search

Cisco-Talos / clamav

ClamAV - Documentation is here: https://docs.clamav.net
https://www.clamav.net/
GNU General Public License v2.0
4.43k stars 706 forks source link

Clam 2498 make image fuzzy hashing optional; Clam 2532 --force-to-disk missing documentation #1186

Closed micahsnyder closed 8 months ago

micahsnyder commented 8 months ago

Image fuzzy hashing is enabled by default. The following options have been added to allow users to disable it, if desired.

New clamscan options:

  --scan-image[=yes(*)/no]

  --scan-image-fuzzy-hash[=yes(*)/no]

New clamd config options:

  ScanImage yes(*)/no

  ScanImageFuzzyHash yes(*)/no

New libclamav scan options:

  options.parse &= ~CL_SCAN_PARSE_IMAGE;

  options.parse &= ~CL_SCAN_PARSE_IMAGE_FUZZY_HASH;

This commit also changes scan behavior to disable image fuzzy hashing for specific types when the DCONF (.cfg) signatures disable those types. That is, if DCONF disables the PNG parser, it should not only disable the CVE/format checker for PNG files, but also disable image fuzzy hashing for PNG files.

Also adds a DCONF option to disable image fuzzy hashing: OTHER_CONF_IMAGE_FUZZY_HASH

DCONF allows scanning features to be disabled using a configuration "signature".

This PR also adds --force-to-disk option missing from the clamscan --help and clamscan manpage documentation.

ragusaa commented 8 months ago

verified that force-to-disk is there.