NAME¶
File::Scan - Perl extension for Scanning files for Viruses
SYNOPSIS¶
use File::Scan;
$fs = File::Scan->new([, OPTION ...]);
$fs->set_callback(
sub {
my $filename = shift;
my $bytes = shift;
...
return("Callback Value");
}
);
$fs->scan([FILE]);
if(my $e = $fs->error) { print "$e\n"; }
if(my $c = $fs->skipped) { print "file skipped ($c)\n"; }
if($fs->suspicious) { print "suspicious file\n"; }
if(my $res = $fs->callback) { print "$res\n"; }
DESCRIPTION¶
This module is designed to allows users to scan files for known viruses. The
purpose is to provide a perl module to make plataform independent virus
scanners.
METHODS¶
new([, OPTION ...])¶
This method create a new File::Scan object. The following keys are available:
- callback => 'subroutine reference'
- if the item is set then use a callback subroutine reference to provide
extra information and functionalities. The callback subroutine have two
arguments: filename and first 1024 bytes read from the file. This only
work for binary files.
- extension => 'string'
- add the specified extension to the infected file
- move => 'directory'
- move the infected file to the specified directory
- copy => 'directory'
- copy the infected file to the specified directory
- mkdir => octal_number
- if the value is set to octal number then make the specified directories
(example: mkdir => 0755).
- delete => 0 or 1
- if the value is set to 1 delete the infected file
- max_txt_size => 'size in kbytes'
- scan only the text file if the file size is less then max_txt_size. The
default value is 5120 kbytes. Set to 0 for no limit.
- max_bin_size => 'size in kbytes'
- scan only the binary file if the file size is less then max_bin_size. The
default value is 10240 kbytes. Set to 0 for no limit.
scan([FILE])¶
This method scan a file for viruses and return the name of virus if a virus is
found.
set_callback([SUBREF])¶
This method is another way to install a callback subroutine reference. Take a
look in callback kay.
skipped()¶
This method return a code number if the file was skipped and 0 if not. The
following skipped codes are available:
- 0
- file not skipped
- 1
- file is not vulnerable
- 2
- file has zero size
- 3
- the size of file is small
- 4
- the text file size is greater that the 'max_txt_size' argument
- 5
- the binary file size is greater that the 'max_bin_size' argument
suspicious()¶
This method return 1 if the file is suspicious and 0 if not.
callback()¶
This method return the result from the callback subroutine.
error()¶
This method return a error message if a error happens.
AUTHOR¶
Henrique Dias <hdias@aesbuc.pt>
CREDITS¶
Thanks to Rui de Castro, Sergio Castro, Ricardo Oliveira, Antonio Campelo,
Branca Silveira, Helena Gomes and Anita Afonso for the help.
Thanks to Fernando Martins for the personal collection of viruses.
SEE ALSO¶
perl(1).