MacFormat 1999 April

home *** CD-ROM | disk | FTP | other *** search

/ MacFormat 1999 April / macformat-075.iso / Resources / Anti-virus / AntiGax 1.3 / Source / Antigax.c next >

Wrap

C/C++ Source or Header | 1998-10-10 | 11.7 KB | 588 lines | [TEXT/CWIE]

#include <ICAPI.h> void LogoUpdate(void); void LogoRefresh(char saveco); void RecurseDirectory(short vref, long did); typedef Boolean (*RecurseFunc)(void); Boolean CheckAppDirProc(void); Boolean CheckAppNodeProc(void); Boolean CheckINITNodeProc(void); void WriteAppPath(void); pascal Boolean AlertKludge(DialogPtr theDialog, EventRecord *theEvent, short *itemHit); void DecodeVirus(void); char RepairApp(short rev); Boolean DamagedApp(short rev); void WriteString(short fie, uchar *str); #define ntt 6 uchar *agaxURL="\phttp://www.cse.unsw.edu.au/~s2191331/antigax/antigax.html"; RecurseFunc recurseNodeProc, recurseDirProc; Handle filnh, dirnh, volnh, numh, toth; DialogPtr logo; FSSpec *lantana; Ptr bigstak; Str63 volnm; Str15 nums, tots; OSType targType[ntt]={'APPL','APPE','APPC','cdev','appe','INIT'}; long numo, toto, upi, ufi; short orrez, logef; Boolean hit_but, check_only, lmdco, prevent_moves; void main(void) { ModalFilterUPP alk; StandardFileReply rep; Str255 prognosis; short chx; InitGraf(&thePort); InitFonts(); InitWindows(); InitMenus(); TEInit(); InitDialogs(nil); orrez=CurResFile(); alk=NewModalFilterProc(AlertKludge); bigstak=NewPtr(32768); // we're going to tax the conventional stack enough later... //DecodeVirus(); Rechoice: numo=0; toto=0; upi=0; ufi=0; hit_but=0; lmdco=check_only=0; prevent_moves=0; logef=0; chx=Alert(128,alk); if(chx==1) ExitToShell(); if(chx==5) { ICInstance iccy; long sst, snd; sst=0; snd=agaxURL[0]; ICStart(&iccy,'Agax'); ICFindConfigFile(iccy,0,nil); ICLaunchURL(iccy,nil,(char*)agaxURL+1,snd,&sst,&snd); ICStop(iccy); ExitToShell(); } check_only=lmdco; if(chx==2) // Repair One File { short rrf; StandardGetFile(nil,-1,targType,&rep); // -1 used to be ntt if(rep.sfGood) { rrf=FSpOpenResFile(&rep.sfFile,check_only?fsRdPerm:fsRdWrPerm); if(!rrf || rrf==-1) Alert(129,nil); else { Str255 filebit; short selk; lantana=&rep.sfFile; numo=RepairApp(rrf); if(!numo && DamagedApp(rrf)) numo=2; CloseResFile(rrf); selk=((numo+1)<<1) + (check_only?1:0); GetIndString(prognosis,128,selk + 1); GetIndString(filebit,129,selk + 1); ParamText(lantana->name,prognosis,filebit,nil); Alert(130,nil); } } goto Rechoice; } else if(chx==3) // Repair All Volumes { VCB *queze; StandardPutFile( check_only?"\pLog infected files in:":"\pOptionally log repaired files in:", check_only?"\pInfected file log":"\pRepaired file log", &rep); if(rep.sfGood) { if(rep.sfReplacing) FSpDelete(&rep.sfFile); FSpCreate(&rep.sfFile,'ttxt','TEXT',rep.sfScript); FSpOpenDF(&rep.sfFile,fsWrPerm,&logef); if(!logef || logef==-1) { SysBeep(20); goto Rechoice; } WriteString(logef, check_only?"\pInfected file list:\r":"\pRepaired file list:\r" ); } else { if(check_only) goto Rechoice; // no pt searching if not writing it down! logef=0; } recurseNodeProc=CheckAppNodeProc; recurseDirProc=CheckAppDirProc; ParamText(check_only?"\pinfected":"\prepaired",nil,nil,nil); logo=GetNewDialog(256,nil,(WindowPtr)-1); SetPort(logo); GetDialogItem(logo,2,nil,&volnh,nil); GetDialogItem(logo,3,nil,&dirnh,nil); GetDialogItem(logo,4,nil,&filnh,nil); GetDialogItem(logo,5,nil,&numh,nil); GetDialogItem(logo,6,nil,&toth,nil); ShowWindow(logo); DrawDialog(logo); for(queze=(VCB*)(GetVCBQHdr()->qHead);queze;queze=(VCB*)queze->qLink) { if(check_only) { // Don't bother if it's software or hardware locked if((queze->vcbAtrb&0x8000) || (queze->vcbAtrb&0x0080)) continue; } BlockMoveData(queze->vcbVN,volnm,28); SetDialogItemText(volnh,volnm); SetDialogItemText(dirnh,"\p<root>"); RecurseDirectory(queze->vcbVRefNum,fsRtDirID); if(hit_but) break; } if(logef) { WriteString(logef,"\pEnd of list\r"); FSClose(logef); } NumToString(toto,tots); // numo will always be up-to-date SetDialogItemText(toth,tots); GetDialogItem(logo,7,nil,&toth,nil); SetDialogItemText(toth,hit_but?"