Checking memory regions
Prev Chapter 2. Programming with libkavclient Next

Checking memory regions

Sometimes you need to check for viruses a region of memory rather then a disk file. Use the kav_check_mem function for this. The function is declared as follows:

int kav_check_mem(kav_ctx ctx, void *mem, size_t size);

The kav_check_mem function directs KAVDaemon to check the region of memory starting at address mem of size bytes for viruses. The session context ctx identifies the libkavclient session. The results of the check are recorded in the context. Use the functions decribed in the section called “Interpreting check results” to interpret the check results.

If kav_check_mem succeeds, it returns 0. In case of failire, it returns -1. In the latter case, use the kav_get_error function to find out what went wrong. Similar to kav_check_file, a call to kav_check_mem is considered successful if the function successfully contacted KAVDaemon and got a reply from it. It has nothing to do with whether viruses were found or not. To find our that, use the function described in the section called “Interpreting check results” to examine ctx.

The libkavclient error codes that kav_check_mem can set are as follows.

KAV_ERROR_SOCKET

The system failed to create a socket. Examine the system errno value to find out why. This is a rare error, and if you see it, something is wrong with your system.

KAV_ERROR_CONNECT

Connection to KAVDaemon failed. Examine the system errno value to find out why. The most likely reason for this error is that KAVDaemon is not running, or the path to KAVDaemon socket (as set by kav_set_socketpath) is incorrect (in that case errno will be set to ENOENT).

KAV_ERROR_CHECK_IN_PROGRESS

A check is already in progress in the given session context. This can only happen in a multi-threaded application when two threads call one of the checking functions in the same context concurrently.

KAV_ERROR_WRITE

An error occured while sending the request ro KAVDaemon. Check the system errno value to find out what kind of error.

KAV_ERROR_WAIT_TO_READ

The request to KAVDaemon was succesfully sent, but some error occurred while waiting for reply. Check the system errno value to find out what kind of error. Note that libkavclient waits for reply using the system select function.

KAV_ERROR_READ_TIMEOUT

The request to KAVDaemon was succesfully sent, but no response was received from KAVDaemon. The amount of time that libkavclient waits before returning this error can be set by the kav_set_timeout function, and by default is 5 seconds.

KAV_ERROR_READ

libkavclient started reading the reply from KAVDaemon, but some error occurred while reading. Check the system errno value to find out what kind of error.

KAV_ERROR_BAD_KEYFILE

KAVDaemon was successfully contacted, but it failed to perform the requested check because it didn't find a valid key file. This means that you don't have a valid license to use KAVDaemon (remember, KAVDaemon is commercial software!). You should contact Kaspersky Lab.

KAV_ERROR_BASES_NOT_FOUND

KAVDaemon was successfully contacted, but it failed to perform the requested check because it couldn't find its virus definition bases. Either something is wrong with your KAVDaemon configuration, or you need to run kavupdater to download the virus definition bases.

KAV_ERROR_INTEGRITY_VIOLATED

KAVDaemon was successfully contacted, but it failed to perform the requested check because it detected internal integrity violation. Most probably this means that your KAVDaemon binary is corrupt. You need to reinstall it.

KAV_ERROR_CANT_GET_KEY

This error means that the system function ftok failed. If you encounter this error when calling kav_check_mem , you have either run into a bug in libkavclient or your system is severely out of memory. Check the system errno value for additional information on why ftok failed.

KAV_ERROR_CANT_CREATE_KEYFILE

For some reason, libkavclient failed to create a temporary file, which is necessary to check memory regions. Examine the system errno value to find out why. If you encounter this error, you probably have run into a bug in libkavclient, or something is wrong with your system, such as /tmp directory is not writable.

KAV_ERROR_CANT_GET_SHMEM

This error means that libkavclient failed to allocate a necessary amount of shared memory, which it needs to pass memory regions to KAVDaemon for checking. More technically, the system function shmget failed. Examine system errno value to find out why.

KAV_ERROR_CANT_ATTACH_SHMEM

This error means that libkavclient failed to attach to the shared memory segment it allocated in order to pass it to KAVDaemon for checking. More technically, the system function shmat failed. Examine system errno value to find out why. It must be either a bug in libkavclient, or your system is severely out of memory.

KAV_ERROR_MALLOC_FAILURE

Your system failed to allocate memory for libkavclient. Most probably you are out of memory.

Prev Up Next
Checking multiple files and specifying options Home Advanced functions for memory checking