2009-06-26 16:30:46 +03:00
|
|
|
/*
|
|
|
|
|
* Load, verify and execute ClamAV bytecode.
|
|
|
|
|
*
|
|
|
|
|
* Copyright (C) 2009 Sourcefire, Inc.
|
|
|
|
|
*
|
|
|
|
|
* Authors: Török Edvin
|
|
|
|
|
*
|
|
|
|
|
* This program is free software; you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU General Public License version 2 as
|
|
|
|
|
* published by the Free Software Foundation.
|
|
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
|
* along with this program; if not, write to the Free Software
|
|
|
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
|
|
|
|
|
* MA 02110-1301, USA.
|
|
|
|
|
*/
|
|
|
|
|
#ifndef BYTECODE_H
|
|
|
|
|
#define BYTECODE_H
|
2009-11-06 16:34:46 +02:00
|
|
|
#include <stdint.h>
|
2009-06-26 16:30:46 +03:00
|
|
|
#include "clambc.h"
|
2009-11-06 16:34:46 +02:00
|
|
|
#include <stdio.h>
|
2009-08-20 16:23:43 +03:00
|
|
|
|
2009-06-26 16:30:46 +03:00
|
|
|
struct cli_dbio;
|
|
|
|
|
struct cli_bc_ctx;
|
|
|
|
|
struct cli_bc_func;
|
2009-07-07 17:38:56 +03:00
|
|
|
struct cli_bc_value;
|
2009-07-07 19:58:37 +03:00
|
|
|
struct cli_bc_inst;
|
2009-07-31 15:28:36 +03:00
|
|
|
struct cli_bc_type;
|
2009-08-25 18:54:14 +03:00
|
|
|
struct cli_bc_engine;
|
|
|
|
|
struct bitset_tag;
|
2009-10-02 17:33:11 +03:00
|
|
|
struct cl_engine;
|
2009-06-26 16:30:46 +03:00
|
|
|
|
2009-07-23 17:33:11 +03:00
|
|
|
enum bc_state {
|
2009-09-04 17:29:13 +03:00
|
|
|
bc_skip,
|
2009-07-23 17:33:11 +03:00
|
|
|
bc_loaded,
|
|
|
|
|
bc_jit,
|
|
|
|
|
bc_interp
|
|
|
|
|
};
|
|
|
|
|
|
2009-06-26 16:30:46 +03:00
|
|
|
struct cli_bc {
|
|
|
|
|
unsigned verifier;
|
|
|
|
|
char *sigmaker;
|
|
|
|
|
unsigned id;
|
2009-10-02 10:26:47 +03:00
|
|
|
unsigned kind;
|
2009-06-26 16:30:46 +03:00
|
|
|
struct bytecode_metadata metadata;
|
2009-07-31 15:28:36 +03:00
|
|
|
unsigned num_types;
|
2009-06-26 16:30:46 +03:00
|
|
|
unsigned num_func;
|
|
|
|
|
struct cli_bc_func *funcs;
|
2009-07-31 15:28:36 +03:00
|
|
|
struct cli_bc_type *types;
|
2009-09-10 22:51:11 +03:00
|
|
|
uint64_t **globals;
|
|
|
|
|
uint16_t *globaltys;
|
|
|
|
|
size_t num_globals;
|
2009-07-23 17:33:11 +03:00
|
|
|
enum bc_state state;
|
2009-07-31 15:28:36 +03:00
|
|
|
uint16_t start_tid;
|
2009-08-25 18:54:14 +03:00
|
|
|
struct bitset_tag *uses_apis;
|
2009-09-21 18:48:43 +03:00
|
|
|
char *lsig;
|
2009-10-06 17:32:38 +03:00
|
|
|
char *vnameprefix;
|
|
|
|
|
char **vnames;
|
|
|
|
|
unsigned vnames_cnt;
|
2009-08-25 18:54:14 +03:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
struct cli_all_bc {
|
|
|
|
|
struct cli_bc *all_bcs;
|
|
|
|
|
unsigned count;
|
|
|
|
|
struct cli_bcengine *engine;
