malscan/scanner.go

73 lines
1.5 KiB
Go
Raw Normal View History

package main
import (
"errors"
"io/ioutil"
"log"
"os"
clamav "git.cyber.gent/friedkiwi/go-clamav"
)
func scan_data(data []byte) (string, error) {
log.Println("scan_data(): scanning data...")
// write data out to file to be scanned
tempFile, err := ioutil.TempFile("", "*.bin")
if err != nil {
return "", err
}
defer os.Remove(tempFile.Name())
bytesWritten, writeErr := tempFile.Write(data)
if writeErr != nil {
return "", writeErr
}
if bytesWritten != len(data) {
return "", errors.New("scan_data(): bytesWritten!= len(data)")
}
if err := tempFile.Close(); err != nil {
return "", err
}
// temporary file is now written to disk
// new clamav instance
clamavInstance := new(clamav.Clamav)
clamInitError := clamavInstance.Init(clamav.SCAN_OPTIONS{
General: 0,
Parse: clamav.CL_SCAN_PARSE_ARCHIVE | clamav.CL_SCAN_PARSE_ELF,
Heuristic: 0,
Mail: 0,
Dev: 0,
})
if clamInitError != nil {
return "", clamInitError
}
// free clamav memory
defer clamavInstance.Free()
// load db
_, loadDbError := clamavInstance.LoadDB("/usr/local/share/clamav", uint(clamav.CL_DB_DIRECTORY))
if loadDbError != nil {
return "", err
}
// compile engine
err = clamavInstance.CompileEngine()
if err != nil {
return "", err
}
clamavInstance.EngineSetNum(clamav.CL_ENGINE_MAX_SCANSIZE, 1024*1024*40)
clamavInstance.EngineSetNum(clamav.CL_ENGINE_MAX_SCANTIME, 9000)
// scan
_, virusName, ret := clamavInstance.ScanFile(tempFile.Name())
return virusName, ret
}