Stowage/clamav
2
0
Fork 0
mirror of https://github.com/Cisco-Talos/clamav.git synced 2025-10-19 18:33:16 +00:00
Code Issues Projects Releases Packages Wiki Activity
9846 commits 35 branches 233 tags 197 MiB
Commit graph

198 commits

Author SHA1 Message Date
Andrew
64ecd1099c Fix support for authenticode signatures from external .cat files 
This commit adds back in support for whitelisting files based on
signatures from .cat files loaded in via a '-d' flag to clamscan.
This also makes it so that a .crb blacklist rule match can't be
overruled by a signature in a .cat file
 2018-12-02 23:07:06 -05:00
Mickey Sola
17360f03be scan_options - fixing up segfault caused by zeroed out scan_options struct when using sigtool to test signatures 2018-12-02 23:07:03 -05:00
Micah Snyder
d7979d4ff7 Restructured scan options flags from a single bitflag field to a structure containing multiple bitflag fields. This also required adding a new function to the bytecode API to get scan options a la carte, and modifying the existing function to hand back scan options in the old/deprecated uint32_t bitflag format. Re-generated bytecode iface header files. 
Updated libclamav documentation detailing new scan options structure.
Renamed references to 'algorithmic' detection to 'heuristic' detection. Renaming references to 'properties' to 'collect metadata'.
Renamed references to 'scan all' to 'scan all match'.
Renamed a couple of 'Hueristic.*' signature names as 'Heuristics.*' signatures (plural) to match majority of other heuristics.
 2018-12-02 23:06:59 -05:00
Micah Snyder
964a1e7321 Converting http urls to https urls. Primary focus was on clamav.net urls. I updated a couple others and fixes a few broken links as well. There are many (non-clamav.net) urls I didn't address, especially in 3rd party or contrib code. 2018-04-02 07:58:33 -04:00
Josh Soref
7cd9337a70 Spelling Adjustments (#30) 
* spelling: accessed