|
2009-06-26 16:30:46 +03:00
|
|
|
};
|
|
|
|
|
|
2009-10-02 17:33:11 +03:00
|
|
|
struct cli_pe_hook_data;
|
2009-07-07 19:58:37 +03:00
|
|
|
struct cli_bc_ctx *cli_bytecode_context_alloc(void);
|
2009-07-10 16:11:54 +03:00
|
|
|
int cli_bytecode_context_setfuncid(struct cli_bc_ctx *ctx, const struct cli_bc *bc, unsigned funcid);
|
2009-07-07 19:58:37 +03:00
|
|
|
int cli_bytecode_context_setparam_int(struct cli_bc_ctx *ctx, unsigned i, uint64_t c);
|
|
|
|
|
int cli_bytecode_context_setparam_ptr(struct cli_bc_ctx *ctx, unsigned i, void *data, unsigned datalen);
|
2009-09-08 22:25:33 +03:00
|
|
|
int cli_bytecode_context_setfile(struct cli_bc_ctx *ctx, int fd);
|
2009-10-02 17:33:11 +03:00
|
|
|
int cli_bytecode_context_setpe(struct cli_bc_ctx *ctx, const struct cli_pe_hook_data *data);
|
2009-07-07 19:58:37 +03:00
|
|
|
int cli_bytecode_context_clear(struct cli_bc_ctx *ctx);
|
2009-07-08 12:45:06 +03:00
|
|
|
uint64_t cli_bytecode_context_getresult_int(struct cli_bc_ctx *ctx);
|
2009-07-07 19:58:37 +03:00
|
|
|
void cli_bytecode_context_destroy(struct cli_bc_ctx *ctx);
|
2009-06-26 16:30:46 +03:00
|
|
|
|
2009-08-28 20:07:25 +03:00
|
|
|
extern int have_clamjit;
|
2009-08-25 18:54:14 +03:00
|
|
|
int cli_bytecode_init(struct cli_all_bc *allbc);
|
2009-06-26 16:30:46 +03:00
|
|
|
int cli_bytecode_load(struct cli_bc *bc, FILE *f, struct cli_dbio *dbio);
|
2009-08-25 18:54:14 +03:00
|
|
|
int cli_bytecode_prepare(struct cli_all_bc *allbc);
|
2009-08-27 20:41:29 +03:00
|
|
|
int cli_bytecode_run(const struct cli_all_bc *bcs, const struct cli_bc *bc, struct cli_bc_ctx *ctx);
|
2009-06-26 16:30:46 +03:00
|
|
|
void cli_bytecode_destroy(struct cli_bc *bc);
|
2009-08-25 18:54:14 +03:00
|
|
|
int cli_bytecode_done(struct cli_all_bc *allbc);
|
2009-06-26 16:30:46 +03:00
|
|
|
|
2009-09-22 11:03:17 +03:00
|
|
|
/* Hooks */
|
2009-10-02 17:33:11 +03:00
|
|
|
struct cli_exe_info;
|
2009-09-22 11:03:17 +03:00
|
|
|
int cli_bytecode_runlsig(const struct cli_all_bc *bcs, const struct cli_bc* bc, const char **virname, const uint32_t* lsigcnt, int fd);
|
2009-10-02 17:33:11 +03:00
|
|
|
int cli_bytecode_runhook(const struct cl_engine *engine, struct cli_bc_ctx *ctx, unsigned id, int fd, const char **virname);
|
2009-09-22 11:03:17 +03:00
|
|
|
|
2009-09-07 18:01:43 +03:00
|
|
|
#ifdef __cplusplus
|
|
|
|
|
extern "C" {
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
void cli_bytecode_debug(int argc, char **argv);
|
|
|
|
|
int bytecode_init(void);
|
|
|
|
|
|
|
|
|
|
#ifdef __cplusplus
|
|
|
|
|
}
|
|
|
|
|
#endif
|
2009-09-04 12:09:17 +03:00
|
|
|
|
2009-06-26 16:30:46 +03:00
|
|
|
#endif
|
