malscan/scanner.go

71 lines
1.5 KiB
Go
Raw Normal View History

package main
import (
"errors"
"io/ioutil"
"os"
clamav "git.cyber.gent/friedkiwi/go-clamav"
)
2023-04-07 12:22:47 +00:00
func scan_data(data []byte) (string, error, int) {
// write data out to file to be scanned
tempFile, err := ioutil.TempFile("", "*.bin")
if err != nil {
2023-04-07 12:22:47 +00:00
return "", err, 0
}
defer os.Remove(tempFile.Name())
bytesWritten, writeErr := tempFile.Write(data)
if writeErr != nil {
2023-04-07 12:22:47 +00:00
return "", writeErr, 0
}
if bytesWritten != len(data) {
2023-04-07 12:22:47 +00:00
return "", errors.New("scan_data(): bytesWritten!= len(data)"), 0
}
if err := tempFile.Close(); err != nil {
2023-04-07 12:22:47 +00:00
return "", err, 0
}
// temporary file is now written to disk
// new clamav instance
clamavInstance := new(clamav.Clamav)
clamInitError := clamavInstance.Init(clamav.SCAN_OPTIONS{
General: 0,
Parse: clamav.CL_SCAN_PARSE_ARCHIVE | clamav.CL_SCAN_PARSE_ELF,
Heuristic: 0,
Mail: 0,
Dev: 0,
})
if clamInitError != nil {
2023-04-07 12:22:47 +00:00
return "", clamInitError, 0
}
// free clamav memory
defer clamavInstance.Free()
// load db
2023-04-07 12:22:47 +00:00
sigNo, loadDbError := clamavInstance.LoadDB("/usr/local/share/clamav", uint(clamav.CL_DB_DIRECTORY))
if loadDbError != nil {
2023-04-07 12:22:47 +00:00
return "", err, 0
}
// compile engine
err = clamavInstance.CompileEngine()
if err != nil {
2023-04-07 12:22:47 +00:00
return "", err, 0
}
clamavInstance.EngineSetNum(clamav.CL_ENGINE_MAX_SCANSIZE, 1024*1024*40)
clamavInstance.EngineSetNum(clamav.CL_ENGINE_MAX_SCANTIME, 9000)
// scan
_, virusName, ret := clamavInstance.ScanFile(tempFile.Name())
2023-04-07 12:22:47 +00:00
return virusName, ret, int(sigNo)
}