Skip to content

Commit

Permalink
Add parser for ALZ archives
Browse files Browse the repository at this point in the history
  • Loading branch information
ragusaa authored and micahsnyder committed Apr 15, 2024
1 parent a0f4dc7 commit 79f2a5f
Show file tree
Hide file tree
Showing 21 changed files with 904 additions and 193 deletions.
323 changes: 149 additions & 174 deletions Cargo.lock

Large diffs are not rendered by default.

1 change: 1 addition & 0 deletions libclamav/dconf.c
Original file line number Diff line number Diff line change
Expand Up @@ -108,6 +108,7 @@ static struct dconf_module modules[] = {
{"ARCHIVE", "EGG", ARCH_CONF_EGG, 1},
{"ARCHIVE", "UDF", ARCH_CONF_UDF, 1},
{"ARCHIVE", "LHA", ARCH_CONF_LHA_LZH, 1},
{"ARCHIVE", "ALZ", ARCH_CONF_ALZ, 1},

{"DOCUMENT", "HTML", DOC_CONF_HTML, 1},
{"DOCUMENT", "RTF", DOC_CONF_RTF, 1},
Expand Down
1 change: 1 addition & 0 deletions libclamav/dconf.h
Original file line number Diff line number Diff line change
Expand Up @@ -98,6 +98,7 @@ struct cli_dconf {
#define ARCH_CONF_EGG 0x4000000
#define ARCH_CONF_UDF 0x8000000
#define ARCH_CONF_LHA_LZH 0x10000000
#define ARCH_CONF_ALZ 0x20000000

/* Document flags */
#define DOC_CONF_HTML 0x1
Expand Down
1 change: 1 addition & 0 deletions libclamav/filetypes.c
Original file line number Diff line number Diff line change
Expand Up @@ -138,6 +138,7 @@ static const struct ftmap_s {
{ "CL_TYPE_EGG", CL_TYPE_EGG },
{ "CL_TYPE_EGGSFX", CL_TYPE_EGGSFX },
{ "CL_TYPE_UDF", CL_TYPE_UDF },
{ "CL_TYPE_ALZ", CL_TYPE_ALZ },
{ "CL_TYPE_ONENOTE", CL_TYPE_ONENOTE },
{ "CL_TYPE_PYTHON_COMPILED", CL_TYPE_PYTHON_COMPILED },
{ "CL_TYPE_LHA_LZH", CL_TYPE_LHA_LZH },
Expand Down
1 change: 1 addition & 0 deletions libclamav/filetypes.h
Original file line number Diff line number Diff line change
Expand Up @@ -126,6 +126,7 @@ typedef enum cli_file {
CL_TYPE_MHTML,
CL_TYPE_LNK,
CL_TYPE_UDF,
CL_TYPE_ALZ,
CL_TYPE_OTHER, /* on-the-fly, used for target 14 (OTHER) */
CL_TYPE_IGNORED /* please don't add anything below */
} cli_file_t;
Expand Down
1 change: 1 addition & 0 deletions libclamav/filetypes_int.h
Original file line number Diff line number Diff line change
Expand Up @@ -301,5 +301,6 @@ static const char *ftypes_int[] = {
"1:2:2d6c68(30|31|32|33|34|35|36|37|64|78)2d:LHA or LZH archive:CL_TYPE_ANY:CL_TYPE_LHA_LZH:210",
"1:2:2d6c7a(73|34|35)2d:LHA archive using .LZS extension:CL_TYPE_ANY:CL_TYPE_LHA_LZH:210",
"1:2:2d706d302d:LHA archive using PMarc (.PMA) extension:CL_TYPE_ANY:CL_TYPE_LHA_LZH:210",
"0:0:414c5a01:ALZ:CL_TYPE_ANY:CL_TYPE_ALZ:210",
NULL};
#endif
5 changes: 5 additions & 0 deletions libclamav/scanners.c
Original file line number Diff line number Diff line change
Expand Up @@ -4550,6 +4550,11 @@ cl_error_t cli_magic_scan(cli_ctx *ctx, cli_file_t type)
if (SCAN_PARSE_ONENOTE && (DCONF_ARCH & DOC_CONF_ONENOTE))
ret = scan_onenote(ctx);
break;
case CL_TYPE_ALZ:
if (SCAN_PARSE_ARCHIVE && (DCONF_ARCH & ARCH_CONF_ALZ)) {
ret = cli_scanalz(ctx);
}
break;

case CL_TYPE_LHA_LZH:
if (SCAN_PARSE_ARCHIVE && (DCONF_ARCH & ARCH_CONF_LHA_LZH))
Expand Down
3 changes: 3 additions & 0 deletions libclamav_rust/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,9 @@ unicode-segmentation = "1.10"
bindgen = "0.65"
onenote_parser = { git = "https://github.com/Cisco-Talos/onenote.rs.git", branch = "CLAM-2329-new-from-slice" }
hex-literal = "0.4"
inflate = "0.4"
bzip2-rs = "0.1"
byteorder = "1.5"
delharc = "0.5"

[lib]
Expand Down
1 change: 1 addition & 0 deletions libclamav_rust/cbindgen.toml
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ include = [
"evidence::evidence_add_indicator",
"evidence::IndicatorType",
"scanners::scan_onenote",
"scanners::cli_scanalz",
]

# prefix = "CAPI_"
Expand Down
Loading

0 comments on commit 79f2a5f

Please sign in to comment.