blat1

1. #include <stdio.h>
2. #include <stdlib.h>
3. #include <string.h>
4. #include <dirent.h>
5.  
6. #define FALSE (0)
7. #define TRUE !FALSE
8. #define NAME_LEN (64)
9. #define LOG_NAME "AntiVirusLog.txt"
10.  
11. int getFileSize(FILE *file);
12. char *getText(FILE *file, size_t size);
13. void checkAllocation(void *p);
14. char isInBin(void *data, size_t len, void *subdata, size_t sublen);
15.  
16. int main(int argc, const char *argv[]) {
17. FILE *virusSign = NULL, *scanFile = NULL,
18. *logFile = NULL;
19. int signSize = 0, scanFileSize = 0, chunkSize = 0,
20. isNormalFind = 0, isFTwentFound = 0, isLTwentFound = 0;
21. size_t curFileSize = 0, virusSignSize = 0;
22. char curFileName[NAME_LEN] = { 0 }, logFileName[NAME_LEN] = { 0 }, choice = 0;
23. struct dirent *ep;
24. DIR *dp = opendir(argv[1]);
25.  
26. /* LOG AND PRINT STUFF */
27.  
28. // PRINT
29. printf("Welcome to my Virus Scan!\n\n"
30. "Folder to scan: %s\n"
31. "Virus sinature: %s\n\n"
32. "Press 0 for a normal scan or any key for a quick scan: ",
33. argv[1], argv[2]);
34. scanf("%d", &choice);
35. puts("Scanning began...\nThis process may take several minutes...\n\nScanning:");
36.  
37. // LOG
38. sprintf(logFileName, "%s/%s", argv[1], LOG_NAME);
39. logFile = fopen(logFileName, "w");
40.  
41. fprintf(logFile, "Anti-virus began! Welcome!\n\n"
42. "Folder to scan:\n%s\nVirus signature:\n%s\n\n"
43. "Scanning option:\n%s Scan\n\nResults:\n",
44. argv[1], argv[2], !choice ? "Normal" : "Quick");
45.  
46. /* END OF LOG AND PRINT */
47.  
48. // Getting the virus sign
49. virusSign = fopen(argv[2], "rb");
50. virusSignSize = getFileSize(virusSign);
51. char *sign = getText(virusSign, (int)virusSignSize);
52.  
53. if (dp) {
54. // Move over every file in the folder
55. while (ep = readdir(dp)) {
56. // Checking if it's a file
57. if (ep->d_type == DT_DIR || !strcmp(ep->d_name, LOG_NAME)) {
58. continue;
59. }
60.  
61. sprintf(curFileName, "%s/%s", argv[1], ep->d_name);
62.  
63. scanFile = fopen(curFileName, "rb");
64. curFileSize = getFileSize(scanFile);
65.  
66. // Saving some CPU cycles ;)
67. if (curFileSize < virusSignSize) {
68. fprintf(logFile, "%s Not Infected\n", curFileName);
69. continue;
70. }
71.  
72. char *curFileText = getText(scanFile, curFileSize);
73.  
74. if (choice) {
75. chunkSize = curFileSize / 5; // Getting the size of the %20
76.  
77. // Saving some CPU cycles
78. if (chunkSize > virusSignSize) {
79. isFTwentFound = isInBin(curFileText, chunkSize, sign, virusSignSize);
80. isLTwentFound = isInBin(curFileText + (chunkSize * 4), curFileSize - (chunkSize * 4), sign,
81. virusSignSize);
82. }
83. else {
84. isFTwentFound = FALSE;
85. isLTwentFound = FALSE;
86. }
87. }
88.  
89. if (isLTwentFound) {
90. fprintf(logFile, "%s %s\n", curFileName, "Infected! (last 20%)");
91. }
92. else if (isFTwentFound) {
93. fprintf(logFile, "%s %s\n", curFileName, "Infected! (first 20%)");
94. }
95. else if (isInBin(curFileText, curFileSize, sign, virusSignSize)) {
96. fprintf(logFile, "%s Infected!\n", curFileName);
97. }
98. else {
99. fprintf(logFile, "%s Not Infected\n", curFileName);
100. }
101.  
102. free(curFileText);
103. puts(curFileName);
104. }
105.  
106. free(sign);
107. (void)closedir(dp);
108.  
109. }
110. else {
111. perror("Couldn't open the directory");
112. }
113.  
114. printf("Scan Completed.\nSee log path for results: %s\nGoodbye", logFileName);
115.  
116. return 0;
117. }
118.  
119. /*
120. * Function which get data and subdata and check if the string contains the substring,
121. * the punch is that it is working with binary char-chunck
122. *
123. * For the protocol, GNU also has function which do the same (memmem)
124. *
125. * @param the data, it's len, the subdata and it's len
126. * @return 1 - it contains, 0 - else
127. */
128. char isInBin(void *data, size_t len, void *subdata, size_t sublen) {
129. // Running from the end of the file through the start minus the size of the subdata, so by the end - everything got checked
130. for (len -= sublen; len >= 1; --len)
131. if (!memcmp(data + len, subdata,
132. sublen)) // Checking if the each chuck, one by one (chunk size = virus sign size)
133. return TRUE;
134.  
135. // For the worst case, when it's at the end (or start from another perspective)
136. return !memcmp(data, subdata, sublen);
137. }
138.  
139. /*
140. * returns given file size
141. * @param file
142. * @return files size
143. */
144. int getFileSize(FILE *file) {
145. int size = 0;
146.  
147. fseek(file, 0, SEEK_END);
148. size = (int)ftell(file);
149. rewind(file);
150.  
151. return size;
152. }
153.  
154. /*
155. * gets text from given file
156. * @param file and it is size
157. * @return the file s text
158. */
159. char *getText(FILE *file, size_t size) {
160. char *tmpBuff = NULL;
161. size_t res = 0;
162.  
163. tmpBuff = (char *)malloc(sizeof(char) * size);
164. checkAllocation(tmpBuff);
165.  
166. res = fread(tmpBuff, 1, size, file);
167.  
168. if (res != size) {
169. perror("Can't read file!");
170. exit(2);
171. }
172.  
173. return tmpBuff;
174. }
175.  
176. /*
177. * checks for wrong allocation
178. * @param pointer to allocated addr
179. * @return none
180. */
181. void checkAllocation(void *p) {
182. if (!p) {
183. perror("Allocation error!");
184. exit(1);
185. }
186. }