Tizen Native API
Public Attributes
TCSDetected_struct Struct Reference

Public Attributes

struct TCSDetected_structpNext
char const * pszName
char const * pszVariant
unsigned int uType
unsigned int uAction
char const * pszFileName

Detailed Description

Detected malicious code/content information structure.

Since :
2.3

Member Data Documentation

Pointer to next malware found, NULL if at the end of list.

Path of the infected file. The pszFileName field report, if not NULL, the complete file path of the infected content. If the scan functions have the ability to scan/analyze inside archives, then the path reported in pszFileName would be composed of multiple paths separated by the '|' character. The first path of the sequence is the real file system path of the currently scanned file, for TCSScanFile(), or empty for TCSScanData(). No assumption should be made on the path name separator used for the archive components of the path (the ones following the first). Only the first component, if not empty, is the real file path of the currently scanned content.

Detected malware name.

Detected malware's variant name. pszName and pszVariant report detected malicious code/content and variant names. The maximum string length for both strings is 64 characters and each is terminated by a null character ('\0') - the maximum buffer size for both strings is 65 bytes.

pszVariant is set to an empty string ("\0") if the detected malware is not a variant.

Bit-field specifying severity, class and behavior level.

Included in the TCSDetected structure is a bit-field variable containing malware severity flags and client application behavior levels.

The scan functions set the TCS_SC_USER flag if the scanned object/data contains malware harmful to the user. TCS_SC_TERMINAL flag is set if the malware is harmful to the terminal itself. Both TCS_SC_USER and TCS_SC_TERMINAL flags are set if the malware is harmful to both the user and the terminal.

The application behavior level specifies what to do with the data/object containing the detected malware.

When multiple behavior level codes are found in a scanned data/object, the calling application would be expected to act with the highest behavior level. For example, if both TCS_BC_LEVEL0 and TCS_BC_LEVEL3 were reported, the application would need to take on TCS_BC_LEVEL3 action.

Detected malware type.

See also:
TCS_VTYPE_MALWARE

Except as noted, this content - excluding the Code Examples - is licensed under Creative Commons Attribution 3.0 and all of the Code Examples contained herein are licensed under BSD-3-Clause.
For details, see the Content License