[Clamav-devel] enabling DMG and XAR support

Brandon Perry bperry.volatile at gmail.com
Mon Mar 24 18:36:57 EDT 2014


Looks like fedora 3 and 4 shipped with 4.0.


On 03/24/2014 05:33 PM, Shawn Webb wrote:
> On what up-to-date OSs can I find gcc 4.0 in active use? I'll briefly try
> to recreate the problem in my spare time for you.
>
>
> On Mon, Mar 24, 2014 at 6:22 PM, Dale Walsh <dale at daleenterprise.com> wrote:
>
>> When it builds completely under GCC 4.0, I would be more than happy to
>> offer detailed debugging information and dumps that would be beneficial to
>> the project but as it stands, a bug report at bugzilla.clamav.net isn't
>> anything I would consider wasting my time on but you are more than welcome
>> to file the report yourself.
>>
>> It makes no sense for me to file a report as I may use the source files
>> but nothing else, I repackage it so I can build it and rather than listen
>> to stupidity about my method of building being the root of the problem,
>> informing you like other have should be sufficient to warrant an in-depth
>> investigation into the matter.
>>
>> -- Dale
>>
>>
>>
>>
>> On Mar 24, 2014, at 17:32 PM, Steven Morgan wrote:
>>
>>  Yes, a dmg issue and an xar issue were mentioned. If the issue(s) remain,
>>> please open a bug at bugzilla.clamav.net or send some files or --debug
>>> output.
>>>
>>>
>>> On Sun, Mar 23, 2014 at 5:17 PM, Joel Esler (jesler) <jesler at cisco.com
>>>> wrote:
>>>  Then I am sure the developers would be glad to help figure out the
>>>> problem
>>>> and fix it.
>>>>
>>>> --
>>>> Joel Esler
>>>> Sent from my iPhone
>>>>
>>>>  On Mar 22, 2014, at 13:32, "Dale Walsh" <dale at daleenterprise.com>
>>>>> wrote:
>>>>>
>>>>> 0.98.1 DMG does not work.
>>>>>
>>>>> -- Dale
>>>>>
>>>>>
>>>>>
>>>>>  On Mar 21, 2014, at 09:16 AM, Joel Esler (jesler) wrote:
>>>>>> DMG support was just added in the last version of ClamAV.  How long ago
>>>>>>
>>>>> did you do this testing?
>>>>>>  On Mar 20, 2014, at 8:22 PM, Dale Walsh <dale at daleenterprise.com>
>>>>>> wrote:
>>>>>>> You did miss it but it's a two headed nail.
>>>>>>>
>>>>>>> PDF, DMG, XAR and RAR have had issues not recognizing the test viruses
>>>>>>>
>>>>>> to name just a couple that spring to mind that we've had trouble with
>>>> and
>>>> this all started happening when the clang and crap entered the picture.
>>>>
>>>>>>> I've worked with the developers in the past, once the build
>>>>>>>
>>>>>> environment dependancies changed and I was told I had to upgrade my OS
>>>> and
>>>> build tools is when it was no longer possible to resolve these issues as
>>>> the update solely for the purpose of building ClamAV is not an option
>>>> and I
>>>> shouldn't be forced to use someone else's built tool preferences just
>>>> because they have the luxury of updating on a whim or purely for bragging
>>>> rights.
>>>>
>>>>>>> It does not matter if my OS is dated, security patches are applied to
>>>>>>>
>>>>>> the build tools as they become available and this seems to satisfy all
>>>> other software that build from source except ClamAV.
>>>>
>>>>>>> Having everything build with GCC 4.0 would allow me/us to re-deploy
>>>>>>>
>>>>>> ClamAV and contribute to the code base again (I have in the past) but
>>>> the
>>>> chances of this are slim to non from what I recall because my OS and
>>>> build
>>>> tools are dated and listening to rants about ancient and deprecated is
>>>> nothing more than someone spewing stupidity.
>>>>
>>>>>>> The fact that I ensure all bugs and updates to the build tools are
>>>>>>>
>>>>>> fixed/added allows me to keep everything in harmony and there is no
>>>> reason
>>>> to update anything to build a single software package when all other
>>>> software sources seem to be content with the existing build environment.
