Mailing List Archive

enabling DMG and XAR support
Folks, 

I’m compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and I’m not getting the new super awesome DMG and XAR file  support:

configure: Summary of detected features follows
              OS          : linux-gnu
              pthreads    : yes (-lpthread)
configure: Summary of miscellaneous  features
              check       : no (auto)
              fanotify    : yes
              fdpassing   : 1
              IPv6        : yes
configure: Summary of optional tools
              clamdtop    :  (auto)
              milter      : yes (disabled)
configure: Summary of engine performance features)
              release mode: yes
              jit         : yes (auto)
              mempool     : yes
configure: Summary of engine detection features
              autoit_ea06 : yes
              bzip2       : ok
              zlib        : /usr
              unrar       : yes
              dmg and xar : no

Am I missing a configure flag or third party library? 

Thanks in advance, 

- Rafael 

----
scanii.com  - the web friendly malware scanner! 
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: enabling DMG and XAR support [ In reply to ]
Rafael,

Probably all you need to do install libxml&libxml2-dev, which is used by
dmg and xar, then do your configure/make.

Steve


On Mon, Feb 10, 2014 at 6:05 PM, Rafael Ferreira <raf@uvasoftware.com>wrote:

>
> Folks,
>
> I'm compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and I'm not
> getting the new super awesome DMG and XAR file support:
>
> configure: Summary of detected features follows
> OS : linux-gnu
> pthreads : yes (-lpthread)
> configure: Summary of miscellaneous features
> check : no (auto)
> fanotify : yes
> fdpassing : 1
> IPv6 : yes
> configure: Summary of optional tools
> clamdtop : (auto)
> milter : yes (disabled)
> configure: Summary of engine performance features)
> release mode: yes
> jit : yes (auto)
> mempool : yes
> configure: Summary of engine detection features
> autoit_ea06 : yes
> bzip2 : ok
> zlib : /usr
> unrar : yes
> dmg and xar : no
>
> Am I missing a configure flag or third party library?
>
> Thanks in advance,
>
> - Rafael
>
> ----
> scanii.com - the web friendly malware scanner!
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: enabling DMG and XAR support [ In reply to ]
That worked, thanks! 

On February 10, 2014 at 4:29:41 PM, Steven Morgan (smorgan@sourcefire.com) wrote:

Rafael,

Probably all you need to do install libxml&libxml2-dev, which is used by
dmg and xar, then do your configure/make.

Steve


On Mon, Feb 10, 2014 at 6:05 PM, Rafael Ferreira <raf@uvasoftware.com>wrote:

>
> Folks,
>
> I'm compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and I'm not
> getting the new super awesome DMG and XAR file support:
>
> configure: Summary of detected features follows
> OS : linux-gnu
> pthreads : yes (-lpthread)
> configure: Summary of miscellaneous features
> check : no (auto)
> fanotify : yes
> fdpassing : 1
> IPv6 : yes
> configure: Summary of optional tools
> clamdtop : (auto)
> milter : yes (disabled)
> configure: Summary of engine performance features)
> release mode: yes
> jit : yes (auto)
> mempool : yes
> configure: Summary of engine detection features
> autoit_ea06 : yes
> bzip2 : ok
> zlib : /usr
> unrar : yes
> dmg and xar : no
>
> Am I missing a configure flag or third party library?
>
> Thanks in advance,
>
> - Rafael
>
> ----
> scanii.com - the web friendly malware scanner!
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: enabling DMG and XAR support [ In reply to ]
Just out of interest, did you test to see if it *actually* worked?

My configure output shows that dmg and xar are supported, but it doesn't actually detect the Eicar test file within a disk image.

configure: Summary of engine detection features
autoit_ea06 : yes
bzip2 : ok
zlib : /usr
unrar : yes
dmg and xar : yes, from /usr

When I create a new disk image, copy the Eicar test file in, and scan the dmg, it shows up as being clean.

> clamscan test.dmg
> test.dmg: OK
>
> ----------- SCAN SUMMARY -----------
> Known viruses: 3259558
> Engine version: 0.98.1
> Scanned directories: 0
> Scanned files: 1
> Infected files: 0
> Data scanned: 10.07 MB
> Data read: 10.02 MB (ratio 1.01:1)
> Time: 4.845 sec (0 m 4 s)

Does this work as expected for anyone else?

Mark

On 10 Feb 2014, at 23:38, Rafael Ferreira <raf@uvasoftware.com> wrote:

> That worked, thanks!
>
> On February 10, 2014 at 4:29:41 PM, Steven Morgan (smorgan@sourcefire.com) wrote:
>
> Rafael,
>
> Probably all you need to do install libxml&libxml2-dev, which is used by
> dmg and xar, then do your configure/make.
>
> Steve
>
>
> On Mon, Feb 10, 2014 at 6:05 PM, Rafael Ferreira <raf@uvasoftware.com>wrote:
>
>>
>> Folks,
>>
>> I'm compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and I'm not
>> getting the new super awesome DMG and XAR file support:
>>
>> configure: Summary of detected features follows
>> OS : linux-gnu
>> pthreads : yes (-lpthread)
>> configure: Summary of miscellaneous features
>> check : no (auto)
>> fanotify : yes
>> fdpassing : 1
>> IPv6 : yes
>> configure: Summary of optional tools
>> clamdtop : (auto)
>> milter : yes (disabled)
>> configure: Summary of engine performance features)
>> release mode: yes
>> jit : yes (auto)
>> mempool : yes
>> configure: Summary of engine detection features
>> autoit_ea06 : yes
>> bzip2 : ok
>> zlib : /usr
>> unrar : yes
>> dmg and xar : no
>>
>> Am I missing a configure flag or third party library?
>>
>> Thanks in advance,
>>
>> - Rafael
>>
>> ----
>> scanii.com - the web friendly malware scanner!
>> _______________________________________________
>> http://lurker.clamav.net/list/clamav-devel.html
>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net

_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: enabling DMG and XAR support [ In reply to ]
Interesting... let me run some tests and get back to you.

On Mar 19, 2014, at 8:33 AM, Mark Allan <markjallan@gmail.com> wrote:

> Just out of interest, did you test to see if it *actually* worked?
>
> My configure output shows that dmg and xar are supported, but it doesn't actually detect the Eicar test file within a disk image.
>
> configure: Summary of engine detection features
> autoit_ea06 : yes
> bzip2 : ok
> zlib : /usr
> unrar : yes
> dmg and xar : yes, from /usr
>
> When I create a new disk image, copy the Eicar test file in, and scan the dmg, it shows up as being clean.
>
>> clamscan test.dmg
>> test.dmg: OK
>>
>> ----------- SCAN SUMMARY -----------
>> Known viruses: 3259558
>> Engine version: 0.98.1
>> Scanned directories: 0
>> Scanned files: 1
>> Infected files: 0
>> Data scanned: 10.07 MB
>> Data read: 10.02 MB (ratio 1.01:1)
>> Time: 4.845 sec (0 m 4 s)
>
> Does this work as expected for anyone else?
>
> Mark
>
> On 10 Feb 2014, at 23:38, Rafael Ferreira <raf@uvasoftware.com> wrote:
>
>> That worked, thanks!
>>
>> On February 10, 2014 at 4:29:41 PM, Steven Morgan (smorgan@sourcefire.com) wrote:
>>
>> Rafael,
>>
>> Probably all you need to do install libxml&libxml2-dev, which is used by
>> dmg and xar, then do your configure/make.
>>
>> Steve
>>
>>
>> On Mon, Feb 10, 2014 at 6:05 PM, Rafael Ferreira <raf@uvasoftware.com>wrote:
>>
>>>
>>> Folks,
>>>
>>> I'm compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and I'm not
>>> getting the new super awesome DMG and XAR file support:
>>>
>>> configure: Summary of detected features follows
>>> OS : linux-gnu
>>> pthreads : yes (-lpthread)
>>> configure: Summary of miscellaneous features
>>> check : no (auto)
>>> fanotify : yes
>>> fdpassing : 1
>>> IPv6 : yes
>>> configure: Summary of optional tools
>>> clamdtop : (auto)
>>> milter : yes (disabled)
>>> configure: Summary of engine performance features)
>>> release mode: yes
>>> jit : yes (auto)
>>> mempool : yes
>>> configure: Summary of engine detection features
>>> autoit_ea06 : yes
>>> bzip2 : ok
>>> zlib : /usr
>>> unrar : yes
>>> dmg and xar : no
>>>
>>> Am I missing a configure flag or third party library?
>>>
>>> Thanks in advance,
>>>
>>> - Rafael
>>>
>>> ----
>>> scanii.com - the web friendly malware scanner!
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>> _______________________________________________
>> http://lurker.clamav.net/list/clamav-devel.html
>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>> _______________________________________________
>> http://lurker.clamav.net/list/clamav-devel.html
>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net

_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: enabling DMG and XAR support [ In reply to ]
On Wed, Mar 19, 2014 at 11:34 AM, Rafael Ferreira <raf@uvasoftware.com>wrote:

> Interesting... let me run some tests and get back to you.
>
> On Mar 19, 2014, at 8:33 AM, Mark Allan <markjallan@gmail.com> wrote:
>
> > Just out of interest, did you test to see if it *actually* worked?
> >
> > My configure output shows that dmg and xar are supported, but it doesn't
> actually detect the Eicar test file within a disk image.
> >
> > configure: Summary of engine detection features
> > autoit_ea06 : yes
> > bzip2 : ok
> > zlib : /usr
> > unrar : yes
> > dmg and xar : yes, from /usr
> >
> > When I create a new disk image, copy the Eicar test file in, and scan
> the dmg, it shows up as being clean.
> >
> >> clamscan test.dmg
> >> test.dmg: OK
> >>
> >> ----------- SCAN SUMMARY -----------
> >> Known viruses: 3259558
> >> Engine version: 0.98.1
> >> Scanned directories: 0
> >> Scanned files: 1
> >> Infected files: 0
> >> Data scanned: 10.07 MB
> >> Data read: 10.02 MB (ratio 1.01:1)
> >> Time: 4.845 sec (0 m 4 s)
> >
> > Does this work as expected for anyone else?
> >
> > Mark
> >
> > On 10 Feb 2014, at 23:38, Rafael Ferreira <raf@uvasoftware.com> wrote:
> >
> >> That worked, thanks!
> >>
> >> On February 10, 2014 at 4:29:41 PM, Steven Morgan (
> smorgan@sourcefire.com) wrote:
> >>
> >> Rafael,
> >>
> >> Probably all you need to do install libxml&libxml2-dev, which is used by
> >> dmg and xar, then do your configure/make.
> >>
> >> Steve
> >>
> >>
> >> On Mon, Feb 10, 2014 at 6:05 PM, Rafael Ferreira <raf@uvasoftware.com
> >wrote:
> >>
> >>>
> >>> Folks,
> >>>
> >>> I'm compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and I'm not
> >>> getting the new super awesome DMG and XAR file support:
> >>>
> >>> configure: Summary of detected features follows
> >>> OS : linux-gnu
> >>> pthreads : yes (-lpthread)
> >>> configure: Summary of miscellaneous features
> >>> check : no (auto)
> >>> fanotify : yes
> >>> fdpassing : 1
> >>> IPv6 : yes
> >>> configure: Summary of optional tools
> >>> clamdtop : (auto)
> >>> milter : yes (disabled)
> >>> configure: Summary of engine performance features)
> >>> release mode: yes
> >>> jit : yes (auto)
> >>> mempool : yes
> >>> configure: Summary of engine detection features
> >>> autoit_ea06 : yes
> >>> bzip2 : ok
> >>> zlib : /usr
> >>> unrar : yes
> >>> dmg and xar : no
> >>>
> >>> Am I missing a configure flag or third party library?
> >>>
> >>> Thanks in advance,
> >>>
> >>> - Rafael
> >>>
> >>> ----
> >>> scanii.com - the web friendly malware scanner!
> >>> _______________________________________________
> >>> http://lurker.clamav.net/list/clamav-devel.html
> >>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
> >> _______________________________________________
> >> http://lurker.clamav.net/list/clamav-devel.html
> >> Please submit your patches to our Bugzilla: http://bugs.clamav.net
> >> _______________________________________________
> >> http://lurker.clamav.net/list/clamav-devel.html
> >> Please submit your patches to our Bugzilla: http://bugs.clamav.net
> >
> > _______________________________________________
> > http://lurker.clamav.net/list/clamav-devel.html
> > Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>

DMG is an odd filetype, since there are really 2 or 3 different filetypes
lumped into that category.

What we have included in ClamAV 0.98.1 is scanning of UDIF format DMG
files, which have a definitive trailer block and may have compressed
sections.
We have not yet included support for scanning raw disk format DMG files,
which are nearly indistinguishable from disk dumps. No separate compression
is allowed.

So let me ask you this question. How did you create your DMG? Most software
packagers create UDIF format to reduce the file size for downloads. Disk
Utility and the hdiutil command can create a raw disk unless another format
is checked.

To find out what format your testfile is really in, you can use the
imageinfo sub-command of hdiutil (e.g. hdiutil imageinfo yourfile.dmg).
Then you can use the convert sub-command of hdiutil to switch the format.

Hope this helps,

Dave R.

--
---
Dave Raynor
Vulnerability Research Team
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: enabling DMG and XAR support [ In reply to ]
My test disk is indeed a raw image. I've also tried read only as well as compressed, and nothing gets detected in any of those.

As you say, Disk Utility creates raw images by default, and while some software packagers do create UDIF formatted images, I suspect Disk Utility is the most common way of making disk images on OS X.

What would be required to provide full DMG support?

Also, is there a similar caveat for xar archives? I've done a similar test for those and they slip by undetected as well.

xar -c -f new.xar DirWithManyKnownDetectedMalwareSamples

clamscan new.xar
new.xar: OK

----------- SCAN SUMMARY -----------
Known viruses: 3259558
Engine version: 0.98.1
Scanned directories: 0
Scanned files: 1
Infected files: 0
Data scanned: 0.00 MB
Data read: 31.34 MB (ratio 0.00:1)
Time: 4.612 sec (0 m 4 s)

Mark

On 19 Mar 2014, at 15:43, David Raynor <draynor@sourcefire.com> wrote:

> DMG is an odd filetype, since there are really 2 or 3 different filetypes
> lumped into that category.
>
> What we have included in ClamAV 0.98.1 is scanning of UDIF format DMG
> files, which have a definitive trailer block and may have compressed
> sections.
> We have not yet included support for scanning raw disk format DMG files,
> which are nearly indistinguishable from disk dumps. No separate compression
> is allowed.
>
> So let me ask you this question. How did you create your DMG? Most software
> packagers create UDIF format to reduce the file size for downloads. Disk
> Utility and the hdiutil command can create a raw disk unless another format
> is checked.
>
> To find out what format your testfile is really in, you can use the
> imageinfo sub-command of hdiutil (e.g. hdiutil imageinfo yourfile.dmg).
> Then you can use the convert sub-command of hdiutil to switch the format.
>
> Hope this helps,
>
> Dave R.
>
> --
> ---
> Dave Raynor
> Vulnerability Research Team
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
> On Wed, Mar 19, 2014 at 11:34 AM, Rafael Ferreira <raf@uvasoftware.com>wrote:
>
>> Interesting... let me run some tests and get back to you.
>>
>> On Mar 19, 2014, at 8:33 AM, Mark Allan <markjallan@gmail.com> wrote:
>>
>>> Just out of interest, did you test to see if it *actually* worked?
>>>
>>> My configure output shows that dmg and xar are supported, but it doesn't
>> actually detect the Eicar test file within a disk image.
>>>
>>> configure: Summary of engine detection features
>>> autoit_ea06 : yes
>>> bzip2 : ok
>>> zlib : /usr
>>> unrar : yes
>>> dmg and xar : yes, from /usr
>>>
>>> When I create a new disk image, copy the Eicar test file in, and scan
>> the dmg, it shows up as being clean.
>>>
>>>> clamscan test.dmg
>>>> test.dmg: OK
>>>>
>>>> ----------- SCAN SUMMARY -----------
>>>> Known viruses: 3259558
>>>> Engine version: 0.98.1
>>>> Scanned directories: 0
>>>> Scanned files: 1
>>>> Infected files: 0
>>>> Data scanned: 10.07 MB
>>>> Data read: 10.02 MB (ratio 1.01:1)
>>>> Time: 4.845 sec (0 m 4 s)
>>>
>>> Does this work as expected for anyone else?
>>>
>>> Mark
>>>
>>> On 10 Feb 2014, at 23:38, Rafael Ferreira <raf@uvasoftware.com> wrote:
>>>
>>>> That worked, thanks!
>>>>
>>>> On February 10, 2014 at 4:29:41 PM, Steven Morgan (
>> smorgan@sourcefire.com) wrote:
>>>>
>>>> Rafael,
>>>>
>>>> Probably all you need to do install libxml&libxml2-dev, which is used by
>>>> dmg and xar, then do your configure/make.
>>>>
>>>> Steve
>>>>
>>>>
>>>> On Mon, Feb 10, 2014 at 6:05 PM, Rafael Ferreira <raf@uvasoftware.com
>>> wrote:
>>>>
>>>>>
>>>>> Folks,
>>>>>
>>>>> I'm compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and I'm not
>>>>> getting the new super awesome DMG and XAR file support:
>>>>>
>>>>> configure: Summary of detected features follows
>>>>> OS : linux-gnu
>>>>> pthreads : yes (-lpthread)
>>>>> configure: Summary of miscellaneous features
>>>>> check : no (auto)
>>>>> fanotify : yes
>>>>> fdpassing : 1
>>>>> IPv6 : yes
>>>>> configure: Summary of optional tools
>>>>> clamdtop : (auto)
>>>>> milter : yes (disabled)
>>>>> configure: Summary of engine performance features)
>>>>> release mode: yes
>>>>> jit : yes (auto)
>>>>> mempool : yes
>>>>> configure: Summary of engine detection features
>>>>> autoit_ea06 : yes
>>>>> bzip2 : ok
>>>>> zlib : /usr
>>>>> unrar : yes
>>>>> dmg and xar : no
>>>>>
>>>>> Am I missing a configure flag or third party library?
>>>>>
>>>>> Thanks in advance,
>>>>>
>>>>> - Rafael
>>>>>
>>>>> ----
>>>>> scanii.com - the web friendly malware scanner!
>>>>> _______________________________________________
>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>
>> _______________________________________________
>> http://lurker.clamav.net/list/clamav-devel.html
>> Please submit your patches to our Bugzilla: http://bugs.clamav.net

_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: enabling DMG and XAR support [ In reply to ]
Mark,

Your xar scenario should be working. You can get more info with --debug. If
you want to forward that output and/or test file, we can investigate
further.

