[Clamav-devel] enabling DMG and XAR support

Dale Walsh dale at daleenterprise.com
Sat Mar 22 13:32:41 EDT 2014


0.98.1 DMG does not work.

-- Dale



On Mar 21, 2014, at 09:16 AM, Joel Esler (jesler) wrote:

> DMG support was just added in the last version of ClamAV.  How long  
> ago did you do this testing?
>
>
> On Mar 20, 2014, at 8:22 PM, Dale Walsh <dale at daleenterprise.com>  
> wrote:
>
>> You did miss it but it's a two headed nail.
>>
>> PDF, DMG, XAR and RAR have had issues not recognizing the test  
>> viruses to name just a couple that spring to mind that we've had  
>> trouble with and this all started happening when the clang and  
>> crap entered the picture.
>>
>> I've worked with the developers in the past, once the build  
>> environment dependancies changed and I was told I had to upgrade  
>> my OS and build tools is when it was no longer possible to resolve  
>> these issues as the update solely for the purpose of building  
>> ClamAV is not an option and I shouldn't be forced to use someone  
>> else's built tool preferences just because they have the luxury of  
>> updating on a whim or purely for bragging rights.
>>
>> It does not matter if my OS is dated, security patches are applied  
>> to the build tools as they become available and this seems to  
>> satisfy all other software that build from source except ClamAV.
>>
>> Having everything build with GCC 4.0 would allow me/us to re- 
>> deploy ClamAV and contribute to the code base again (I have in the  
>> past) but the chances of this are slim to non from what I recall  
>> because my OS and build tools are dated and listening to rants  
>> about ancient and deprecated is nothing more than someone spewing  
>> stupidity.
>>
>> The fact that I ensure all bugs and updates to the build tools are  
>> fixed/added allows me to keep everything in harmony and there is  
>> no reason to update anything to build a single software package  
>> when all other software sources seem to be content with the  
>> existing build environment.
>>
>> If you wish to go off-list to continue the discussion I have no  
>> objections.
>>
>>
>> -- Dale
>>
>>
>>
>> On Mar 20, 2014, at 16:35 PM, Joel Esler (jesler) wrote:
>>
>>> Dale,
>>>
>>> Thanks for your email.  I’m not sure exactly what you are  
>>> referring to.  Maybe I am missing a connection here or something,  
>>> but the discussion was around scanning DMG and XAR, which I  
>>> think, if there’s a issue with, we’d be more than happy to work  
>>> with anyone to try and square away.
>>>
>>> You seem to be discussing a build issue, and you say that it’s a  
>>> waste of time.  When did you get the impression that working with  
>>> the developers was a waste of time?  If we’re not communicating  
>>> well enough, we can fix that.  But I think the team is doing a  
>>> good job of that judging by the amount of complaints I have  
>>> received since we took over the project from the old ClamAV team.
>>>
>>> Please let me know if we need to take this offline and discuss or  
>>> anything I can do to help.
>>>
>>> --
>>> Joel Esler
>>> Open Source Manager
>>> Threat Intelligence Team Lead
>>> Vulnerability Research Team
>>>
>>> On Mar 20, 2014, at 3:55 PM, Dale Walsh  
>>> <dale at daleenterprise.com<mailto:dale at daleenterprise.com>> wrote:
>>>
>>> Mark, this has been an issue for many versions along with a slew  
>>> of others things not working as expected.
>>>
>>> As much as I liked ClamAV, we've abandoned it as a mail solution  
>>> shortly after things stopped working correctly and they changed  
>>> the required build tools so you can no longer build it with GCC  
>>> 3.3/4.0/4.1/4.2 and have a fully functional app.
>>>
>>> Yes there are flags to get it to build but certain modules and  
>>> features don't build and making an incomplete and partially  
>>> functional binary isn't appealing.
>>>
