headers
chatsiri | 1 Feb 2012 03:52
Favicon
Gravatar

Re: plz help me!!

On 31/01/2012 19:34, Tomasz Kojm wrote:
> On Tue, 31 Jan 2012 14:51:19 +0530 infant deepak<deeeps.inf <at> gmail.com>
> wrote:
>    
>> Hi everyone,
>> I am pursuing masters degree. I am doing my project in enhancing clamav
>> application . can anyone state me, list of enhancement that can be added in
>> clamav . I will be grateful to you if you can help me as early as possible.
>> Thanks in advance.
>>      
>    
Hello All,

  If you need start up project with clamav, You should download code and 
setting up projects in Visual Studio ( M$) or GCC ( Linux ).
Debug mode of the VSC++  available for  newbie user because you can use 
the mouse set break points in line of codes and It's can see stack trace 
of call function when you debug clamav programs. GDB debug tool runs on 
Linux suitable of  some experience of  developing project in Linux 
based. I attach link of  setting project of clamav in Linux. Please see 
at link 
[http://www.agents.chatsiri.com/conculsion-on-init-step-of-clamav]. It's 
hope can help you :D

Chatsiri Rattana
> You can find some ideas here:
>
> http://wiki.clamav.net/bin/view/Main/GoogleSummerOfCode2011
>
>
(Continue reading)

Permalink | Reply | 0 comments |
headers
infant deepak | 1 Feb 2012 12:48
Picon

Re: plz help me!!

Dear Tomasz & chatsiri ...thank you so much for your help..

On 2/1/12, clamav-devel-request <at> lists.clamav.net
<clamav-devel-request <at> lists.clamav.net> wrote:
> Send clamav-devel mailing list submissions to
> 	clamav-devel <at> lists.clamav.net
>
> To subscribe or unsubscribe via the World Wide Web, visit
> 	http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-devel
> or, via email, send a message with subject or body 'help' to
> 	clamav-devel-request <at> lists.clamav.net
>
> You can reach the person managing the list at
> 	clamav-devel-owner <at> lists.clamav.net
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of clamav-devel digest..."
>
>
> Today's Topics:
>
>    1. Re: plz help me!! (Tomasz Kojm)
>    2. Re: plz help me!! (chatsiri)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Tue, 31 Jan 2012 13:34:24 +0100
> From: Tomasz Kojm <tkojm <at> clamav.net>
(Continue reading)

Permalink | Reply | 0 comments |
headers
chatsiri | 2 Feb 2012 04:53
Favicon
Gravatar

Why the function ac_maketrans defined size of array is 256?

Hello All,

     I  debug code of clamav.  Aho-Corasick( AC) Algorithms concepts for 
matching between virus and signature files. Step for AC is build trie ( 
keyword tree)  for inserting signature from virus database files. I  
have question in step build tire before matching with input information. 
Why source code in "static int ac_maketrans(struct cli_matcher *root)" 
[1]  define size of array is 256?.
      In addition, Do you using the Depth First Search Algorithm( DFS) 
for building trie?

Thanks you,
Chatsiri Rattana

1) http://goo.gl/bIqdx
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Permalink | Reply | 3 comments |
headers
Török Edwin | 2 Feb 2012 10:02
Favicon

Re: Why the function ac_maketrans defined size of array is 256?

On 02/02/2012 05:53 AM, chatsiri wrote:
> Hello All,
> 
>     I  debug code of clamav.  Aho-Corasick( AC) Algorithms concepts for matching between virus and signature
files. Step for AC is build trie ( keyword tree)  for inserting signature from virus
> database files. I  have question in step build tire before matching with input information. Why source
code in "static int ac_maketrans(struct cli_matcher *root)" [1]  define size of array is 256?.

Because the trie matches byte-by-byte, so each node has 256 children, and that includes the root.

>      In addition, Do you using the Depth First Search Algorithm( DFS) for building trie?

ac_maketrans uses BFS.

Best regards,
--Edwin
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Permalink | Reply | 2 comments |
headers
Chatsiri Ratana | 3 Feb 2012 02:18
Favicon
Gravatar

Re: Why the function ac_maketrans defined size of array is 256?

----- Original message -----
> On 02/02/2012 05:53 AM, chatsiri wrote:
> > Hello All,
> > 
> > I   debug code of clamav.   Aho-Corasick( AC) Algorithms concepts for
> > matching between virus and signature files. Step for AC is build trie
> > ( keyword tree)   for inserting signature from virus database files. I 
> > have question in step build tire before matching with input
> > information. Why source code in "static int ac_maketrans(struct
> > cli_matcher *root)" [1]   define size of array is 256?.
> 
> Because the trie matches byte-by-byte, so each node has 256 children,
> and that includes the root.
What's contain in node? My view, Node contains a signature files for matching with virus in files.right? My
plan for optimized algorithm code of string matching with GPU.
> 
> > In addition, Do you using the Depth First Search Algorithm( DFS) for
> > building trie?
> 
> ac_maketrans uses BFS.
> 
> Best regards,
> --Edwin
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net

_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
(Continue reading)

Permalink | Reply | 1 comment |
headers
Tomasz Kojm | 3 Feb 2012 16:59
Favicon

Re: Why the function ac_maketrans defined size of array is 256?

