commits] [SCM] Debian repository for ClamAV branch, debian/unstable, updated. debian/0.95+dfsg-1-6156-g094ec9b

aCaB acab at clamav.net
Sun Apr 4 00:58:07 UTC 2010 

The following commit has been merged in the debian/unstable branch:
commit cadaa7032faa9db7c6e33f11067f3fe8564d850f
Author: aCaB <acab at clamav.net>
Date:   Mon Jul 13 01:02:13 2009 +0200

    ISHIELD support:
    - preliminary ishield-msi ftype sport

diff --git a/libclamav/filetypes.c b/libclamav/filetypes.c
index aebca76..3005769 100644
--- a/libclamav/filetypes.c
+++ b/libclamav/filetypes.c
@@ -93,6 +93,7 @@ static const struct ftmap_s {
     { "CL_TYPE_ARJSFX",		CL_TYPE_ARJSFX		},
     { "CL_TYPE_NULSFT",		CL_TYPE_NULSFT		},
     { "CL_TYPE_AUTOIT",		CL_TYPE_AUTOIT		},
+    { "CL_TYPE_ISHIELD_MSI",	CL_TYPE_ISHIELD_MSI	},
     { NULL,			CL_TYPE_IGNORED		}
 };
 
diff --git a/libclamav/filetypes.h b/libclamav/filetypes.h
index 5a47f88..cd31d26 100644
--- a/libclamav/filetypes.h
+++ b/libclamav/filetypes.h
@@ -80,6 +80,7 @@ typedef enum {
     CL_TYPE_ARJSFX,
     CL_TYPE_NULSFT, /* on the fly */
     CL_TYPE_AUTOIT,
+    CL_TYPE_ISHIELD_MSI,
     CL_TYPE_IGNORED /* please don't add anything below */
 } cli_file_t;
 
diff --git a/libclamav/filetypes_int.h b/libclamav/filetypes_int.h
index f58b23b..6477dc6 100644
--- a/libclamav/filetypes_int.h
+++ b/libclamav/filetypes_int.h
@@ -148,6 +148,7 @@ static const char *ftypes_int[] = {
   "0:0:cffaedfe:Mach-O LE 64-bit:CL_TYPE_ANY:CL_TYPE_MACHO:45",
   "0:0:feedface:Mach-O BE:CL_TYPE_ANY:CL_TYPE_MACHO:45",
   "0:0:feedfacf:Mach-O BE 64-bit:CL_TYPE_ANY:CL_TYPE_MACHO:45",
+  "1:*:496e7374616c6c536869656c6400{292}06000000:ISHIELD-MSI:CL_TYPE_ANY:CL_TYPE_ISHIELD_MSI:45",
   NULL
 };
 
diff --git a/libclamav/scanners.c b/libclamav/scanners.c
index 0222e52..736824f 100644
--- a/libclamav/scanners.c
+++ b/libclamav/scanners.c
@@ -104,6 +104,8 @@
 #include <stddef.h>
 #endif
 
+static int cli_scanishield_msi(int desc, cli_ctx *ctx, off_t off) { cli_dbgmsg("in ishield-msi\n"); return CL_CLEAN; }
+
 static int cli_scanfile(const char *filename, cli_ctx *ctx);
 
 static int cli_scandir(const char *dirname, cli_ctx *ctx, cli_file_t container)
@@ -1792,6 +1794,13 @@ static int cli_scanraw(int desc, cli_ctx *ctx, cli_file_t type, uint8_t typercg,
 			}
 			break;
 
+		    case CL_TYPE_ISHIELD_MSI:
+		        if(SCAN_ARCHIVE && type == CL_TYPE_MSEXE /* FIXMEISHIELD && (DCONF_ARCH & ARCH_CONF_ISHIELD)*/) {
+			    cli_dbgmsg("ISHIELD-MSI signature found at %u\n", (unsigned int) fpt->offset);
+			    nret = cli_scanishield_msi(desc, ctx, fpt->offset + 14);
+			}
+			break;
+
 		    case CL_TYPE_PDF:
 			if(type != CL_TYPE_PDF && SCAN_PDF && (DCONF_DOC & DOC_CONF_PDF)) {
 			    cli_dbgmsg("PDF signature found at %u\n", (unsigned int) fpt->offset);
@@ -1965,6 +1974,11 @@ int cli_magic_scandesc(int desc, cli_ctx *ctx)
 		ret = cli_scanautoit(desc, ctx, 23);
 	    break;
 
+        case CL_TYPE_ISHIELD_MSI:
+	    if(SCAN_ARCHIVE /* FIXMEISHIELD && (DCONF_ARCH & ARCH_CONF_ISHIELD)*/)
+		ret = cli_scanishield_msi(desc, ctx, 14);
+	    break;
+
 	case CL_TYPE_MSSZDD:
 	    if(SCAN_ARCHIVE && (DCONF_ARCH & ARCH_CONF_SZDD))
 		ret = cli_scanszdd(desc, ctx);

-- 
Debian repository for ClamAV

More information about the Pkg-clamav-commits mailing list