[clamav-users] About scanning files larger than 2 GB in size
Paul Kosinski
clamav-users at iment.com
Thu Jan 26 19:32:39 UTC 2023
I don't think I implied that the 2 GiB limit was "artificial" in the sense of trivial, or made up. I think I very clearly stated that
"It's a holdover from when 32-bit numbers were all that CPUs supported" and now "the 2 GiB limit is quite an anachronism".
Note that this question has been around for at least 7 years:
https://security.stackexchange.com/questions/107132/linux-antivirus-and-files-bigger-than-4gb
Clearly, much code review would have to be done. But Linux file I/O interfaces were successfully updated from 32-bit to 64-bit sizes and offsets some years ago, so the infrastructure is there. Also, the analogous Y2038 problem, which requires going from 32 to 64 bit as well (for time-stamps), is being seriously worked on. (And note that the Y2K problem, which was a *much* bigger issue, was indeed fixed.)
Paul
P.S. Do many current commercial AV suites for Windows have this limit?
On Thu, 26 Jan 2023 00:14:27 +0000
"Micah Snyder (micasnyd)" <micasnyd at cisco.com> wrote:
> Paul is sort-of correct but the 2GB limit isn't artificial as he has implied.
>
> ClamAV code contains a lot of signed and unsigned 32bit variables that must be upgraded to 64bit variables to support larger files. Before raising the limit, a tedious audit process must be completed to ensure that all variables are upgraded in all modules. We cannot simply remove the limit and cross our fingers.
>
> Regards,
> Micah
>
More information about the clamav-users
mailing list