clamav

luckysteak · Mar 28, 2017 · c71887d · c71887d
1 parent e25fb59
commit c71887d
Show file tree

Hide file tree

Showing 7 changed files with 53 additions and 38 deletions.
diff --git a/GrayHatCsharp.userprefs b/GrayHatCsharp.userprefs
@@ -1,18 +1,17 @@
 <Properties StartupConfiguration="{26A8091A-68C1-4636-931C-CB4538338572}|Default" GitUserInfo="UsingGIT">
   <MonoDevelop.Ide.ItemProperties.ch14__reading__offline__hives PreferredExecutionTarget="MonoDevelop.Default" />
-  <MonoDevelop.Ide.Workbench ActiveDocument="gray_hat_csharp_code Status">
+  <MonoDevelop.Ide.Workbench ActiveDocument="ch10_automating_clamav/clam-sharp/ClamResult.cs">
     <Files>
-      <File FileName="README.md" Line="11" Column="77" />
-      <File FileName="ch10_automating_clamav/Main.cs" Line="1" Column="1" />
-      <File FileName="ch10_automating_clamav_clamd/Program.cs" Line="20" Column="1" />
-      <File FileName="ch14_reading_offline_hives/Program.cs" Line="62" Column="34" />
-      <File FileName="ch8_automating_cuckoo/Program.cs" Line="28" Column="6" />
-      <File FileName="ch8_automating_cuckoo/cuckoo-sharp/CuckooSession.cs" Line="1" Column="1" />
-      <File FileName="ch8_automating_cuckoo/cuckoo-sharp/FileTask.cs" Line="1" Column="1" />
-      <File FileName="ch8_automating_cuckoo/cuckoo-sharp/Task.cs" Line="1" Column="1" />
-      <File FileName="ch8_automating_cuckoo/cuckoo-sharp/TaskFactory.cs" Line="1" Column="1" />
-      <File FileName="ch8_automating_cuckoo/cuckoo-sharp/CuckooManager.cs" Line="30" Column="18" />
-      <File FileName="gray_hat_csharp_code Status" />
+      <File FileName="ch4_connect_back_binds/Main.cs" Line="68" Column="2" />
+      <File FileName="ch4_bind_udp/Program.cs" Line="20" Column="50" />
+      <File FileName="ch7_automating_openvas/OpenVASSession.cs" Line="91" Column="5" />
+      <File FileName="ch7_automating_openvas/Program.cs" Line="22" Column="16" />
+      <File FileName="ch10_automating_clamav/clam-sharp/ClamResult.cs" Line="1" Column="1" />
+      <File FileName="ch10_automating_clamav/clam-sharp/ClamEngineOptions.cs" Line="5" Column="9" />
+      <File FileName="ch10_automating_clamav/clam-sharp/ClamEngine.cs" Line="1" Column="1" />
+      <File FileName="ch10_automating_clamav/clam-sharp/ClamBindings.cs" Line="1" Column="1" />
+      <File FileName="ch10_automating_clamav/clam-sharp/ClamScanOptions.cs" Line="5" Column="9" />
+      <File FileName="ch10_automating_clamav/clam-sharp/ClamReturnCode.cs" Line="1" Column="1" />
     </Files>
   </MonoDevelop.Ide.Workbench>
   <MonoDevelop.Ide.ItemProperties.ch6__automating__nexpose PreferredExecutionTarget="MonoDevelop.Default" />

diff --git a/ch10_automating_clamav/clam-sharp/ClamBindings.cs b/ch10_automating_clamav/clam-sharp/ClamBindings.cs
@@ -3,7 +3,7 @@
 
 namespace ch13_automating_clamav_filesystem
 {
-	public static class ClamBindings
+	static class ClamBindings
 	{
 		const string _clamLibPath = "/Users/bperry/tmp/clamav-0.99/libclamav/.libs/libclamav.7.dylib";
 

diff --git a/ch10_automating_clamav/clam-sharp/ClamEngine.cs b/ch10_automating_clamav/clam-sharp/ClamEngine.cs
@@ -15,38 +15,50 @@ public ClamEngine ()
 				throw new Exception("Expected CL_SUCCESS, got " + ret);
 
 			engine = ClamBindings.cl_engine_new();
-
-			string dbDir = Marshal.PtrToStringAnsi(ClamBindings.cl_retdbdir());
-			uint signo = 0;
-
-			ret = ClamBindings.cl_load(dbDir, engine, ref signo,(uint)ClamScanOptions.CL_SCAN_STDOPT);
-
-			if (ret != ClamReturnCode.CL_SUCCESS)
-				throw new Exception("Expected CL_SUCCESS, got " + ret);
-
-			ret = (ClamReturnCode)ClamBindings.cl_engine_compile(engine);
-
-			if (ret != ClamReturnCode.CL_SUCCESS)
-				throw new Exception("Expected CL_SUCCESS, got " + ret);
+
+			try
+			{
+				string dbDir = Marshal.PtrToStringAnsi(ClamBindings.cl_retdbdir());
+				uint signo = 0;
+
+				ret = ClamBindings.cl_load(dbDir, engine, ref signo, (uint)ClamScanOptions.CL_SCAN_STDOPT);
+
+				if (ret != ClamReturnCode.CL_SUCCESS)
+					throw new Exception("Expected CL_SUCCESS, got " + ret);
+
+				ret = (ClamReturnCode)ClamBindings.cl_engine_compile(engine);
+
+				if (ret != ClamReturnCode.CL_SUCCESS)
+					throw new Exception("Expected CL_SUCCESS, got " + ret);
+			}
+			catch
+			{
+				ret = ClamBindings.cl_engine_free(engine);
+
+				if (ret != ClamReturnCode.CL_SUCCESS)
+					Console.Error.WriteLine("Freeing allocated engine failed");
+			}
 		}
 
