[clamav-users] ClamAV libclamunrar bug ?
qmail at top-consulting.net
Mon Oct 31 21:04:55 EDT 2016
The virus gets properly detected when decompressed as:
When the .js file is recompressed on my desktop to a .rar it also gets properly detected in the .rar file.
However the original .rar file that arrived in the e-mail doesn't get flagged at all.
I am running version 0.99.2 on CentOS 6.7.
Running clamscan in debug mode shows some kind of corruption when reading the e-mail .rar file, although unrar unpacks it without problems:
LibClamAV debug: hashtab: Freeing hashset, elements: 0, capacity: 0
LibClamAV debug: Descriptor: Can't unpack some data
Anyone else saw this ? Is it a bug within libclamunrar ?
More information about the clamav-users