File: dconf.h

package info (click to toggle)
clamav 0.98.7+dfsg-0+deb6u2
  • links: PTS, VCS
  • area: main
  • in suites: squeeze-lts
  • size: 60,204 kB
  • ctags: 49,129
  • sloc: cpp: 267,090; ansic: 152,211; sh: 35,196; python: 2,630; makefile: 2,220; perl: 1,690; pascal: 1,218; lisp: 184; csh: 117; xml: 38; asm: 32; exp: 4
file content (143 lines) | stat: -rw-r--r-- 4,111 bytes parent folder | download | duplicates (2)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
/*
 *  Copyright (C) 2014 Cisco and/or its affiliates. All rights reserved.
 *  Copyright (C) 2007-2013 Sourcefire, Inc.
 *
 *  Authors: Tomasz Kojm
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License version 2 as
 *  published by the Free Software Foundation.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
 *  MA 02110-1301, USA.
 */

#ifndef __DCONF_H
#define __DCONF_H

#include <stdio.h>
#include <zlib.h>

#include "clamav.h"
#include "cltypes.h"
#include "cvd.h"

#include "mpool.h"

struct cli_dconf {
    uint32_t pe;
    uint32_t elf;
    uint32_t macho;
    uint32_t archive;
    uint32_t doc;
    uint32_t mail;
    uint32_t other;
    uint32_t phishing;
    uint32_t bytecode;
    uint32_t stats;
};

/* PE flags */
#define PE_CONF_PARITE	    0x1
#define PE_CONF_KRIZ	    0x2
#define PE_CONF_MAGISTR	    0x4
#define PE_CONF_POLIPOS	    0x8
#define PE_CONF_MD5SECT	    0x10
#define PE_CONF_UPX	    0x20
#define PE_CONF_FSG	    0x40
#define PE_CONF_SWIZZOR     0x80
#define PE_CONF_PETITE	    0x100
#define PE_CONF_PESPIN	    0x200
#define PE_CONF_YC	    0x400
#define PE_CONF_WWPACK	    0x800
#define PE_CONF_NSPACK	    0x1000
#define PE_CONF_MEW	    0x2000
#define PE_CONF_UPACK	    0x4000
#define PE_CONF_ASPACK	    0x8000
#define PE_CONF_CATALOG	    0x10000
#define PE_CONF_DISABLECERT 0x20000
#define PE_CONF_DUMPCERT    0x40000
#define PE_CONF_MATCHICON   0x80000

/* Archive flags */
#define ARCH_CONF_RAR	    0x1
#define ARCH_CONF_ZIP	    0x2
#define ARCH_CONF_GZ	    0x4
#define ARCH_CONF_BZ	    0x8
#define ARCH_CONF_SZDD	    0x10
#define ARCH_CONF_CAB	    0x20
#define ARCH_CONF_CHM	    0x40
#define ARCH_CONF_OLE2	    0x80
#define ARCH_CONF_TAR	    0x100
#define ARCH_CONF_BINHEX    0x200
#define ARCH_CONF_SIS	    0x400
#define ARCH_CONF_NSIS	    0x800
#define ARCH_CONF_ARJ       0x1000
#define ARCH_CONF_AUTOIT    0x2000
#define ARCH_CONF_CPIO	    0x4000
#define ARCH_CONF_ISHIELD   0x8000
#define ARCH_CONF_7Z        0x10000
#define ARCH_CONF_ISO9660   0x20000
#define ARCH_CONF_DMG       0x40000
#define ARCH_CONF_XAR       0x80000
#define ARCH_CONF_HFSPLUS   0x100000
#define ARCH_CONF_XZ        0x200000

/* Document flags */
#define DOC_CONF_HTML		0x1
#define DOC_CONF_RTF		0x2
#define DOC_CONF_PDF		0x4
#define DOC_CONF_SCRIPT 	0x8
#define DOC_CONF_HTML_SKIPRAW	0x10
#define DOC_CONF_JSNORM         0x20
#define DOC_CONF_SWF		0x40

/* Mail flags */
#define MAIL_CONF_MBOX	    0x1
#define MAIL_CONF_TNEF	    0x2

/* Other flags */
#define OTHER_CONF_UUENC    0x1
#define OTHER_CONF_SCRENC   0x2
#define OTHER_CONF_RIFF	    0x4
#define OTHER_CONF_JPEG	    0x8
#define OTHER_CONF_CRYPTFF  0x10
#define OTHER_CONF_DLP	    0x20
#define OTHER_CONF_MYDOOMLOG	0x40
#define OTHER_CONF_PREFILTERING 0x80
#define OTHER_CONF_PDFNAMEOBJ	0x100
#define OTHER_CONF_PRTNINTXN	0x200

/* Phishing flags */
#define PHISHING_CONF_ENGINE   0x1
#define PHISHING_CONF_ENTCONV  0x2

/* Bytecode flags */
#define BYTECODE_INTERPRETER 0x1
#define BYTECODE_JIT_X86 0x2
#define BYTECODE_JIT_PPC 0x4
#define BYTECODE_JIT_ARM 0x8

/* Stats/Intel flags */
#define DCONF_STATS_DISABLED            0x1
#define DCONF_STATS_PE_SECTION_DISABLED 0x2

#define BYTECODE_ENGINE_MASK (BYTECODE_INTERPRETER | BYTECODE_JIT_X86 | BYTECODE_JIT_PPC | BYTECODE_JIT_ARM)

#ifdef USE_MPOOL
struct cli_dconf *cli_dconf_init(mpool_t *);
#define cli_mpool_dconf_init(a) cli_dconf_init(a)
#else
struct cli_dconf *cli_dconf_init(void);
#define cli_mpool_dconf_init(a) cli_dconf_init()
#endif
void cli_dconf_print(struct cli_dconf *dconf);
int cli_dconf_load(FILE *fs, struct cl_engine *engine, unsigned int options, struct cli_dbio *dbio);
#endif