modify README

.gitattributes

@@ -1 +0,0 @@
-*.yar linguist-vendored

README.md

@@ -45,7 +45,7 @@ package main
 import (
 	"fmt"
 
-	clamav "git.cyber.gent/friedkiwi/go-clamav"
+	clamav "github.com/ca110us/go-clamav"
 )
 
 func main() {
@@ -117,6 +117,5 @@ $ CGO_ENABLED=1 go build --ldflags '--extldflags "-static -fpic"' main.go
 
 ## Reference
 [mirtchovski/clamav](https://github.com/mirtchovski/clamav)
-[ca110us/go-clamav](https://github.com/ca110us/go-clamav)
 
-This is an adaptation of `mirtchovski/clamav` because it fails to compile on newer versions of go on macOS.
+*This project was written because `mirtchovski/clamav` no longer supports the new version `clamav`*

README_CN.md

@@ -0,0 +1,120 @@
+# go-clamav
+[![GoDoc](https://pkg.go.dev/badge/github.com/ca110us/go-clamav?status.svg)](https://pkg.go.dev/github.com/ca110us/go-clamav?tab=doc)
+
+go-clamav 是 go 语言对 [libclamav](https://docs.clamav.net/manual/Development/libclamav.html) 的封装
+
+## 环境
+### Ubuntu
+
+```bash
+apt-get update && apt-get install -y \
+  `# install tools` \
+  gcc make pkg-config python3 python3-pip python3-pytest valgrind \
+  `# install clamav dependencies` \
+  check libbz2-dev libcurl4-openssl-dev libjson-c-dev libmilter-dev \
+  libncurses5-dev libpcre2-dev libssl-dev libxml2-dev zlib1g-dev
+
+  python3 -m pip install --user cmake / apt-get install cmake
+```
+
+从 clamav 官方下载源码 [downloads page](https://www.clamav.net/downloads)
+
+```bash
+tar xzf clamav-[ver].tar.gz
+cd clamav-[ver]
+
+mkdir build && cd build
+
+cmake ..
+cmake --build .
+ctest
+sudo cmake --build . --target install
+```
+
+其他 Linux 发行版参照 [clamav documentation](https://docs.clamav.net/manual/Installing/Installing-from-source-Unix.html)
+
+## 快速开始
+### 动态链接
+```bash
+$ cd example && cat main.go
+```
+
+```go
+package main
+
+import (
+	"fmt"
+
+	clamav "github.com/ca110us/go-clamav"
+)
+
+func main() {
+	// new clamav instance
+	c := new(clamav.Clamav)
+	err := c.Init(clamav.SCAN_OPTIONS{
+		General:   0,
+		Parse:     clamav.CL_SCAN_PARSE_ARCHIVE | clamav.CL_SCAN_PARSE_ELF,
+		Heuristic: 0,
+		Mail:      0,
+		Dev:       0,
+	})
+
+	if err != nil {
+		panic(err)
+	}
+
+	// free clamav memory
+	defer c.Free()
+
+	// load db
+	signo, err := c.LoadDB("./db", uint(clamav.CL_DB_DIRECTORY))
+	if err != nil {
+		panic(err)
+	}
+	fmt.Println("db load succeed:", signo)
+
+	// compile engine
+	err = c.CompileEngine()
+	if err != nil {
+		panic(err)
+	}
+
+	c.EngineSetNum(clamav.CL_ENGINE_MAX_SCANSIZE, 1024*1024*40)
+	c.EngineSetNum(clamav.CL_ENGINE_MAX_SCANTIME, 9000)
+	// fmt.Println(c.EngineGetNum(clamav.CL_ENGINE_MAX_SCANSIZE))
+
+	// scan
+	scanned, virusName, ret := c.ScanFile("./test_file/nmap")
+	fmt.Println(scanned, virusName, ret)
+}
+```
+
+```bash
+$ CGO_LDFLAGS="-L/usr/local/lib -lclamav" go run main.go
+
+db load succeed: 9263
+209 YARA.Unix_Packer_UpxDetail.UNOFFICIAL Virus(es) detected
+```
+
+如果找不到 `libclamav.so` 文件，尝试如下：
+
+```bash
+$ LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/lib CGO_LDFLAGS="-L/usr/local/lib -lclamav" go run main.go
+
+db load succeed: 9263
+209 YARA.Unix_Packer_UpxDetail.UNOFFICIAL Virus(es) detected
+```
+
+### 静态编译
+```bash
+$ sudo bash ./prepare.sh
+$ SRCDIR=$(pwd)
+$ export CGO_CFLAGS="-g -Wall -I${SRCDIR}/clamav-mussels-cookbook/mussels/install/include"
+$ export CGO_LDFLAGS="-L${SRCDIR}/clamav-mussels-cookbook/mussels/install/lib -lclamav_static -lbz2_static -lclammspack_static -lclamunrar_iface_static -lclamunrar_static -lcrypto -ljson-c -lpcre2-8 -lpcre2-posix -lssl -lxml2 -lz -lm -ldl -lstdc++"
+$ CGO_ENABLED=1 go build --ldflags '--extldflags "-static -fpic"' main.go
+```
+
+## 参考
+[mirtchovski/clamav](https://github.com/mirtchovski/clamav)
+
+*因为 `mirtchovski/clamav` 不再支持新版本 `clamav`，所以写了该项目*