\pCancelled - Click to quit":"\pCompleted - Click to quit"); FlushEvents(everyEvent,0); ValidRect(&logo->portRect); for(;;) { EventRecord ev; WaitNextEvent(everyEvent,&ev,60,nil); if(ev.what==updateEvt) LogoUpdate(); if(ev.what==keyDown || ev.what==mouseDown) break; } } else if(chx==4) // Repair System { FSSpec fsp; FindFolder(kOnSystemDisk,kSystemFolderType,false,&fsp.vRefNum,&fsp.parID); BlockMoveData(LMGetSysResName(),fsp.name,32); /* First scan the whole system folder for files of type INIT, ID 33, sig 'JS' */ logo=GetNewDialog(257,nil,(WindowPtr)-1); SetPort(logo); ShowWindow(logo); DrawDialog(logo); recurseNodeProc = CheckINITNodeProc; recurseDirProc = nil; SetCursor(*GetCursor(watchCursor)); RecurseDirectory(fsp.vRefNum,fsp.parID); InitCursor(); DisposeDialog(logo); if(numo) { NumToString(numo,volnm); ParamText(volnm,numo==1?"\p was":"\ps were",nil,nil); Alert(136,nil); ExitToShell(); } else { short srf; prevent_moves = 1; /* Now call 'repair' on the system file itself. */ srf=LMGetSysMap(); UseResFile(srf); numo=RepairApp(srf); if(!numo && DamagedApp(srf)) numo=2; UseResFile(orrez); prevent_moves = 0; GetIndString(prognosis,128,((numo+1)<<1) + (check_only?1:0) + 1); ParamText(prognosis,nil,nil,nil); Alert(135,nil); goto Rechoice; } } } void LogoUpdate(void) { SetPort(logo); BeginUpdate(logo); DrawDialog(logo); EndUpdate(logo); } void LogoRefresh(char saveco) { SetPort(logo); ParamText(saveco?"\pinfected":"\prepaired",nil,nil,nil); DrawDialog(logo); } /* DirProc's return true if the directory should be processed. */ /* AppProc's return true if the file should be processed again. */ void RecurseDirectory(short vref, long did) { HFileInfo tpb; FSSpec tana; short idx, i; if(Button() || hit_but) {hit_but=1; return;} lantana=&tana; tana.vRefNum=vref; tana.parID=did; tpb.ioCompletion=nil; tpb.ioNamePtr=tana.name; tpb.ioVRefNum=tana.vRefNum; for(idx=1;;idx++) { tpb.ioFDirIndex=idx; tpb.ioDirID=tana.parID; PBGetCatInfoSync((CInfoPBRec*)&tpb); if(tpb.ioResult) break; if(tpb.ioFlAttrib&ioDirMask) { if(recurseDirProc && !recurseDirProc()) continue; RecurseDirectory(vref,tpb.ioDirID); lantana=&tana; continue; } /* If the resource fork is already open it's probably us - and even if it isn't we should be fiddling with running applications */ if(tpb.ioFlAttrib&0x04) continue; for(i=0;i<ntt;i++) if(tpb.ioFlFndrInfo.fdType==targType[i]) break; if(i<ntt) { if(recurseNodeProc()) idx--; } } } Boolean CheckAppDirProc(void) { if(!(upi&0xF)) { EventRecord ev; SetDialogItemText(dirnh,lantana->name); GetNextEvent(everyEvent,&ev); if(ev.what==updateEvt) LogoUpdate(); // other events are ignored } upi++; return true; } Boolean CheckAppNodeProc(void) { short rrf; char saveco, reso; saveco=check_only; rrf=FSpOpenResFile(lantana,fsRdWrPerm); if(!rrf || rrf==-1) { rrf=FSpOpenResFile(lantana,fsRdPerm); if(!rrf || rrf==-1) return false; // file is locked check_only=1; } reso=RepairApp(rrf); if(!reso && DamagedApp(rrf)) reso=2; CloseResFile(rrf); if(reso==-1) { ParamText(lantana->name,nil,nil,nil); Alert(131,nil); if(logef) { WriteString(logef,"\p• Following file is irretrievably infected: "); WriteAppPath(); } LogoRefresh(saveco); } else if(reso==1) { if(!saveco && check_only) // wanted to repair but file locked { ParamText(lantana->name,nil,nil,nil); Alert(132,nil); if(logef) WriteString(logef,"\p• Following file is infected but was not repaired: "); } SetDialogItemText(filnh,lantana->name); ufi=0; numo++; if(logef) WriteAppPath(); LogoRefresh(saveco); } else if(reso==2) { uchar *mipe; if(saveco) mipe="\p"; else if(check_only) mipe="\p, but was not renamed as it is locked"; else mipe="\p, and has had '.bad' appended to its name"; ParamText(lantana->name,mipe,nil,nil); Alert(133,nil); if(logef) { WriteString(logef,"\p• Following file is irretrievably damaged: "); WriteAppPath(); } LogoRefresh(saveco); } /* else { // Well, the file is either clean or we got an unknown result code... } */ toto++; check_only=saveco; if(!