Hi, I am doing project on clamAV . I have chosen from
http://wiki.clamav.net/bin/view/Main/GoogleSummerOfCode2011 4. DOCX Add support for parsing docx based MS Office files. Main purpose is extracting embedded files. You will need to parse the XML, locate the embedded data, then decode(base64/OLE?) / and decompress (deflate?) it. So I did analysis of how clamAV currently scanning a .DOCX file . From my understanding it treats as a ZIP file and extracts to a temporary folder, and scanning each xml file and inserted media files such pictures,video etc.(If I am not correct, kindly explain me). After that, I tried embedding a EICAR test virus in a picture file by using Steghide tool. Then I scanned that picture file ,but clamav didnt recognize it. Reason may be steghide encrypts the virus file. So I like to know following things, 1. Why clamav didnt recognize encrypted virus? 2.Anyone help me to start my project?(Still now I gone through the source code using gdb, so I have little knowledge about code) Awaiting for response. Regards, Infant Deepak. _______________________________________________ http://lurker.clamav.net/list/clamav-devel.html Please submit your patches to our Bugzilla: http://bugs.clamav.net