clamav.go

@@ -176,12 +176,8 @@ func (c *Clamav) EngineGetNum(field EngineField) (uint64, error) {
 
 // Free the memory allocated to clamav instance, Free should be called
 // when the engine is no longer in use.
-func (c *Clamav) Free() error {
+func (c *Clamav) Free() int {
-	ret := ErrorCode(C.cl_engine_free((*C.struct_cl_engine)(c.engine)))
+	return int(C.cl_engine_free((*C.struct_cl_engine)(c.engine)))
-	if ret == CL_SUCCESS {
-		return nil
-	}
-	return Strerr(ret)
 }
 
 // ScanMapCB scans custom data
@@ -202,7 +198,7 @@ func (c *Clamav) ScanMapCB(fmap *Fmap, fileName string, context interface{}) (ui
 	defer CloseMemory(fmap)
 	// clean
 	if ret == CL_SUCCESS {
-		return uint(scanned), "", nil
+		return 0, "", nil
 	}
 	// virus
 	if ret == CL_VIRUS {

define.go

@@ -5,10 +5,7 @@ package goclamav
 #include <stdlib.h>
 */
 import "C"
-import (
+import "errors"
-	"errors"
-	"fmt"
-)
 
 // ErrorCode models ClamAV errors
 type ErrorCode C.cl_error_t
@@ -22,54 +19,6 @@ type SCAN_OPTIONS struct {
 	Dev       uint
 }
 
