Hi,
I'm one of the Google Summer of Code students and I'm working on the ClamAV integration in wine. Today I was discussing an issue with my mentor and he suggested to post it here.
Currently I'm working on a scan-after-write functionality: Whenever a file was changed the virusscanner checks the file.
My plan is to hook in NtWriteFile() (dlls/ntdll/file.c), because whenever a windows program writes to a file this function is called. Within this function the file is accessed using its unix_handle.
The problem is that I need to know the unix filename for clamAV to access the file, but I see no proper way or function to get it as long as I just know the unix_handle or fd.
Possible solutions so far:
1. searching /proc/self/fd/%d for the name. This would be an easy but very ugly solution.
2. maintaining a table mapping unix_handles to filenames from within NtCreateFile(). Hence I don't have the feeling that this is a good solution.
3. storing the unix filename in the wineserver handle object when it's created. This is probably the right place to keep this information but it would require some changes to the wineserver. If I understand it right it is already planned to implement something like this ("lookup_name" in server/object.c)
But maybe I just missed an even better approach. What would you recommend to do? Any comment is appreciated.
Cheers, Chris