[Clamav-devel] enabling DMG and XAR support

Dale Walsh dale at daleenterprise.com
Thu Mar 20 20:22:26 EDT 2014


You did miss it but it's a two headed nail.

PDF, DMG, XAR and RAR have had issues not recognizing the test  
viruses to name just a couple that spring to mind that we've had  
trouble with and this all started happening when the clang and crap  
entered the picture.

I've worked with the developers in the past, once the build  
environment dependancies changed and I was told I had to upgrade my  
OS and build tools is when it was no longer possible to resolve these  
issues as the update solely for the purpose of building ClamAV is not  
an option and I shouldn't be forced to use someone else's built tool  
preferences just because they have the luxury of updating on a whim  
or purely for bragging rights.

It does not matter if my OS is dated, security patches are applied to  
the build tools as they become available and this seems to satisfy  
all other software that build from source except ClamAV.

Having everything build with GCC 4.0 would allow me/us to re-deploy  
ClamAV and contribute to the code base again (I have in the past) but  
the chances of this are slim to non from what I recall because my OS  
and build tools are dated and listening to rants about ancient and  
deprecated is nothing more than someone spewing stupidity.

The fact that I ensure all bugs and updates to the build tools are  
fixed/added allows me to keep everything in harmony and there is no  
reason to update anything to build a single software package when all  
other software sources seem to be content with the existing build  
environment.

If you wish to go off-list to continue the discussion I have no  
objections.


-- Dale



On Mar 20, 2014, at 16:35 PM, Joel Esler (jesler) wrote:

> Dale,
>
> Thanks for your email.  I’m not sure exactly what you are referring  
> to.  Maybe I am missing a connection here or something, but the  
> discussion was around scanning DMG and XAR, which I think, if  
> there’s a issue with, we’d be more than happy to work with anyone  
> to try and square away.
>
> You seem to be discussing a build issue, and you say that it’s a  
> waste of time.  When did you get the impression that working with  
> the developers was a waste of time?  If we’re not communicating  
> well enough, we can fix that.  But I think the team is doing a good  
> job of that judging by the amount of complaints I have received  
> since we took over the project from the old ClamAV team.
>
> Please let me know if we need to take this offline and discuss or  
> anything I can do to help.
>
> --
> Joel Esler
> Open Source Manager
> Threat Intelligence Team Lead
> Vulnerability Research Team
>
> On Mar 20, 2014, at 3:55 PM, Dale Walsh  
> <dale at daleenterprise.com<mailto:dale at daleenterprise.com>> wrote:
>
> Mark, this has been an issue for many versions along with a slew of  
> others things not working as expected.
>
> As much as I liked ClamAV, we've abandoned it as a mail solution  
> shortly after things stopped working correctly and they changed the  
> required build tools so you can no longer build it with GCC  
> 3.3/4.0/4.1/4.2 and have a fully functional app.
>
> Yes there are flags to get it to build but certain modules and  
> features don't build and making an incomplete and partially  
> functional binary isn't appealing.
>
> Advice on updating build tools is a waste of time as there is no  
> reason to update the build tools just to build ClamAV as it's the  
> only one that has this ridiculous built-tool requirement and only  
> an idiot would tell me to update.
>
> My thoughts on this is simple, if it doesn't build with the basic  
> GNU GCC compiler tools then it's seriously flawed and needs these  
> other tools to overcome the short-comings of poorly written/ 
> implemented code.
>
> When I say build, I mean build with full functionality so don't go  
> off the deep-end stating it builds, partial functionality may be  
> acceptable to you bhut it isn't to me.
>
> At this time, for personal use, I use the source code but repackage  
> the build environment to work with what I have and I'm comfortable  
> with submitting corrections and patches, too much focus and  
> complaints on my build tools so why waste my time.
>
> -- Dale
>
> On Mar 19, 2014, at 11:34 AM, Rafael Ferreira wrote:
>
> Interesting... let me run some tests and get back to you.
>
> On Mar 19, 2014, at 8:33 AM, Mark Allan  
> <markjallan at gmail.com<mailto:markjallan at gmail.com>> wrote:
>
> Just out of interest, did you test to see if it *actually* worked?
>
> My configure output shows that dmg and xar are supported, but it  
> doesn't actually detect the Eicar test file within a disk image.
>
> configure: Summary of engine detection features
>             autoit_ea06 : yes
>             bzip2       : ok
>             zlib        : /usr
>             unrar       : yes
>             dmg and xar : yes, from /usr
>
> When I create a new disk image, copy the Eicar test file in, and  
> scan the dmg, it shows up as being clean.
>
> clamscan test.dmg
> test.dmg: OK
>
> ----------- SCAN SUMMARY -----------
> Known viruses: 3259558
> Engine version: 0.98.1
> Scanned directories: 0
> Scanned files: 1
> Infected files: 0
> Data scanned: 10.07 MB
> Data read: 10.02 MB (ratio 1.01:1)
> Time: 4.845 sec (0 m 4 s)
>
> Does this work as expected for anyone else?
>
> Mark
>
> On 10 Feb 2014, at 23:38, Rafael Ferreira  
> <raf at uvasoftware.com<mailto:raf at uvasoftware.com>> wrote:
>
> That worked, thanks!
>
> On February 10, 2014 at 4:29:41 PM, Steven Morgan  
> (smorgan at sourcefire.com<mailto:smorgan at sourcefire.com>) wrote:
>
> Rafael,
>
> Probably all you need to do install libxml&libxml2-dev, which is  
> used by
> dmg and xar, then do your configure/make.
>
> Steve
>
>
> On Mon, Feb 10, 2014 at 6:05 PM, Rafael Ferreira  
> <raf at uvasoftware.com<mailto:raf at uvasoftware.com>>wrote:
>
>
> Folks,
>
> I'm compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and I'm not
> getting the new super awesome DMG and XAR file support:
>
> configure: Summary of detected features follows
> OS : linux-gnu
> pthreads : yes (-lpthread)
> configure: Summary of miscellaneous features
> check : no (auto)
> fanotify : yes
> fdpassing : 1
> IPv6 : yes
> configure: Summary of optional tools
> clamdtop : (auto)
> milter : yes (disabled)
> configure: Summary of engine performance features)
> release mode: yes
> jit : yes (auto)
> mempool : yes
> configure: Summary of engine detection features
> autoit_ea06 : yes
> bzip2 : ok
> zlib : /usr
> unrar : yes
> dmg and xar : no
>
> Am I missing a configure flag or third party library?
>
> Thanks in advance,
>
> - Rafael
>
> ----
> scanii.com<http://scanii.com> - the web friendly malware scanner!
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
>
>
>
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
>



More information about the clamav-devel mailing list