Steve


On Wed, Mar 19, 2014 at 11:59 AM, Mark Allan <markjallan@gmail.com> wrote:

> My test disk is indeed a raw image. I've also tried read only as well as
> compressed, and nothing gets detected in any of those.
>
> As you say, Disk Utility creates raw images by default, and while some
> software packagers do create UDIF formatted images, I suspect Disk Utility
> is the most common way of making disk images on OS X.
>
> What would be required to provide full DMG support?
>
> Also, is there a similar caveat for xar archives? I've done a similar
> test for those and they slip by undetected as well.
>
> xar -c -f new.xar DirWithManyKnownDetectedMalwareSamples
>
> clamscan new.xar
> new.xar: OK
>
> ----------- SCAN SUMMARY -----------
> Known viruses: 3259558
> Engine version: 0.98.1
> Scanned directories: 0
> Scanned files: 1
> Infected files: 0
> Data scanned: 0.00 MB
> Data read: 31.34 MB (ratio 0.00:1)
> Time: 4.612 sec (0 m 4 s)
>
> Mark
>
> On 19 Mar 2014, at 15:43, David Raynor <draynor@sourcefire.com> wrote:
>
> > DMG is an odd filetype, since there are really 2 or 3 different filetypes
> > lumped into that category.
> >
> > What we have included in ClamAV 0.98.1 is scanning of UDIF format DMG
> > files, which have a definitive trailer block and may have compressed
> > sections.
> > We have not yet included support for scanning raw disk format DMG files,
> > which are nearly indistinguishable from disk dumps. No separate
> compression
> > is allowed.
> >
> > So let me ask you this question. How did you create your DMG? Most
> software
> > packagers create UDIF format to reduce the file size for downloads. Disk
> > Utility and the hdiutil command can create a raw disk unless another
> format
> > is checked.
> >
> > To find out what format your testfile is really in, you can use the
> > imageinfo sub-command of hdiutil (e.g. hdiutil imageinfo yourfile.dmg).
> > Then you can use the convert sub-command of hdiutil to switch the format.
> >
> > Hope this helps,
> >
> > Dave R.
> >
> > --
> > ---
> > Dave Raynor
> > Vulnerability Research Team
> > _______________________________________________
> > http://lurker.clamav.net/list/clamav-devel.html
> > Please submit your patches to our Bugzilla: http://bugs.clamav.net
> >
> > On Wed, Mar 19, 2014 at 11:34 AM, Rafael Ferreira <raf@uvasoftware.com
> >wrote:
> >
> >> Interesting... let me run some tests and get back to you.
> >>
> >> On Mar 19, 2014, at 8:33 AM, Mark Allan <markjallan@gmail.com> wrote:
> >>
> >>> Just out of interest, did you test to see if it *actually* worked?
> >>>
> >>> My configure output shows that dmg and xar are supported, but it
> doesn't
> >> actually detect the Eicar test file within a disk image.
> >>>
> >>> configure: Summary of engine detection features
> >>> autoit_ea06 : yes
> >>> bzip2 : ok
> >>> zlib : /usr
> >>> unrar : yes
> >>> dmg and xar : yes, from /usr
> >>>
> >>> When I create a new disk image, copy the Eicar test file in, and scan
> >> the dmg, it shows up as being clean.
> >>>
> >>>> clamscan test.dmg
> >>>> test.dmg: OK
> >>>>
> >>>> ----------- SCAN SUMMARY -----------
> >>>> Known viruses: 3259558
> >>>> Engine version: 0.98.1
> >>>> Scanned directories: 0
> >>>> Scanned files: 1
> >>>> Infected files: 0
> >>>> Data scanned: 10.07 MB
> >>>> Data read: 10.02 MB (ratio 1.01:1)
> >>>> Time: 4.845 sec (0 m 4 s)
> >>>
> >>> Does this work as expected for anyone else?
> >>>
> >>> Mark
> >>>
> >>> On 10 Feb 2014, at 23:38, Rafael Ferreira <raf@uvasoftware.com> wrote:
> >>>
> >>>> That worked, thanks!
> >>>>
> >>>> On February 10, 2014 at 4:29:41 PM, Steven Morgan (
> >> smorgan@sourcefire.com) wrote:
> >>>>
> >>>> Rafael,
> >>>>
> >>>> Probably all you need to do install libxml&libxml2-dev, which is used
> by
> >>>> dmg and xar, then do your configure/make.
> >>>>
> >>>> Steve
> >>>>
> >>>>
> >>>> On Mon, Feb 10, 2014 at 6:05 PM, Rafael Ferreira <raf@uvasoftware.com
> >>> wrote:
> >>>>
> >>>>>
> >>>>> Folks,
> >>>>>
> >>>>> I'm compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and I'm not
> >>>>> getting the new super awesome DMG and XAR file support:
> >>>>>
> >>>>> configure: Summary of detected features follows
> >>>>> OS : linux-gnu
> >>>>> pthreads : yes (-lpthread)
> >>>>> configure: Summary of miscellaneous features
> >>>>> check : no (auto)
> >>>>> fanotify : yes
> >>>>> fdpassing : 1
> >>>>> IPv6 : yes
> >>>>> configure: Summary of optional tools
> >>>>> clamdtop : (auto)
> >>>>> milter : yes (disabled)
> >>>>> configure: Summary of engine performance features)
> >>>>> release mode: yes
> >>>>> jit : yes (auto)
> >>>>> mempool : yes
> >>>>> configure: Summary of engine detection features
> >>>>> autoit_ea06 : yes
> >>>>> bzip2 : ok
> >>>>> zlib : /usr
> >>>>> unrar : yes
> >>>>> dmg and xar : no
> >>>>>
> >>>>> Am I missing a configure flag or third party library?
> >>>>>
> >>>>> Thanks in advance,
> >>>>>
> >>>>> - Rafael
> >>>>>
> >>>>> ----
> >>>>> scanii.com - the web friendly malware scanner!
> >>>>> _______________________________________________
> >>>>> http://lurker.clamav.net/list/clamav-devel.html
> >>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
> >>>> _______________________________________________
> >>>> http://lurker.clamav.net/list/clamav-devel.html
> >>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
> >>>> _______________________________________________
> >>>> http://lurker.clamav.net/list/clamav-devel.html
> >>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
> >>>
> >>> _______________________________________________
> >>> http://lurker.clamav.net/list/clamav-devel.html
> >>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
> >>
> >> _______________________________________________
> >> http://lurker.clamav.net/list/clamav-devel.html
> >> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: enabling DMG and XAR support [ In reply to ]
Mark, this has been an issue for many versions along with a slew of
others things not working as expected.

As much as I liked ClamAV, we've abandoned it as a mail solution
shortly after things stopped working correctly and they changed the
required build tools so you can no longer build it with GCC
3.3/4.0/4.1/4.2 and have a fully functional app.

Yes there are flags to get it to build but certain modules and
features don't build and making an incomplete and partially
functional binary isn't appealing.

Advice on updating build tools is a waste of time as there is no
reason to update the build tools just to build ClamAV as it's the
only one that has this ridiculous built-tool requirement and only an
idiot would tell me to update.

My thoughts on this is simple, if it doesn't build with the basic GNU
GCC compiler tools then it's seriously flawed and needs these other
tools to overcome the short-comings of poorly written/implemented code.

When I say build, I mean build with full functionality so don't go
off the deep-end stating it builds, partial functionality may be
acceptable to you bhut it isn't to me.

At this time, for personal use, I use the source code but repackage
the build environment to work with what I have and I'm comfortable
with submitting corrections and patches, too much focus and
complaints on my build tools so why waste my time.

-- Dale

On Mar 19, 2014, at 11:34 AM, Rafael Ferreira wrote:

> Interesting... let me run some tests and get back to you.
>
> On Mar 19, 2014, at 8:33 AM, Mark Allan <markjallan@gmail.com> wrote:
>
>> Just out of interest, did you test to see if it *actually* worked?
>>
>> My configure output shows that dmg and xar are supported, but it
>> doesn't actually detect the Eicar test file within a disk image.
>>
>> configure: Summary of engine detection features
>> autoit_ea06 : yes
>> bzip2 : ok
>> zlib : /usr
>> unrar : yes
>> dmg and xar : yes, from /usr
>>
>> When I create a new disk image, copy the Eicar test file in, and
>> scan the dmg, it shows up as being clean.
>>
>>> clamscan test.dmg
>>> test.dmg: OK
>>>
>>> ----------- SCAN SUMMARY -----------
>>> Known viruses: 3259558
>>> Engine version: 0.98.1
>>> Scanned directories: 0
>>> Scanned files: 1
>>> Infected files: 0
>>> Data scanned: 10.07 MB
>>> Data read: 10.02 MB (ratio 1.01:1)
>>> Time: 4.845 sec (0 m 4 s)
>>
>> Does this work as expected for anyone else?
>>
>> Mark
>>
>> On 10 Feb 2014, at 23:38, Rafael Ferreira <raf@uvasoftware.com>
>> wrote:
>>
>>> That worked, thanks!
>>>
>>> On February 10, 2014 at 4:29:41 PM, Steven Morgan
>>> (smorgan@sourcefire.com) wrote:
>>>
>>> Rafael,
>>>
>>> Probably all you need to do install libxml&libxml2-dev, which is
>>> used by
>>> dmg and xar, then do your configure/make.
>>>
>>> Steve
>>>
>>>
>>> On Mon, Feb 10, 2014 at 6:05 PM, Rafael Ferreira
>>> <raf@uvasoftware.com>wrote:
>>>
>>>>
>>>> Folks,
>>>>
>>>> I'm compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and I'm not
>>>> getting the new super awesome DMG and XAR file support:
>>>>
>>>> configure: Summary of detected features follows
>>>> OS : linux-gnu
>>>> pthreads : yes (-lpthread)
>>>> configure: Summary of miscellaneous features
>>>> check : no (auto)
>>>> fanotify : yes
>>>> fdpassing : 1
>>>> IPv6 : yes
>>>> configure: Summary of optional tools
>>>> clamdtop : (auto)
>>>> milter : yes (disabled)
>>>> configure: Summary of engine performance features)
>>>> release mode: yes
>>>> jit : yes (auto)
>>>> mempool : yes
>>>> configure: Summary of engine detection features
>>>> autoit_ea06 : yes
>>>> bzip2 : ok
>>>> zlib : /usr
>>>> unrar : yes
>>>> dmg and xar : no
>>>>
>>>> Am I missing a configure flag or third party library?
>>>>
>>>> Thanks in advance,
>>>>
>>>> - Rafael
>>>>
>>>> ----
>>>> scanii.com - the web friendly malware scanner!
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>
>> _______________________________________________
>> http://lurker.clamav.net/list/clamav-devel.html
>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>



_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: enabling DMG and XAR support [ In reply to ]
Dale,

Thanks for your email. I’m not sure exactly what you are referring to. Maybe I am missing a connection here or something, but the discussion was around scanning DMG and XAR, which I think, if there’s a issue with, we’d be more than happy to work with anyone to try and square away.

You seem to be discussing a build issue, and you say that it’s a waste of time. When did you get the impression that working with the developers was a waste of time? If we’re not communicating well enough, we can fix that. But I think the team is doing a good job of that judging by the amount of complaints I have received since we took over the project from the old ClamAV team.

Please let me know if we need to take this offline and discuss or anything I can do to help.

--
Joel Esler
Open Source Manager
Threat Intelligence Team Lead
Vulnerability Research Team

On Mar 20, 2014, at 3:55 PM, Dale Walsh <dale@daleenterprise.com<mailto:dale@daleenterprise.com>> wrote:

Mark, this has been an issue for many versions along with a slew of others things not working as expected.

As much as I liked ClamAV, we've abandoned it as a mail solution shortly after things stopped working correctly and they changed the required build tools so you can no longer build it with GCC 3.3/4.0/4.1/4.2 and have a fully functional app.

Yes there are flags to get it to build but certain modules and features don't build and making an incomplete and partially functional binary isn't appealing.

Advice on updating build tools is a waste of time as there is no reason to update the build tools just to build ClamAV as it's the only one that has this ridiculous built-tool requirement and only an idiot would tell me to update.

My thoughts on this is simple, if it doesn't build with the basic GNU GCC compiler tools then it's seriously flawed and needs these other tools to overcome the short-comings of poorly written/implemented code.

When I say build, I mean build with full functionality so don't go off the deep-end stating it builds, partial functionality may be acceptable to you bhut it isn't to me.

At this time, for personal use, I use the source code but repackage the build environment to work with what I have and I'm comfortable with submitting corrections and patches, too much focus and complaints on my build tools so why waste my time.

-- Dale

On Mar 19, 2014, at 11:34 AM, Rafael Ferreira wrote:

Interesting... let me run some tests and get back to you.

On Mar 19, 2014, at 8:33 AM, Mark Allan <markjallan@gmail.com<mailto:markjallan@gmail.com>> wrote:

Just out of interest, did you test to see if it *actually* worked?

My configure output shows that dmg and xar are supported, but it doesn't actually detect the Eicar test file within a disk image.

configure: Summary of engine detection features
autoit_ea06 : yes
bzip2 : ok
zlib : /usr
unrar : yes
dmg and xar : yes, from /usr

When I create a new disk image, copy the Eicar test file in, and scan the dmg, it shows up as being clean.

clamscan test.dmg
test.dmg: OK

----------- SCAN SUMMARY -----------
Known viruses: 3259558
Engine version: 0.98.1
Scanned directories: 0
Scanned files: 1
Infected files: 0
Data scanned: 10.07 MB
Data read: 10.02 MB (ratio 1.01:1)
Time: 4.845 sec (0 m 4 s)

Does this work as expected for anyone else?

Mark

On 10 Feb 2014, at 23:38, Rafael Ferreira <raf@uvasoftware.com<mailto:raf@uvasoftware.com>> wrote:

That worked, thanks!

On February 10, 2014 at 4:29:41 PM, Steven Morgan (smorgan@sourcefire.com<mailto:smorgan@sourcefire.com>) wrote:

Rafael,

Probably all you need to do install libxml&libxml2-dev, which is used by
dmg and xar, then do your configure/make.

Steve


On Mon, Feb 10, 2014 at 6:05 PM, Rafael Ferreira <raf@uvasoftware.com<mailto:raf@uvasoftware.com>>wrote:


Folks,

I'm compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and I'm not
getting the new super awesome DMG and XAR file support:

configure: Summary of detected features follows
OS : linux-gnu
pthreads : yes (-lpthread)
configure: Summary of miscellaneous features
check : no (auto)
fanotify : yes
fdpassing : 1
IPv6 : yes
configure: Summary of optional tools
clamdtop : (auto)
milter : yes (disabled)
configure: Summary of engine performance features)
release mode: yes
jit : yes (auto)
mempool : yes
configure: Summary of engine detection features
autoit_ea06 : yes
bzip2 : ok
zlib : /usr
unrar : yes
dmg and xar : no

Am I missing a configure flag or third party library?

Thanks in advance,

- Rafael

----
scanii.com<http://scanii.com> - the web friendly malware scanner!
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net

_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net

_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net




_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net

_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: enabling DMG and XAR support [ In reply to ]
You did miss it but it's a two headed nail.

PDF, DMG, XAR and RAR have had issues not recognizing the test
viruses to name just a couple that spring to mind that we've had
trouble with and this all started happening when the clang and crap
entered the picture.

I've worked with the developers in the past, once the build
environment dependancies changed and I was told I had to upgrade my
OS and build tools is when it was no longer possible to resolve these
issues as the update solely for the purpose of building ClamAV is not
an option and I shouldn't be forced to use someone else's built tool
preferences just because they have the luxury of updating on a whim
or purely for bragging rights.

It does not matter if my OS is dated, security patches are applied to
the build tools as they become available and this seems to satisfy
all other software that build from source except ClamAV.

Having everything build with GCC 4.0 would allow me/us to re-deploy
ClamAV and contribute to the code base again (I have in the past) but
the chances of this are slim to non from what I recall because my OS
and build tools are dated and listening to rants about ancient and
deprecated is nothing more than someone spewing stupidity.

The fact that I ensure all bugs and updates to the build tools are
fixed/added allows me to keep everything in harmony and there is no
reason to update anything to build a single software package when all
other software sources seem to be content with the existing build
environment.

If you wish to go off-list to continue the discussion I have no
objections.


-- Dale



On Mar 20, 2014, at 16:35 PM, Joel Esler (jesler) wrote:

> Dale,
>
> Thanks for your email. I’m not sure exactly what you are referring
> to. Maybe I am missing a connection here or something, but the
> discussion was around scanning DMG and XAR, which I think, if
> there’s a issue with, we’d be more than happy to work with anyone
> to try and square away.
>
> You seem to be discussing a build issue, and you say that it’s a
> waste of time. When did you get the impression that working with
> the developers was a waste of time? If we’re not communicating
> well enough, we can fix that. But I think the team is doing a good
> job of that judging by the amount of complaints I have received
> since we took over the project from the old ClamAV team.
>
> Please let me know if we need to take this offline and discuss or
> anything I can do to help.
>
> --
> Joel Esler
> Open Source Manager
> Threat Intelligence Team Lead
> Vulnerability Research Team
>
> On Mar 20, 2014, at 3:55 PM, Dale Walsh
> <dale@daleenterprise.com<mailto:dale@daleenterprise.com>> wrote:
>
> Mark, this has been an issue for many versions along with a slew of
> others things not working as expected.
>
> As much as I liked ClamAV, we've abandoned it as a mail solution
> shortly after things stopped working correctly and they changed the
> required build tools so you can no longer build it with GCC
> 3.3/4.0/4.1/4.2 and have a fully functional app.
>
> Yes there are flags to get it to build but certain modules and
> features don't build and making an incomplete and partially
> functional binary isn't appealing.
>
> Advice on updating build tools is a waste of time as there is no
> reason to update the build tools just to build ClamAV as it's the
> only one that has this ridiculous built-tool requirement and only
> an idiot would tell me to update.
>
> My thoughts on this is simple, if it doesn't build with the basic
> GNU GCC compiler tools then it's seriously flawed and needs these
> other tools to overcome the short-comings of poorly written/
> implemented code.
>
> When I say build, I mean build with full functionality so don't go
> off the deep-end stating it builds, partial functionality may be
> acceptable to you bhut it isn't to me.
>
> At this time, for personal use, I use the source code but repackage
> the build environment to work with what I have and I'm comfortable
> with submitting corrections and patches, too much focus and
> complaints on my build tools so why waste my time.
>
> -- Dale
>
> On Mar 19, 2014, at 11:34 AM, Rafael Ferreira wrote:
>
> Interesting... let me run some tests and get back to you.
>
> On Mar 19, 2014, at 8:33 AM, Mark Allan
> <markjallan@gmail.com<mailto:markjallan@gmail.com>> wrote:
>
> Just out of interest, did you test to see if it *actually* worked?
>
> My configure output shows that dmg and xar are supported, but it
> doesn't actually detect the Eicar test file within a disk image.
>
> configure: Summary of engine detection features
> autoit_ea06 : yes
> bzip2 : ok
> zlib : /usr
> unrar : yes
> dmg and xar : yes, from /usr
>
> When I create a new disk image, copy the Eicar test file in, and
> scan the dmg, it shows up as being clean.
>
> clamscan test.dmg
> test.dmg: OK
>
> ----------- SCAN SUMMARY -----------
> Known viruses: 3259558
> Engine version: 0.98.1
> Scanned directories: 0
> Scanned files: 1
> Infected files: 0
> Data scanned: 10.07 MB
> Data read: 10.02 MB (ratio 1.01:1)
> Time: 4.845 sec (0 m 4 s)
>
> Does this work as expected for anyone else?
>
> Mark
>
> On 10 Feb 2014, at 23:38, Rafael Ferreira
> <raf@uvasoftware.com<mailto:raf@uvasoftware.com>> wrote:
>
> That worked, thanks!
>
> On February 10, 2014 at 4:29:41 PM, Steven Morgan
> (smorgan@sourcefire.com<mailto:smorgan@sourcefire.com>) wrote:
>
> Rafael,
>
> Probably all you need to do install libxml&libxml2-dev, which is
> used by
> dmg and xar, then do your configure/make.
>
> Steve
>
>
> On Mon, Feb 10, 2014 at 6:05 PM, Rafael Ferreira
> <raf@uvasoftware.com<mailto:raf@uvasoftware.com>>wrote:
>
>
> Folks,
>
> I'm compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and I'm not
> getting the new super awesome DMG and XAR file support:
>
> configure: Summary of detected features follows
> OS : linux-gnu
> pthreads : yes (-lpthread)
> configure: Summary of miscellaneous features
> check : no (auto)
> fanotify : yes
> fdpassing : 1
> IPv6 : yes
> configure: Summary of optional tools
> clamdtop : (auto)
> milter : yes (disabled)
> configure: Summary of engine performance features)
> release mode: yes
> jit : yes (auto)
> mempool : yes
> configure: Summary of engine detection features
> autoit_ea06 : yes
> bzip2 : ok
> zlib : /usr
> unrar : yes
> dmg and xar : no
>
> Am I missing a configure flag or third party library?
>
> Thanks in advance,
>
> - Rafael
>
> ----
> scanii.com<http://scanii.com> - the web friendly malware scanner!
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
>
>
>
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
>

_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: enabling DMG and XAR support [ In reply to ]
DMG support was just added in the last version of ClamAV. How long ago did you do this testing?