On Fri, 03 Feb 2012 08:18:24 +0700 Chatsiri Ratana
<chatsiri <at> chatsiri.com> wrote:
> ----- Original message -----
>> On 02/02/2012 05:53 AM, chatsiri wrote:
>>> Hello All,
>>>
>>> I   debug code of clamav.   Aho-Corasick( AC) Algorithms concepts for
>>> matching between virus and signature files. Step for AC is build trie
>>> ( keyword tree)   for inserting signature from virus database files. I 
>>> have question in step build tire before matching with input
>>> information. Why source code in "static int ac_maketrans(struct
>>> cli_matcher *root)" [1]   define size of array is 256?.
>>
>> Because the trie matches byte-by-byte, so each node has 256 children,
>> and that includes the root.
> What's contain in node? My view, Node contains a signature files for matching with virus in files.right?
My plan for optimized algorithm code of string matching with GPU.

I'd suggest you have a look at the source code - all the information is
there.

--

-- 
   oo    .....         Tomasz Kojm <tkojm <at> clamav.net>
  (\/)\.........         http://www.ClamAV.net/gpg/tkojm.gpg
     \..........._         0DCA5A08407D5288279DB43454822DC8985A444B
       //\   /\              Fri Feb  3 16:57:08 CET 2012
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
(Continue reading)

Permalink | Reply | 0 comments |
headers
Chatsiri Ratana | 11 Feb 2012 09:52
Picon

How to compile source code of Clamav when improved some source code?

Hello All,

I recompiled source code when improved source code of Clamav. I using step
as built source code.
$./configure
$make
$make install
Compile-time very long time for compiling all source code.  How to compile
source code with little time? My view, It should be using little time for
compiling some code.

Best Regards,
Chatsiri Rattana
d\
--

-- 
:--------------------------------------------------------
http://about.me/chatsiri.ratana
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Permalink | Reply | 2 comments |
headers
Török Edwin | 11 Feb 2012 10:06
Favicon

Re: How to compile source code of Clamav when improved some source code?

On 02/11/2012 10:52 AM, Chatsiri Ratana wrote:
> Hello All,
> 
> I recompiled source code when improved source code of Clamav. I using step
> as built source code.
> $./configure
> $make
> $make install
> Compile-time very long time for compiling all source code.  How to compile
> source code with little time? My view, It should be using little time for
> compiling some code.

Use a compiler cache, like ccache.

Best regards,
--Edwin
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Permalink | Reply | 1 comment |
headers
Chatsiri Ratana | 11 Feb 2012 10:24
Picon

Re: How to compile source code of Clamav when improved some source code?

2012/2/11 Török Edwin <edwin <at> clamav.net>

> On 02/11/2012 10:52 AM, Chatsiri Ratana wrote:
> > Hello All,
> >
> > I recompiled source code when improved source code of Clamav. I using
> step
> > as built source code.
> > $./configure
> > $make
> > $make install
> > Compile-time very long time for compiling all source code.  How to
> compile
> > source code with little time? My view, It should be using little time for
> > compiling some code.
>
> Use a compiler cache, like ccache.
>
Thank a lot, I will try :D

Thanks you,
Chatsiri Rattana

>
> Best regards,
> --Edwin
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
(Continue reading)

Permalink | Reply | 0 comments |
headers
infant deepak | 11 Feb 2012 17:16
Picon

Plz help me!!

Hi,

I am doing project on clamAV . I have chosen from

http://wiki.clamav.net/bin/view/Main/GoogleSummerOfCode2011
4. DOCX

Add support for parsing docx based MS Office files.

Main purpose is extracting embedded files. You will need to parse the XML,
locate the embedded data, then decode(base64/OLE?) / and decompress
(deflate?) it.

So I did analysis of how clamAV currently scanning a .DOCX file . From my
understanding it treats as a ZIP file and extracts to a temporary folder,
and scanning each xml file and inserted media files such pictures,video
etc.(If I am not correct, kindly explain me).

After that, I tried embedding a EICAR test virus in a picture file by using
Steghide tool. Then I scanned that picture file ,but clamav didnt recognize
it. Reason may be steghide encrypts the virus file.

So I like to know following things,

1. Why clamav didnt recognize encrypted virus?

2.Anyone help me to start my project?(Still now I gone through the source
code using gdb, so I have little knowledge about code)

Awaiting for response.
(Continue reading)

Permalink | Reply | 2 comments |

Gmane