>>> Advice on updating build tools is a waste of time as there is no  
>>> reason to update the build tools just to build ClamAV as it's the  
>>> only one that has this ridiculous built-tool requirement and only  
>>> an idiot would tell me to update.
>>>
>>> My thoughts on this is simple, if it doesn't build with the basic  
>>> GNU GCC compiler tools then it's seriously flawed and needs these  
>>> other tools to overcome the short-comings of poorly written/ 
>>> implemented code.
>>>
>>> When I say build, I mean build with full functionality so don't  
>>> go off the deep-end stating it builds, partial functionality may  
>>> be acceptable to you bhut it isn't to me.
>>>
>>> At this time, for personal use, I use the source code but  
>>> repackage the build environment to work with what I have and I'm  
>>> comfortable with submitting corrections and patches, too much  
>>> focus and complaints on my build tools so why waste my time.
>>>
>>> -- Dale
>>>
>>> On Mar 19, 2014, at 11:34 AM, Rafael Ferreira wrote:
>>>
>>> Interesting... let me run some tests and get back to you.
>>>
>>> On Mar 19, 2014, at 8:33 AM, Mark Allan  
>>> <markjallan at gmail.com<mailto:markjallan at gmail.com>> wrote:
>>>
>>> Just out of interest, did you test to see if it *actually* worked?
>>>
>>> My configure output shows that dmg and xar are supported, but it  
>>> doesn't actually detect the Eicar test file within a disk image.
>>>
>>> configure: Summary of engine detection features
>>>            autoit_ea06 : yes
>>>            bzip2       : ok
>>>            zlib        : /usr
>>>            unrar       : yes
>>>            dmg and xar : yes, from /usr
>>>
>>> When I create a new disk image, copy the Eicar test file in, and  
>>> scan the dmg, it shows up as being clean.
>>>
>>> clamscan test.dmg
>>> test.dmg: OK
>>>
>>> ----------- SCAN SUMMARY -----------
>>> Known viruses: 3259558
>>> Engine version: 0.98.1
>>> Scanned directories: 0
>>> Scanned files: 1
>>> Infected files: 0
>>> Data scanned: 10.07 MB
>>> Data read: 10.02 MB (ratio 1.01:1)
>>> Time: 4.845 sec (0 m 4 s)
>>>
>>> Does this work as expected for anyone else?
>>>
>>> Mark
>>>
>>> On 10 Feb 2014, at 23:38, Rafael Ferreira  
>>> <raf at uvasoftware.com<mailto:raf at uvasoftware.com>> wrote:
>>>
>>> That worked, thanks!
>>>
>>> On February 10, 2014 at 4:29:41 PM, Steven Morgan  
>>> (smorgan at sourcefire.com<mailto:smorgan at sourcefire.com>) wrote:
>>>
>>> Rafael,
>>>
>>> Probably all you need to do install libxml&libxml2-dev, which is  
>>> used by
>>> dmg and xar, then do your configure/make.
>>>
>>> Steve
>>>
>>>
>>> On Mon, Feb 10, 2014 at 6:05 PM, Rafael Ferreira  
>>> <raf at uvasoftware.com<mailto:raf at uvasoftware.com>>wrote:
>>>
>>>
>>> Folks,
>>>
>>> I'm compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and I'm not
>>> getting the new super awesome DMG and XAR file support:
>>>
>>> configure: Summary of detected features follows
>>> OS : linux-gnu
>>> pthreads : yes (-lpthread)
>>> configure: Summary of miscellaneous features
>>> check : no (auto)
>>> fanotify : yes
>>> fdpassing : 1
>>> IPv6 : yes
>>> configure: Summary of optional tools
>>> clamdtop : (auto)
>>> milter : yes (disabled)
>>> configure: Summary of engine performance features)
>>> release mode: yes
>>> jit : yes (auto)
>>> mempool : yes
>>> configure: Summary of engine detection features
>>> autoit_ea06 : yes
>>> bzip2 : ok
>>> zlib : /usr
>>> unrar : yes
>>> dmg and xar : no
>>>
>>> Am I missing a configure flag or third party library?
>>>
>>> Thanks in advance,
>>>
>>> - Rafael
>>>
>>> ----
>>> scanii.com<http://scanii.com> - the web friendly malware scanner!
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>
>>>
>>
>> _______________________________________________
>> http://lurker.clamav.net/list/clamav-devel.html
>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
>




More information about the clamav-devel mailing list