On Mar 20, 2014, at 8:22 PM, Dale Walsh <dale@daleenterprise.com> wrote:

> You did miss it but it's a two headed nail.
>
> PDF, DMG, XAR and RAR have had issues not recognizing the test viruses to name just a couple that spring to mind that we've had trouble with and this all started happening when the clang and crap entered the picture.
>
> I've worked with the developers in the past, once the build environment dependancies changed and I was told I had to upgrade my OS and build tools is when it was no longer possible to resolve these issues as the update solely for the purpose of building ClamAV is not an option and I shouldn't be forced to use someone else's built tool preferences just because they have the luxury of updating on a whim or purely for bragging rights.
>
> It does not matter if my OS is dated, security patches are applied to the build tools as they become available and this seems to satisfy all other software that build from source except ClamAV.
>
> Having everything build with GCC 4.0 would allow me/us to re-deploy ClamAV and contribute to the code base again (I have in the past) but the chances of this are slim to non from what I recall because my OS and build tools are dated and listening to rants about ancient and deprecated is nothing more than someone spewing stupidity.
>
> The fact that I ensure all bugs and updates to the build tools are fixed/added allows me to keep everything in harmony and there is no reason to update anything to build a single software package when all other software sources seem to be content with the existing build environment.
>
> If you wish to go off-list to continue the discussion I have no objections.
>
>
> -- Dale
>
>
>
> On Mar 20, 2014, at 16:35 PM, Joel Esler (jesler) wrote:
>
>> Dale,
>>
>> Thanks for your email. I’m not sure exactly what you are referring to. Maybe I am missing a connection here or something, but the discussion was around scanning DMG and XAR, which I think, if there’s a issue with, we’d be more than happy to work with anyone to try and square away.
>>
>> You seem to be discussing a build issue, and you say that it’s a waste of time. When did you get the impression that working with the developers was a waste of time? If we’re not communicating well enough, we can fix that. But I think the team is doing a good job of that judging by the amount of complaints I have received since we took over the project from the old ClamAV team.
>>
>> Please let me know if we need to take this offline and discuss or anything I can do to help.
>>
>> --
>> Joel Esler
>> Open Source Manager
>> Threat Intelligence Team Lead
>> Vulnerability Research Team
>>
>> On Mar 20, 2014, at 3:55 PM, Dale Walsh <dale@daleenterprise.com<mailto:dale@daleenterprise.com>> wrote:
>>
>> Mark, this has been an issue for many versions along with a slew of others things not working as expected.
>>
>> As much as I liked ClamAV, we've abandoned it as a mail solution shortly after things stopped working correctly and they changed the required build tools so you can no longer build it with GCC 3.3/4.0/4.1/4.2 and have a fully functional app.
>>
>> Yes there are flags to get it to build but certain modules and features don't build and making an incomplete and partially functional binary isn't appealing.
>>
>> Advice on updating build tools is a waste of time as there is no reason to update the build tools just to build ClamAV as it's the only one that has this ridiculous built-tool requirement and only an idiot would tell me to update.
>>
>> My thoughts on this is simple, if it doesn't build with the basic GNU GCC compiler tools then it's seriously flawed and needs these other tools to overcome the short-comings of poorly written/implemented code.
>>
>> When I say build, I mean build with full functionality so don't go off the deep-end stating it builds, partial functionality may be acceptable to you bhut it isn't to me.
>>
>> At this time, for personal use, I use the source code but repackage the build environment to work with what I have and I'm comfortable with submitting corrections and patches, too much focus and complaints on my build tools so why waste my time.
>>
>> -- Dale
>>
>> On Mar 19, 2014, at 11:34 AM, Rafael Ferreira wrote:
>>
>> Interesting... let me run some tests and get back to you.
>>
>> On Mar 19, 2014, at 8:33 AM, Mark Allan <markjallan@gmail.com<mailto:markjallan@gmail.com>> wrote:
>>
>> Just out of interest, did you test to see if it *actually* worked?
>>
>> My configure output shows that dmg and xar are supported, but it doesn't actually detect the Eicar test file within a disk image.
>>
>> configure: Summary of engine detection features
>> autoit_ea06 : yes
>> bzip2 : ok
>> zlib : /usr
>> unrar : yes
>> dmg and xar : yes, from /usr
>>
>> When I create a new disk image, copy the Eicar test file in, and scan the dmg, it shows up as being clean.
>>
>> clamscan test.dmg
>> test.dmg: OK
>>
>> ----------- SCAN SUMMARY -----------
>> Known viruses: 3259558
>> Engine version: 0.98.1
>> Scanned directories: 0
>> Scanned files: 1
>> Infected files: 0
>> Data scanned: 10.07 MB
>> Data read: 10.02 MB (ratio 1.01:1)
>> Time: 4.845 sec (0 m 4 s)
>>
>> Does this work as expected for anyone else?
>>
>> Mark
>>
>> On 10 Feb 2014, at 23:38, Rafael Ferreira <raf@uvasoftware.com<mailto:raf@uvasoftware.com>> wrote:
>>
>> That worked, thanks!
>>
>> On February 10, 2014 at 4:29:41 PM, Steven Morgan (smorgan@sourcefire.com<mailto:smorgan@sourcefire.com>) wrote:
>>
>> Rafael,
>>
>> Probably all you need to do install libxml&libxml2-dev, which is used by
>> dmg and xar, then do your configure/make.
>>
>> Steve
>>
>>
>> On Mon, Feb 10, 2014 at 6:05 PM, Rafael Ferreira <raf@uvasoftware.com<mailto:raf@uvasoftware.com>>wrote:
>>
>>
>> Folks,
>>
>> I'm compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and I'm not
>> getting the new super awesome DMG and XAR file support:
>>
>> configure: Summary of detected features follows
>> OS : linux-gnu
>> pthreads : yes (-lpthread)
>> configure: Summary of miscellaneous features
>> check : no (auto)
>> fanotify : yes
>> fdpassing : 1
>> IPv6 : yes
>> configure: Summary of optional tools
>> clamdtop : (auto)
>> milter : yes (disabled)
>> configure: Summary of engine performance features)
>> release mode: yes
>> jit : yes (auto)
>> mempool : yes
>> configure: Summary of engine detection features
>> autoit_ea06 : yes
>> bzip2 : ok
>> zlib : /usr
>> unrar : yes
>> dmg and xar : no
>>
>> Am I missing a configure flag or third party library?
>>
>> Thanks in advance,
>>
>> - Rafael
>>
>> ----
>> scanii.com<http://scanii.com> - the web friendly malware scanner!
>> _______________________________________________
>> http://lurker.clamav.net/list/clamav-devel.html
>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>> _______________________________________________
>> http://lurker.clamav.net/list/clamav-devel.html
>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>> _______________________________________________
>> http://lurker.clamav.net/list/clamav-devel.html
>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>
>> _______________________________________________
>> http://lurker.clamav.net/list/clamav-devel.html
>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>
>> _______________________________________________
>> http://lurker.clamav.net/list/clamav-devel.html
>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>
>>
>>
>>
>> _______________________________________________
>> http://lurker.clamav.net/list/clamav-devel.html
>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>
>> _______________________________________________
>> http://lurker.clamav.net/list/clamav-devel.html
>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>
>>
>
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net

_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: enabling DMG and XAR support [ In reply to ]
Sorry, I'm not sure if you're talking to me or Dale. If you're talking to me, my testing was done two days ago using ClamAV 0.98.1

Mark

On 21 Mar 2014, at 13:16, Joel Esler (jesler) <jesler@cisco.com> wrote:

> DMG support was just added in the last version of ClamAV. How long ago did you do this testing?
>
>
> On Mar 20, 2014, at 8:22 PM, Dale Walsh <dale@daleenterprise.com> wrote:
>
>> You did miss it but it's a two headed nail.
>>
>> PDF, DMG, XAR and RAR have had issues not recognizing the test viruses to name just a couple that spring to mind that we've had trouble with and this all started happening when the clang and crap entered the picture.
>>
>> I've worked with the developers in the past, once the build environment dependancies changed and I was told I had to upgrade my OS and build tools is when it was no longer possible to resolve these issues as the update solely for the purpose of building ClamAV is not an option and I shouldn't be forced to use someone else's built tool preferences just because they have the luxury of updating on a whim or purely for bragging rights.
>>
>> It does not matter if my OS is dated, security patches are applied to the build tools as they become available and this seems to satisfy all other software that build from source except ClamAV.
>>
>> Having everything build with GCC 4.0 would allow me/us to re-deploy ClamAV and contribute to the code base again (I have in the past) but the chances of this are slim to non from what I recall because my OS and build tools are dated and listening to rants about ancient and deprecated is nothing more than someone spewing stupidity.
>>
>> The fact that I ensure all bugs and updates to the build tools are fixed/added allows me to keep everything in harmony and there is no reason to update anything to build a single software package when all other software sources seem to be content with the existing build environment.
>>
>> If you wish to go off-list to continue the discussion I have no objections.
>>
>>
>> -- Dale
>>
>>
>>
>> On Mar 20, 2014, at 16:35 PM, Joel Esler (jesler) wrote:
>>
>>> Dale,
>>>
>>> Thanks for your email. I’m not sure exactly what you are referring to. Maybe I am missing a connection here or something, but the discussion was around scanning DMG and XAR, which I think, if there’s a issue with, we’d be more than happy to work with anyone to try and square away.
>>>
>>> You seem to be discussing a build issue, and you say that it’s a waste of time. When did you get the impression that working with the developers was a waste of time? If we’re not communicating well enough, we can fix that. But I think the team is doing a good job of that judging by the amount of complaints I have received since we took over the project from the old ClamAV team.
>>>
>>> Please let me know if we need to take this offline and discuss or anything I can do to help.
>>>
>>> --
>>> Joel Esler
>>> Open Source Manager
>>> Threat Intelligence Team Lead
>>> Vulnerability Research Team
>>>
>>> On Mar 20, 2014, at 3:55 PM, Dale Walsh <dale@daleenterprise.com<mailto:dale@daleenterprise.com>> wrote:
>>>
>>> Mark, this has been an issue for many versions along with a slew of others things not working as expected.
>>>
>>> As much as I liked ClamAV, we've abandoned it as a mail solution shortly after things stopped working correctly and they changed the required build tools so you can no longer build it with GCC 3.3/4.0/4.1/4.2 and have a fully functional app.
>>>
>>> Yes there are flags to get it to build but certain modules and features don't build and making an incomplete and partially functional binary isn't appealing.
>>>
>>> Advice on updating build tools is a waste of time as there is no reason to update the build tools just to build ClamAV as it's the only one that has this ridiculous built-tool requirement and only an idiot would tell me to update.
>>>
>>> My thoughts on this is simple, if it doesn't build with the basic GNU GCC compiler tools then it's seriously flawed and needs these other tools to overcome the short-comings of poorly written/implemented code.
>>>
>>> When I say build, I mean build with full functionality so don't go off the deep-end stating it builds, partial functionality may be acceptable to you bhut it isn't to me.
>>>
>>> At this time, for personal use, I use the source code but repackage the build environment to work with what I have and I'm comfortable with submitting corrections and patches, too much focus and complaints on my build tools so why waste my time.
>>>
>>> -- Dale
>>>
>>> On Mar 19, 2014, at 11:34 AM, Rafael Ferreira wrote:
>>>
>>> Interesting... let me run some tests and get back to you.
>>>
>>> On Mar 19, 2014, at 8:33 AM, Mark Allan <markjallan@gmail.com<mailto:markjallan@gmail.com>> wrote:
>>>
>>> Just out of interest, did you test to see if it *actually* worked?
>>>
>>> My configure output shows that dmg and xar are supported, but it doesn't actually detect the Eicar test file within a disk image.
>>>
>>> configure: Summary of engine detection features
>>> autoit_ea06 : yes
>>> bzip2 : ok
>>> zlib : /usr
>>> unrar : yes
>>> dmg and xar : yes, from /usr
>>>
>>> When I create a new disk image, copy the Eicar test file in, and scan the dmg, it shows up as being clean.
>>>
>>> clamscan test.dmg
>>> test.dmg: OK
>>>
>>> ----------- SCAN SUMMARY -----------
>>> Known viruses: 3259558
>>> Engine version: 0.98.1
>>> Scanned directories: 0
>>> Scanned files: 1
>>> Infected files: 0
>>> Data scanned: 10.07 MB
>>> Data read: 10.02 MB (ratio 1.01:1)
>>> Time: 4.845 sec (0 m 4 s)
>>>
>>> Does this work as expected for anyone else?
>>>
>>> Mark
>>>
>>> On 10 Feb 2014, at 23:38, Rafael Ferreira <raf@uvasoftware.com<mailto:raf@uvasoftware.com>> wrote:
>>>
>>> That worked, thanks!
>>>
>>> On February 10, 2014 at 4:29:41 PM, Steven Morgan (smorgan@sourcefire.com<mailto:smorgan@sourcefire.com>) wrote:
>>>
>>> Rafael,
>>>
>>> Probably all you need to do install libxml&libxml2-dev, which is used by
>>> dmg and xar, then do your configure/make.
>>>
>>> Steve
>>>
>>>
>>> On Mon, Feb 10, 2014 at 6:05 PM, Rafael Ferreira <raf@uvasoftware.com<mailto:raf@uvasoftware.com>>wrote:
>>>
>>>
>>> Folks,
>>>
>>> I'm compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and I'm not
>>> getting the new super awesome DMG and XAR file support:
>>>
>>> configure: Summary of detected features follows
>>> OS : linux-gnu
>>> pthreads : yes (-lpthread)
>>> configure: Summary of miscellaneous features
>>> check : no (auto)
>>> fanotify : yes
>>> fdpassing : 1
>>> IPv6 : yes
>>> configure: Summary of optional tools
>>> clamdtop : (auto)
>>> milter : yes (disabled)
>>> configure: Summary of engine performance features)
>>> release mode: yes
>>> jit : yes (auto)
>>> mempool : yes
>>> configure: Summary of engine detection features
>>> autoit_ea06 : yes
>>> bzip2 : ok
>>> zlib : /usr
>>> unrar : yes
>>> dmg and xar : no
>>>
>>> Am I missing a configure flag or third party library?
>>>
>>> Thanks in advance,
>>>
>>> - Rafael
>>>
>>> ----
>>> scanii.com<http://scanii.com> - the web friendly malware scanner!
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>
>>>
>>
>> _______________________________________________
>> http://lurker.clamav.net/list/clamav-devel.html
>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net

_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: enabling DMG and XAR support [ In reply to ]
Sorry Mark, I’ll actually take my discussion with Dale offline so we don’t pollute the thread.

I think Steve Morgan is working with you on the issue you started this thread with. Sounds like my discussion with Dale is a separate issue.




On Mar 21, 2014, at 10:00 AM, Mark Allan <markjallan@gmail.com> wrote:

> Sorry, I'm not sure if you're talking to me or Dale. If you're talking to me, my testing was done two days ago using ClamAV 0.98.1
>
> Mark
>
> On 21 Mar 2014, at 13:16, Joel Esler (jesler) <jesler@cisco.com> wrote:
>
>> DMG support was just added in the last version of ClamAV. How long ago did you do this testing?
>>
>>
>> On Mar 20, 2014, at 8:22 PM, Dale Walsh <dale@daleenterprise.com> wrote:
>>
>>> You did miss it but it's a two headed nail.
>>>
>>> PDF, DMG, XAR and RAR have had issues not recognizing the test viruses to name just a couple that spring to mind that we've had trouble with and this all started happening when the clang and crap entered the picture.
>>>
>>> I've worked with the developers in the past, once the build environment dependancies changed and I was told I had to upgrade my OS and build tools is when it was no longer possible to resolve these issues as the update solely for the purpose of building ClamAV is not an option and I shouldn't be forced to use someone else's built tool preferences just because they have the luxury of updating on a whim or purely for bragging rights.
>>>
>>> It does not matter if my OS is dated, security patches are applied to the build tools as they become available and this seems to satisfy all other software that build from source except ClamAV.
>>>
>>> Having everything build with GCC 4.0 would allow me/us to re-deploy ClamAV and contribute to the code base again (I have in the past) but the chances of this are slim to non from what I recall because my OS and build tools are dated and listening to rants about ancient and deprecated is nothing more than someone spewing stupidity.
>>>
>>> The fact that I ensure all bugs and updates to the build tools are fixed/added allows me to keep everything in harmony and there is no reason to update anything to build a single software package when all other software sources seem to be content with the existing build environment.
>>>
>>> If you wish to go off-list to continue the discussion I have no objections.
>>>
>>>
>>> -- Dale
>>>
>>>
>>>
>>> On Mar 20, 2014, at 16:35 PM, Joel Esler (jesler) wrote:
>>>
>>>> Dale,
>>>>
>>>> Thanks for your email. I’m not sure exactly what you are referring to. Maybe I am missing a connection here or something, but the discussion was around scanning DMG and XAR, which I think, if there’s a issue with, we’d be more than happy to work with anyone to try and square away.
>>>>
>>>> You seem to be discussing a build issue, and you say that it’s a waste of time. When did you get the impression that working with the developers was a waste of time? If we’re not communicating well enough, we can fix that. But I think the team is doing a good job of that judging by the amount of complaints I have received since we took over the project from the old ClamAV team.
>>>>
>>>> Please let me know if we need to take this offline and discuss or anything I can do to help.
>>>>
>>>> --
>>>> Joel Esler
>>>> Open Source Manager
>>>> Threat Intelligence Team Lead
>>>> Vulnerability Research Team
>>>>
>>>> On Mar 20, 2014, at 3:55 PM, Dale Walsh <dale@daleenterprise.com<mailto:dale@daleenterprise.com>> wrote:
>>>>
>>>> Mark, this has been an issue for many versions along with a slew of others things not working as expected.
>>>>
>>>> As much as I liked ClamAV, we've abandoned it as a mail solution shortly after things stopped working correctly and they changed the required build tools so you can no longer build it with GCC 3.3/4.0/4.1/4.2 and have a fully functional app.
>>>>
>>>> Yes there are flags to get it to build but certain modules and features don't build and making an incomplete and partially functional binary isn't appealing.
>>>>
>>>> Advice on updating build tools is a waste of time as there is no reason to update the build tools just to build ClamAV as it's the only one that has this ridiculous built-tool requirement and only an idiot would tell me to update.
>>>>
>>>> My thoughts on this is simple, if it doesn't build with the basic GNU GCC compiler tools then it's seriously flawed and needs these other tools to overcome the short-comings of poorly written/implemented code.
>>>>
>>>> When I say build, I mean build with full functionality so don't go off the deep-end stating it builds, partial functionality may be acceptable to you bhut it isn't to me.
>>>>
>>>> At this time, for personal use, I use the source code but repackage the build environment to work with what I have and I'm comfortable with submitting corrections and patches, too much focus and complaints on my build tools so why waste my time.
>>>>
>>>> -- Dale
>>>>
>>>> On Mar 19, 2014, at 11:34 AM, Rafael Ferreira wrote:
>>>>
>>>> Interesting... let me run some tests and get back to you.
>>>>
>>>> On Mar 19, 2014, at 8:33 AM, Mark Allan <markjallan@gmail.com<mailto:markjallan@gmail.com>> wrote:
>>>>
>>>> Just out of interest, did you test to see if it *actually* worked?
>>>>
>>>> My configure output shows that dmg and xar are supported, but it doesn't actually detect the Eicar test file within a disk image.
>>>>
>>>> configure: Summary of engine detection features
>>>> autoit_ea06 : yes
>>>> bzip2 : ok
>>>> zlib : /usr
>>>> unrar : yes
>>>> dmg and xar : yes, from /usr
>>>>
>>>> When I create a new disk image, copy the Eicar test file in, and scan the dmg, it shows up as being clean.
>>>>
>>>> clamscan test.dmg
>>>> test.dmg: OK
>>>>
>>>> ----------- SCAN SUMMARY -----------
>>>> Known viruses: 3259558
>>>> Engine version: 0.98.1
>>>> Scanned directories: 0
>>>> Scanned files: 1
>>>> Infected files: 0
>>>> Data scanned: 10.07 MB
>>>> Data read: 10.02 MB (ratio 1.01:1)
>>>> Time: 4.845 sec (0 m 4 s)
>>>>
>>>> Does this work as expected for anyone else?
>>>>
>>>> Mark
>>>>
>>>> On 10 Feb 2014, at 23:38, Rafael Ferreira <raf@uvasoftware.com<mailto:raf@uvasoftware.com>> wrote:
>>>>
>>>> That worked, thanks!
>>>>
>>>> On February 10, 2014 at 4:29:41 PM, Steven Morgan (smorgan@sourcefire.com<mailto:smorgan@sourcefire.com>) wrote:
>>>>
>>>> Rafael,
>>>>
>>>> Probably all you need to do install libxml&libxml2-dev, which is used by
>>>> dmg and xar, then do your configure/make.
>>>>
>>>> Steve
>>>>
>>>>
>>>> On Mon, Feb 10, 2014 at 6:05 PM, Rafael Ferreira <raf@uvasoftware.com<mailto:raf@uvasoftware.com>>wrote:
>>>>
>>>>
>>>> Folks,
>>>>
>>>> I'm compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and I'm not
>>>> getting the new super awesome DMG and XAR file support:
>>>>
>>>> configure: Summary of detected features follows
>>>> OS : linux-gnu
>>>> pthreads : yes (-lpthread)
>>>> configure: Summary of miscellaneous features
>>>> check : no (auto)
>>>> fanotify : yes
>>>> fdpassing : 1
>>>> IPv6 : yes
>>>> configure: Summary of optional tools
>>>> clamdtop : (auto)
>>>> milter : yes (disabled)
>>>> configure: Summary of engine performance features)
>>>> release mode: yes
>>>> jit : yes (auto)
>>>> mempool : yes
>>>> configure: Summary of engine detection features
>>>> autoit_ea06 : yes
>>>> bzip2 : ok
>>>> zlib : /usr
>>>> unrar : yes
>>>> dmg and xar : no
>>>>
>>>> Am I missing a configure flag or third party library?
>>>>
>>>> Thanks in advance,
>>>>
>>>> - Rafael
>>>>
>>>> ----
>>>> scanii.com<http://scanii.com> - the web friendly malware scanner!
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>
>>>>
>>>
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>
>> _______________________________________________
>> http://lurker.clamav.net/list/clamav-devel.html
>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net

_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: enabling DMG and XAR support [ In reply to ]
0.98.1 DMG does not work.