(ufi&0xF)) { NumToString(numo,nums); SetDialogItemText(numh,nums); NumToString(toto,tots); SetDialogItemText(toth,tots); } ufi++; return false; } // Open lantana, and make sure it ain't got no nasty INIT 33 in it Boolean CheckINITNodeProc(void) { Handle nasty; FSSpec trashme; OSErr lerr; short rrf; Boolean baddie; rrf=FSpOpenResFile(lantana,fsRdPerm); // check_only doesn't worry us here if(!rrf || rrf==-1) return false; nasty=Get1Resource('INIT',33); baddie = ( nasty && ((short*)(*nasty))[4] == 'JS' ); CloseResFile(rrf); if(!baddie) return false; lerr=-1; if(!check_only) { FindFolder(lantana->vRefNum,kTrashFolderType,true,&trashme.vRefNum,&trashme.parID); // CatMove is an H function (like HOpen, etc.), and it's used here because // it's easier than finding out the ID of the trash folder's parent. // (Not always root ... on network vols it's a different hidden folder) lerr=CatMove(lantana->vRefNum,lantana->parID,lantana->name,trashme.parID,"\p:"); } InitCursor(); ParamText(lantana->name,(check_only || lerr)? "\pYou should delete it before you do anything else.": "\pIt has been moved to the trash.", nil,nil); Alert(134,nil); SetCursor(*GetCursor(watchCursor)); numo++; return (lerr==0); // process index again if we moved the file out so we don't miss one } /* Writes lantana's path to logef */ void WriteAppPath(void) { HFileInfo tpb; Str63 dina; long *bsp; tpb.ioCompletion=nil; tpb.ioVRefNum=lantana->vRefNum; tpb.ioNamePtr=dina; tpb.ioFDirIndex=-1; bsp=(long*)bigstak; // 8000-deep folders? no problem :-) *bsp=lantana->parID; while(*bsp!=fsRtDirID) { tpb.ioDirID=*bsp; PBGetCatInfoSync((CInfoPBRec*)&tpb); if(tpb.ioResult) break; *(++bsp)=tpb.ioFlParID; } // It's too late tonight to figure out how to construct the pathname // backwards in the buffer. And this bit doesn't need to be fast. WriteString(logef,volnm); WriteString(logef,"\p:"); for(bsp--;bsp>=(long*)bigstak;bsp--) { tpb.ioDirID=*bsp; PBGetCatInfoSync((CInfoPBRec*)&tpb); WriteString(logef,dina); WriteString(logef,"\p:"); } WriteString(logef,lantana->name); WriteString(logef,"\p\r"); } /* Yes, I know, I should've made it a dialog or put in more buttons or something */ pascal Boolean AlertKludge(DialogPtr theDialog, EventRecord *theEvent, short *itemHit) { ControlHandle abh, bbh, cbh; KeyMap kk; Boolean tobecheck; GetKeys(kk); tobecheck = (kk[1]&0x8000)?1:0; if(theEvent->what==keyDown && (theEvent->message&charCodeMask)==13) { GetDialogItem(theDialog,1,nil,(Handle*)&abh,nil); HiliteControl(abh,1); Delay(8,nil); HiliteControl(abh,0); *itemHit=1; return true; } if(theEvent->what==mouseDown) lmdco=check_only; if(tobecheck==check_only) return false; GetDialogItem(theDialog,2,nil,(Handle*)&abh,nil); GetDialogItem(theDialog,3,nil,(Handle*)&bbh,nil); GetDialogItem(theDialog,4,nil,(Handle*)&cbh,nil); if(check_only=tobecheck) // intentional single equal-sign! { SetControlTitle(abh,"\pExamine One File…"); SetControlTitle(bbh,"\pExamine All Volumes"); SetControlTitle(cbh,"\pExamine System"); } else { SetControlTitle(abh,"\pRepair One File…"); SetControlTitle(bbh,"\pRepair All Volumes"); SetControlTitle(cbh,"\pRepair System"); } if(theEvent->what==mouseDown) lmdco=check_only; return false; } void DecodeVirus(void) { StandardFileReply rep; Handle org, dst; short rrf, i; StandardGetFile(nil,-1,nil,&rep); if(!rep.sfGood) ExitToShell(); rrf=FSpOpenResFile(&rep.sfFile,fsRdWrPerm); org=Get1Resource('INIT',33); HLock(org); dst=NewHandle(GetHandleSize(org)); HLock(dst); BlockMoveData(*org,*dst,GetHandleSize(org)); for(i=0x0A;i<0x6EE+0x0A;i++) (*dst)[i]^=0xCC; HUnlock(dst); HUnlock(org); AddResource(dst,'INIT',0,nil); CloseResFile(rrf); }