[Clamav-devel] enabling DMG and XAR support

Joel Esler (jesler) jesler at cisco.com
Sun Mar 23 17:17:16 EDT 2014


Then I am sure the developers would be glad to help figure out the problem and fix it.  

--
Joel Esler
Sent from my iPhone

> On Mar 22, 2014, at 13:32, "Dale Walsh" <dale at daleenterprise.com> wrote:
> 
> 0.98.1 DMG does not work.
> 
> -- Dale
> 
> 
> 
>> On Mar 21, 2014, at 09:16 AM, Joel Esler (jesler) wrote:
>> 
>> DMG support was just added in the last version of ClamAV.  How long ago did you do this testing?
>> 
>> 
>>> On Mar 20, 2014, at 8:22 PM, Dale Walsh <dale at daleenterprise.com> wrote:
>>> 
>>> You did miss it but it's a two headed nail.
>>> 
>>> PDF, DMG, XAR and RAR have had issues not recognizing the test viruses to name just a couple that spring to mind that we've had trouble with and this all started happening when the clang and crap entered the picture.
>>> 
>>> I've worked with the developers in the past, once the build environment dependancies changed and I was told I had to upgrade my OS and build tools is when it was no longer possible to resolve these issues as the update solely for the purpose of building ClamAV is not an option and I shouldn't be forced to use someone else's built tool preferences just because they have the luxury of updating on a whim or purely for bragging rights.
>>> 
>>> It does not matter if my OS is dated, security patches are applied to the build tools as they become available and this seems to satisfy all other software that build from source except ClamAV.
>>> 
>>> Having everything build with GCC 4.0 would allow me/us to re-deploy ClamAV and contribute to the code base again (I have in the past) but the chances of this are slim to non from what I recall because my OS and build tools are dated and listening to rants about ancient and deprecated is nothing more than someone spewing stupidity.
>>> 
>>> The fact that I ensure all bugs and updates to the build tools are fixed/added allows me to keep everything in harmony and there is no reason to update anything to build a single software package when all other software sources seem to be content with the existing build environment.
>>> 
>>> If you wish to go off-list to continue the discussion I have no objections.
>>> 
>>> 
>>> -- Dale
>>> 
>>> 
>>> 
>>>> On Mar 20, 2014, at 16:35 PM, Joel Esler (jesler) wrote:
>>>> 
>>>> Dale,
>>>> 
>>>> Thanks for your email.  I’m not sure exactly what you are referring to.  Maybe I am missing a connection here or something, but the discussion was around scanning DMG and XAR, which I think, if there’s a issue with, we’d be more than happy to work with anyone to try and square away.
>>>> 
>>>> You seem to be discussing a build issue, and you say that it’s a waste of time.  When did you get the impression that working with the developers was a waste of time?  If we’re not communicating well enough, we can fix that.  But I think the team is doing a good job of that judging by the amount of complaints I have received since we took over the project from the old ClamAV team.
>>>> 
>>>> Please let me know if we need to take this offline and discuss or anything I can do to help.
>>>> 
>>>> --
>>>> Joel Esler
>>>> Open Source Manager
>>>> Threat Intelligence Team Lead
>>>> Vulnerability Research Team
>>>> 
>>>> On Mar 20, 2014, at 3:55 PM, Dale Walsh <dale at daleenterprise.com<mailto:dale at daleenterprise.com>> wrote:
>>>> 
>>>> Mark, this has been an issue for many versions along with a slew of others things not working as expected.
>>>> 
>>>> As much as I liked ClamAV, we've abandoned it as a mail solution shortly after things stopped working correctly and they changed the required build tools so you can no longer build it with GCC 3.3/4.0/4.1/4.2 and have a fully functional app.
>>>> 
>>>> Yes there are flags to get it to build but certain modules and features don't build and making an incomplete and partially functional binary isn't appealing.
>>>> 
>>>> Advice on updating build tools is a waste of time as there is no reason to update the build tools just to build ClamAV as it's the only one that has this ridiculous built-tool requirement and only an idiot would tell me to update.