-- Dale



On Mar 21, 2014, at 09:16 AM, Joel Esler (jesler) wrote:

> DMG support was just added in the last version of ClamAV. How long
> ago did you do this testing?
>
>
> On Mar 20, 2014, at 8:22 PM, Dale Walsh <dale@daleenterprise.com>
> wrote:
>
>> You did miss it but it's a two headed nail.
>>
>> PDF, DMG, XAR and RAR have had issues not recognizing the test
>> viruses to name just a couple that spring to mind that we've had
>> trouble with and this all started happening when the clang and
>> crap entered the picture.
>>
>> I've worked with the developers in the past, once the build
>> environment dependancies changed and I was told I had to upgrade
>> my OS and build tools is when it was no longer possible to resolve
>> these issues as the update solely for the purpose of building
>> ClamAV is not an option and I shouldn't be forced to use someone
>> else's built tool preferences just because they have the luxury of
>> updating on a whim or purely for bragging rights.
>>
>> It does not matter if my OS is dated, security patches are applied
>> to the build tools as they become available and this seems to
>> satisfy all other software that build from source except ClamAV.
>>
>> Having everything build with GCC 4.0 would allow me/us to re-
>> deploy ClamAV and contribute to the code base again (I have in the
>> past) but the chances of this are slim to non from what I recall
>> because my OS and build tools are dated and listening to rants
>> about ancient and deprecated is nothing more than someone spewing
>> stupidity.
>>
>> The fact that I ensure all bugs and updates to the build tools are
>> fixed/added allows me to keep everything in harmony and there is
>> no reason to update anything to build a single software package
>> when all other software sources seem to be content with the
>> existing build environment.
>>
>> If you wish to go off-list to continue the discussion I have no
>> objections.
>>
>>
>> -- Dale
>>
>>
>>
>> On Mar 20, 2014, at 16:35 PM, Joel Esler (jesler) wrote:
>>
>>> Dale,
>>>
>>> Thanks for your email. I’m not sure exactly what you are
>>> referring to. Maybe I am missing a connection here or something,
>>> but the discussion was around scanning DMG and XAR, which I
>>> think, if there’s a issue with, we’d be more than happy to work
>>> with anyone to try and square away.
>>>
>>> You seem to be discussing a build issue, and you say that it’s a
>>> waste of time. When did you get the impression that working with
>>> the developers was a waste of time? If we’re not communicating
>>> well enough, we can fix that. But I think the team is doing a
>>> good job of that judging by the amount of complaints I have
>>> received since we took over the project from the old ClamAV team.
>>>
>>> Please let me know if we need to take this offline and discuss or
>>> anything I can do to help.
>>>
>>> --
>>> Joel Esler
>>> Open Source Manager
>>> Threat Intelligence Team Lead
>>> Vulnerability Research Team
>>>
>>> On Mar 20, 2014, at 3:55 PM, Dale Walsh
>>> <dale@daleenterprise.com<mailto:dale@daleenterprise.com>> wrote:
>>>
>>> Mark, this has been an issue for many versions along with a slew
>>> of others things not working as expected.
>>>
>>> As much as I liked ClamAV, we've abandoned it as a mail solution
>>> shortly after things stopped working correctly and they changed
>>> the required build tools so you can no longer build it with GCC
>>> 3.3/4.0/4.1/4.2 and have a fully functional app.
>>>
>>> Yes there are flags to get it to build but certain modules and
>>> features don't build and making an incomplete and partially
>>> functional binary isn't appealing.
>>>
>>> Advice on updating build tools is a waste of time as there is no
>>> reason to update the build tools just to build ClamAV as it's the
>>> only one that has this ridiculous built-tool requirement and only
>>> an idiot would tell me to update.
>>>
>>> My thoughts on this is simple, if it doesn't build with the basic
>>> GNU GCC compiler tools then it's seriously flawed and needs these
>>> other tools to overcome the short-comings of poorly written/
>>> implemented code.
>>>
>>> When I say build, I mean build with full functionality so don't
>>> go off the deep-end stating it builds, partial functionality may
>>> be acceptable to you bhut it isn't to me.
>>>
>>> At this time, for personal use, I use the source code but
>>> repackage the build environment to work with what I have and I'm
>>> comfortable with submitting corrections and patches, too much
>>> focus and complaints on my build tools so why waste my time.
>>>
>>> -- Dale
>>>
>>> On Mar 19, 2014, at 11:34 AM, Rafael Ferreira wrote:
>>>
>>> Interesting... let me run some tests and get back to you.
>>>
>>> On Mar 19, 2014, at 8:33 AM, Mark Allan
>>> <markjallan@gmail.com<mailto:markjallan@gmail.com>> wrote:
>>>
>>> Just out of interest, did you test to see if it *actually* worked?
>>>
>>> My configure output shows that dmg and xar are supported, but it
>>> doesn't actually detect the Eicar test file within a disk image.
>>>
>>> configure: Summary of engine detection features
>>> autoit_ea06 : yes
>>> bzip2 : ok
>>> zlib : /usr
>>> unrar : yes
>>> dmg and xar : yes, from /usr
>>>
>>> When I create a new disk image, copy the Eicar test file in, and
>>> scan the dmg, it shows up as being clean.
>>>
>>> clamscan test.dmg
>>> test.dmg: OK
>>>
>>> ----------- SCAN SUMMARY -----------
>>> Known viruses: 3259558
>>> Engine version: 0.98.1
>>> Scanned directories: 0
>>> Scanned files: 1
>>> Infected files: 0
>>> Data scanned: 10.07 MB
>>> Data read: 10.02 MB (ratio 1.01:1)
>>> Time: 4.845 sec (0 m 4 s)
>>>
>>> Does this work as expected for anyone else?
>>>
>>> Mark
>>>
>>> On 10 Feb 2014, at 23:38, Rafael Ferreira
>>> <raf@uvasoftware.com<mailto:raf@uvasoftware.com>> wrote:
>>>
>>> That worked, thanks!
>>>
>>> On February 10, 2014 at 4:29:41 PM, Steven Morgan
>>> (smorgan@sourcefire.com<mailto:smorgan@sourcefire.com>) wrote:
>>>
>>> Rafael,
>>>
>>> Probably all you need to do install libxml&libxml2-dev, which is
>>> used by
>>> dmg and xar, then do your configure/make.
>>>
>>> Steve
>>>
>>>
>>> On Mon, Feb 10, 2014 at 6:05 PM, Rafael Ferreira
>>> <raf@uvasoftware.com<mailto:raf@uvasoftware.com>>wrote:
>>>
>>>
>>> Folks,
>>>
>>> I'm compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and I'm not
>>> getting the new super awesome DMG and XAR file support:
>>>
>>> configure: Summary of detected features follows
>>> OS : linux-gnu
>>> pthreads : yes (-lpthread)
>>> configure: Summary of miscellaneous features
>>> check : no (auto)
>>> fanotify : yes
>>> fdpassing : 1
>>> IPv6 : yes
>>> configure: Summary of optional tools
>>> clamdtop : (auto)
>>> milter : yes (disabled)
>>> configure: Summary of engine performance features)
>>> release mode: yes
>>> jit : yes (auto)
>>> mempool : yes
>>> configure: Summary of engine detection features
>>> autoit_ea06 : yes
>>> bzip2 : ok
>>> zlib : /usr
>>> unrar : yes
>>> dmg and xar : no
>>>
>>> Am I missing a configure flag or third party library?
>>>
>>> Thanks in advance,
>>>
>>> - Rafael
>>>
>>> ----
>>> scanii.com<http://scanii.com> - the web friendly malware scanner!
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>
>>>
>>
>> _______________________________________________
>> http://lurker.clamav.net/list/clamav-devel.html
>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
>

_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: enabling DMG and XAR support [ In reply to ]
Then I am sure the developers would be glad to help figure out the problem and fix it.

--
Joel Esler
Sent from my iPhone

> On Mar 22, 2014, at 13:32, "Dale Walsh" <dale@daleenterprise.com> wrote:
>
> 0.98.1 DMG does not work.
>
> -- Dale
>
>
>
>> On Mar 21, 2014, at 09:16 AM, Joel Esler (jesler) wrote:
>>
>> DMG support was just added in the last version of ClamAV. How long ago did you do this testing?
>>
>>
>>> On Mar 20, 2014, at 8:22 PM, Dale Walsh <dale@daleenterprise.com> wrote:
>>>
>>> You did miss it but it's a two headed nail.
>>>
>>> PDF, DMG, XAR and RAR have had issues not recognizing the test viruses to name just a couple that spring to mind that we've had trouble with and this all started happening when the clang and crap entered the picture.
>>>
>>> I've worked with the developers in the past, once the build environment dependancies changed and I was told I had to upgrade my OS and build tools is when it was no longer possible to resolve these issues as the update solely for the purpose of building ClamAV is not an option and I shouldn't be forced to use someone else's built tool preferences just because they have the luxury of updating on a whim or purely for bragging rights.
>>>
>>> It does not matter if my OS is dated, security patches are applied to the build tools as they become available and this seems to satisfy all other software that build from source except ClamAV.
>>>
>>> Having everything build with GCC 4.0 would allow me/us to re-deploy ClamAV and contribute to the code base again (I have in the past) but the chances of this are slim to non from what I recall because my OS and build tools are dated and listening to rants about ancient and deprecated is nothing more than someone spewing stupidity.
>>>
>>> The fact that I ensure all bugs and updates to the build tools are fixed/added allows me to keep everything in harmony and there is no reason to update anything to build a single software package when all other software sources seem to be content with the existing build environment.
>>>
>>> If you wish to go off-list to continue the discussion I have no objections.
>>>
>>>
>>> -- Dale
>>>
>>>
>>>
>>>> On Mar 20, 2014, at 16:35 PM, Joel Esler (jesler) wrote:
>>>>
>>>> Dale,
>>>>
>>>> Thanks for your email. I’m not sure exactly what you are referring to. Maybe I am missing a connection here or something, but the discussion was around scanning DMG and XAR, which I think, if there’s a issue with, we’d be more than happy to work with anyone to try and square away.
>>>>
>>>> You seem to be discussing a build issue, and you say that it’s a waste of time. When did you get the impression that working with the developers was a waste of time? If we’re not communicating well enough, we can fix that. But I think the team is doing a good job of that judging by the amount of complaints I have received since we took over the project from the old ClamAV team.
>>>>
>>>> Please let me know if we need to take this offline and discuss or anything I can do to help.
>>>>
>>>> --
>>>> Joel Esler
>>>> Open Source Manager
>>>> Threat Intelligence Team Lead
>>>> Vulnerability Research Team
>>>>
>>>> On Mar 20, 2014, at 3:55 PM, Dale Walsh <dale@daleenterprise.com<mailto:dale@daleenterprise.com>> wrote:
>>>>
>>>> Mark, this has been an issue for many versions along with a slew of others things not working as expected.
>>>>
>>>> As much as I liked ClamAV, we've abandoned it as a mail solution shortly after things stopped working correctly and they changed the required build tools so you can no longer build it with GCC 3.3/4.0/4.1/4.2 and have a fully functional app.
>>>>
>>>> Yes there are flags to get it to build but certain modules and features don't build and making an incomplete and partially functional binary isn't appealing.
>>>>
>>>> Advice on updating build tools is a waste of time as there is no reason to update the build tools just to build ClamAV as it's the only one that has this ridiculous built-tool requirement and only an idiot would tell me to update.
>>>>
>>>> My thoughts on this is simple, if it doesn't build with the basic GNU GCC compiler tools then it's seriously flawed and needs these other tools to overcome the short-comings of poorly written/implemented code.
>>>>
>>>> When I say build, I mean build with full functionality so don't go off the deep-end stating it builds, partial functionality may be acceptable to you bhut it isn't to me.
>>>>
>>>> At this time, for personal use, I use the source code but repackage the build environment to work with what I have and I'm comfortable with submitting corrections and patches, too much focus and complaints on my build tools so why waste my time.
>>>>
>>>> -- Dale
>>>>
>>>> On Mar 19, 2014, at 11:34 AM, Rafael Ferreira wrote:
>>>>
>>>> Interesting... let me run some tests and get back to you.
>>>>
>>>> On Mar 19, 2014, at 8:33 AM, Mark Allan <markjallan@gmail.com<mailto:markjallan@gmail.com>> wrote:
>>>>
>>>> Just out of interest, did you test to see if it *actually* worked?
>>>>
>>>> My configure output shows that dmg and xar are supported, but it doesn't actually detect the Eicar test file within a disk image.
>>>>
>>>> configure: Summary of engine detection features
>>>> autoit_ea06 : yes
>>>> bzip2 : ok
>>>> zlib : /usr
>>>> unrar : yes
>>>> dmg and xar : yes, from /usr
>>>>
>>>> When I create a new disk image, copy the Eicar test file in, and scan the dmg, it shows up as being clean.
>>>>
>>>> clamscan test.dmg
>>>> test.dmg: OK
>>>>
>>>> ----------- SCAN SUMMARY -----------
>>>> Known viruses: 3259558
>>>> Engine version: 0.98.1
>>>> Scanned directories: 0
>>>> Scanned files: 1
>>>> Infected files: 0
>>>> Data scanned: 10.07 MB
>>>> Data read: 10.02 MB (ratio 1.01:1)
>>>> Time: 4.845 sec (0 m 4 s)
>>>>
>>>> Does this work as expected for anyone else?
>>>>
>>>> Mark
>>>>
>>>> On 10 Feb 2014, at 23:38, Rafael Ferreira <raf@uvasoftware.com<mailto:raf@uvasoftware.com>> wrote:
>>>>
>>>> That worked, thanks!
>>>>
>>>> On February 10, 2014 at 4:29:41 PM, Steven Morgan (smorgan@sourcefire.com<mailto:smorgan@sourcefire.com>) wrote:
>>>>
>>>> Rafael,
>>>>
>>>> Probably all you need to do install libxml&libxml2-dev, which is used by
>>>> dmg and xar, then do your configure/make.
>>>>
>>>> Steve
>>>>
>>>>
>>>> On Mon, Feb 10, 2014 at 6:05 PM, Rafael Ferreira <raf@uvasoftware.com<mailto:raf@uvasoftware.com>>wrote:
>>>>
>>>>
>>>> Folks,
>>>>
>>>> I'm compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and I'm not
>>>> getting the new super awesome DMG and XAR file support:
>>>>
>>>> configure: Summary of detected features follows
>>>> OS : linux-gnu
>>>> pthreads : yes (-lpthread)
>>>> configure: Summary of miscellaneous features
>>>> check : no (auto)
>>>> fanotify : yes
>>>> fdpassing : 1
>>>> IPv6 : yes
>>>> configure: Summary of optional tools
>>>> clamdtop : (auto)
>>>> milter : yes (disabled)
>>>> configure: Summary of engine performance features)
>>>> release mode: yes
>>>> jit : yes (auto)
>>>> mempool : yes
>>>> configure: Summary of engine detection features
>>>> autoit_ea06 : yes
>>>> bzip2 : ok
>>>> zlib : /usr
>>>> unrar : yes
>>>> dmg and xar : no
>>>>
>>>> Am I missing a configure flag or third party library?
>>>>
>>>> Thanks in advance,
>>>>
>>>> - Rafael
>>>>
>>>> ----
>>>> scanii.com<http://scanii.com> - the web friendly malware scanner!
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>
>> _______________________________________________
>> http://lurker.clamav.net/list/clamav-devel.html
>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: enabling DMG and XAR support [ In reply to ]
Yes, a dmg issue and an xar issue were mentioned. If the issue(s) remain,
please open a bug at bugzilla.clamav.net or send some files or --debug
output.


On Sun, Mar 23, 2014 at 5:17 PM, Joel Esler (jesler) <jesler@cisco.com>wrote:

> Then I am sure the developers would be glad to help figure out the problem
> and fix it.
>
> --
> Joel Esler
> Sent from my iPhone
>
> > On Mar 22, 2014, at 13:32, "Dale Walsh" <dale@daleenterprise.com> wrote:
> >
> > 0.98.1 DMG does not work.
> >
> > -- Dale
> >
> >
> >
> >> On Mar 21, 2014, at 09:16 AM, Joel Esler (jesler) wrote:
> >>
> >> DMG support was just added in the last version of ClamAV. How long ago
> did you do this testing?
> >>
> >>
> >>> On Mar 20, 2014, at 8:22 PM, Dale Walsh <dale@daleenterprise.com>
> wrote:
> >>>
> >>> You did miss it but it's a two headed nail.
> >>>
> >>> PDF, DMG, XAR and RAR have had issues not recognizing the test viruses
> to name just a couple that spring to mind that we've had trouble with and
> this all started happening when the clang and crap entered the picture.
> >>>
> >>> I've worked with the developers in the past, once the build
> environment dependancies changed and I was told I had to upgrade my OS and
> build tools is when it was no longer possible to resolve these issues as
> the update solely for the purpose of building ClamAV is not an option and I
> shouldn't be forced to use someone else's built tool preferences just
> because they have the luxury of updating on a whim or purely for bragging
> rights.
> >>>
> >>> It does not matter if my OS is dated, security patches are applied to
> the build tools as they become available and this seems to satisfy all
> other software that build from source except ClamAV.
> >>>
> >>> Having everything build with GCC 4.0 would allow me/us to re-deploy
> ClamAV and contribute to the code base again (I have in the past) but the
> chances of this are slim to non from what I recall because my OS and build
> tools are dated and listening to rants about ancient and deprecated is
> nothing more than someone spewing stupidity.
> >>>
> >>> The fact that I ensure all bugs and updates to the build tools are
> fixed/added allows me to keep everything in harmony and there is no reason
> to update anything to build a single software package when all other
> software sources seem to be content with the existing build environment.
> >>>
> >>> If you wish to go off-list to continue the discussion I have no
> objections.
> >>>
> >>>
> >>> -- Dale
> >>>
> >>>
> >>>
> >>>> On Mar 20, 2014, at 16:35 PM, Joel Esler (jesler) wrote:
> >>>>
> >>>> Dale,
> >>>>
> >>>> Thanks for your email. I'm not sure exactly what you are referring
> to. Maybe I am missing a connection here or something, but the discussion
> was around scanning DMG and XAR, which I think, if there's a issue with,
> we'd be more than happy to work with anyone to try and square away.
> >>>>
> >>>> You seem to be discussing a build issue, and you say that it's a
> waste of time. When did you get the impression that working with the
> developers was a waste of time? If we're not communicating well enough, we
> can fix that. But I think the team is doing a good job of that judging by
> the amount of complaints I have received since we took over the project
> from the old ClamAV team.
> >>>>
> >>>> Please let me know if we need to take this offline and discuss or
> anything I can do to help.
> >>>>
> >>>> --
> >>>> Joel Esler
> >>>> Open Source Manager
> >>>> Threat Intelligence Team Lead
> >>>> Vulnerability Research Team
> >>>>
> >>>> On Mar 20, 2014, at 3:55 PM, Dale Walsh <dale@daleenterprise.com
> <mailto:dale@daleenterprise.com>> wrote:
> >>>>
> >>>> Mark, this has been an issue for many versions along with a slew of
> others things not working as expected.
> >>>>
> >>>> As much as I liked ClamAV, we've abandoned it as a mail solution
> shortly after things stopped working correctly and they changed the
> required build tools so you can no longer build it with GCC 3.3/4.0/4.1/4.2
> and have a fully functional app.
> >>>>
> >>>> Yes there are flags to get it to build but certain modules and
> features don't build and making an incomplete and partially functional
> binary isn't appealing.
> >>>>
> >>>> Advice on updating build tools is a waste of time as there is no
> reason to update the build tools just to build ClamAV as it's the only one
> that has this ridiculous built-tool requirement and only an idiot would
> tell me to update.
> >>>>
> >>>> My thoughts on this is simple, if it doesn't build with the basic GNU
> GCC compiler tools then it's seriously flawed and needs these other tools
> to overcome the short-comings of poorly written/implemented code.
> >>>>
> >>>> When I say build, I mean build with full functionality so don't go
> off the deep-end stating it builds, partial functionality may be acceptable
> to you bhut it isn't to me.
> >>>>
> >>>> At this time, for personal use, I use the source code but repackage
> the build environment to work with what I have and I'm comfortable with
> submitting corrections and patches, too much focus and complaints on my
> build tools so why waste my time.
> >>>>
> >>>> -- Dale
> >>>>
> >>>> On Mar 19, 2014, at 11:34 AM, Rafael Ferreira wrote:
> >>>>
> >>>> Interesting... let me run some tests and get back to you.
> >>>>
> >>>> On Mar 19, 2014, at 8:33 AM, Mark Allan <markjallan@gmail.com<mailto:
> markjallan@gmail.com>> wrote:
> >>>>
> >>>> Just out of interest, did you test to see if it *actually* worked?
> >>>>
> >>>> My configure output shows that dmg and xar are supported, but it
> doesn't actually detect the Eicar test file within a disk image.
> >>>>
> >>>> configure: Summary of engine detection features
> >>>> autoit_ea06 : yes
> >>>> bzip2 : ok
> >>>> zlib : /usr
> >>>> unrar : yes
> >>>> dmg and xar : yes, from /usr
> >>>>
> >>>> When I create a new disk image, copy the Eicar test file in, and scan
> the dmg, it shows up as being clean.
> >>>>
> >>>> clamscan test.dmg
> >>>> test.dmg: OK
> >>>>
> >>>> ----------- SCAN SUMMARY -----------
> >>>> Known viruses: 3259558
> >>>> Engine version: 0.98.1
> >>>> Scanned directories: 0
> >>>> Scanned files: 1
> >>>> Infected files: 0
> >>>> Data scanned: 10.07 MB
> >>>> Data read: 10.02 MB (ratio 1.01:1)
> >>>> Time: 4.845 sec (0 m 4 s)
> >>>>
> >>>> Does this work as expected for anyone else?
> >>>>
> >>>> Mark
> >>>>
> >>>> On 10 Feb 2014, at 23:38, Rafael Ferreira <raf@uvasoftware.com
> <mailto:raf@uvasoftware.com>> wrote:
> >>>>
> >>>> That worked, thanks!
> >>>>
> >>>> On February 10, 2014 at 4:29:41 PM, Steven Morgan (
> smorgan@sourcefire.com<mailto:smorgan@sourcefire.com>) wrote:
> >>>>
> >>>> Rafael,
> >>>>
> >>>> Probably all you need to do install libxml&libxml2-dev, which is used
> by
> >>>> dmg and xar, then do your configure/make.
> >>>>
> >>>> Steve
> >>>>
> >>>>
> >>>> On Mon, Feb 10, 2014 at 6:05 PM, Rafael Ferreira <raf@uvasoftware.com
> <mailto:raf@uvasoftware.com>>wrote:
> >>>>
> >>>>
> >>>> Folks,
> >>>>
> >>>> I'm compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and I'm not
> >>>> getting the new super awesome DMG and XAR file support:
> >>>>
> >>>> configure: Summary of detected features follows
> >>>> OS : linux-gnu
> >>>> pthreads : yes (-lpthread)
> >>>> configure: Summary of miscellaneous features
> >>>> check : no (auto)
> >>>> fanotify : yes
> >>>> fdpassing : 1
> >>>> IPv6 : yes
> >>>> configure: Summary of optional tools
> >>>> clamdtop : (auto)
> >>>> milter : yes (disabled)
> >>>> configure: Summary of engine performance features)
> >>>> release mode: yes
> >>>> jit : yes (auto)
> >>>> mempool : yes
> >>>> configure: Summary of engine detection features
> >>>> autoit_ea06 : yes
> >>>> bzip2 : ok
> >>>> zlib : /usr
> >>>> unrar : yes
> >>>> dmg and xar : no
> >>>>
> >>>> Am I missing a configure flag or third party library?
> >>>>
> >>>> Thanks in advance,
> >>>>
> >>>> - Rafael
> >>>>
> >>>> ----
> >>>> scanii.com<http://scanii.com> - the web friendly malware scanner!
> >>>> _______________________________________________
> >>>> http://lurker.clamav.net/list/clamav-devel.html
> >>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
> >>>> _______________________________________________
> >>>> http://lurker.clamav.net/list/clamav-devel.html
> >>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
> >>>> _______________________________________________
> >>>> http://lurker.clamav.net/list/clamav-devel.html
> >>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
> >>>>
> >>>> _______________________________________________
> >>>> http://lurker.clamav.net/list/clamav-devel.html
> >>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
> >>>>
> >>>> _______________________________________________
> >>>> http://lurker.clamav.net/list/clamav-devel.html
> >>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> _______________________________________________
> >>>> http://lurker.clamav.net/list/clamav-devel.html
> >>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
> >>>>
> >>>> _______________________________________________
> >>>> http://lurker.clamav.net/list/clamav-devel.html
> >>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
> >>>
> >>> _______________________________________________
> >>> http://lurker.clamav.net/list/clamav-devel.html
> >>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
> >>
> >> _______________________________________________
> >> http://lurker.clamav.net/list/clamav-devel.html
> >> Please submit your patches to our Bugzilla: http://bugs.clamav.net
> >
> > _______________________________________________
> > http://lurker.clamav.net/list/clamav-devel.html
> > Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: enabling DMG and XAR support [ In reply to ]
When it builds completely under GCC 4.0, I would be more than happy
to offer detailed debugging information and dumps that would be
beneficial to the project but as it stands, a bug report at
bugzilla.clamav.net isn't anything I would consider wasting my time
on but you are more than welcome to file the report yourself.