>>>>
>>>>>>> If you wish to go off-list to continue the discussion I have no
>>>>>>>
>>>>>> objections.
>>>>>>> -- Dale
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>  On Mar 20, 2014, at 16:35 PM, Joel Esler (jesler) wrote:
>>>>>>>> Dale,
>>>>>>>>
>>>>>>>> Thanks for your email.  I'm not sure exactly what you are referring
>>>>>>>>
>>>>>>> to.  Maybe I am missing a connection here or something, but the
>>>> discussion
>>>> was around scanning DMG and XAR, which I think, if there's a issue with,
>>>> we'd be more than happy to work with anyone to try and square away.
>>>>
>>>>>>>> You seem to be discussing a build issue, and you say that it's a
>>>>>>>>
>>>>>>> waste of time.  When did you get the impression that working with the
>>>> developers was a waste of time?  If we're not communicating well enough,
>>>> we
>>>> can fix that.  But I think the team is doing a good job of that judging
>>>> by
>>>> the amount of complaints I have received since we took over the project
>>>> from the old ClamAV team.
>>>>
>>>>>>>> Please let me know if we need to take this offline and discuss or
>>>>>>>>
>>>>>>> anything I can do to help.
>>>>>>>> --
>>>>>>>> Joel Esler
>>>>>>>> Open Source Manager
>>>>>>>> Threat Intelligence Team Lead
>>>>>>>> Vulnerability Research Team
>>>>>>>>
>>>>>>>> On Mar 20, 2014, at 3:55 PM, Dale Walsh <dale at daleenterprise.com
>>>>>>>>
>>>>>>> <mailto:dale at daleenterprise.com>> wrote:
>>>>>>>> Mark, this has been an issue for many versions along with a slew of
>>>>>>>>
>>>>>>> others things not working as expected.
>>>>>>>> As much as I liked ClamAV, we've abandoned it as a mail solution
>>>>>>>>
>>>>>>> shortly after things stopped working correctly and they changed the
>>>> required build tools so you can no longer build it with GCC
>>>> 3.3/4.0/4.1/4.2
>>>> and have a fully functional app.
>>>>
>>>>>>>> Yes there are flags to get it to build but certain modules and
>>>>>>>>
>>>>>>> features don't build and making an incomplete and partially functional
>>>> binary isn't appealing.
>>>>
>>>>>>>> Advice on updating build tools is a waste of time as there is no
>>>>>>>>
>>>>>>> reason to update the build tools just to build ClamAV as it's the
>>>> only one
>>>> that has this ridiculous built-tool requirement and only an idiot would
>>>> tell me to update.
>>>>
>>>>>>>> My thoughts on this is simple, if it doesn't build with the basic GNU
>>>>>>>>
>>>>>>> GCC compiler tools then it's seriously flawed and needs these other
>>>> tools
>>>> to overcome the short-comings of poorly written/implemented code.
>>>>
>>>>>>>> When I say build, I mean build with full functionality so don't go
>>>>>>>>
>>>>>>> off the deep-end stating it builds, partial functionality may be
>>>> acceptable
>>>> to you bhut it isn't to me.
>>>>
>>>>>>>> At this time, for personal use, I use the source code but repackage
>>>>>>>>
>>>>>>> the build environment to work with what I have and I'm comfortable
>>>> with
>>>> submitting corrections and patches, too much focus and complaints on my
>>>> build tools so why waste my time.
>>>>
>>>>>>>> -- Dale
>>>>>>>>
>>>>>>>> On Mar 19, 2014, at 11:34 AM, Rafael Ferreira wrote:
>>>>>>>>
>>>>>>>> Interesting... let me run some tests and get back to you.
>>>>>>>>
>>>>>>>> On Mar 19, 2014, at 8:33 AM, Mark Allan <markjallan at gmail.com
>>>>>>>> <mailto:
>>>>>>>>
>>>>>>> markjallan at gmail.com>> wrote:
>>>>>>>> Just out of interest, did you test to see if it *actually* worked?
>>>>>>>>
>>>>>>>> My configure output shows that dmg and xar are supported, but it
>>>>>>>>
>>>>>>> doesn't actually detect the Eicar test file within a disk image.