-const (
-	/* general */
-	CL_SCAN_GENERAL_ALLMATCHES           = 0x1  /* scan in all-match mode */
-	CL_SCAN_GENERAL_COLLECT_METADATA     = 0x2  /* collect metadata (--gen-json) */
-	CL_SCAN_GENERAL_HEURISTICS           = 0x4  /* option to enable heuristic alerts */
-	CL_SCAN_GENERAL_HEURISTIC_PRECEDENCE = 0x8  /* allow heuristic match to take precedence. */
-	CL_SCAN_GENERAL_UNPRIVILEGED         = 0x10 /* scanner will not have read access to files. */
-
-	/* parsing capabilities options */
-	CL_SCAN_PARSE_ARCHIVE = 0x1
-	CL_SCAN_PARSE_ELF     = 0x2
-	CL_SCAN_PARSE_PDF     = 0x4
-	CL_SCAN_PARSE_SWF     = 0x8
-	CL_SCAN_PARSE_HWP3    = 0x10
-	CL_SCAN_PARSE_XMLDOCS = 0x20
-	CL_SCAN_PARSE_MAIL    = 0x40
-	CL_SCAN_PARSE_OLE2    = 0x80
-	CL_SCAN_PARSE_HTML    = 0x100
-	CL_SCAN_PARSE_PE      = 0x200
-
-	/* heuristic alerting options */
-	CL_SCAN_HEURISTIC_BROKEN                  = 0x2    /* alert on broken PE and broken ELF files */
-	CL_SCAN_HEURISTIC_EXCEEDS_MAX             = 0x4    /* alert when files exceed scan limits (filesize, max scansize, or max recursion depth) */
-	CL_SCAN_HEURISTIC_PHISHING_SSL_MISMATCH   = 0x8    /* alert on SSL mismatches */
-	CL_SCAN_HEURISTIC_PHISHING_CLOAK          = 0x10   /* alert on cloaked URLs in emails */
-	CL_SCAN_HEURISTIC_MACROS                  = 0x20   /* alert on OLE2 files containing macros */
-	CL_SCAN_HEURISTIC_ENCRYPTED_ARCHIVE       = 0x40   /* alert if archive is encrypted (rar, zip, etc) */
-	CL_SCAN_HEURISTIC_ENCRYPTED_DOC           = 0x80   /* alert if a document is encrypted (pdf, docx, etc) */
-	CL_SCAN_HEURISTIC_PARTITION_INTXN         = 0x100  /* alert if partition table size doesn't make sense */
-	CL_SCAN_HEURISTIC_STRUCTURED              = 0x200  /* data loss prevention options, i.e. alert when detecting personal information */
-	CL_SCAN_HEURISTIC_STRUCTURED_SSN_NORMAL   = 0x400  /* alert when detecting social security numbers */
-	CL_SCAN_HEURISTIC_STRUCTURED_SSN_STRIPPED = 0x800  /* alert when detecting stripped social security numbers */
-	CL_SCAN_HEURISTIC_STRUCTURED_CC           = 0x1000 /* alert when detecting credit card numbers */
-	CL_SCAN_HEURISTIC_BROKEN_MEDIA            = 0x2000 /* alert if a file does not match the identified file format, works with JPEG, TIFF, GIF, PNG */
-
-	/* mail scanning options */
-	CL_SCAN_MAIL_PARTIAL_MESSAGE = 0x1
-
-	/* dev options */
-	CL_SCAN_DEV_COLLECT_SHA              = 0x1 /* Enables hash output in sha-collect builds - for internal use only */
-	CL_SCAN_DEV_COLLECT_PERFORMANCE_INFO = 0x2 /* collect performance timings */
-
-	/* cl_countsigs options */
-	CL_COUNTSIGS_OFFICIAL   = 0x1
-	CL_COUNTSIGS_UNOFFICIAL = 0x2
-	CL_COUNTSIGS_ALL        = (CL_COUNTSIGS_OFFICIAL | CL_COUNTSIGS_UNOFFICIAL)
-)
-
 // Fmap models in-memory files
 type Fmap C.cl_fmap_t
 
@@ -128,10 +77,22 @@ const CL_INIT_DEFAULT C.uint = C.CL_INIT_DEFAULT
 
 // Wraps the corresponding error message
 func Strerr(code ErrorCode) error {
-	err := errors.New(fmt.Sprintf("Error %d", C.int(code)))
+	err := errors.New(C.GoString(C.cl_strerror(C.int(code))))
 	return err
 }
 
+/* parsing capabilities options */
+const CL_SCAN_PARSE_ARCHIVE = C.CL_SCAN_PARSE_ARCHIVE
+const CL_SCAN_PARSE_ELF = C.CL_SCAN_PARSE_ELF
+const CL_SCAN_PARSE_PDF = C.CL_SCAN_PARSE_PDF
+const CL_SCAN_PARSE_SWF = C.CL_SCAN_PARSE_SWF
+const CL_SCAN_PARSE_HWP3 = C.CL_SCAN_PARSE_HWP3
+const CL_SCAN_PARSE_XMLDOCS = C.CL_SCAN_PARSE_XMLDOCS
+const CL_SCAN_PARSE_MAIL = C.CL_SCAN_PARSE_MAIL
+const CL_SCAN_PARSE_OLE2 = C.CL_SCAN_PARSE_OLE2
+const CL_SCAN_PARSE_HTML = C.CL_SCAN_PARSE_HTML
+const CL_SCAN_PARSE_PE = C.CL_SCAN_PARSE_PE
+
 /* db options */
 // clang-format off
 type DBOptions uint

env.osx

@@ -1,2 +0,0 @@
-export CGO_LDFLAGS="-L/opt/homebrew/opt/openssl@1.1/lib -L/usr/local/lib -lclamav"
-export CGO_CPPFLAGS="-I/opt/homebrew/opt/openssl@1.1/include"

go.mod

@@ -1,3 +1,3 @@
-module git.cyber.gent/friedkiwi/go-clamav
+module github.com/ca110us/go-clamav
 
 go 1.18