It makes no sense for me to file a report as I may use the source
files but nothing else, I repackage it so I can build it and rather
than listen to stupidity about my method of building being the root
of the problem, informing you like other have should be sufficient to
warrant an in-depth investigation into the matter.

-- Dale



On Mar 24, 2014, at 17:32 PM, Steven Morgan wrote:

> Yes, a dmg issue and an xar issue were mentioned. If the issue(s)
> remain,
> please open a bug at bugzilla.clamav.net or send some files or --debug
> output.
>
>
> On Sun, Mar 23, 2014 at 5:17 PM, Joel Esler (jesler)
> <jesler@cisco.com>wrote:
>
>> Then I am sure the developers would be glad to help figure out the
>> problem
>> and fix it.
>>
>> --
>> Joel Esler
>> Sent from my iPhone
>>
>>> On Mar 22, 2014, at 13:32, "Dale Walsh" <dale@daleenterprise.com>
>>> wrote:
>>>
>>> 0.98.1 DMG does not work.
>>>
>>> -- Dale
>>>
>>>
>>>
>>>> On Mar 21, 2014, at 09:16 AM, Joel Esler (jesler) wrote:
>>>>
>>>> DMG support was just added in the last version of ClamAV. How
>>>> long ago
>> did you do this testing?
>>>>
>>>>
>>>>> On Mar 20, 2014, at 8:22 PM, Dale Walsh <dale@daleenterprise.com>
>> wrote:
>>>>>
>>>>> You did miss it but it's a two headed nail.
>>>>>
>>>>> PDF, DMG, XAR and RAR have had issues not recognizing the test
>>>>> viruses
>> to name just a couple that spring to mind that we've had trouble
>> with and
>> this all started happening when the clang and crap entered the
>> picture.
>>>>>
>>>>> I've worked with the developers in the past, once the build
>> environment dependancies changed and I was told I had to upgrade
>> my OS and
>> build tools is when it was no longer possible to resolve these
>> issues as
>> the update solely for the purpose of building ClamAV is not an
>> option and I
>> shouldn't be forced to use someone else's built tool preferences just
>> because they have the luxury of updating on a whim or purely for
>> bragging
>> rights.
>>>>>
>>>>> It does not matter if my OS is dated, security patches are
>>>>> applied to
>> the build tools as they become available and this seems to satisfy
>> all
>> other software that build from source except ClamAV.
>>>>>
>>>>> Having everything build with GCC 4.0 would allow me/us to re-
>>>>> deploy
>> ClamAV and contribute to the code base again (I have in the past)
>> but the
>> chances of this are slim to non from what I recall because my OS
>> and build
>> tools are dated and listening to rants about ancient and
>> deprecated is
>> nothing more than someone spewing stupidity.
>>>>>
>>>>> The fact that I ensure all bugs and updates to the build tools are
>> fixed/added allows me to keep everything in harmony and there is
>> no reason
>> to update anything to build a single software package when all other
>> software sources seem to be content with the existing build
>> environment.
>>>>>
>>>>> If you wish to go off-list to continue the discussion I have no
>> objections.
>>>>>
>>>>>
>>>>> -- Dale
>>>>>
>>>>>
>>>>>
>>>>>> On Mar 20, 2014, at 16:35 PM, Joel Esler (jesler) wrote:
>>>>>>
>>>>>> Dale,
>>>>>>
>>>>>> Thanks for your email. I'm not sure exactly what you are
>>>>>> referring
>> to. Maybe I am missing a connection here or something, but the
>> discussion
>> was around scanning DMG and XAR, which I think, if there's a issue
>> with,
>> we'd be more than happy to work with anyone to try and square away.
>>>>>>
>>>>>> You seem to be discussing a build issue, and you say that it's a
>> waste of time. When did you get the impression that working with the
>> developers was a waste of time? If we're not communicating well
>> enough, we
>> can fix that. But I think the team is doing a good job of that
>> judging by
>> the amount of complaints I have received since we took over the
>> project
>> from the old ClamAV team.
>>>>>>
>>>>>> Please let me know if we need to take this offline and discuss or
>> anything I can do to help.
>>>>>>
>>>>>> --
>>>>>> Joel Esler
>>>>>> Open Source Manager
>>>>>> Threat Intelligence Team Lead
>>>>>> Vulnerability Research Team
>>>>>>
>>>>>> On Mar 20, 2014, at 3:55 PM, Dale Walsh <dale@daleenterprise.com
>> <mailto:dale@daleenterprise.com>> wrote:
>>>>>>
>>>>>> Mark, this has been an issue for many versions along with a
>>>>>> slew of
>> others things not working as expected.
>>>>>>
>>>>>> As much as I liked ClamAV, we've abandoned it as a mail solution
>> shortly after things stopped working correctly and they changed the
>> required build tools so you can no longer build it with GCC
>> 3.3/4.0/4.1/4.2
>> and have a fully functional app.
>>>>>>
>>>>>> Yes there are flags to get it to build but certain modules and
>> features don't build and making an incomplete and partially
>> functional
>> binary isn't appealing.
>>>>>>
>>>>>> Advice on updating build tools is a waste of time as there is no
>> reason to update the build tools just to build ClamAV as it's the
>> only one
>> that has this ridiculous built-tool requirement and only an idiot
>> would
>> tell me to update.
>>>>>>
>>>>>> My thoughts on this is simple, if it doesn't build with the
>>>>>> basic GNU
>> GCC compiler tools then it's seriously flawed and needs these
>> other tools
>> to overcome the short-comings of poorly written/implemented code.
>>>>>>
>>>>>> When I say build, I mean build with full functionality so
>>>>>> don't go
>> off the deep-end stating it builds, partial functionality may be
>> acceptable
>> to you bhut it isn't to me.
>>>>>>
>>>>>> At this time, for personal use, I use the source code but
>>>>>> repackage
>> the build environment to work with what I have and I'm comfortable
>> with
>> submitting corrections and patches, too much focus and complaints
>> on my
>> build tools so why waste my time.
>>>>>>
>>>>>> -- Dale
>>>>>>
>>>>>> On Mar 19, 2014, at 11:34 AM, Rafael Ferreira wrote:
>>>>>>
>>>>>> Interesting... let me run some tests and get back to you.
>>>>>>
>>>>>> On Mar 19, 2014, at 8:33 AM, Mark Allan
>>>>>> <markjallan@gmail.com<mailto:
>> markjallan@gmail.com>> wrote:
>>>>>>
>>>>>> Just out of interest, did you test to see if it *actually*
>>>>>> worked?
>>>>>>
>>>>>> My configure output shows that dmg and xar are supported, but it
>> doesn't actually detect the Eicar test file within a disk image.
>>>>>>
>>>>>> configure: Summary of engine detection features
>>>>>> autoit_ea06 : yes
>>>>>> bzip2 : ok
>>>>>> zlib : /usr
>>>>>> unrar : yes
>>>>>> dmg and xar : yes, from /usr
>>>>>>
>>>>>> When I create a new disk image, copy the Eicar test file in,
>>>>>> and scan
>> the dmg, it shows up as being clean.
>>>>>>
>>>>>> clamscan test.dmg
>>>>>> test.dmg: OK
>>>>>>
>>>>>> ----------- SCAN SUMMARY -----------
>>>>>> Known viruses: 3259558
>>>>>> Engine version: 0.98.1
>>>>>> Scanned directories: 0
>>>>>> Scanned files: 1
>>>>>> Infected files: 0
>>>>>> Data scanned: 10.07 MB
>>>>>> Data read: 10.02 MB (ratio 1.01:1)
>>>>>> Time: 4.845 sec (0 m 4 s)
>>>>>>
>>>>>> Does this work as expected for anyone else?
>>>>>>
>>>>>> Mark
>>>>>>
>>>>>> On 10 Feb 2014, at 23:38, Rafael Ferreira <raf@uvasoftware.com
>> <mailto:raf@uvasoftware.com>> wrote:
>>>>>>
>>>>>> That worked, thanks!
>>>>>>
>>>>>> On February 10, 2014 at 4:29:41 PM, Steven Morgan (
>> smorgan@sourcefire.com<mailto:smorgan@sourcefire.com>) wrote:
>>>>>>
>>>>>> Rafael,
>>>>>>
>>>>>> Probably all you need to do install libxml&libxml2-dev, which
>>>>>> is used
>> by
>>>>>> dmg and xar, then do your configure/make.
>>>>>>
>>>>>> Steve
>>>>>>
>>>>>>
>>>>>> On Mon, Feb 10, 2014 at 6:05 PM, Rafael Ferreira
>>>>>> <raf@uvasoftware.com
>> <mailto:raf@uvasoftware.com>>wrote:
>>>>>>
>>>>>>
>>>>>> Folks,
>>>>>>
>>>>>> I'm compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and
>>>>>> I'm not
>>>>>> getting the new super awesome DMG and XAR file support:
>>>>>>
>>>>>> configure: Summary of detected features follows
>>>>>> OS : linux-gnu
>>>>>> pthreads : yes (-lpthread)
>>>>>> configure: Summary of miscellaneous features
>>>>>> check : no (auto)
>>>>>> fanotify : yes
>>>>>> fdpassing : 1
>>>>>> IPv6 : yes
>>>>>> configure: Summary of optional tools
>>>>>> clamdtop : (auto)
>>>>>> milter : yes (disabled)
>>>>>> configure: Summary of engine performance features)
>>>>>> release mode: yes
>>>>>> jit : yes (auto)
>>>>>> mempool : yes
>>>>>> configure: Summary of engine detection features
>>>>>> autoit_ea06 : yes
>>>>>> bzip2 : ok
>>>>>> zlib : /usr
>>>>>> unrar : yes
>>>>>> dmg and xar : no
>>>>>>
>>>>>> Am I missing a configure flag or third party library?
>>>>>>
>>>>>> Thanks in advance,
>>>>>>
>>>>>> - Rafael
>>>>>>
>>>>>> ----
>>>>>> scanii.com<http://scanii.com> - the web friendly malware scanner!
>>>>>> _______________________________________________
>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>> Please submit your patches to our Bugzilla: http://
>>>>>> bugs.clamav.net
>>>>>> _______________________________________________
>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>> Please submit your patches to our Bugzilla: http://
>>>>>> bugs.clamav.net
>>>>>> _______________________________________________
>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>> Please submit your patches to our Bugzilla: http://
>>>>>> bugs.clamav.net
>>>>>>
>>>>>> _______________________________________________
>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>> Please submit your patches to our Bugzilla: http://
>>>>>> bugs.clamav.net
>>>>>>
>>>>>> _______________________________________________
>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>> Please submit your patches to our Bugzilla: http://
>>>>>> bugs.clamav.net
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>> Please submit your patches to our Bugzilla: http://
>>>>>> bugs.clamav.net
>>>>>>
>>>>>> _______________________________________________
>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>> Please submit your patches to our Bugzilla: http://
>>>>>> bugs.clamav.net
>>>>>
>>>>> _______________________________________________
>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>
>> _______________________________________________
>> http://lurker.clamav.net/list/clamav-devel.html
>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>

_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: enabling DMG and XAR support [ In reply to ]
On what up-to-date OSs can I find gcc 4.0 in active use? I'll briefly try
to recreate the problem in my spare time for you.


On Mon, Mar 24, 2014 at 6:22 PM, Dale Walsh <dale@daleenterprise.com> wrote:

> When it builds completely under GCC 4.0, I would be more than happy to
> offer detailed debugging information and dumps that would be beneficial to
> the project but as it stands, a bug report at bugzilla.clamav.net isn't
> anything I would consider wasting my time on but you are more than welcome
> to file the report yourself.
>
> It makes no sense for me to file a report as I may use the source files
> but nothing else, I repackage it so I can build it and rather than listen
> to stupidity about my method of building being the root of the problem,
> informing you like other have should be sufficient to warrant an in-depth
> investigation into the matter.
>
> -- Dale
>
>
>
>
> On Mar 24, 2014, at 17:32 PM, Steven Morgan wrote:
>
> Yes, a dmg issue and an xar issue were mentioned. If the issue(s) remain,
>> please open a bug at bugzilla.clamav.net or send some files or --debug
>> output.
>>
>>
>> On Sun, Mar 23, 2014 at 5:17 PM, Joel Esler (jesler) <jesler@cisco.com
>> >wrote:
>>
>> Then I am sure the developers would be glad to help figure out the
>>> problem
>>> and fix it.
>>>
>>> --
>>> Joel Esler
>>> Sent from my iPhone
>>>
>>> On Mar 22, 2014, at 13:32, "Dale Walsh" <dale@daleenterprise.com>
>>>> wrote:
>>>>
>>>> 0.98.1 DMG does not work.
>>>>
>>>> -- Dale
>>>>
>>>>
>>>>
>>>> On Mar 21, 2014, at 09:16 AM, Joel Esler (jesler) wrote:
>>>>>
>>>>> DMG support was just added in the last version of ClamAV. How long ago
>>>>>
>>>> did you do this testing?
>>>
>>>>
>>>>>
>>>>> On Mar 20, 2014, at 8:22 PM, Dale Walsh <dale@daleenterprise.com>
>>>>>>
>>>>> wrote:
>>>
>>>>
>>>>>> You did miss it but it's a two headed nail.
>>>>>>
>>>>>> PDF, DMG, XAR and RAR have had issues not recognizing the test viruses
>>>>>>
>>>>> to name just a couple that spring to mind that we've had trouble with
>>> and
>>> this all started happening when the clang and crap entered the picture.
>>>
>>>>
>>>>>> I've worked with the developers in the past, once the build
>>>>>>
>>>>> environment dependancies changed and I was told I had to upgrade my OS
>>> and
>>> build tools is when it was no longer possible to resolve these issues as
>>> the update solely for the purpose of building ClamAV is not an option
>>> and I
>>> shouldn't be forced to use someone else's built tool preferences just
>>> because they have the luxury of updating on a whim or purely for bragging
>>> rights.
>>>
>>>>
>>>>>> It does not matter if my OS is dated, security patches are applied to
>>>>>>
>>>>> the build tools as they become available and this seems to satisfy all
>>> other software that build from source except ClamAV.
>>>
>>>>
>>>>>> Having everything build with GCC 4.0 would allow me/us to re-deploy
>>>>>>
>>>>> ClamAV and contribute to the code base again (I have in the past) but
>>> the
>>> chances of this are slim to non from what I recall because my OS and
>>> build
>>> tools are dated and listening to rants about ancient and deprecated is
>>> nothing more than someone spewing stupidity.
>>>
>>>>
>>>>>> The fact that I ensure all bugs and updates to the build tools are
>>>>>>
>>>>> fixed/added allows me to keep everything in harmony and there is no
>>> reason
>>> to update anything to build a single software package when all other
>>> software sources seem to be content with the existing build environment.
>>>
>>>>
>>>>>> If you wish to go off-list to continue the discussion I have no
>>>>>>
>>>>> objections.
>>>
>>>>
>>>>>>
>>>>>> -- Dale
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Mar 20, 2014, at 16:35 PM, Joel Esler (jesler) wrote:
>>>>>>>
>>>>>>> Dale,
>>>>>>>
>>>>>>> Thanks for your email. I'm not sure exactly what you are referring
>>>>>>>
>>>>>> to. Maybe I am missing a connection here or something, but the
>>> discussion
>>> was around scanning DMG and XAR, which I think, if there's a issue with,
>>> we'd be more than happy to work with anyone to try and square away.
>>>
>>>>
>>>>>>> You seem to be discussing a build issue, and you say that it's a
>>>>>>>
>>>>>> waste of time. When did you get the impression that working with the
>>> developers was a waste of time? If we're not communicating well enough,
>>> we
>>> can fix that. But I think the team is doing a good job of that judging
>>> by
>>> the amount of complaints I have received since we took over the project
>>> from the old ClamAV team.
>>>
>>>>
>>>>>>> Please let me know if we need to take this offline and discuss or
>>>>>>>
>>>>>> anything I can do to help.
>>>
>>>>
>>>>>>> --
>>>>>>> Joel Esler
>>>>>>> Open Source Manager
>>>>>>> Threat Intelligence Team Lead
>>>>>>> Vulnerability Research Team
>>>>>>>
>>>>>>> On Mar 20, 2014, at 3:55 PM, Dale Walsh <dale@daleenterprise.com
>>>>>>>
>>>>>> <mailto:dale@daleenterprise.com>> wrote:
>>>
>>>>
>>>>>>> Mark, this has been an issue for many versions along with a slew of
>>>>>>>
>>>>>> others things not working as expected.
>>>
>>>>
>>>>>>> As much as I liked ClamAV, we've abandoned it as a mail solution
>>>>>>>
>>>>>> shortly after things stopped working correctly and they changed the
>>> required build tools so you can no longer build it with GCC
>>> 3.3/4.0/4.1/4.2
>>> and have a fully functional app.
>>>
>>>>
>>>>>>> Yes there are flags to get it to build but certain modules and
>>>>>>>
>>>>>> features don't build and making an incomplete and partially functional
>>> binary isn't appealing.
>>>
>>>>
>>>>>>> Advice on updating build tools is a waste of time as there is no
>>>>>>>
>>>>>> reason to update the build tools just to build ClamAV as it's the
>>> only one
>>> that has this ridiculous built-tool requirement and only an idiot would
>>> tell me to update.
>>>
>>>>
>>>>>>> My thoughts on this is simple, if it doesn't build with the basic GNU
>>>>>>>
>>>>>> GCC compiler tools then it's seriously flawed and needs these other
>>> tools
>>> to overcome the short-comings of poorly written/implemented code.
>>>
>>>>
>>>>>>> When I say build, I mean build with full functionality so don't go
>>>>>>>
>>>>>> off the deep-end stating it builds, partial functionality may be
>>> acceptable
>>> to you bhut it isn't to me.
>>>
>>>>
>>>>>>> At this time, for personal use, I use the source code but repackage
>>>>>>>
>>>>>> the build environment to work with what I have and I'm comfortable
>>> with
>>> submitting corrections and patches, too much focus and complaints on my
>>> build tools so why waste my time.
>>>
>>>>
>>>>>>> -- Dale
>>>>>>>
>>>>>>> On Mar 19, 2014, at 11:34 AM, Rafael Ferreira wrote:
>>>>>>>
>>>>>>> Interesting... let me run some tests and get back to you.
>>>>>>>
>>>>>>> On Mar 19, 2014, at 8:33 AM, Mark Allan <markjallan@gmail.com
>>>>>>> <mailto:
>>>>>>>
>>>>>> markjallan@gmail.com>> wrote:
>>>
>>>>
>>>>>>> Just out of interest, did you test to see if it *actually* worked?
>>>>>>>
>>>>>>> My configure output shows that dmg and xar are supported, but it
>>>>>>>
>>>>>> doesn't actually detect the Eicar test file within a disk image.
>>>
>>>>
>>>>>>> configure: Summary of engine detection features
>>>>>>> autoit_ea06 : yes
>>>>>>> bzip2 : ok
>>>>>>> zlib : /usr
>>>>>>> unrar : yes
>>>>>>> dmg and xar : yes, from /usr
>>>>>>>
>>>>>>> When I create a new disk image, copy the Eicar test file in, and scan
>>>>>>>
>>>>>> the dmg, it shows up as being clean.
>>>
>>>>
>>>>>>> clamscan test.dmg
>>>>>>> test.dmg: OK
>>>>>>>
>>>>>>> ----------- SCAN SUMMARY -----------
>>>>>>> Known viruses: 3259558
>>>>>>> Engine version: 0.98.1
>>>>>>> Scanned directories: 0
>>>>>>> Scanned files: 1
>>>>>>> Infected files: 0
>>>>>>> Data scanned: 10.07 MB
>>>>>>> Data read: 10.02 MB (ratio 1.01:1)
>>>>>>> Time: 4.845 sec (0 m 4 s)
>>>>>>>
>>>>>>> Does this work as expected for anyone else?
>>>>>>>
>>>>>>> Mark
>>>>>>>
>>>>>>> On 10 Feb 2014, at 23:38, Rafael Ferreira <raf@uvasoftware.com
>>>>>>>
>>>>>> <mailto:raf@uvasoftware.com>> wrote:
>>>
>>>>
>>>>>>> That worked, thanks!
>>>>>>>
>>>>>>> On February 10, 2014 at 4:29:41 PM, Steven Morgan (
>>>>>>>
>>>>>> smorgan@sourcefire.com<mailto:smorgan@sourcefire.com>) wrote:
>>>
>>>>
>>>>>>> Rafael,
>>>>>>>
>>>>>>> Probably all you need to do install libxml&libxml2-dev, which is used
>>>>>>>
>>>>>> by
>>>
>>>> dmg and xar, then do your configure/make.
>>>>>>>
>>>>>>> Steve
>>>>>>>
>>>>>>>
>>>>>>> On Mon, Feb 10, 2014 at 6:05 PM, Rafael Ferreira <
>>>>>>> raf@uvasoftware.com
>>>>>>>
>>>>>> <mailto:raf@uvasoftware.com>>wrote:
>>>
>>>>
>>>>>>>
>>>>>>> Folks,
>>>>>>>
>>>>>>> I'm compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and I'm not
>>>>>>> getting the new super awesome DMG and XAR file support:
>>>>>>>
>>>>>>> configure: Summary of detected features follows
>>>>>>> OS : linux-gnu
>>>>>>> pthreads : yes (-lpthread)
>>>>>>> configure: Summary of miscellaneous features
>>>>>>> check : no (auto)
>>>>>>> fanotify : yes
>>>>>>> fdpassing : 1
>>>>>>> IPv6 : yes
>>>>>>> configure: Summary of optional tools
>>>>>>> clamdtop : (auto)
>>>>>>> milter : yes (disabled)
>>>>>>> configure: Summary of engine performance features)
>>>>>>> release mode: yes
>>>>>>> jit : yes (auto)
>>>>>>> mempool : yes
>>>>>>> configure: Summary of engine detection features
>>>>>>> autoit_ea06 : yes
>>>>>>> bzip2 : ok
>>>>>>> zlib : /usr
>>>>>>> unrar : yes
>>>>>>> dmg and xar : no
>>>>>>>
>>>>>>> Am I missing a configure flag or third party library?
>>>>>>>
>>>>>>> Thanks in advance,
>>>>>>>
>>>>>>> - Rafael
>>>>>>>
>>>>>>> ----
>>>>>>> scanii.com<http://scanii.com> - the web friendly malware scanner!
>>>>>>> _______________________________________________
>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>> _______________________________________________
>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>> _______________________________________________
>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>
>>>>
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>
>>>
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>
>>> _______________________________________________
>> http://lurker.clamav.net/list/clamav-devel.html
>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>
>>
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: enabling DMG and XAR support [ In reply to ]
Looks like fedora 3 and 4 shipped with 4.0.


