File::Scan(3) Perl extension for Scanning files for Viruses

SYNOPSIS


use File::Scan;
$fs = File::Scan->new([, OPTION ...]);
$fs->set_callback(
sub {
my $filename = shift;
my $bytes = shift;
...
return("Callback Value");
}
);
$fs->scan([FILE]);
if(my $e = $fs->error) { print "$e\n"; }
if(my $c = $fs->skipped) { print "file skipped ($c)\n"; }
if($fs->suspicious) { print "suspicious file\n"; }
if(my $res = $fs->callback) { print "$res\n"; }

DESCRIPTION

This module is designed to allows users to scan files for known viruses. The purpose is to provide a perl module to make plataform independent virus scanners.

METHODS

new([, OPTION ...])

This method create a new File::Scan object. The following keys are available:
callback => 'subroutine reference'
if the item is set then use a callback subroutine reference to provide extra information and functionalities. The callback subroutine have two arguments: filename and first 1024 bytes read from the file. This only work for binary files.
extension => 'string'
add the specified extension to the infected file
move => 'directory'
move the infected file to the specified directory
copy => 'directory'
copy the infected file to the specified directory
mkdir => octal_number
if the value is set to octal number then make the specified directories (example: mkdir => 0755).
delete => 0 or 1
if the value is set to 1 delete the infected file
max_txt_size => 'size in kbytes'
scan only the text file if the file size is less then max_txt_size. The default value is 5120 kbytes. Set to 0 for no limit.
max_bin_size => 'size in kbytes'
scan only the binary file if the file size is less then max_bin_size. The default value is 10240 kbytes. Set to 0 for no limit.

scan([FILE])

This method scan a file for viruses and return the name of virus if a virus is found.

set_callback([SUBREF])

This method is another way to install a callback subroutine reference. Take a look in callback kay.

skipped()

This method return a code number if the file was skipped and 0 if not. The following skipped codes are available:
0
file not skipped
1
file is not vulnerable
2
file has zero size
3
the size of file is small
4
the text file size is greater that the 'max_txt_size' argument
5
the binary file size is greater that the 'max_bin_size' argument

suspicious()

This method return 1 if the file is suspicious and 0 if not.

callback()

This method return the result from the callback subroutine.

error()

This method return a error message if a error happens.

AUTHOR

Henrique Dias <[email protected]>

CREDITS

Thanks to Rui de Castro, Sergio Castro, Ricardo Oliveira, Antonio Campelo, Branca Silveira, Helena Gomes and Anita Afonso for the help.

Thanks to Fernando Martins for the personal collection of viruses.