[Pkg-clamav-commits] [SCM] Debian repository for ClamAV branch, debian/unstable, updated. debian/0.95+dfsg-1-6156-g094ec9b
Tomasz Kojm
tkojm at clamav.net
Sun Apr 4 01:08:02 UTC 2010
The following commit has been merged in the debian/unstable branch:
commit b4561aa2019d5f9b0cec9992817cffd464f6efc9
Author: Tomasz Kojm <tkojm at clamav.net>
Date: Fri Oct 16 10:12:17 2009 +0200
sigtool: add support for --find-sigs (part of bb#1246)
diff --git a/ChangeLog b/ChangeLog
index 4e629a2..3c77654 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+Fri Oct 16 10:11:56 CEST 2009 (tk)
+----------------------------------
+ * sigtool: add support for --find-sigs (part of bb#1246)
+
Fri Oct 16 01:46:28 CEST 2009 (acab)
------------------------------------
* win32: res_query compatible interface
diff --git a/docs/man/sigtool.1.in b/docs/man/sigtool.1.in
index bc3c794..4067ba7 100644
--- a/docs/man/sigtool.1.in
+++ b/docs/man/sigtool.1.in
@@ -69,8 +69,11 @@ Execute update script FILE in current directory.
\fB\-\-verify\-cdiff=FILE, \-r FILE\fR
Verify DIFF against CVD/INCDIR.
.TP
-\fB\-l, \-\-list\-sigs\fR
-List signature names.
+\fB\-l[FILE], \-\-list\-sigs[=FILE]\fR
+List all signature names from the local database directory (default) or from FILE.
+.TP
+\fB\-fREGEX, \-\-find\-sigs=REGEX\fR
+Find and display signatures from the local database directory which match the given REGEX. The whole signature body (name, hex string, etc.) is checked.
.SH "EXAMPLES"
.LP
.TP
diff --git a/shared/optparser.c b/shared/optparser.c
index aef17b4..6b8992b 100644
--- a/shared/optparser.c
+++ b/shared/optparser.c
@@ -106,6 +106,7 @@ const struct clam_option clam_options[] = {
{ NULL, "unpack-current", 0, TYPE_STRING, NULL, -1, NULL, 0, OPT_SIGTOOL, "", "" },
{ NULL, "info", 'i', TYPE_STRING, NULL, -1, NULL, 0, OPT_SIGTOOL, "", "" },
{ NULL, "list-sigs", 'l', TYPE_STRING, NULL, -1, DATADIR, 0, OPT_SIGTOOL, "", "" },
+ { NULL, "find-sigs", 'f', TYPE_STRING, NULL, -1, DATADIR, FLAG_REQUIRED, OPT_SIGTOOL, "", "" },
{ NULL, "vba", 0, TYPE_STRING, NULL, -1, NULL, 0, OPT_SIGTOOL, "", "" },
{ NULL, "vba-hex", 0, TYPE_STRING, NULL, -1, NULL, 0, OPT_SIGTOOL, "", "" },
{ NULL, "diff", 'd', TYPE_STRING, NULL, -1, NULL, 0, OPT_SIGTOOL, "", "" },
diff --git a/sigtool/sigtool.c b/sigtool/sigtool.c
index be290a2..0d07a17 100644
--- a/sigtool/sigtool.c
+++ b/sigtool/sigtool.c
@@ -980,15 +980,14 @@ static int cvdinfo(const struct optstruct *opts)
return 0;
}
-static int listdb(const char *filename);
+static int listdb(const char *filename, const regex_t *regex);
-static int listdir(const char *dirname)
+static int listdir(const char *dirname, const regex_t *regex)
{
DIR *dd;
struct dirent *dent;
char *dbfile;
-
if((dd = opendir(dirname)) == NULL) {
mprintf("!listdir: Can't open directory %s\n", dirname);
return -1;
@@ -1021,7 +1020,7 @@ static int listdir(const char *dirname)
}
sprintf(dbfile, "%s"PATHSEP"%s", dirname, dent->d_name);
- if(listdb(dbfile) == -1) {
+ if(listdb(dbfile, regex) == -1) {
mprintf("!listdb: Error listing database %s\n", dbfile);
free(dbfile);
closedir(dd);
@@ -1036,7 +1035,7 @@ static int listdir(const char *dirname)
return 0;
}
-static int listdb(const char *filename)
+static int listdb(const char *filename, const regex_t *regex)
{
FILE *fh;
char *buffer, *pt, *start, *dir;
@@ -1086,7 +1085,7 @@ static int listdb(const char *filename)
}
/* list extracted directory */
- if(listdir(dir) == -1) {
+ if(listdir(dir, regex) == -1) {
mprintf("!listdb: Can't list directory %s\n", filename);
cli_rmdirs(dir);
free(dir);