* spelling: alignment

* spelling: amalgamated

* spelling: answers

* spelling: another

* spelling: acquisition

* spelling: apitid

* spelling: ascii

* spelling: appending

* spelling: appropriate

* spelling: arbitrary

* spelling: architecture

* spelling: asynchronous

* spelling: attachments

* spelling: argument

* spelling: authenticode

* spelling: because

* spelling: boundary

* spelling: brackets

* spelling: bytecode

* spelling: calculation

* spelling: cannot

* spelling: changes

* spelling: check

* spelling: children

* spelling: codegen

* spelling: commands

* spelling: container

* spelling: concatenated

* spelling: conditions

* spelling: continuous

* spelling: conversions

* spelling: corresponding

* spelling: corrupted

* spelling: coverity

* spelling: crafting

* spelling: daemon

* spelling: definition

* spelling: delivered

* spelling: delivery

* spelling: delimit

* spelling: dependencies

* spelling: dependency

* spelling: detection

* spelling: determine

* spelling: disconnects

* spelling: distributed

* spelling: documentation

* spelling: downgraded

* spelling: downloading

* spelling: endianness

* spelling: entities

* spelling: especially

* spelling: empty

* spelling: expected

* spelling: explicitly

* spelling: existent

* spelling: finished

* spelling: flexibility

* spelling: flexible

* spelling: freshclam

* spelling: functions

* spelling: guarantee

* spelling: hardened

* spelling: headaches

* spelling: heighten

* spelling: improper

* spelling: increment

* spelling: indefinitely

* spelling: independent

* spelling: inaccessible

* spelling: infrastructure

Conflicts:
	docs/html/node68.html

* spelling: initializing

* spelling: inited

* spelling: instream

* spelling: installed

* spelling: initialization

* spelling: initialize

* spelling: interface

* spelling: intrinsics

* spelling: interpreter

* spelling: introduced

* spelling: invalid

* spelling: latency

* spelling: lawyers

* spelling: libclamav

* spelling: likelihood

* spelling: loop

* spelling: maximum

* spelling: million

* spelling: milliseconds

* spelling: minimum

* spelling: minzhuan

* spelling: multipart

* spelling: misled

* spelling: modifiers

* spelling: notifying

* spelling: objects

* spelling: occurred

* spelling: occurs

* spelling: occurrences

* spelling: optimization

* spelling: original

* spelling: originated

* spelling: output

* spelling: overridden

* spelling: parenthesis

* spelling: partition

* spelling: performance

* spelling: permission

* spelling: phishing

* spelling: portions

* spelling: positives

* spelling: preceded

* spelling: properties

* spelling: protocol

* spelling: protos

* spelling: quarantine

* spelling: recursive

* spelling: referring

* spelling: reorder

* spelling: reset

* spelling: resources

* spelling: resume

* spelling: retrieval

* spelling: rewrite

* spelling: sanity

* spelling: scheduled

* spelling: search

* spelling: section

* spelling: separator

* spelling: separated

* spelling: specify

* spelling: special

* spelling: statement

* spelling: streams

* spelling: succession

* spelling: suggests

* spelling: superfluous

* spelling: suspicious

* spelling: synonym

* spelling: temporarily

* spelling: testfiles

* spelling: transverse

* spelling: turkish

* spelling: typos

* spelling: unable

* spelling: unexpected

* spelling: unexpectedly

* spelling: unfinished

* spelling: unfortunately

* spelling: uninitialized

* spelling: unlocking

* spelling: unnecessary

* spelling: unpack

* spelling: unrecognized

* spelling: unsupported

* spelling: usable

* spelling: wherever

* spelling: wishlist

* spelling: white

* spelling: infrastructure

* spelling: directories

* spelling: overridden

* spelling: permission

* spelling: yesterday

* spelling: initialization

* spelling: intrinsics

* space adjustment for spelling changes

* minor modifications by klin
 2018-02-27 22:00:09 -05:00
Micah Snyder
e098cdc557 Updating help strings, to include a couple missing items as well as copyrights. updating man page files as well. 2018-02-14 12:08:36 -05:00
Steven Morgan
ed47868b3f bb11823 - command line copyright dates. 2017-07-18 16:43:11 -04:00
Mickey Sola
631cb6a005 Fixes and updates to intermediate container sig rules based on code review 2017-02-01 17:33:15 -05:00
klin
