[Pkg-clamav-commits] [SCM] Debian repository for ClamAV branch, debian/unstable, updated. debian/0.95+dfsg-1-6156-g094ec9b

Török Edvin edwin at clamav.net
Sun Apr 4 01:19:41 UTC 2010 

The following commit has been merged in the debian/unstable branch:
commit 02eabc6d1ebba37f0e39c61c37e1290db67a8b08
Author: Török Edvin <edwin at clamav.net>
Date:   Wed Feb 10 11:39:47 2010 +0200

    Add the rest of the prefiltering glue code.
    
    This is still disabled for now (see the & 0).

diff --git a/libclamav/matcher-ac.c b/libclamav/matcher-ac.c
index 21ae45e..dff56d4 100644
--- a/libclamav/matcher-ac.c
+++ b/libclamav/matcher-ac.c
@@ -42,6 +42,7 @@
 #include "str.h"
 #include "readdb.h"
 #include "default.h"
+#include "filtering.h"
 
 #include "mpool.h"
 
@@ -383,6 +384,18 @@ int cli_ac_init(struct cli_matcher *root, uint8_t mindepth, uint8_t maxdepth)
     root->ac_mindepth = mindepth;
     root->ac_maxdepth = maxdepth;
 
+    /* TODO: dconf here ?*/
+    if (cli_mtargets[root->type].enable_prefiltering && 0) {/* Disabled for now */
+	root->filter = mpool_malloc(root->mempool, sizeof(*root->filter));
+	if (!root->filter) {
+	    cli_errmsg("cli_ac_init: Can't allocate memory for ac_root->filter\n");
+	    mpool_free(root->mempool, root->ac_root->trans);
+	    mpool_free(root->mempool, root->ac_root);
+	    return CL_EMEM;
+	}
+	filter_init(root->filter);
+    }
+
     return CL_SUCCESS;
 }
 
@@ -446,6 +459,8 @@ void cli_ac_free(struct cli_matcher *root)
 	mpool_free(root->mempool, root->ac_root->trans);
 	mpool_free(root->mempool, root->ac_root);
     }
+    if (root->filter)
+	mpool_free(root->mempool, root->filter);
 }
 
 /*
@@ -1670,6 +1685,16 @@ int cli_ac_addsig(struct cli_matcher *root, const char *virname, const char *hex
     new->length = strlen(hex ? hex : hexsig) / 2;
     free(hex);
 
+    if (root->filter) {
+	/* so that we can show meaningful messages */
+	new->virname = (char*)virname;
+	if (filter_add_acpatt(root->filter, new) == -1) {
+	    cli_warnmsg("cli_ac_addpatt: cannot use filter for trie\n");
+	    mpool_free(root->mempool, root->filter);
+	    root->filter = NULL;
+	}
+    }
+
     for(i = 0; i < root->ac_maxdepth && i < new->length; i++) {
 	if(new->pattern[i] & CLI_MATCH_WILDCARD) {
 	    wprefix = 1;
diff --git a/libclamav/matcher-bm.c b/libclamav/matcher-bm.c
index a206699..f6b510a 100644
--- a/libclamav/matcher-bm.c
+++ b/libclamav/matcher-bm.c
@@ -62,6 +62,16 @@ int cli_bm_addpatt(struct cli_matcher *root, struct cli_bm_patt *pattern, const
 	    root->bm_reloff_num++;
     }
 
+    if(root->filter) {
+	/* the bm_suffix load balancing below can shorten the sig,
+	 * we want to see the entire signature! */
+	if (filter_add_static(root->filter, pattern->pattern, pattern->length, pattern->virname) == -1) {
+	    cli_warnmsg("cli_bm_addpatt: cannot use filter for trie\n");
+	    mpool_free(root->mempool, root->filter);
+	    root->filter = NULL;
+	}
+    }
+
 #if BM_MIN_LENGTH == BM_BLOCK_SIZE
     /* try to load balance bm_suffix (at the cost of bm_shift) */
     for(i = 0; i < pattern->length - BM_BLOCK_SIZE + 1; i++) {
diff --git a/libclamav/matcher.c b/libclamav/matcher.c
index ecd925f..bc306d2 100644
--- a/libclamav/matcher.c
+++ b/libclamav/matcher.c
@@ -48,6 +48,31 @@
 #include "fmap.h"
 #include "pe_icons.h"
 #include "regex/regex.h"
+#include "filtering.h"
+#include "perflogging.h"
+
+#ifdef CLI_PERF_LOGGING
+
+static inline void PERF_LOG_FILTER(int32_t pos, int32_t length, int8_t trie)
+{
+    cli_perf_log_add(RAW_BYTES_SCANNED, length);
+    cli_perf_log_add(FILTER_BYTES_SCANNED, length - pos);
+    cli_perf_log_count2(TRIE_SCANNED, trie, length - pos);
+}
+
+static inline int PERF_LOG_TRIES(int8_t acmode, int8_t bm_called, int32_t length)
+{
+    if (bm_called)
+	cli_perf_log_add(BM_SCANNED, length);
+    if (acmode)
+	cli_perf_log_add(AC_SCANNED, length);
+    return 0;
+}
+
+#else
+static inline void PERF_LOG_FILTER(int32_t pos, uint32_t length, int8_t trie) {}
+static inline int PERF_LOG_TRIES(int8_t acmode, int8_t bm_called, int32_t length) { return 0; }
+#endif
 
