2021-08-27 09:14:45 -07:00
|
|
|
/*
|
2025-02-14 10:24:30 -05:00
|
|
|
* Copyright (C) 2021-2025 Cisco Systems, Inc. and/or its affiliates. All rights reserved.
|
2021-08-27 09:14:45 -07:00
|
|
|
* Copyright (C) 2005-2010 Gianluigi Tiesi <sherpya@netfarm.it>
|
|
|
|
|
*
|
|
|
|
|
* Authors: Gianluigi Tiesi
|
|
|
|
|
*
|
|
|
|
|
* This program is free software; you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU General Public License version 2 as
|
|
|
|
|
* published by the Free Software Foundation.
|
|
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
|
* along with this program; if not, write to the Free Software
|
|
|
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
|
|
|
|
|
* MA 02110-1301, USA.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#ifndef __SCANMEM_H
|
|
|
|
|
#define __SCANMEM_H
|
|
|
|
|
|
ClamScan & libclamav: improve precision of bytes-scanned, bytes-read
The ClamScan scan summary prints bytes scanned and bytes read in
multiples of 4096 (aka `CL_COUNT_PRECISION`), as is provided by the
`cl_scanfile()`, `cl_scandesc()`, `cl_scanfile_callback()`, and
`cl_scandesc_callback()` functions.
I believe this imprecision was the result of using an `unsigned long int`
which may be 64bit or 32bit, depending on platform. I believe the
intention was to be able to support scanning more than 4 GiB of data.
Since the new `cl_scan*_ex()` functions use a `uint64_t`, which
guarantees a 64bit integer and supports ~16,777,216 terabytes, I find no
reason not to report an accurate count.
For the legacy scan functions (above) I've kept the `CL_COUNT_PRECISION`
behavior to maintain backwards compatibility.
I have also improved the bytes scanned/read output to report GiB, MiB,
KiB, or B as appropriate. Previously, it always report "MB".
CLAM-1433
2025-06-25 14:39:11 -04:00
|
|
|
#include <clamav-types.h>
|
|
|
|
|
|
2021-08-27 09:14:45 -07:00
|
|
|
#ifndef TH32CS_SNAPMODULE32
|
|
|
|
|
#define TH32CS_SNAPMODULE32 0x00000010
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#define TIMEOUT_MODULE 30000
|
|
|
|
|
|
|
|
|
|
int scanmem(struct mem_info *info);
|
|
|
|
|
|
|
|
|
|
/* cache helpers */
|
|
|
|
|
typedef struct _filelist_t {
|
|
|
|
|
char filename[MAX_PATH];
|
|
|
|
|
int res;
|
|
|
|
|
struct _filelist_t *next;
|
|
|
|
|
} filelist_t;
|
|
|
|
|
|
|
|
|
|
/* Callback */
|
|
|
|
|
typedef struct _cb_data_t {
|
|
|
|
|
const char *filename;
|
|
|
|
|
size_t size, count;
|
|
|
|
|
int oldvalue;
|
|
|
|
|
int fd;
|
|
|
|
|
} cb_data_t;
|
|
|
|
|
|
|
|
|
|
typedef struct _scanmem_data_t {
|
|
|
|
|
filelist_t *files;
|
|
|
|
|
int printclean, kill, unload, exclude;
|
|
|
|
|
int res;
|
|
|
|
|
uint32_t processes, modules;
|
|
|
|
|
|
|
|
|
|
} scanmem_data;
|
|
|
|
|
|
|
|
|
|
struct mem_info {
|
ClamScan & libclamav: improve precision of bytes-scanned, bytes-read
The ClamScan scan summary prints bytes scanned and bytes read in
multiples of 4096 (aka `CL_COUNT_PRECISION`), as is provided by the
`cl_scanfile()`, `cl_scandesc()`, `cl_scanfile_callback()`, and
`cl_scandesc_callback()` functions.
I believe this imprecision was the result of using an `unsigned long int`
which may be 64bit or 32bit, depending on platform. I believe the
intention was to be able to support scanning more than 4 GiB of data.
Since the new `cl_scan*_ex()` functions use a `uint64_t`, which
guarantees a 64bit integer and supports ~16,777,216 terabytes, I find no
reason not to report an accurate count.
For the legacy scan functions (above) I've kept the `CL_COUNT_PRECISION`
behavior to maintain backwards compatibility.
I have also improved the bytes scanned/read output to report GiB, MiB,
KiB, or B as appropriate. Previously, it always report "MB".
CLAM-1433
2025-06-25 14:39:11 -04:00
|
|
|
unsigned int d; /*1 = clamdscan, 0 = clamscan */
|
|
|
|
|
unsigned int files; /* number of scanned files */
|
|
|
|
|
unsigned int ifiles; /* number of infected files */
|
|
|
|
|
uint64_t bytes_scanned; /* number of *scanned* bytes */
|
2021-08-27 09:14:45 -07:00
|
|
|
unsigned int errors;
|
|
|
|
|
|
|
|
|
|
struct cl_engine *engine;
|
|
|
|
|
const struct optstruct *opts;
|
|
|
|
|
struct cl_scan_options *options;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
#endif
|