On 03/24/2014 05:33 PM, Shawn Webb wrote:
> On what up-to-date OSs can I find gcc 4.0 in active use? I'll briefly try
> to recreate the problem in my spare time for you.
>
>
> On Mon, Mar 24, 2014 at 6:22 PM, Dale Walsh <dale@daleenterprise.com> wrote:
>
>> When it builds completely under GCC 4.0, I would be more than happy to
>> offer detailed debugging information and dumps that would be beneficial to
>> the project but as it stands, a bug report at bugzilla.clamav.net isn't
>> anything I would consider wasting my time on but you are more than welcome
>> to file the report yourself.
>>
>> It makes no sense for me to file a report as I may use the source files
>> but nothing else, I repackage it so I can build it and rather than listen
>> to stupidity about my method of building being the root of the problem,
>> informing you like other have should be sufficient to warrant an in-depth
>> investigation into the matter.
>>
>> -- Dale
>>
>>
>>
>>
>> On Mar 24, 2014, at 17:32 PM, Steven Morgan wrote:
>>
>> Yes, a dmg issue and an xar issue were mentioned. If the issue(s) remain,
>>> please open a bug at bugzilla.clamav.net or send some files or --debug
>>> output.
>>>
>>>
>>> On Sun, Mar 23, 2014 at 5:17 PM, Joel Esler (jesler) <jesler@cisco.com
>>>> wrote:
>>> Then I am sure the developers would be glad to help figure out the
>>>> problem
>>>> and fix it.
>>>>
>>>> --
>>>> Joel Esler
>>>> Sent from my iPhone
>>>>
>>>> On Mar 22, 2014, at 13:32, "Dale Walsh" <dale@daleenterprise.com>
>>>>> wrote:
>>>>>
>>>>> 0.98.1 DMG does not work.
>>>>>
>>>>> -- Dale
>>>>>
>>>>>
>>>>>
>>>>> On Mar 21, 2014, at 09:16 AM, Joel Esler (jesler) wrote:
>>>>>> DMG support was just added in the last version of ClamAV. How long ago
>>>>>>
>>>>> did you do this testing?
>>>>>> On Mar 20, 2014, at 8:22 PM, Dale Walsh <dale@daleenterprise.com>
>>>>>> wrote:
>>>>>>> You did miss it but it's a two headed nail.
>>>>>>>
>>>>>>> PDF, DMG, XAR and RAR have had issues not recognizing the test viruses
>>>>>>>
>>>>>> to name just a couple that spring to mind that we've had trouble with
>>>> and
>>>> this all started happening when the clang and crap entered the picture.
>>>>
>>>>>>> I've worked with the developers in the past, once the build
>>>>>>>
>>>>>> environment dependancies changed and I was told I had to upgrade my OS
>>>> and
>>>> build tools is when it was no longer possible to resolve these issues as
>>>> the update solely for the purpose of building ClamAV is not an option
>>>> and I
>>>> shouldn't be forced to use someone else's built tool preferences just
>>>> because they have the luxury of updating on a whim or purely for bragging
>>>> rights.
>>>>
>>>>>>> It does not matter if my OS is dated, security patches are applied to
>>>>>>>
>>>>>> the build tools as they become available and this seems to satisfy all
>>>> other software that build from source except ClamAV.
>>>>
>>>>>>> Having everything build with GCC 4.0 would allow me/us to re-deploy
>>>>>>>
>>>>>> ClamAV and contribute to the code base again (I have in the past) but
>>>> the
>>>> chances of this are slim to non from what I recall because my OS and
>>>> build
>>>> tools are dated and listening to rants about ancient and deprecated is
>>>> nothing more than someone spewing stupidity.
>>>>
>>>>>>> The fact that I ensure all bugs and updates to the build tools are
>>>>>>>
>>>>>> fixed/added allows me to keep everything in harmony and there is no
>>>> reason
>>>> to update anything to build a single software package when all other
>>>> software sources seem to be content with the existing build environment.
>>>>
>>>>>>> If you wish to go off-list to continue the discussion I have no
>>>>>>>
>>>>>> objections.
>>>>>>> -- Dale
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Mar 20, 2014, at 16:35 PM, Joel Esler (jesler) wrote:
>>>>>>>> Dale,
>>>>>>>>
>>>>>>>> Thanks for your email. I'm not sure exactly what you are referring
>>>>>>>>
>>>>>>> to. Maybe I am missing a connection here or something, but the
>>>> discussion
>>>> was around scanning DMG and XAR, which I think, if there's a issue with,
>>>> we'd be more than happy to work with anyone to try and square away.
>>>>
>>>>>>>> You seem to be discussing a build issue, and you say that it's a
>>>>>>>>
>>>>>>> waste of time. When did you get the impression that working with the
>>>> developers was a waste of time? If we're not communicating well enough,
>>>> we
>>>> can fix that. But I think the team is doing a good job of that judging
>>>> by
>>>> the amount of complaints I have received since we took over the project
>>>> from the old ClamAV team.
>>>>
>>>>>>>> Please let me know if we need to take this offline and discuss or
>>>>>>>>
>>>>>>> anything I can do to help.
>>>>>>>> --
>>>>>>>> Joel Esler
>>>>>>>> Open Source Manager
>>>>>>>> Threat Intelligence Team Lead
>>>>>>>> Vulnerability Research Team
>>>>>>>>
>>>>>>>> On Mar 20, 2014, at 3:55 PM, Dale Walsh <dale@daleenterprise.com
>>>>>>>>
>>>>>>> <mailto:dale@daleenterprise.com>> wrote:
>>>>>>>> Mark, this has been an issue for many versions along with a slew of
>>>>>>>>
>>>>>>> others things not working as expected.
>>>>>>>> As much as I liked ClamAV, we've abandoned it as a mail solution
>>>>>>>>
>>>>>>> shortly after things stopped working correctly and they changed the
>>>> required build tools so you can no longer build it with GCC
>>>> 3.3/4.0/4.1/4.2
>>>> and have a fully functional app.
>>>>
>>>>>>>> Yes there are flags to get it to build but certain modules and
>>>>>>>>
>>>>>>> features don't build and making an incomplete and partially functional
>>>> binary isn't appealing.
>>>>
>>>>>>>> Advice on updating build tools is a waste of time as there is no
>>>>>>>>
>>>>>>> reason to update the build tools just to build ClamAV as it's the
>>>> only one
>>>> that has this ridiculous built-tool requirement and only an idiot would
>>>> tell me to update.
>>>>
>>>>>>>> My thoughts on this is simple, if it doesn't build with the basic GNU
>>>>>>>>
>>>>>>> GCC compiler tools then it's seriously flawed and needs these other
>>>> tools
>>>> to overcome the short-comings of poorly written/implemented code.
>>>>
>>>>>>>> When I say build, I mean build with full functionality so don't go
>>>>>>>>
>>>>>>> off the deep-end stating it builds, partial functionality may be
>>>> acceptable
>>>> to you bhut it isn't to me.
>>>>
>>>>>>>> At this time, for personal use, I use the source code but repackage
>>>>>>>>
>>>>>>> the build environment to work with what I have and I'm comfortable
>>>> with
>>>> submitting corrections and patches, too much focus and complaints on my
>>>> build tools so why waste my time.
>>>>
>>>>>>>> -- Dale
>>>>>>>>
>>>>>>>> On Mar 19, 2014, at 11:34 AM, Rafael Ferreira wrote:
>>>>>>>>
>>>>>>>> Interesting... let me run some tests and get back to you.
>>>>>>>>
>>>>>>>> On Mar 19, 2014, at 8:33 AM, Mark Allan <markjallan@gmail.com
>>>>>>>> <mailto:
>>>>>>>>
>>>>>>> markjallan@gmail.com>> wrote:
>>>>>>>> Just out of interest, did you test to see if it *actually* worked?
>>>>>>>>
>>>>>>>> My configure output shows that dmg and xar are supported, but it
>>>>>>>>
>>>>>>> doesn't actually detect the Eicar test file within a disk image.
>>>>>>>> configure: Summary of engine detection features
>>>>>>>> autoit_ea06 : yes
>>>>>>>> bzip2 : ok
>>>>>>>> zlib : /usr
>>>>>>>> unrar : yes
>>>>>>>> dmg and xar : yes, from /usr
>>>>>>>>
>>>>>>>> When I create a new disk image, copy the Eicar test file in, and scan
>>>>>>>>
>>>>>>> the dmg, it shows up as being clean.
>>>>>>>> clamscan test.dmg
>>>>>>>> test.dmg: OK
>>>>>>>>
>>>>>>>> ----------- SCAN SUMMARY -----------
>>>>>>>> Known viruses: 3259558
>>>>>>>> Engine version: 0.98.1
>>>>>>>> Scanned directories: 0
>>>>>>>> Scanned files: 1
>>>>>>>> Infected files: 0
>>>>>>>> Data scanned: 10.07 MB
>>>>>>>> Data read: 10.02 MB (ratio 1.01:1)
>>>>>>>> Time: 4.845 sec (0 m 4 s)
>>>>>>>>
>>>>>>>> Does this work as expected for anyone else?
>>>>>>>>
>>>>>>>> Mark
>>>>>>>>
>>>>>>>> On 10 Feb 2014, at 23:38, Rafael Ferreira <raf@uvasoftware.com
>>>>>>>>
>>>>>>> <mailto:raf@uvasoftware.com>> wrote:
>>>>>>>> That worked, thanks!
>>>>>>>>
>>>>>>>> On February 10, 2014 at 4:29:41 PM, Steven Morgan (
>>>>>>>>
>>>>>>> smorgan@sourcefire.com<mailto:smorgan@sourcefire.com>) wrote:
>>>>>>>> Rafael,
>>>>>>>>
>>>>>>>> Probably all you need to do install libxml&libxml2-dev, which is used
>>>>>>>>
>>>>>>> by
>>>>> dmg and xar, then do your configure/make.
>>>>>>>> Steve
>>>>>>>>
>>>>>>>>
>>>>>>>> On Mon, Feb 10, 2014 at 6:05 PM, Rafael Ferreira <
>>>>>>>> raf@uvasoftware.com
>>>>>>>>
>>>>>>> <mailto:raf@uvasoftware.com>>wrote:
>>>>>>>> Folks,
>>>>>>>>
>>>>>>>> I'm compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and I'm not
>>>>>>>> getting the new super awesome DMG and XAR file support:
>>>>>>>>
>>>>>>>> configure: Summary of detected features follows
>>>>>>>> OS : linux-gnu
>>>>>>>> pthreads : yes (-lpthread)
>>>>>>>> configure: Summary of miscellaneous features
>>>>>>>> check : no (auto)
>>>>>>>> fanotify : yes
>>>>>>>> fdpassing : 1
>>>>>>>> IPv6 : yes
>>>>>>>> configure: Summary of optional tools
>>>>>>>> clamdtop : (auto)
>>>>>>>> milter : yes (disabled)
>>>>>>>> configure: Summary of engine performance features)
>>>>>>>> release mode: yes
>>>>>>>> jit : yes (auto)
>>>>>>>> mempool : yes
>>>>>>>> configure: Summary of engine detection features
>>>>>>>> autoit_ea06 : yes
>>>>>>>> bzip2 : ok
>>>>>>>> zlib : /usr
>>>>>>>> unrar : yes
>>>>>>>> dmg and xar : no
>>>>>>>>
>>>>>>>> Am I missing a configure flag or third party library?
>>>>>>>>
>>>>>>>> Thanks in advance,
>>>>>>>>
>>>>>>>> - Rafael
>>>>>>>>
>>>>>>>> ----
>>>>>>>> scanii.com<http://scanii.com> - the web friendly malware scanner!
>>>>>>>> _______________________________________________
>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>> _______________________________________________
>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>> _______________________________________________
>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>
>>>>>> _______________________________________________
>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>
>>>>> _______________________________________________
>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>
>>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>
>>>
>> _______________________________________________
>> http://lurker.clamav.net/list/clamav-devel.html
>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net

_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: enabling DMG and XAR support [ In reply to ]
Dale,

Not that it *should* matter, but what is your architecture?

On 03/24/2014 05:33 PM, Shawn Webb wrote:
> On what up-to-date OSs can I find gcc 4.0 in active use? I'll briefly try
> to recreate the problem in my spare time for you.
>
>
> On Mon, Mar 24, 2014 at 6:22 PM, Dale Walsh <dale@daleenterprise.com> wrote:
>
>> When it builds completely under GCC 4.0, I would be more than happy to
>> offer detailed debugging information and dumps that would be beneficial to
>> the project but as it stands, a bug report at bugzilla.clamav.net isn't
>> anything I would consider wasting my time on but you are more than welcome
>> to file the report yourself.
>>
>> It makes no sense for me to file a report as I may use the source files
>> but nothing else, I repackage it so I can build it and rather than listen
>> to stupidity about my method of building being the root of the problem,
>> informing you like other have should be sufficient to warrant an in-depth
>> investigation into the matter.
>>
>> -- Dale
>>
>>
>>
>>
>> On Mar 24, 2014, at 17:32 PM, Steven Morgan wrote:
>>
>> Yes, a dmg issue and an xar issue were mentioned. If the issue(s) remain,
>>> please open a bug at bugzilla.clamav.net or send some files or --debug
>>> output.
>>>
>>>
>>> On Sun, Mar 23, 2014 at 5:17 PM, Joel Esler (jesler) <jesler@cisco.com
>>>> wrote:
>>> Then I am sure the developers would be glad to help figure out the
>>>> problem
>>>> and fix it.
>>>>
>>>> --
>>>> Joel Esler
>>>> Sent from my iPhone
>>>>
>>>> On Mar 22, 2014, at 13:32, "Dale Walsh" <dale@daleenterprise.com>
>>>>> wrote:
>>>>>
>>>>> 0.98.1 DMG does not work.
>>>>>
>>>>> -- Dale
>>>>>
>>>>>
>>>>>
>>>>> On Mar 21, 2014, at 09:16 AM, Joel Esler (jesler) wrote:
>>>>>> DMG support was just added in the last version of ClamAV. How long ago
>>>>>>
>>>>> did you do this testing?
>>>>>> On Mar 20, 2014, at 8:22 PM, Dale Walsh <dale@daleenterprise.com>
>>>>>> wrote:
>>>>>>> You did miss it but it's a two headed nail.
>>>>>>>
>>>>>>> PDF, DMG, XAR and RAR have had issues not recognizing the test viruses
>>>>>>>
>>>>>> to name just a couple that spring to mind that we've had trouble with
>>>> and
>>>> this all started happening when the clang and crap entered the picture.
>>>>
>>>>>>> I've worked with the developers in the past, once the build
>>>>>>>
>>>>>> environment dependancies changed and I was told I had to upgrade my OS
>>>> and
>>>> build tools is when it was no longer possible to resolve these issues as
>>>> the update solely for the purpose of building ClamAV is not an option
>>>> and I
>>>> shouldn't be forced to use someone else's built tool preferences just
>>>> because they have the luxury of updating on a whim or purely for bragging
>>>> rights.
>>>>
>>>>>>> It does not matter if my OS is dated, security patches are applied to
>>>>>>>
>>>>>> the build tools as they become available and this seems to satisfy all
>>>> other software that build from source except ClamAV.
>>>>
>>>>>>> Having everything build with GCC 4.0 would allow me/us to re-deploy
>>>>>>>
>>>>>> ClamAV and contribute to the code base again (I have in the past) but
>>>> the
>>>> chances of this are slim to non from what I recall because my OS and
>>>> build
>>>> tools are dated and listening to rants about ancient and deprecated is
>>>> nothing more than someone spewing stupidity.
>>>>
>>>>>>> The fact that I ensure all bugs and updates to the build tools are
>>>>>>>
>>>>>> fixed/added allows me to keep everything in harmony and there is no
>>>> reason
>>>> to update anything to build a single software package when all other
>>>> software sources seem to be content with the existing build environment.
>>>>
>>>>>>> If you wish to go off-list to continue the discussion I have no
>>>>>>>
>>>>>> objections.
>>>>>>> -- Dale
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Mar 20, 2014, at 16:35 PM, Joel Esler (jesler) wrote:
>>>>>>>> Dale,
>>>>>>>>
>>>>>>>> Thanks for your email. I'm not sure exactly what you are referring
>>>>>>>>
>>>>>>> to. Maybe I am missing a connection here or something, but the
>>>> discussion
>>>> was around scanning DMG and XAR, which I think, if there's a issue with,
>>>> we'd be more than happy to work with anyone to try and square away.
>>>>
>>>>>>>> You seem to be discussing a build issue, and you say that it's a
>>>>>>>>
>>>>>>> waste of time. When did you get the impression that working with the
>>>> developers was a waste of time? If we're not communicating well enough,
>>>> we
>>>> can fix that. But I think the team is doing a good job of that judging
>>>> by
>>>> the amount of complaints I have received since we took over the project
>>>> from the old ClamAV team.
>>>>
>>>>>>>> Please let me know if we need to take this offline and discuss or
>>>>>>>>
>>>>>>> anything I can do to help.
>>>>>>>> --
>>>>>>>> Joel Esler
>>>>>>>> Open Source Manager
>>>>>>>> Threat Intelligence Team Lead
>>>>>>>> Vulnerability Research Team
>>>>>>>>
>>>>>>>> On Mar 20, 2014, at 3:55 PM, Dale Walsh <dale@daleenterprise.com
>>>>>>>>
>>>>>>> <mailto:dale@daleenterprise.com>> wrote:
>>>>>>>> Mark, this has been an issue for many versions along with a slew of
>>>>>>>>
>>>>>>> others things not working as expected.
>>>>>>>> As much as I liked ClamAV, we've abandoned it as a mail solution
>>>>>>>>
>>>>>>> shortly after things stopped working correctly and they changed the
>>>> required build tools so you can no longer build it with GCC
>>>> 3.3/4.0/4.1/4.2
>>>> and have a fully functional app.
>>>>
>>>>>>>> Yes there are flags to get it to build but certain modules and
>>>>>>>>
>>>>>>> features don't build and making an incomplete and partially functional
>>>> binary isn't appealing.
>>>>
>>>>>>>> Advice on updating build tools is a waste of time as there is no
>>>>>>>>
>>>>>>> reason to update the build tools just to build ClamAV as it's the
>>>> only one
>>>> that has this ridiculous built-tool requirement and only an idiot would
>>>> tell me to update.
>>>>
>>>>>>>> My thoughts on this is simple, if it doesn't build with the basic GNU
>>>>>>>>
>>>>>>> GCC compiler tools then it's seriously flawed and needs these other
>>>> tools
>>>> to overcome the short-comings of poorly written/implemented code.
>>>>
>>>>>>>> When I say build, I mean build with full functionality so don't go
>>>>>>>>
>>>>>>> off the deep-end stating it builds, partial functionality may be
>>>> acceptable
>>>> to you bhut it isn't to me.
>>>>
>>>>>>>> At this time, for personal use, I use the source code but repackage
>>>>>>>>
>>>>>>> the build environment to work with what I have and I'm comfortable
>>>> with
>>>> submitting corrections and patches, too much focus and complaints on my
>>>> build tools so why waste my time.
>>>>
>>>>>>>> -- Dale
>>>>>>>>
>>>>>>>> On Mar 19, 2014, at 11:34 AM, Rafael Ferreira wrote:
>>>>>>>>
>>>>>>>> Interesting... let me run some tests and get back to you.
>>>>>>>>
>>>>>>>> On Mar 19, 2014, at 8:33 AM, Mark Allan <markjallan@gmail.com
>>>>>>>> <mailto:
>>>>>>>>
>>>>>>> markjallan@gmail.com>> wrote:
>>>>>>>> Just out of interest, did you test to see if it *actually* worked?
>>>>>>>>
>>>>>>>> My configure output shows that dmg and xar are supported, but it
>>>>>>>>
>>>>>>> doesn't actually detect the Eicar test file within a disk image.
>>>>>>>> configure: Summary of engine detection features
>>>>>>>> autoit_ea06 : yes
>>>>>>>> bzip2 : ok
>>>>>>>> zlib : /usr
>>>>>>>> unrar : yes
>>>>>>>> dmg and xar : yes, from /usr
>>>>>>>>
>>>>>>>> When I create a new disk image, copy the Eicar test file in, and scan
>>>>>>>>
>>>>>>> the dmg, it shows up as being clean.
>>>>>>>> clamscan test.dmg
>>>>>>>> test.dmg: OK
>>>>>>>>
>>>>>>>> ----------- SCAN SUMMARY -----------
>>>>>>>> Known viruses: 3259558
>>>>>>>> Engine version: 0.98.1
>>>>>>>> Scanned directories: 0
>>>>>>>> Scanned files: 1
>>>>>>>> Infected files: 0
>>>>>>>> Data scanned: 10.07 MB
>>>>>>>> Data read: 10.02 MB (ratio 1.01:1)
>>>>>>>> Time: 4.845 sec (0 m 4 s)
>>>>>>>>
>>>>>>>> Does this work as expected for anyone else?
>>>>>>>>
>>>>>>>> Mark
>>>>>>>>
>>>>>>>> On 10 Feb 2014, at 23:38, Rafael Ferreira <raf@uvasoftware.com
>>>>>>>>
>>>>>>> <mailto:raf@uvasoftware.com>> wrote:
>>>>>>>> That worked, thanks!
>>>>>>>>
>>>>>>>> On February 10, 2014 at 4:29:41 PM, Steven Morgan (
>>>>>>>>
>>>>>>> smorgan@sourcefire.com<mailto:smorgan@sourcefire.com>) wrote:
>>>>>>>> Rafael,
>>>>>>>>
>>>>>>>> Probably all you need to do install libxml&libxml2-dev, which is used
>>>>>>>>
>>>>>>> by
>>>>> dmg and xar, then do your configure/make.
>>>>>>>> Steve
>>>>>>>>
>>>>>>>>
>>>>>>>> On Mon, Feb 10, 2014 at 6:05 PM, Rafael Ferreira <
>>>>>>>> raf@uvasoftware.com
>>>>>>>>
>>>>>>> <mailto:raf@uvasoftware.com>>wrote:
>>>>>>>> Folks,
>>>>>>>>
>>>>>>>> I'm compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and I'm not
>>>>>>>> getting the new super awesome DMG and XAR file support:
>>>>>>>>
>>>>>>>> configure: Summary of detected features follows
>>>>>>>> OS : linux-gnu
>>>>>>>> pthreads : yes (-lpthread)
>>>>>>>> configure: Summary of miscellaneous features
>>>>>>>> check : no (auto)
>>>>>>>> fanotify : yes
>>>>>>>> fdpassing : 1
>>>>>>>> IPv6 : yes
>>>>>>>> configure: Summary of optional tools
>>>>>>>> clamdtop : (auto)
>>>>>>>> milter : yes (disabled)
>>>>>>>> configure: Summary of engine performance features)
>>>>>>>> release mode: yes
>>>>>>>> jit : yes (auto)
>>>>>>>> mempool : yes
>>>>>>>> configure: Summary of engine detection features
>>>>>>>> autoit_ea06 : yes
>>>>>>>> bzip2 : ok
>>>>>>>> zlib : /usr
>>>>>>>> unrar : yes
>>>>>>>> dmg and xar : no
>>>>>>>>
>>>>>>>> Am I missing a configure flag or third party library?
>>>>>>>>
>>>>>>>> Thanks in advance,
>>>>>>>>
>>>>>>>> - Rafael
>>>>>>>>
>>>>>>>> ----
>>>>>>>> scanii.com<http://scanii.com> - the web friendly malware scanner!
>>>>>>>> _______________________________________________
>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>> _______________________________________________
>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>> _______________________________________________
>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>
>>>>>> _______________________________________________
>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>
>>>>> _______________________________________________
>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>
>>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>
>>>
>> _______________________________________________
>> http://lurker.clamav.net/list/clamav-devel.html
>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net