 		public ClamResult ScanFile(string filepath, uint options = (uint)ClamScanOptions.CL_SCAN_STDOPT)
 		{
 			ulong scanned = 0;
 			IntPtr vname = (IntPtr)null;
 			ClamReturnCode ret = ClamBindings.cl_scanfile(filepath, ref vname, ref scanned, engine, options);
-
-			if (ret == ClamReturnCode.CL_VIRUS) {
-				string virus = Marshal.PtrToStringAnsi (vname);
-
-				ClamResult result = new ClamResult ();
+
+			if (ret == ClamReturnCode.CL_VIRUS)
+			{
+				string virus = Marshal.PtrToStringAnsi(vname);
+
+				ClamResult result = new ClamResult();
 				result.ReturnCode = ret;
 				result.VirusName = virus;
 				result.FullPath = filepath;
-				
+
 				return result;
-			} else if (ret == ClamReturnCode.CL_CLEAN)
-				return null;
+			}
+			else if (ret == ClamReturnCode.CL_CLEAN)
+				return new ClamResult() { ReturnCode = ret };
 			else
 				throw new Exception ("Expected either CL_CLEAN or CL_VIRUS, got: " + ret);
 		}
@@ -56,7 +68,7 @@ public void Dispose()
 			ClamReturnCode ret = ClamBindings.cl_engine_free(engine);
 
 			if (ret != ClamReturnCode.CL_SUCCESS)
-				throw new Exception("Expected CL_SUCCESS, got " + ret);
+				Console.Error.WriteLine("Freeing allocated engine failed");
 		}
 	}
 }
diff --git a/ch10_automating_clamav/clam-sharp/ClamEngineOptions.cs b/ch10_automating_clamav/clam-sharp/ClamEngineOptions.cs
@@ -2,6 +2,7 @@
 
 namespace ch13_automating_clamav_filesystem
 {
+	[Flags]
 	public enum ClamDatabaseOptions
 	{
 		CL_DB_PHISHING = 0x2,

diff --git a/ch10_automating_clamav/clam-sharp/ClamScanOptions.cs b/ch10_automating_clamav/clam-sharp/ClamScanOptions.cs
@@ -2,6 +2,7 @@
 
 namespace ch13_automating_clamav_filesystem
 {
+	[Flags]
 	public enum ClamScanOptions
 	{
 		CL_SCAN_ARCHIVE = 0x1,

diff --git a/ch4_bind_udp/Program.cs b/ch4_bind_udp/Program.cs
@@ -15,8 +15,9 @@ static void Main(string[] args)
 				string output;
 				byte[] bytes;
 
-				using (Socket sock = new Socket (AddressFamily.InterNetwork, SocketType.Dgram,
-					                     ProtocolType.Udp)) {
+				using (Socket sock = new Socket (AddressFamily.InterNetwork,
+				                                 SocketType.Dgram,
+					                     		 ProtocolType.Udp)) {
 
 					IPAddress addr = IPAddress.Parse (args [0]);
 					IPEndPoint addrEP = new IPEndPoint (addr, lport);

diff --git a/ch7_automating_openvas/OpenVASSession.cs b/ch7_automating_openvas/OpenVASSession.cs
@@ -98,7 +98,8 @@ private void GetStream ()
 			if (_stream == null || !_stream.CanRead) {
 				TcpClient client = new TcpClient (this.ServerIPAddress.ToString (), this.ServerPort);
 
-				_stream = new SslStream (client.GetStream (), false, new RemoteCertificateValidationCallback (ValidateServerCertificate), 
+				_stream = new SslStream (client.GetStream (), false, 
+				    new RemoteCertificateValidationCallback (ValidateServerCertificate), 
 					(sender, targetHost, localCertificates, remoteCertificate, acceptableIssuers) => null);
 
 				_stream.AuthenticateAsClient ("OpenVAS", null, SslProtocols.Tls, false);
-Original file line number
+Diff line change
@@ Expand Up / @@ -2,6 +2,7 @@ @@
     namespace ch13_automating_clamav_filesystem
     {
+    	[Flags]
     	public enum ClamDatabaseOptions
     	{
     		CL_DB_PHISHING = 0x2,
@@ Expand Down @@