 static inline int matcher_run(const struct cli_matcher *root,
 			      const unsigned char *buffer, uint32_t length,
@@ -60,8 +85,31 @@ static inline int matcher_run(const struct cli_matcher *root,
 			      struct cli_bm_off *offdata)
 {
     int ret;
-    if (root->ac_only || (ret = cli_bm_scanbuff(buffer, length, virname, NULL, root, offset, map, offdata)) != CL_VIRUS)
+    int32_t pos = 0;
+    struct filter_match_info info;
+    if (root->filter) {
+	if(filter_search_ext(root->filter, buffer, length, &info) == -1) {
+	    /*  for safety always scan last maxpatlen bytes */
+	    pos = length - root->maxpatlen - 1;
+	    if (pos < 0) pos = 0;
+	    PERF_LOG_FILTER(pos, length, root->type);
+	} else {
+	    /* must not cut buffer for 64[4-4]6161, because we must be able to check
+	     * 64! */
+	    pos = info.first_match - root->maxpatlen - 1;
+	    if (pos < 0) pos = 0;
+	    PERF_LOG_FILTER(pos, length, root->type);
+	}
+    } else {
+	PERF_LOG_FILTER(0, length, root->type);
+    }
+    length -= pos;
+    buffer += pos;
+    offset += pos;
+    if (root->ac_only || PERF_LOG_TRIES(0,1, length) || (ret = cli_bm_scanbuff(buffer, length, virname, NULL, root, offset, map, offdata)) != CL_VIRUS) {
+	PERF_LOG_TRIES(acmode, 0, length);
 	ret = cli_ac_scanbuff(buffer, length, virname, NULL, NULL, root, mdata, offset, ftype, ftoffset, acmode, NULL);
+    }
     return ret;
 }
 
diff --git a/libclamav/matcher.h b/libclamav/matcher.h
index 4df9d2f..1ed6ac4 100644
--- a/libclamav/matcher.h
+++ b/libclamav/matcher.h
@@ -95,6 +95,7 @@ struct cli_matcher {
     struct cli_ac_patt **ac_reloff;
     uint32_t ac_reloff_num, ac_absoff_num;
     uint8_t ac_mindepth, ac_maxdepth;
+    struct filter *filter;
 
     uint16_t maxpatlen;
     uint8_t ac_only;
@@ -126,20 +127,21 @@ struct cli_mtarget {
     const char *name;
     uint8_t idx;    /* idx of matcher */
     uint8_t ac_only;
+    uint8_t enable_prefiltering;
 };
 
 #define CLI_MTARGETS 10
 static const struct cli_mtarget cli_mtargets[CLI_MTARGETS] =  {
-    { 0,		    "GENERIC",	    0,	0   },
-    { CL_TYPE_MSEXE,	    "PE",	    1,	0   },
-    { CL_TYPE_MSOLE2,	    "OLE2",	    2,	1   },
-    { CL_TYPE_HTML,	    "HTML",	    3,	1   },
-    { CL_TYPE_MAIL,	    "MAIL",	    4,	1   },
-    { CL_TYPE_GRAPHICS,	    "GRAPHICS",	    5,	1   },
-    { CL_TYPE_ELF,	    "ELF",	    6,	1   },
-    { CL_TYPE_TEXT_ASCII,   "ASCII",	    7,	1   },
-    { CL_TYPE_ERROR,        "NOT USED",	    8,	1   },
-    { CL_TYPE_MACHO,	    "MACH-O",	    9,	1   }
+    { 0,                    "GENERIC",      0,  0, 1 },
+    { CL_TYPE_MSEXE,        "PE",           1,  0, 1 },
+    { CL_TYPE_MSOLE2,       "OLE2",         2,  1, 0 },
+    { CL_TYPE_HTML,         "HTML",         3,  1, 0 },
+    { CL_TYPE_MAIL,         "MAIL",         4,  1, 1 },
+    { CL_TYPE_GRAPHICS,     "GRAPHICS",     5,  1, 0 },
+    { CL_TYPE_ELF,          "ELF",          6,  1, 0 },
+    { CL_TYPE_TEXT_ASCII,   "ASCII",        7,  1, 1 },
+    { CL_TYPE_ERROR,        "NOT USED",     8,  1, 0 },
+    { CL_TYPE_MACHO,        "MACH-O",       9,  1, 0 }
 };
 
 struct cli_target_info {

-- 
Debian repository for ClamAV

More information about the Pkg-clamav-commits mailing list