>>>>>>>> configure: Summary of engine detection features
>>>>>>>>           autoit_ea06 : yes
>>>>>>>>           bzip2       : ok
>>>>>>>>           zlib        : /usr
>>>>>>>>           unrar       : yes
>>>>>>>>           dmg and xar : yes, from /usr
>>>>>>>>
>>>>>>>> When I create a new disk image, copy the Eicar test file in, and scan
>>>>>>>>
>>>>>>> the dmg, it shows up as being clean.
>>>>>>>> clamscan test.dmg
>>>>>>>> test.dmg: OK
>>>>>>>>
>>>>>>>> ----------- SCAN SUMMARY -----------
>>>>>>>> Known viruses: 3259558
>>>>>>>> Engine version: 0.98.1
>>>>>>>> Scanned directories: 0
>>>>>>>> Scanned files: 1
>>>>>>>> Infected files: 0
>>>>>>>> Data scanned: 10.07 MB
>>>>>>>> Data read: 10.02 MB (ratio 1.01:1)
>>>>>>>> Time: 4.845 sec (0 m 4 s)
>>>>>>>>
>>>>>>>> Does this work as expected for anyone else?
>>>>>>>>
>>>>>>>> Mark
>>>>>>>>
>>>>>>>> On 10 Feb 2014, at 23:38, Rafael Ferreira <raf at uvasoftware.com
>>>>>>>>
>>>>>>> <mailto:raf at uvasoftware.com>> wrote:
>>>>>>>> That worked, thanks!
>>>>>>>>
>>>>>>>> On February 10, 2014 at 4:29:41 PM, Steven Morgan (
>>>>>>>>
>>>>>>> smorgan at sourcefire.com<mailto:smorgan at sourcefire.com>) wrote:
>>>>>>>> Rafael,
>>>>>>>>
>>>>>>>> Probably all you need to do install libxml&libxml2-dev, which is used
>>>>>>>>
>>>>>>> by
>>>>> dmg and xar, then do your configure/make.
>>>>>>>> Steve
>>>>>>>>
>>>>>>>>
>>>>>>>> On Mon, Feb 10, 2014 at 6:05 PM, Rafael Ferreira <
>>>>>>>> raf at uvasoftware.com
>>>>>>>>
>>>>>>> <mailto:raf at uvasoftware.com>>wrote:
>>>>>>>> Folks,
>>>>>>>>
>>>>>>>> I'm compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and I'm not
>>>>>>>> getting the new super awesome DMG and XAR file support:
>>>>>>>>
>>>>>>>> configure: Summary of detected features follows
>>>>>>>> OS : linux-gnu
>>>>>>>> pthreads : yes (-lpthread)
>>>>>>>> configure: Summary of miscellaneous features
>>>>>>>> check : no (auto)
>>>>>>>> fanotify : yes
>>>>>>>> fdpassing : 1
>>>>>>>> IPv6 : yes
>>>>>>>> configure: Summary of optional tools
>>>>>>>> clamdtop : (auto)
>>>>>>>> milter : yes (disabled)
>>>>>>>> configure: Summary of engine performance features)
>>>>>>>> release mode: yes
>>>>>>>> jit : yes (auto)
>>>>>>>> mempool : yes
>>>>>>>> configure: Summary of engine detection features
>>>>>>>> autoit_ea06 : yes
>>>>>>>> bzip2 : ok
>>>>>>>> zlib : /usr
>>>>>>>> unrar : yes
>>>>>>>> dmg and xar : no
>>>>>>>>
>>>>>>>> Am I missing a configure flag or third party library?
>>>>>>>>
>>>>>>>> Thanks in advance,
>>>>>>>>
>>>>>>>> - Rafael
>>>>>>>>
>>>>>>>> ----
>>>>>>>> scanii.com<http://scanii.com> - the web friendly malware scanner!
>>>>>>>> _______________________________________________
>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>> _______________________________________________
>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>> _______________________________________________
>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>
>>>>>> _______________________________________________
>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>
>>>>> _______________________________________________
>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>
>>>>  _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>
>>>
>> _______________________________________________
>> http://lurker.clamav.net/list/clamav-devel.html
>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net



More information about the clamav-devel mailing list