C code. Compile gcc <filename>.c -o run -lclamav -lyara
Problems:
- Scanner sometime doesn't run. Possibly threading problem of scan engine
- Zip file interrupts when first file is matched as malware. It is possibly to bypass other files in archive file. We can solve it by change CL_VIRUS to CL_CLEAN in scan callback.
- No method to get file_path (full file path) yet
#include "clamav.h"
#include "yara.h"
#include <stdio.h>
#include <unistd.h>