diff --git a/headers/bcfeatures.h b/headers/bcfeatures.h index 1ed7bb6b8f..96883abcde 100644 --- a/headers/bcfeatures.h +++ b/headers/bcfeatures.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2022 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * Authors: Török Edvin diff --git a/headers/bytecode_api.h b/headers/bytecode_api.h index bbc4e64fef..8dcf576aed 100644 --- a/headers/bytecode_api.h +++ b/headers/bytecode_api.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2019 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2022 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * Authors: Török Edvin, Kevin Lin @@ -73,10 +73,10 @@ enum BytecodeKind { /** specifies a PDF hook, executes at a predetermined point of PDF parsing for PDF files */ BC_PDF, /** specifies a PE hook, executes at a predetermined point in PE parsing for PE files, - * both packed and unpacked files */ + * both packed and unpacked files */ BC_PE_ALL, /** specifies a PRECLASS hook, executes at the end of file property collection and - * operates on the original file targeted for property collection */ + * operates on the original file targeted for property collection */ BC_PRECLASS, /** specifies an ELF unpacker, executed on ELF files on a logical trigger */ BC_ELF_UNPACKER, @@ -90,10 +90,10 @@ enum BytecodeKind { * LibClamAV functionality level constants */ enum FunctionalityLevels { - FUNC_LEVEL_096 = 51, /**< LibClamAV release 0.96.0: bytecode engine released */ - FUNC_LEVEL_096_dev = 52, - FUNC_LEVEL_096_1 = 53, /**< LibClamAV release 0.96.1: logical signature use of VI/macros - * requires this minimum functionality level */ + FUNC_LEVEL_096 = 51, /**< LibClamAV release 0.96.0: bytecode engine released */ + FUNC_LEVEL_096_dev = 52, + FUNC_LEVEL_096_1 = 53, /**< LibClamAV release 0.96.1: logical signature use of VI/macros requires this minimum functionality level */ + FUNC_LEVEL_096_1_dev = 54, FUNC_LEVEL_096_2 = 54, /**< LibClamAV release 0.96.2: PDF Hooks require this minimum level */ FUNC_LEVEL_096_2_dev = 55, @@ -147,6 +147,12 @@ enum FunctionalityLevels { FUNC_LEVEL_0103_BETA = 120, /**< LibClamAV release 0.103.0-BETA */ FUNC_LEVEL_0103 = 121, /**< LibClamAV release 0.103.0 */ FUNC_LEVEL_0103_1 = 122, /**< LibClamAV release 0.103.1 */ + FUNC_LEVEL_0103_2 = 123, /**< LibClamAV release 0.103.2 */ + FUNC_LEVEL_0103_3 = 124, /**< LibClamAV release 0.103.2 */ + + FUNC_LEVEL_0104 = 140, /**< LibClamAV release 0.104.0 */ + + FUNC_LEVEL_0105 = 150, /**< LibClamAV release 0.105.0 */ }; /** @@ -350,7 +356,7 @@ const uint16_t __clambc_kind; * @param[in] a 0xf00dbeef * @param[in] b 0xbeeff00d * @return 0x12345678 if parameters match, 0x55 otherwise -*/ + */ uint32_t test1(uint32_t a, uint32_t b); /** @@ -628,7 +634,7 @@ uint32_t buffer_pipe_read_avail(int32_t id); * @return pointer to buffer, or NULL if buffer has less than * specified amount */ -//uint8_t *buffer_pipe_read_get(int32_t id, uint32_t amount); +// uint8_t *buffer_pipe_read_get(int32_t id, uint32_t amount); const uint8_t* buffer_pipe_read_get(int32_t id, uint32_t amount); /** @@ -1141,7 +1147,7 @@ uint32_t pdf_getobjsize(int32_t objidx); * @param[in] amount - size returned by pdf_getobjsize (or smaller) * @return NULL - invalid objidx/amount * @return pointer - pointer to original object */ -//uint8_t *pdf_getobj(int32_t objidx, uint32_t amount); +// uint8_t *pdf_getobj(int32_t objidx, uint32_t amount); const uint8_t* pdf_getobj(int32_t objidx, uint32_t amount); /** @@ -1322,9 +1328,9 @@ int32_t json_get_boolean(int32_t objid); */ int32_t json_get_int(int32_t objid); -//int64_t json_get_int64(int32_t objid); +// int64_t json_get_int64(int32_t objid); /* bytecode does not support double type */ -//double json_get_double(int32_t objid); +// double json_get_double(int32_t objid); /* ----------------- END 0.98.4 APIs ---------------------------------- */ /* ----------------- BEGIN 0.101.0 APIs ------------------------------- */ diff --git a/headers/bytecode_api_decl.c.h b/headers/bytecode_api_decl.c.h index 5e10ace80b..4328796bfb 100644 --- a/headers/bytecode_api_decl.c.h +++ b/headers/bytecode_api_decl.c.h @@ -2,7 +2,7 @@ * ClamAV bytecode internal API * This is an automatically generated file! * - * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2022 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Redistribution and use in source and binary forms, with or without diff --git a/headers/bytecode_detect.h b/headers/bytecode_detect.h index 1a888efbfc..71cc195f15 100644 --- a/headers/bytecode_detect.h +++ b/headers/bytecode_detect.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved. + * Copyright (C) 2013-2022 Cisco Systems, Inc. and/or its affiliates. All rights reserved. * Copyright (C) 2009-2013 Sourcefire, Inc. * * Redistribution and use in source and binary forms, with or without diff --git a/headers/bytecode_pe_structs.h b/headers/bytecode_pe_structs.h index 7300b45e05..5ce140eba3 100644 --- a/headers/bytecode_pe_structs.h +++ b/headers/bytecode_pe_structs.h @@ -28,6 +28,8 @@ #ifndef __PE_STRUCTS_H #define __PE_STRUCTS_H + + struct pe_image_file_hdr { uint32_t Magic; /**< PE magic header: PE\\0\\0 */ uint16_t Machine; /**< CPU this executable runs on, see libclamav/pe.c for possible values */ @@ -75,7 +77,7 @@ struct pe_image_optional_hdr32 { uint32_t SizeOfHeapCommit; uint32_t LoaderFlags; /*< ? */ uint32_t NumberOfRvaAndSizes; - //struct pe_image_data_dir DataDirectory[16]; + // struct pe_image_data_dir DataDirectory[16]; }; struct pe_image_optional_hdr64 { @@ -108,7 +110,7 @@ struct pe_image_optional_hdr64 { uint64_t SizeOfHeapCommit; uint32_t LoaderFlags; /* ? */ uint32_t NumberOfRvaAndSizes; - //struct pe_image_data_dir DataDirectory[16]; + // struct pe_image_data_dir DataDirectory[16]; }; struct pe_image_section_hdr { @@ -130,6 +132,9 @@ struct pe_image_section_hdr { uint32_t Characteristics; }; + + + struct pe_certificate_hdr { uint32_t length; /** length of the certificate data, including the header */ uint16_t revision;