P.S. Do many current commercial AV suites for Windows have this limit?

I have no idea.  Does anyone else know?


Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.
From: Paul Kosinski <clamav-users@iment.com>
Sent: Thursday, January 26, 2023 11:32 AM
To: Micah Snyder (micasnyd) <micasnyd@cisco.com>; clamav-users@lists.clamav.net <clamav-users@lists.clamav.net>
Subject: Re: [clamav-users] About scanning files larger than 2 GB in size
 
I don't think I implied that the 2 GiB limit was "artificial" in the sense of trivial, or made up. I think I very clearly stated that
"It's a holdover from when 32-bit numbers were all that CPUs supported" and now "the 2 GiB limit is quite an anachronism".

Note that this question has been around for at least 7 years:
  https://security.stackexchange.com/questions/107132/linux-antivirus-and-files-bigger-than-4gb

Clearly, much code review would have to be done. But Linux file I/O interfaces were successfully updated from 32-bit to 64-bit sizes and offsets some years ago, so the infrastructure is there. Also, the analogous Y2038 problem, which requires going from 32 to 64 bit as well (for time-stamps), is being seriously worked on. (And note that the Y2K problem, which was a *much* bigger issue, was indeed fixed.)

Paul

P.S. Do many current commercial AV suites for Windows have this limit?



On Thu, 26 Jan 2023 00:14:27 +0000
"Micah Snyder (micasnyd)" <micasnyd@cisco.com> wrote:

> Paul is sort-of correct but the 2GB limit isn't artificial as he has implied.
>
> ClamAV code contains a lot of signed and unsigned 32bit variables that must be upgraded to 64bit variables to support larger files.  Before raising the limit, a tedious audit process must be completed to ensure that all variables are upgraded in all modules.  We cannot simply remove the limit and cross our fingers.
>
> Regards,
> Micah
>