_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: enabling DMG and XAR support [ In reply to ]
You're right, it shouldn't matter, PowerPC

The next question coming will be OS related so I'll answer ahead of
time, OS is Mac OS X 10.4.x.

The reason is simple, I must support the OS the customer uses so
there is no upgrading the OS, no changing OS and no changing the
hardware.

Since it stopped building correctly/completely under GCC 4.x we were
left with no choice but to abandon it.

-- Dale



On Mar 24, 2014, at 18:57 PM, Brandon Perry wrote:

> Dale,
>
> Not that it *should* matter, but what is your architecture?
>
> On 03/24/2014 05:33 PM, Shawn Webb wrote:
>> On what up-to-date OSs can I find gcc 4.0 in active use? I'll
>> briefly try
>> to recreate the problem in my spare time for you.
>>
>>
>> On Mon, Mar 24, 2014 at 6:22 PM, Dale Walsh
>> <dale@daleenterprise.com> wrote:
>>
>>> When it builds completely under GCC 4.0, I would be more than
>>> happy to
>>> offer detailed debugging information and dumps that would be
>>> beneficial to
>>> the project but as it stands, a bug report at bugzilla.clamav.net
>>> isn't
>>> anything I would consider wasting my time on but you are more
>>> than welcome
>>> to file the report yourself.
>>>
>>> It makes no sense for me to file a report as I may use the source
>>> files
>>> but nothing else, I repackage it so I can build it and rather
>>> than listen
>>> to stupidity about my method of building being the root of the
>>> problem,
>>> informing you like other have should be sufficient to warrant an
>>> in-depth
>>> investigation into the matter.
>>>
>>> -- Dale
>>>
>>>
>>>
>>>
>>> On Mar 24, 2014, at 17:32 PM, Steven Morgan wrote:
>>>
>>> Yes, a dmg issue and an xar issue were mentioned. If the issue
>>> (s) remain,
>>>> please open a bug at bugzilla.clamav.net or send some files or --
>>>> debug
>>>> output.
>>>>
>>>>
>>>> On Sun, Mar 23, 2014 at 5:17 PM, Joel Esler (jesler)
>>>> <jesler@cisco.com
>>>>> wrote:
>>>> Then I am sure the developers would be glad to help figure out the
>>>>> problem
>>>>> and fix it.
>>>>>
>>>>> --
>>>>> Joel Esler
>>>>> Sent from my iPhone
>>>>>
>>>>> On Mar 22, 2014, at 13:32, "Dale Walsh" <dale@daleenterprise.com>
>>>>>> wrote:
>>>>>>
>>>>>> 0.98.1 DMG does not work.
>>>>>>
>>>>>> -- Dale
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Mar 21, 2014, at 09:16 AM, Joel Esler (jesler) wrote:
>>>>>>> DMG support was just added in the last version of ClamAV.
>>>>>>> How long ago
>>>>>>>
>>>>>> did you do this testing?
>>>>>>> On Mar 20, 2014, at 8:22 PM, Dale Walsh
>>>>>>> <dale@daleenterprise.com>
>>>>>>> wrote:
>>>>>>>> You did miss it but it's a two headed nail.
>>>>>>>>
>>>>>>>> PDF, DMG, XAR and RAR have had issues not recognizing the
>>>>>>>> test viruses
>>>>>>>>
>>>>>>> to name just a couple that spring to mind that we've had
>>>>>>> trouble with
>>>>> and
>>>>> this all started happening when the clang and crap entered the
>>>>> picture.
>>>>>
>>>>>>>> I've worked with the developers in the past, once the build
>>>>>>>>
>>>>>>> environment dependancies changed and I was told I had to
>>>>>>> upgrade my OS
>>>>> and
>>>>> build tools is when it was no longer possible to resolve these
>>>>> issues as
>>>>> the update solely for the purpose of building ClamAV is not an
>>>>> option
>>>>> and I
>>>>> shouldn't be forced to use someone else's built tool
>>>>> preferences just
>>>>> because they have the luxury of updating on a whim or purely
>>>>> for bragging
>>>>> rights.
>>>>>
>>>>>>>> It does not matter if my OS is dated, security patches are
>>>>>>>> applied to
>>>>>>>>
>>>>>>> the build tools as they become available and this seems to
>>>>>>> satisfy all
>>>>> other software that build from source except ClamAV.
>>>>>
>>>>>>>> Having everything build with GCC 4.0 would allow me/us to re-
>>>>>>>> deploy
>>>>>>>>
>>>>>>> ClamAV and contribute to the code base again (I have in the
>>>>>>> past) but
>>>>> the
>>>>> chances of this are slim to non from what I recall because my
>>>>> OS and
>>>>> build
>>>>> tools are dated and listening to rants about ancient and
>>>>> deprecated is
>>>>> nothing more than someone spewing stupidity.
>>>>>
>>>>>>>> The fact that I ensure all bugs and updates to the build
>>>>>>>> tools are
>>>>>>>>
>>>>>>> fixed/added allows me to keep everything in harmony and there
>>>>>>> is no
>>>>> reason
>>>>> to update anything to build a single software package when all
>>>>> other
>>>>> software sources seem to be content with the existing build
>>>>> environment.
>>>>>
>>>>>>>> If you wish to go off-list to continue the discussion I have no
>>>>>>>>
>>>>>>> objections.
>>>>>>>> -- Dale
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On Mar 20, 2014, at 16:35 PM, Joel Esler (jesler) wrote:
>>>>>>>>> Dale,
>>>>>>>>>
>>>>>>>>> Thanks for your email. I'm not sure exactly what you are
>>>>>>>>> referring
>>>>>>>>>
>>>>>>>> to. Maybe I am missing a connection here or something, but the
>>>>> discussion
>>>>> was around scanning DMG and XAR, which I think, if there's a
>>>>> issue with,
>>>>> we'd be more than happy to work with anyone to try and square
>>>>> away.
>>>>>
>>>>>>>>> You seem to be discussing a build issue, and you say that
>>>>>>>>> it's a
>>>>>>>>>
>>>>>>>> waste of time. When did you get the impression that working
>>>>>>>> with the
>>>>> developers was a waste of time? If we're not communicating
>>>>> well enough,
>>>>> we
>>>>> can fix that. But I think the team is doing a good job of that
>>>>> judging
>>>>> by
>>>>> the amount of complaints I have received since we took over the
>>>>> project
>>>>> from the old ClamAV team.
>>>>>
>>>>>>>>> Please let me know if we need to take this offline and
>>>>>>>>> discuss or
>>>>>>>>>
>>>>>>>> anything I can do to help.
>>>>>>>>> --
>>>>>>>>> Joel Esler
>>>>>>>>> Open Source Manager
>>>>>>>>> Threat Intelligence Team Lead
>>>>>>>>> Vulnerability Research Team
>>>>>>>>>
>>>>>>>>> On Mar 20, 2014, at 3:55 PM, Dale Walsh
>>>>>>>>> <dale@daleenterprise.com
>>>>>>>>>
>>>>>>>> <mailto:dale@daleenterprise.com>> wrote:
>>>>>>>>> Mark, this has been an issue for many versions along with a
>>>>>>>>> slew of
>>>>>>>>>
>>>>>>>> others things not working as expected.
>>>>>>>>> As much as I liked ClamAV, we've abandoned it as a mail
>>>>>>>>> solution
>>>>>>>>>
>>>>>>>> shortly after things stopped working correctly and they
>>>>>>>> changed the
>>>>> required build tools so you can no longer build it with GCC
>>>>> 3.3/4.0/4.1/4.2
>>>>> and have a fully functional app.
>>>>>
>>>>>>>>> Yes there are flags to get it to build but certain modules and
>>>>>>>>>
>>>>>>>> features don't build and making an incomplete and partially
>>>>>>>> functional
>>>>> binary isn't appealing.
>>>>>
>>>>>>>>> Advice on updating build tools is a waste of time as there
>>>>>>>>> is no
>>>>>>>>>
>>>>>>>> reason to update the build tools just to build ClamAV as
>>>>>>>> it's the
>>>>> only one
>>>>> that has this ridiculous built-tool requirement and only an
>>>>> idiot would
>>>>> tell me to update.
>>>>>
>>>>>>>>> My thoughts on this is simple, if it doesn't build with the
>>>>>>>>> basic GNU
>>>>>>>>>
>>>>>>>> GCC compiler tools then it's seriously flawed and needs
>>>>>>>> these other
>>>>> tools
>>>>> to overcome the short-comings of poorly written/implemented code.
>>>>>
>>>>>>>>> When I say build, I mean build with full functionality so
>>>>>>>>> don't go
>>>>>>>>>
>>>>>>>> off the deep-end stating it builds, partial functionality
>>>>>>>> may be
>>>>> acceptable
>>>>> to you bhut it isn't to me.
>>>>>
>>>>>>>>> At this time, for personal use, I use the source code but
>>>>>>>>> repackage
>>>>>>>>>
>>>>>>>> the build environment to work with what I have and I'm
>>>>>>>> comfortable
>>>>> with
>>>>> submitting corrections and patches, too much focus and
>>>>> complaints on my
>>>>> build tools so why waste my time.
>>>>>
>>>>>>>>> -- Dale
>>>>>>>>>
>>>>>>>>> On Mar 19, 2014, at 11:34 AM, Rafael Ferreira wrote:
>>>>>>>>>
>>>>>>>>> Interesting... let me run some tests and get back to you.
>>>>>>>>>
>>>>>>>>> On Mar 19, 2014, at 8:33 AM, Mark Allan <markjallan@gmail.com
>>>>>>>>> <mailto:
>>>>>>>>>
>>>>>>>> markjallan@gmail.com>> wrote:
>>>>>>>>> Just out of interest, did you test to see if it *actually*
>>>>>>>>> worked?
>>>>>>>>>
>>>>>>>>> My configure output shows that dmg and xar are supported,
>>>>>>>>> but it
>>>>>>>>>
>>>>>>>> doesn't actually detect the Eicar test file within a disk
>>>>>>>> image.
>>>>>>>>> configure: Summary of engine detection features
>>>>>>>>> autoit_ea06 : yes
>>>>>>>>> bzip2 : ok
>>>>>>>>> zlib : /usr
>>>>>>>>> unrar : yes
>>>>>>>>> dmg and xar : yes, from /usr
>>>>>>>>>
>>>>>>>>> When I create a new disk image, copy the Eicar test file
>>>>>>>>> in, and scan
>>>>>>>>>
>>>>>>>> the dmg, it shows up as being clean.
>>>>>>>>> clamscan test.dmg
>>>>>>>>> test.dmg: OK
>>>>>>>>>
>>>>>>>>> ----------- SCAN SUMMARY -----------
>>>>>>>>> Known viruses: 3259558
>>>>>>>>> Engine version: 0.98.1
>>>>>>>>> Scanned directories: 0
>>>>>>>>> Scanned files: 1
>>>>>>>>> Infected files: 0
>>>>>>>>> Data scanned: 10.07 MB
>>>>>>>>> Data read: 10.02 MB (ratio 1.01:1)
>>>>>>>>> Time: 4.845 sec (0 m 4 s)
>>>>>>>>>
>>>>>>>>> Does this work as expected for anyone else?
>>>>>>>>>
>>>>>>>>> Mark
>>>>>>>>>
>>>>>>>>> On 10 Feb 2014, at 23:38, Rafael Ferreira <raf@uvasoftware.com
>>>>>>>>>
>>>>>>>> <mailto:raf@uvasoftware.com>> wrote:
>>>>>>>>> That worked, thanks!
>>>>>>>>>
>>>>>>>>> On February 10, 2014 at 4:29:41 PM, Steven Morgan (
>>>>>>>>>
>>>>>>>> smorgan@sourcefire.com<mailto:smorgan@sourcefire.com>) wrote:
>>>>>>>>> Rafael,
>>>>>>>>>
>>>>>>>>> Probably all you need to do install libxml&libxml2-dev,
>>>>>>>>> which is used
>>>>>>>>>
>>>>>>>> by
>>>>>> dmg and xar, then do your configure/make.
>>>>>>>>> Steve
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Mon, Feb 10, 2014 at 6:05 PM, Rafael Ferreira <
>>>>>>>>> raf@uvasoftware.com
>>>>>>>>>
>>>>>>>> <mailto:raf@uvasoftware.com>>wrote:
>>>>>>>>> Folks,
>>>>>>>>>
>>>>>>>>> I'm compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and
>>>>>>>>> I'm not
>>>>>>>>> getting the new super awesome DMG and XAR file support:
>>>>>>>>>
>>>>>>>>> configure: Summary of detected features follows
>>>>>>>>> OS : linux-gnu
>>>>>>>>> pthreads : yes (-lpthread)
>>>>>>>>> configure: Summary of miscellaneous features
>>>>>>>>> check : no (auto)
>>>>>>>>> fanotify : yes
>>>>>>>>> fdpassing : 1
>>>>>>>>> IPv6 : yes
>>>>>>>>> configure: Summary of optional tools
>>>>>>>>> clamdtop : (auto)
>>>>>>>>> milter : yes (disabled)
>>>>>>>>> configure: Summary of engine performance features)
>>>>>>>>> release mode: yes
>>>>>>>>> jit : yes (auto)
>>>>>>>>> mempool : yes
>>>>>>>>> configure: Summary of engine detection features
>>>>>>>>> autoit_ea06 : yes
>>>>>>>>> bzip2 : ok
>>>>>>>>> zlib : /usr
>>>>>>>>> unrar : yes
>>>>>>>>> dmg and xar : no
>>>>>>>>>
>>>>>>>>> Am I missing a configure flag or third party library?
>>>>>>>>>
>>>>>>>>> Thanks in advance,
>>>>>>>>>
>>>>>>>>> - Rafael
>>>>>>>>>
>>>>>>>>> ----
>>>>>>>>> scanii.com<http://scanii.com> - the web friendly malware
>>>>>>>>> scanner!
>>>>>>>>> _______________________________________________
>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>> Please submit your patches to our Bugzilla: http://
>>>>>>>>> bugs.clamav.net
>>>>>>>>> _______________________________________________
>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>> Please submit your patches to our Bugzilla: http://
>>>>>>>>> bugs.clamav.net
>>>>>>>>> _______________________________________________
>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>> Please submit your patches to our Bugzilla: http://
>>>>>>>>> bugs.clamav.net
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>> Please submit your patches to our Bugzilla: http://
>>>>>>>>> bugs.clamav.net
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>> Please submit your patches to our Bugzilla: http://
>>>>>>>>> bugs.clamav.net
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>> Please submit your patches to our Bugzilla: http://
>>>>>>>>> bugs.clamav.net
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>> Please submit your patches to our Bugzilla: http://
>>>>>>>>> bugs.clamav.net
>>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>> Please submit your patches to our Bugzilla: http://
>>>>>>>> bugs.clamav.net
>>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>> Please submit your patches to our Bugzilla: http://
>>>>>>> bugs.clamav.net
>>>>>>>
>>>>>> _______________________________________________
>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>> Please submit your patches to our Bugzilla: http://
>>>>>> bugs.clamav.net
>>>>>>
>>>>> _______________________________________________
>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>
>>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>
>>>>
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>
>> _______________________________________________
>> http://lurker.clamav.net/list/clamav-devel.html
>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
>

_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: enabling DMG and XAR support [ In reply to ]
Thanks, I don't have a PPC here, but I am going to install fedora core 4
x86 and x86_64 inside of virtual machines and will see if I run into any
issues.

Legacy systems are unfortunate. However, I think you would be hard
pressed to find any open source project today supporting that, so I
don't think it is that ridiculous to not expend the effort to actively
support it. I wouldn't be surprised if the code required to make it
compile on your system *and* modern systems caused performance decreases
(or even not compile on modern gcc!).

There might be a small chance that you would need to maintain a separate
patchset to maintain this compatibility since having it compile on both
your legacy and modern systems would be detrimental to other ClamAV users.

