#!/usr/bin/perl # # Copyright (c) y2k6, Rafal Lesniak # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # 3. All advertising materials mentioning features or use of this software # must display the following acknowledgement: # This product includes software developed by Rafal Lesniak. # 4. The name of the author may not be used to endorse or promote products # derived from this software without specific prior written permission. # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # # $Id$ # use strict; if (!$ARGV[0]) {print "Usage: $0 \n";exit 1;} my $tmpDir = $ARGV[0]; my @dbFiles = ('daily.db','main.db'); my $db = {}; my $sig = {}; my $now = gmtime(time()); print " Clamav Virus Database Consistency Check Date: ". $now ." [o] F - file [o] C - current signature/name [o] O - old signature/name --------------------------- "; foreach my $f (@dbFiles) { my $df = $tmpDir.$f; print "[X] Testing [".$df."]\n\n"; &load_db($df); }; sub load_db { my $path = $_[0]; open(DB,$path) or die("Can't open $path: $!\n"); my $c = 0; while(my $line = ) { $c++; my $lc = $path.":$c"; if ($line =~ /^#/) {next;} elsif ($line =~ /\r\n$/) { print $lc.": ends with \\r\\n\n"; } else { chomp($line); my ($n,$s) = split("=",$line); my $os = $s; $s =~ s/\?/\\?/g; if (defined($db->{$n})) { print $lc.": duplicated virus name found\n"; print "\t[*] C:[$n] F:[".$db->{$n}->{'lc'}."]\n"; &visCmp($n,$s); } else { $db->{$n}->{'lc'}=$lc; $db->{$n}->{'s'}=$s; $db->{$n}->{'os'}=$os; } if (defined($sig->{$s})){ print $lc.": duplicated virus signature found\n"; print "\t[*] C:[$n] O:[".$sig->{$s}->{'name'}."] F:[".$sig->{$s}->{'lc'}."]\n\n"; } else { $sig->{$s}->{'name'}=$n; $sig->{$s}->{'lc'}=$lc; $sig->{$s}->{'os'}=$os; } } } close(DB); }; sub visCmp { my $n = $_[0]; my $s = $_[1]; if ($db->{$n}->{'s'} eq $s) {print "\t[*] both signatures are equal\n";} elsif ($db->{$n}->{'s'} =~ /$s/) { print "\t[*] old signature contains this one\n"; print "\t[i] Length C:[". length($s)."] O:[".length($db->{$n}->{'s'})."]\n"; } elsif ($s =~ /$db->{$n}->{'s'}/) { print "\t[*] this signature contains old one\n"; print "\t[i] Length C:[". length($s)."] O:[".length($db->{$n}->{'s'})."]\n"; } else {print "\t[*] unique signatures\n";} print "\n"; }