CLAMBC

NAME

clambc - Bytecode Analysis and Testing Tool

SYNOPSIS

clambc <file> [function] [param1 ...]

DESCRIPTION

Bytecode signatures are a platform independent executable plugin format that extend ClamAV’s malware detection capabilities. This tool is provided for signature authors and ClamAV developers to test bytecode signatures and bytecode runtime performance. **Caution**: You should NEVER run bytecode signatures from untrusted sources. Doing so may result in arbitrary code execution.

OPTIONS

--help -h

Show help.

--version -V

Show version

--debug

Show debug.

--force-interpreter -f

Force using the interpreter instead of the JIT.

--trust-bytecode -t

Trust loaded bytecode (default yes).

--info -i

Print information about bytecode.

--printsrc -p

Print bytecode source.

--printbcir -c

Print IR of bytecode signature.

--input -r

Input file to run the bytecode on.

--trace <level> -T

Set bytecode trace level 0..7 (default 7).

--no-trace-showsource

Don’t show source line during tracing.

--statistics=bytecode

Collect and print bytecode execution statistics.

file

File to test.

CREDITS

Please check the full documentation for credits.

AUTHOR

Tomasz Kojm <tkojm@clamav.net>, Kevin Lin <klin@sourcefire.com>

SEE ALSO

clamscan(1), sigtool(1)