>>>> 
>>>> My thoughts on this is simple, if it doesn't build with the basic GNU GCC compiler tools then it's seriously flawed and needs these other tools to overcome the short-comings of poorly written/implemented code.
>>>> 
>>>> When I say build, I mean build with full functionality so don't go off the deep-end stating it builds, partial functionality may be acceptable to you bhut it isn't to me.
>>>> 
>>>> At this time, for personal use, I use the source code but repackage the build environment to work with what I have and I'm comfortable with submitting corrections and patches, too much focus and complaints on my build tools so why waste my time.
>>>> 
>>>> -- Dale
>>>> 
>>>> On Mar 19, 2014, at 11:34 AM, Rafael Ferreira wrote:
>>>> 
>>>> Interesting... let me run some tests and get back to you.
>>>> 
>>>> On Mar 19, 2014, at 8:33 AM, Mark Allan <markjallan at gmail.com<mailto:markjallan at gmail.com>> wrote:
>>>> 
>>>> Just out of interest, did you test to see if it *actually* worked?
>>>> 
>>>> My configure output shows that dmg and xar are supported, but it doesn't actually detect the Eicar test file within a disk image.
>>>> 
>>>> configure: Summary of engine detection features
>>>>           autoit_ea06 : yes
>>>>           bzip2       : ok
>>>>           zlib        : /usr
>>>>           unrar       : yes
>>>>           dmg and xar : yes, from /usr
>>>> 
>>>> When I create a new disk image, copy the Eicar test file in, and scan the dmg, it shows up as being clean.
>>>> 
>>>> clamscan test.dmg
>>>> test.dmg: OK
>>>> 
>>>> ----------- SCAN SUMMARY -----------
>>>> Known viruses: 3259558
>>>> Engine version: 0.98.1
>>>> Scanned directories: 0
>>>> Scanned files: 1
>>>> Infected files: 0
>>>> Data scanned: 10.07 MB
>>>> Data read: 10.02 MB (ratio 1.01:1)
>>>> Time: 4.845 sec (0 m 4 s)
>>>> 
>>>> Does this work as expected for anyone else?
>>>> 
>>>> Mark
>>>> 
>>>> On 10 Feb 2014, at 23:38, Rafael Ferreira <raf at uvasoftware.com<mailto:raf at uvasoftware.com>> wrote:
>>>> 
>>>> That worked, thanks!
>>>> 
>>>> On February 10, 2014 at 4:29:41 PM, Steven Morgan (smorgan at sourcefire.com<mailto:smorgan at sourcefire.com>) wrote:
>>>> 
>>>> Rafael,
>>>> 
>>>> Probably all you need to do install libxml&libxml2-dev, which is used by
>>>> dmg and xar, then do your configure/make.
>>>> 
>>>> Steve
>>>> 
>>>> 
>>>> On Mon, Feb 10, 2014 at 6:05 PM, Rafael Ferreira <raf at uvasoftware.com<mailto:raf at uvasoftware.com>>wrote:
>>>> 
>>>> 
>>>> Folks,
>>>> 
>>>> I'm compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and I'm not
>>>> getting the new super awesome DMG and XAR file support:
>>>> 
>>>> configure: Summary of detected features follows
>>>> OS : linux-gnu
>>>> pthreads : yes (-lpthread)
>>>> configure: Summary of miscellaneous features
>>>> check : no (auto)
>>>> fanotify : yes
>>>> fdpassing : 1
>>>> IPv6 : yes
>>>> configure: Summary of optional tools
>>>> clamdtop : (auto)
>>>> milter : yes (disabled)
>>>> configure: Summary of engine performance features)
>>>> release mode: yes
>>>> jit : yes (auto)
>>>> mempool : yes
>>>> configure: Summary of engine detection features
>>>> autoit_ea06 : yes
>>>> bzip2 : ok
>>>> zlib : /usr
>>>> unrar : yes
>>>> dmg and xar : no
>>>> 
>>>> Am I missing a configure flag or third party library?
>>>> 
>>>> Thanks in advance,
>>>> 
>>>> - Rafael
>>>> 
>>>> ----
>>>> scanii.com<http://scanii.com> - the web friendly malware scanner!
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>> 
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>> 
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>> 
>>>> 
>>>> 
>>>> 
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>> 
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>> 
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>> 
>> _______________________________________________
>> http://lurker.clamav.net/list/clamav-devel.html
>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
> 
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2322 bytes
Desc: not available
URL: <http://lists.clamav.net/pipermail/clamav-devel/attachments/20140323/fcd23f6d/attachment.bin>


More information about the clamav-devel mailing list