031fe00a4d restructure container typing system to use array (#2) 2017-01-19 12:24:46 -05:00
Steven Morgan
7286695f58 bb17595 (FireAmp) - add sigtool support for building fp-only virus databases. 2016-10-12 18:16:51 -04:00
Kevin Lin
9c30a4fc6e sigtool: patch hybrid cvd generation 2016-08-17 11:31:56 -04:00
Kevin Lin
8d37842072 win32: fixes for sigtool imphash linking 2016-07-13 17:05:43 -04:00
Kevin Lin
634c859458 imphash: code review and clean up 2016-07-13 15:08:30 -04:00
Kevin Lin
832d44e748 sig: convert .ith to .imp; add .imp to sigtool 2016-07-13 15:08:30 -04:00
Kevin Lin
3cc632adc8 sigtool: properly generates and reports pe section hashes (mdb) 2016-07-13 15:08:30 -04:00
Mickey Sola
a86c600350 bb11553 - allowing sigtool to ignore comments in signature files 2016-04-18 10:35:07 -04:00
Steven Morgan
09e0a9a720 Add sigtool support for decoding *.ftm signatures (version 1). 2016-03-30 19:30:08 -04:00
Kevin Lin
5eaf0b320a bb#11003 - fix dconf and option handling for nocert and dumpcert 2016-03-17 11:15:52 -04:00
Tom Judge
e03afa1200 Add 'cdb' datafile to sigtools list of datafile types. 2016-03-13 23:27:23 -04:00
Kevin Lin
3ed58f86e5 fix sigtool compile warning 2016-02-29 13:00:15 -05:00
Mickey Sola
4b581a2d22 sigtool: adding support for decoding cdb sigs 2016-01-06 14:58:01 -05:00
Steven Morgan
5c3865c7df Change 'Sourcefire' -> 'Cisco Systems' in command line usage messages. 2015-11-03 12:46:05 -05:00
Steven Morgan
6b4a19c9ad bb11390 - add memory allocation check. Patch by Bill Parker. 2015-09-23 12:49:53 -04:00
Mickey Sola
46a35abe56 mass update of copyright headers 2015-09-17 13:41:26 -04:00
Kevin Lin
b187a2c330 cid 12192/12191 - fix error state in allocating memory for regex cflags in sigtool 2015-08-19 11:14:51 -04:00
Kevin Lin
0ae43cf37c silence cid 12218 - false positive, yara virname prefix 2015-08-19 11:14:50 -04:00
Kevin Lin
336365ec77 sigtool: added nested string alternative handling 2015-07-23 12:12:07 -04:00
Kevin Lin
d002f43eef sigtool: added usage of cli_ldbtokenize to sigtool 
sigtool: handles signature modifiers
 2015-07-21 17:30:14 -04:00
Mickey Sola
c1bc49e71c Adding ascii file normalization option to sigtool. 2015-07-07 17:32:14 -04:00
Kevin Lin
b289385d32 various fixes for windows build 2015-06-01 16:07:07 -04:00
Kevin Lin
a02acd50b6 [WIP] added nocase support to clamav ac algorithm 2015-02-06 07:46:21 -08:00
Steven Morgan
55b8bf0c7b Resolve merge conflicts matcher-ac.c clamconf.c readdb.c 2015-02-03 19:37:12 -05:00
Kevin Lin
fef2883e7b bb#11237 - fixed bug in building CUD file 2015-01-08 09:48:20 -08:00
Kevin Lin
c648e6b490 Merge branch 'master' into klin/pcre_support 
Conflicts:
	clamconf/clamconf.c
	clamscan/manager.c
	docs/signatures.tex
	sigtool/sigtool.c
 2014-10-31 11:10:41 -04:00
Kevin Lin
ff1445a08c bb#11135 - sigtool now verifies cvd prior to unpacking 2014-10-06 19:03:24 -04:00
Kevin Lin
02d2de779f fixed various issues for windows builds 2014-09-30 15:22:07 -04:00
Kevin Lin
f9389d0926 CID 11939, 11940 - fixed resource leaks in sigtool 2014-09-23 10:51:03 -04:00
Kevin Lin
0d37009816 sigtool/pcre: pcre subsig id and exe support in sigtool 2014-09-11 12:27:52 -04:00
Shawn Webb
859b6fb843 Fix a few more compiler warnings 2014-07-11 09:42:42 -04:00
Shawn Webb
6df13d049e Finish phase 1 of silencing compiler warnings 2014-07-11 09:30:58 -04:00
Shawn Webb
78ee2250ae Call cl_initialize_crypto() in cl_init() 2014-07-03 22:14:40 -04:00
Shawn Webb
60d8d2c352 Move all the crypto API to clamav.h 2014-07-01 19:38:01 -04:00
Shawn Webb
e0f667e7f1 bb11023 - Wrong declaration of function destroy_ctx to cause undefined behavior 2014-06-02 08:54:43 -04:00
Shawn Webb
f9afc3092f Cleanup OpenSSL on program exit 2014-05-09 17:14:21 -04:00
Shawn Webb
bbab63daec Initialize OpenSSL within the application, not within libclamav 2014-05-09 16:19:00 -04:00
Shawn Webb
d4a7c3a022 Properly initialize the crypto interfaces on Windows platforms 2014-03-07 14:09:46 -05:00
Shawn Webb
da6e06dd68 Provide further abstractions to the OpenSSL integration work 2014-02-28 12:12:30 -05:00
Kevin Lin
9611806a16 bb#10537 - fixed sigtool not identifying targets (>9) 2014-02-20 16:50:10 -05:00
Shawn Webb
5c428be3e1 Fix CIDs 12006 12004 11809 11808 11787 11728 11723 11719 11718 11717 11716 11658 11653 2014-02-19 10:03:53 -05:00
Shawn Webb
f077c6174f Fix some race conditions. Fix some memory leaks. 2014-02-13 13:05:50 -05:00