@@ -1102,6 +1101,11 @@ static int listdb(const char *filename)
if(cli_strbcasestr(filename, ".db")) { /* old style database */
while(fgets(buffer, FILEBUFF, fh)) {
+ if(regex) {
+ if(!cli_regexec(regex, buffer, 0, NULL, 0))
+ mprintf("%s", buffer);
+ continue;
+ }
line++;
pt = strchr(buffer, '=');
if(!pt) {
@@ -1123,6 +1127,11 @@ static int listdb(const char *filename)
} else if(cli_strbcasestr(filename, ".hdb") || cli_strbcasestr(filename, ".hdu") || cli_strbcasestr(filename, ".mdb") || cli_strbcasestr(filename, ".mdu")) { /* hash database */
while(fgets(buffer, FILEBUFF, fh)) {
+ if(regex) {
+ if(!cli_regexec(regex, buffer, 0, NULL, 0))
+ mprintf("%s", buffer);
+ continue;
+ }
line++;
cli_chomp(buffer);
start = cli_strtok(buffer, 2, ":");
@@ -1144,6 +1153,11 @@ static int listdb(const char *filename)
} else if(cli_strbcasestr(filename, ".ndb") || cli_strbcasestr(filename, ".ndu") || cli_strbcasestr(filename, ".ldb") || cli_strbcasestr(filename, ".ldu") || cli_strbcasestr(filename, ".sdb") || cli_strbcasestr(filename, ".zmd") || cli_strbcasestr(filename, ".rmd")) {
while(fgets(buffer, FILEBUFF, fh)) {
+ if(regex) {
+ if(!cli_regexec(regex, buffer, 0, NULL, 0))
+ mprintf("%s", buffer);
+ continue;
+ }
line++;
cli_chomp(buffer);
@@ -1171,31 +1185,45 @@ static int listdb(const char *filename)
return 0;
}
-static int listsigs(const struct optstruct *opts)
+static int listsigs(const struct optstruct *opts, int mode)
{
int ret;
const char *name;
char *dbdir;
struct stat sb;
+ regex_t reg;
- name = optget(opts, "list-sigs")->strarg;
- if(stat(name, &sb) == -1) {
- mprintf("--list-sigs: Can't get status of %s\n", name);
- return -1;
- }
+ if(mode == 0) {
+ name = optget(opts, "list-sigs")->strarg;
+ if(stat(name, &sb) == -1) {
+ mprintf("--list-sigs: Can't get status of %s\n", name);
+ return -1;
+ }
- mprintf_stdout = 1;
- if(S_ISDIR(sb.st_mode)) {
- if(!strcmp(name, DATADIR)) {
- dbdir = freshdbdir();
- ret = listdir(dbdir);
- free(dbdir);
+ mprintf_stdout = 1;
+ if(S_ISDIR(sb.st_mode)) {
+ if(!strcmp(name, DATADIR)) {
+ dbdir = freshdbdir();
+ ret = listdir(dbdir, NULL);
+ free(dbdir);
+ } else {
+ ret = listdir(name, NULL);
+ }
} else {
- ret = listdir(name);
+ ret = listdb(name, NULL);
}
+
} else {
- ret = listdb(name);
+ if(cli_regcomp(®, optget(opts, "find-sigs")->strarg, REG_EXTENDED | REG_NOSUB) != 0) {
+ mprintf("--find-sigs: Can't compile regex\n");
+ return -1;
+ }
+ mprintf_stdout = 1;
+ dbdir = freshdbdir();
+ ret = listdir(dbdir, ®);
+ free(dbdir);
+ cli_regfree(®);
}
return ret;
@@ -1798,6 +1826,7 @@ static void help(void)
mprintf(" --unpack=FILE -u FILE Unpack a CVD/CLD file\n");
mprintf(" --unpack-current=SHORTNAME Unpack local CVD/CLD into cwd\n");
mprintf(" --list-sigs[=FILE] -l[FILE] List signature names\n");
+ mprintf(" --find-sigs=REGEX -fREGEX Find signatures matching REGEX\n");
mprintf(" --vba=FILE Extract VBA/Word6 macro code\n");
mprintf(" --vba-hex=FILE Extract Word6 macro code with hex values\n");
mprintf(" --diff=OLD NEW -d OLD NEW Create diff for OLD and NEW CVDs\n");
@@ -1860,7 +1889,9 @@ int main(int argc, char **argv)
else if(optget(opts, "info")->enabled)
ret = cvdinfo(opts);
else if(optget(opts, "list-sigs")->active)
- ret = listsigs(opts);
+ ret = listsigs(opts, 0);
+ else if(optget(opts, "find-sigs")->active)
+ ret = listsigs(opts, 1);
else if(optget(opts, "vba")->enabled || optget(opts, "vba-hex")->enabled)
ret = vbadump(opts);
else if(optget(opts, "diff")->enabled)
--
Debian repository for ClamAV
More information about the Pkg-clamav-commits
mailing list