Tartarus CVS: viruswatch: simon
tartarus-commits at lists.tartarus.org
tartarus-commits at lists.tartarus.org
Mon Jan 3 17:44:23 GMT 2005
CVS Root: /home/cvs
Module: viruswatch
Changes by: simon
Date: Mon Jan 03 2005 17:44:23 GMT
Log message:
Revamped scanner end for viruswatch. Many advantages:
- much more flexible in terms of where it can spot viruses: double
zips, for example, now hold no terror
- clear separation between detectors (mail-message parser,
executable spotter, zip untangler etc) to enhance maintainability
and make it easier to add new detector types
- mechanism and policy are much more separate (the scanner module
tells you that, say, there's an executable called foo.scr in a
zip file called bar.zip base64-encoded in a MIME part, and it's
up to its client to decide what to do about that)
- support for the annoying JavaScript-encoded viruses we've been
seeing lately (a JScript or HTML attachment contains a comma-
separated list of decimal bytes which encode a Windows binary).
Modified files:
. : Makefile shlib.c
Added files:
. : scanner.c scanner.h
Removed files:
. : internal.h viruswatch.c
Links:
http://cvs.tartarus.org//viruswatch/Makefile.diff?r1=1.6&r2=1.7
http://cvs.tartarus.org//viruswatch/internal.h
http://cvs.tartarus.org//viruswatch/scanner.c?rev=1.1&content-type=text/vnd.viewcvs-markup
http://cvs.tartarus.org//viruswatch/scanner.h?rev=1.1&content-type=text/vnd.viewcvs-markup
http://cvs.tartarus.org//viruswatch/shlib.c.diff?r1=1.21&r2=1.22
http://cvs.tartarus.org//viruswatch/viruswatch.c
More information about the tartarus-commits
mailing list