[Clamav-devel] enabling DMG and XAR support

Joel Esler (jesler) jesler at cisco.com
Thu Mar 20 16:35:13 EDT 2014


Dale,

Thanks for your email.  I’m not sure exactly what you are referring to.  Maybe I am missing a connection here or something, but the discussion was around scanning DMG and XAR, which I think, if there’s a issue with, we’d be more than happy to work with anyone to try and square away.

You seem to be discussing a build issue, and you say that it’s a waste of time.  When did you get the impression that working with the developers was a waste of time?  If we’re not communicating well enough, we can fix that.  But I think the team is doing a good job of that judging by the amount of complaints I have received since we took over the project from the old ClamAV team.

Please let me know if we need to take this offline and discuss or anything I can do to help.

--
Joel Esler
Open Source Manager
Threat Intelligence Team Lead
Vulnerability Research Team

On Mar 20, 2014, at 3:55 PM, Dale Walsh <dale at daleenterprise.com<mailto:dale at daleenterprise.com>> wrote:

Mark, this has been an issue for many versions along with a slew of others things not working as expected.

As much as I liked ClamAV, we've abandoned it as a mail solution shortly after things stopped working correctly and they changed the required build tools so you can no longer build it with GCC 3.3/4.0/4.1/4.2 and have a fully functional app.

Yes there are flags to get it to build but certain modules and features don't build and making an incomplete and partially functional binary isn't appealing.

Advice on updating build tools is a waste of time as there is no reason to update the build tools just to build ClamAV as it's the only one that has this ridiculous built-tool requirement and only an idiot would tell me to update.

My thoughts on this is simple, if it doesn't build with the basic GNU GCC compiler tools then it's seriously flawed and needs these other tools to overcome the short-comings of poorly written/implemented code.

When I say build, I mean build with full functionality so don't go off the deep-end stating it builds, partial functionality may be acceptable to you bhut it isn't to me.

At this time, for personal use, I use the source code but repackage the build environment to work with what I have and I'm comfortable with submitting corrections and patches, too much focus and complaints on my build tools so why waste my time.

-- Dale

On Mar 19, 2014, at 11:34 AM, Rafael Ferreira wrote:

Interesting... let me run some tests and get back to you.

On Mar 19, 2014, at 8:33 AM, Mark Allan <markjallan at gmail.com<mailto:markjallan at gmail.com>> wrote:

Just out of interest, did you test to see if it *actually* worked?

My configure output shows that dmg and xar are supported, but it doesn't actually detect the Eicar test file within a disk image.

configure: Summary of engine detection features
            autoit_ea06 : yes
            bzip2       : ok
            zlib        : /usr
            unrar       : yes
            dmg and xar : yes, from /usr

When I create a new disk image, copy the Eicar test file in, and scan the dmg, it shows up as being clean.

clamscan test.dmg
test.dmg: OK

----------- SCAN SUMMARY -----------
Known viruses: 3259558
Engine version: 0.98.1
Scanned directories: 0
Scanned files: 1
Infected files: 0
Data scanned: 10.07 MB
Data read: 10.02 MB (ratio 1.01:1)
Time: 4.845 sec (0 m 4 s)

Does this work as expected for anyone else?

Mark

On 10 Feb 2014, at 23:38, Rafael Ferreira <raf at uvasoftware.com<mailto:raf at uvasoftware.com>> wrote:

That worked, thanks!

On February 10, 2014 at 4:29:41 PM, Steven Morgan (smorgan at sourcefire.com<mailto:smorgan at sourcefire.com>) wrote:

Rafael,

Probably all you need to do install libxml&libxml2-dev, which is used by
dmg and xar, then do your configure/make.

Steve


On Mon, Feb 10, 2014 at 6:05 PM, Rafael Ferreira <raf at uvasoftware.com<mailto:raf at uvasoftware.com>>wrote:


Folks,

I'm compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and I'm not
getting the new super awesome DMG and XAR file support:

configure: Summary of detected features follows
OS : linux-gnu
pthreads : yes (-lpthread)
configure: Summary of miscellaneous features
check : no (auto)
fanotify : yes
fdpassing : 1
IPv6 : yes
configure: Summary of optional tools
clamdtop : (auto)
milter : yes (disabled)
configure: Summary of engine performance features)
release mode: yes
jit : yes (auto)
mempool : yes
configure: Summary of engine detection features
autoit_ea06 : yes
bzip2 : ok
zlib : /usr
unrar : yes
dmg and xar : no

Am I missing a configure flag or third party library?

Thanks in advance,

- Rafael

----
scanii.com<http://scanii.com> - the web friendly malware scanner!
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net

_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net

_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net




_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net




More information about the clamav-devel mailing list