[clamav-users] [ext] ClamAV 1.0.0 release candidate now available

Andrew C Aitchison clamav at aitchison.me.uk
Wed Nov 2 20:37:23 UTC 2022 

On Wed, 2 Nov 2022, Micah Snyder (micasnyd) wrote:

> Hi Andrew,
>
>> Should cli_cvdverify() even be used to verify .cld files ?
>
> Indeed, it should not.
>
> Here is my PR to fix the issue.  Are you able to try it out to help verify it resolves the issue on your end?
> https://github.com/Cisco-Talos/clamav/pull/740
> [https://opengraph.githubassets.com/fe53b48c8ddd353921519a3075391788df3c30af039e250ba6728bbf35776e86/Cisco-Talos/clamav/pull/740]<https://github.com/Cisco-Talos/clamav/pull/740>
> Clam 2167 freshclam cld incremental update by micahsnyder · Pull Request #740 · Cisco-Talos/clamav<https://github.com/Cisco-Talos/clamav/pull/740>
> Freshclam: fix incremental update on CLD database When adding the cl_cvdunpack() API that (optionally) verifies the database signature, we used it in libfreshclam in a place where it may also unpac...
> github.com

That patch looks good and my tests are looking good, but I managed to
fall foul of the rate limit so cannot confirm for 24 hours :-(


> ________________________________
> From: Andrew C Aitchison <andrew at aitchison.me.uk>
> Sent: Wednesday, November 2, 2022 8:40 AM
> To: Micah Snyder (micasnyd) <micasnyd at cisco.com>
> Cc: ClamAV users ML <clamav-users at lists.clamav.net>; Andrew C Aitchison <clamav at aitchison.me.uk>
> Subject: Re: [clamav-users] [ext] ClamAV 1.0.0 release candidate now available
>
> On Tue, 1 Nov 2022, Micah Snyder (micasnyd) wrote:
>
>> Oh I see! It is on the second incremental update that the failure occurs -- when the CLD is unpacked to be updated. That should be a very easy fix.
>>
>> If you can help test it, I will share something as soon as it is ready.
>
> I think I have found the problem.
>
> These .cld files have headers like
>
> ClamAV-VDB:01 Nov 2022 03-52 -0400:26706:2009713:90:X:X:raynman:1667289154
>
> with X in place of both the MD5 and the Digital signature
> so cli_cvdverify() has nothing to match and thus fails.
>
> Do *downloaded* .cld files (as opposed to updated and repacked files)
> have MD5 and the Digital signature ?
>
> Should cli_cvdverify() even be used to verify .cld files ?
>
> --
> Andrew C. Aitchison                      Kendal, UK
>                    andrew at aitchison.me.uk
>

-- 
Andrew C. Aitchison                      Kendal, UK
                    andrew at aitchison.me.uk

More information about the clamav-users mailing list