On 03/25/2014 05:18 PM, Dale Walsh wrote:
> You're right, it shouldn't matter, PowerPC
>
> The next question coming will be OS related so I'll answer ahead of
> time, OS is Mac OS X 10.4.x.
>
> The reason is simple, I must support the OS the customer uses so there
> is no upgrading the OS, no changing OS and no changing the hardware.
>
> Since it stopped building correctly/completely under GCC 4.x we were
> left with no choice but to abandon it.
>
> -- Dale
>
>
>
> On Mar 24, 2014, at 18:57 PM, Brandon Perry wrote:
>
>> Dale,
>>
>> Not that it *should* matter, but what is your architecture?
>>
>> On 03/24/2014 05:33 PM, Shawn Webb wrote:
>>> On what up-to-date OSs can I find gcc 4.0 in active use? I'll
>>> briefly try
>>> to recreate the problem in my spare time for you.
>>>
>>>
>>> On Mon, Mar 24, 2014 at 6:22 PM, Dale Walsh
>>> <dale@daleenterprise.com> wrote:
>>>
>>>> When it builds completely under GCC 4.0, I would be more than happy to
>>>> offer detailed debugging information and dumps that would be
>>>> beneficial to
>>>> the project but as it stands, a bug report at bugzilla.clamav.net
>>>> isn't
>>>> anything I would consider wasting my time on but you are more than
>>>> welcome
>>>> to file the report yourself.
>>>>
>>>> It makes no sense for me to file a report as I may use the source
>>>> files
>>>> but nothing else, I repackage it so I can build it and rather than
>>>> listen
>>>> to stupidity about my method of building being the root of the
>>>> problem,
>>>> informing you like other have should be sufficient to warrant an
>>>> in-depth
>>>> investigation into the matter.
>>>>
>>>> -- Dale
>>>>
>>>>
>>>>
>>>>
>>>> On Mar 24, 2014, at 17:32 PM, Steven Morgan wrote:
>>>>
>>>> Yes, a dmg issue and an xar issue were mentioned. If the issue(s)
>>>> remain,
>>>>> please open a bug at bugzilla.clamav.net or send some files or
>>>>> --debug
>>>>> output.
>>>>>
>>>>>
>>>>> On Sun, Mar 23, 2014 at 5:17 PM, Joel Esler (jesler)
>>>>> <jesler@cisco.com
>>>>>> wrote:
>>>>> Then I am sure the developers would be glad to help figure out the
>>>>>> problem
>>>>>> and fix it.
>>>>>>
>>>>>> --
>>>>>> Joel Esler
>>>>>> Sent from my iPhone
>>>>>>
>>>>>> On Mar 22, 2014, at 13:32, "Dale Walsh" <dale@daleenterprise.com>
>>>>>>> wrote:
>>>>>>>
>>>>>>> 0.98.1 DMG does not work.
>>>>>>>
>>>>>>> -- Dale
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Mar 21, 2014, at 09:16 AM, Joel Esler (jesler) wrote:
>>>>>>>> DMG support was just added in the last version of ClamAV. How
>>>>>>>> long ago
>>>>>>>>
>>>>>>> did you do this testing?
>>>>>>>> On Mar 20, 2014, at 8:22 PM, Dale Walsh <dale@daleenterprise.com>
>>>>>>>> wrote:
>>>>>>>>> You did miss it but it's a two headed nail.
>>>>>>>>>
>>>>>>>>> PDF, DMG, XAR and RAR have had issues not recognizing the test
>>>>>>>>> viruses
>>>>>>>>>
>>>>>>>> to name just a couple that spring to mind that we've had
>>>>>>>> trouble with
>>>>>> and
>>>>>> this all started happening when the clang and crap entered the
>>>>>> picture.
>>>>>>
>>>>>>>>> I've worked with the developers in the past, once the build
>>>>>>>>>
>>>>>>>> environment dependancies changed and I was told I had to
>>>>>>>> upgrade my OS
>>>>>> and
>>>>>> build tools is when it was no longer possible to resolve these
>>>>>> issues as
>>>>>> the update solely for the purpose of building ClamAV is not an
>>>>>> option
>>>>>> and I
>>>>>> shouldn't be forced to use someone else's built tool preferences
>>>>>> just
>>>>>> because they have the luxury of updating on a whim or purely for
>>>>>> bragging
>>>>>> rights.
>>>>>>
>>>>>>>>> It does not matter if my OS is dated, security patches are
>>>>>>>>> applied to
>>>>>>>>>
>>>>>>>> the build tools as they become available and this seems to
>>>>>>>> satisfy all
>>>>>> other software that build from source except ClamAV.
>>>>>>
>>>>>>>>> Having everything build with GCC 4.0 would allow me/us to
>>>>>>>>> re-deploy
>>>>>>>>>
>>>>>>>> ClamAV and contribute to the code base again (I have in the
>>>>>>>> past) but
>>>>>> the
>>>>>> chances of this are slim to non from what I recall because my OS and
>>>>>> build
>>>>>> tools are dated and listening to rants about ancient and
>>>>>> deprecated is
>>>>>> nothing more than someone spewing stupidity.
>>>>>>
>>>>>>>>> The fact that I ensure all bugs and updates to the build tools
>>>>>>>>> are
>>>>>>>>>
>>>>>>>> fixed/added allows me to keep everything in harmony and there
>>>>>>>> is no
>>>>>> reason
>>>>>> to update anything to build a single software package when all other
>>>>>> software sources seem to be content with the existing build
>>>>>> environment.
>>>>>>
>>>>>>>>> If you wish to go off-list to continue the discussion I have no
>>>>>>>>>
>>>>>>>> objections.
>>>>>>>>> -- Dale
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Mar 20, 2014, at 16:35 PM, Joel Esler (jesler) wrote:
>>>>>>>>>> Dale,
>>>>>>>>>>
>>>>>>>>>> Thanks for your email. I'm not sure exactly what you are
>>>>>>>>>> referring
>>>>>>>>>>
>>>>>>>>> to. Maybe I am missing a connection here or something, but the
>>>>>> discussion
>>>>>> was around scanning DMG and XAR, which I think, if there's a
>>>>>> issue with,
>>>>>> we'd be more than happy to work with anyone to try and square away.
>>>>>>
>>>>>>>>>> You seem to be discussing a build issue, and you say that it's a
>>>>>>>>>>
>>>>>>>>> waste of time. When did you get the impression that working
>>>>>>>>> with the
>>>>>> developers was a waste of time? If we're not communicating well
>>>>>> enough,
>>>>>> we
>>>>>> can fix that. But I think the team is doing a good job of that
>>>>>> judging
>>>>>> by
>>>>>> the amount of complaints I have received since we took over the
>>>>>> project
>>>>>> from the old ClamAV team.
>>>>>>
>>>>>>>>>> Please let me know if we need to take this offline and
>>>>>>>>>> discuss or
>>>>>>>>>>
>>>>>>>>> anything I can do to help.
>>>>>>>>>> --
>>>>>>>>>> Joel Esler
>>>>>>>>>> Open Source Manager
>>>>>>>>>> Threat Intelligence Team Lead
>>>>>>>>>> Vulnerability Research Team
>>>>>>>>>>
>>>>>>>>>> On Mar 20, 2014, at 3:55 PM, Dale Walsh <dale@daleenterprise.com
>>>>>>>>>>
>>>>>>>>> <mailto:dale@daleenterprise.com>> wrote:
>>>>>>>>>> Mark, this has been an issue for many versions along with a
>>>>>>>>>> slew of
>>>>>>>>>>
>>>>>>>>> others things not working as expected.
>>>>>>>>>> As much as I liked ClamAV, we've abandoned it as a mail solution
>>>>>>>>>>
>>>>>>>>> shortly after things stopped working correctly and they
>>>>>>>>> changed the
>>>>>> required build tools so you can no longer build it with GCC
>>>>>> 3.3/4.0/4.1/4.2
>>>>>> and have a fully functional app.
>>>>>>
>>>>>>>>>> Yes there are flags to get it to build but certain modules and
>>>>>>>>>>
>>>>>>>>> features don't build and making an incomplete and partially
>>>>>>>>> functional
>>>>>> binary isn't appealing.
>>>>>>
>>>>>>>>>> Advice on updating build tools is a waste of time as there is no
>>>>>>>>>>
>>>>>>>>> reason to update the build tools just to build ClamAV as it's the
>>>>>> only one
>>>>>> that has this ridiculous built-tool requirement and only an idiot
>>>>>> would
>>>>>> tell me to update.
>>>>>>
>>>>>>>>>> My thoughts on this is simple, if it doesn't build with the
>>>>>>>>>> basic GNU
>>>>>>>>>>
>>>>>>>>> GCC compiler tools then it's seriously flawed and needs these
>>>>>>>>> other
>>>>>> tools
>>>>>> to overcome the short-comings of poorly written/implemented code.
>>>>>>
>>>>>>>>>> When I say build, I mean build with full functionality so
>>>>>>>>>> don't go
>>>>>>>>>>
>>>>>>>>> off the deep-end stating it builds, partial functionality may be
>>>>>> acceptable
>>>>>> to you bhut it isn't to me.
>>>>>>
>>>>>>>>>> At this time, for personal use, I use the source code but
>>>>>>>>>> repackage
>>>>>>>>>>
>>>>>>>>> the build environment to work with what I have and I'm
>>>>>>>>> comfortable
>>>>>> with
>>>>>> submitting corrections and patches, too much focus and complaints
>>>>>> on my
>>>>>> build tools so why waste my time.
>>>>>>
>>>>>>>>>> -- Dale
>>>>>>>>>>
>>>>>>>>>> On Mar 19, 2014, at 11:34 AM, Rafael Ferreira wrote:
>>>>>>>>>>
>>>>>>>>>> Interesting... let me run some tests and get back to you.
>>>>>>>>>>
>>>>>>>>>> On Mar 19, 2014, at 8:33 AM, Mark Allan <markjallan@gmail.com
>>>>>>>>>> <mailto:
>>>>>>>>>>
>>>>>>>>> markjallan@gmail.com>> wrote:
>>>>>>>>>> Just out of interest, did you test to see if it *actually*
>>>>>>>>>> worked?
>>>>>>>>>>
>>>>>>>>>> My configure output shows that dmg and xar are supported, but it
>>>>>>>>>>
>>>>>>>>> doesn't actually detect the Eicar test file within a disk image.
>>>>>>>>>> configure: Summary of engine detection features
>>>>>>>>>> autoit_ea06 : yes
>>>>>>>>>> bzip2 : ok
>>>>>>>>>> zlib : /usr
>>>>>>>>>> unrar : yes
>>>>>>>>>> dmg and xar : yes, from /usr
>>>>>>>>>>
>>>>>>>>>> When I create a new disk image, copy the Eicar test file in,
>>>>>>>>>> and scan
>>>>>>>>>>
>>>>>>>>> the dmg, it shows up as being clean.
>>>>>>>>>> clamscan test.dmg
>>>>>>>>>> test.dmg: OK
>>>>>>>>>>
>>>>>>>>>> ----------- SCAN SUMMARY -----------
>>>>>>>>>> Known viruses: 3259558
>>>>>>>>>> Engine version: 0.98.1
>>>>>>>>>> Scanned directories: 0
>>>>>>>>>> Scanned files: 1
>>>>>>>>>> Infected files: 0
>>>>>>>>>> Data scanned: 10.07 MB
>>>>>>>>>> Data read: 10.02 MB (ratio 1.01:1)
>>>>>>>>>> Time: 4.845 sec (0 m 4 s)
>>>>>>>>>>
>>>>>>>>>> Does this work as expected for anyone else?
>>>>>>>>>>
>>>>>>>>>> Mark
>>>>>>>>>>
>>>>>>>>>> On 10 Feb 2014, at 23:38, Rafael Ferreira <raf@uvasoftware.com
>>>>>>>>>>
>>>>>>>>> <mailto:raf@uvasoftware.com>> wrote:
>>>>>>>>>> That worked, thanks!
>>>>>>>>>>
>>>>>>>>>> On February 10, 2014 at 4:29:41 PM, Steven Morgan (
>>>>>>>>>>
>>>>>>>>> smorgan@sourcefire.com<mailto:smorgan@sourcefire.com>) wrote:
>>>>>>>>>> Rafael,
>>>>>>>>>>
>>>>>>>>>> Probably all you need to do install libxml&libxml2-dev, which
>>>>>>>>>> is used
>>>>>>>>>>
>>>>>>>>> by
>>>>>>> dmg and xar, then do your configure/make.
>>>>>>>>>> Steve
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Mon, Feb 10, 2014 at 6:05 PM, Rafael Ferreira <
>>>>>>>>>> raf@uvasoftware.com
>>>>>>>>>>
>>>>>>>>> <mailto:raf@uvasoftware.com>>wrote:
>>>>>>>>>> Folks,
>>>>>>>>>>
>>>>>>>>>> I'm compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and
>>>>>>>>>> I'm not
>>>>>>>>>> getting the new super awesome DMG and XAR file support:
>>>>>>>>>>
>>>>>>>>>> configure: Summary of detected features follows
>>>>>>>>>> OS : linux-gnu
>>>>>>>>>> pthreads : yes (-lpthread)
>>>>>>>>>> configure: Summary of miscellaneous features
>>>>>>>>>> check : no (auto)
>>>>>>>>>> fanotify : yes
>>>>>>>>>> fdpassing : 1
>>>>>>>>>> IPv6 : yes
>>>>>>>>>> configure: Summary of optional tools
>>>>>>>>>> clamdtop : (auto)
>>>>>>>>>> milter : yes (disabled)
>>>>>>>>>> configure: Summary of engine performance features)
>>>>>>>>>> release mode: yes
>>>>>>>>>> jit : yes (auto)
>>>>>>>>>> mempool : yes
>>>>>>>>>> configure: Summary of engine detection features
>>>>>>>>>> autoit_ea06 : yes
>>>>>>>>>> bzip2 : ok
>>>>>>>>>> zlib : /usr
>>>>>>>>>> unrar : yes
>>>>>>>>>> dmg and xar : no
>>>>>>>>>>
>>>>>>>>>> Am I missing a configure flag or third party library?
>>>>>>>>>>
>>>>>>>>>> Thanks in advance,
>>>>>>>>>>
>>>>>>>>>> - Rafael
>>>>>>>>>>
>>>>>>>>>> ----
>>>>>>>>>> scanii.com<http://scanii.com> - the web friendly malware
>>>>>>>>>> scanner!
>>>>>>>>>> _______________________________________________
>>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>>> Please submit your patches to our Bugzilla:
>>>>>>>>>> http://bugs.clamav.net
>>>>>>>>>> _______________________________________________
>>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>>> Please submit your patches to our Bugzilla:
>>>>>>>>>> http://bugs.clamav.net
>>>>>>>>>> _______________________________________________
>>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>>> Please submit your patches to our Bugzilla:
>>>>>>>>>> http://bugs.clamav.net
>>>>>>>>>>
>>>>>>>>>> _______________________________________________
>>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>>> Please submit your patches to our Bugzilla:
>>>>>>>>>> http://bugs.clamav.net
>>>>>>>>>>
>>>>>>>>>> _______________________________________________
>>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>>> Please submit your patches to our Bugzilla:
>>>>>>>>>> http://bugs.clamav.net
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> _______________________________________________
>>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>>> Please submit your patches to our Bugzilla:
>>>>>>>>>> http://bugs.clamav.net
>>>>>>>>>>
>>>>>>>>>> _______________________________________________
>>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>>> Please submit your patches to our Bugzilla:
>>>>>>>>>> http://bugs.clamav.net
>>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>> Please submit your patches to our Bugzilla:
>>>>>>>>> http://bugs.clamav.net
>>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>
>>>>>> _______________________________________________
>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>
>>>>>> _______________________________________________
>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>
>>>>>
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>
>> _______________________________________________
>> http://lurker.clamav.net/list/clamav-devel.html
>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>
>>
>
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net

_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: enabling DMG and XAR support [ In reply to ]
'CCFLAGS="-O0" ./configure && make'

[root@localhost clamav-0.98.1]# clamscan/clamscan --version
ClamAV 0.98.1
[root@localhost clamav-0.98.1]# uname -a
Linux localhost.localdomain 2.6.11-1.1369_FC4 #1 Thu Jun 2 22:55:56 EDT
2005 i686 athlon i386 GNU/Linux
[root@localhost clamav-0.98.1]#


If you don't set CCFLAGS configure fails because of an optimization bug
in the compiler, which is what I am assuming you are talking about by
doesn't compile.

Being nice gets you more friends on the internet, and everyone knows
internet friends are the best kind of friends. :)


On 03/25/2014 05:29 PM, Brandon Perry wrote:
> Thanks, I don't have a PPC here, but I am going to install fedora core 4
> x86 and x86_64 inside of virtual machines and will see if I run into any
> issues.
>
> Legacy systems are unfortunate. However, I think you would be hard
> pressed to find any open source project today supporting that, so I
> don't think it is that ridiculous to not expend the effort to actively
> support it. I wouldn't be surprised if the code required to make it
> compile on your system *and* modern systems caused performance decreases
> (or even not compile on modern gcc!).
>
> There might be a small chance that you would need to maintain a separate
> patchset to maintain this compatibility since having it compile on both
> your legacy and modern systems would be detrimental to other ClamAV users.
>
> On 03/25/2014 05:18 PM, Dale Walsh wrote:
>> You're right, it shouldn't matter, PowerPC
>>
>> The next question coming will be OS related so I'll answer ahead of
>> time, OS is Mac OS X 10.4.x.
>>
>> The reason is simple, I must support the OS the customer uses so there
>> is no upgrading the OS, no changing OS and no changing the hardware.
>>
>> Since it stopped building correctly/completely under GCC 4.x we were
>> left with no choice but to abandon it.
>>
>> -- Dale
>>
>>
>>
>> On Mar 24, 2014, at 18:57 PM, Brandon Perry wrote:
>>
>>> Dale,
>>>
>>> Not that it *should* matter, but what is your architecture?
>>>
>>> On 03/24/2014 05:33 PM, Shawn Webb wrote:
>>>> On what up-to-date OSs can I find gcc 4.0 in active use? I'll
>>>> briefly try
>>>> to recreate the problem in my spare time for you.
>>>>
>>>>
>>>> On Mon, Mar 24, 2014 at 6:22 PM, Dale Walsh
>>>> <dale@daleenterprise.com> wrote:
>>>>
>>>>> When it builds completely under GCC 4.0, I would be more than happy to
>>>>> offer detailed debugging information and dumps that would be
>>>>> beneficial to
>>>>> the project but as it stands, a bug report at bugzilla.clamav.net
>>>>> isn't
>>>>> anything I would consider wasting my time on but you are more than
>>>>> welcome
>>>>> to file the report yourself.
>>>>>
>>>>> It makes no sense for me to file a report as I may use the source
>>>>> files
>>>>> but nothing else, I repackage it so I can build it and rather than
>>>>> listen
>>>>> to stupidity about my method of building being the root of the
>>>>> problem,
>>>>> informing you like other have should be sufficient to warrant an
>>>>> in-depth
>>>>> investigation into the matter.
>>>>>
>>>>> -- Dale
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Mar 24, 2014, at 17:32 PM, Steven Morgan wrote:
>>>>>
>>>>> Yes, a dmg issue and an xar issue were mentioned. If the issue(s)
>>>>> remain,
>>>>>> please open a bug at bugzilla.clamav.net or send some files or
>>>>>> --debug
>>>>>> output.
>>>>>>
>>>>>>
>>>>>> On Sun, Mar 23, 2014 at 5:17 PM, Joel Esler (jesler)
>>>>>> <jesler@cisco.com
>>>>>>> wrote:
>>>>>> Then I am sure the developers would be glad to help figure out the
>>>>>>> problem
>>>>>>> and fix it.
>>>>>>>
>>>>>>> --
>>>>>>> Joel Esler
>>>>>>> Sent from my iPhone
>>>>>>>
>>>>>>> On Mar 22, 2014, at 13:32, "Dale Walsh" <dale@daleenterprise.com>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>> 0.98.1 DMG does not work.
>>>>>>>>
>>>>>>>> -- Dale
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On Mar 21, 2014, at 09:16 AM, Joel Esler (jesler) wrote:
>>>>>>>>> DMG support was just added in the last version of ClamAV. How
>>>>>>>>> long ago
>>>>>>>>>
>>>>>>>> did you do this testing?
>>>>>>>>> On Mar 20, 2014, at 8:22 PM, Dale Walsh <dale@daleenterprise.com>
>>>>>>>>> wrote:
>>>>>>>>>> You did miss it but it's a two headed nail.
>>>>>>>>>>
>>>>>>>>>> PDF, DMG, XAR and RAR have had issues not recognizing the test
>>>>>>>>>> viruses
>>>>>>>>>>
>>>>>>>>> to name just a couple that spring to mind that we've had
>>>>>>>>> trouble with
>>>>>>> and
>>>>>>> this all started happening when the clang and crap entered the
>>>>>>> picture.
>>>>>>>
>>>>>>>>>> I've worked with the developers in the past, once the build
>>>>>>>>>>
>>>>>>>>> environment dependancies changed and I was told I had to
>>>>>>>>> upgrade my OS
>>>>>>> and
>>>>>>> build tools is when it was no longer possible to resolve these
>>>>>>> issues as
>>>>>>> the update solely for the purpose of building ClamAV is not an
>>>>>>> option
>>>>>>> and I
>>>>>>> shouldn't be forced to use someone else's built tool preferences
>>>>>>> just
>>>>>>> because they have the luxury of updating on a whim or purely for
>>>>>>> bragging
>>>>>>> rights.
>>>>>>>
>>>>>>>>>> It does not matter if my OS is dated, security patches are
>>>>>>>>>> applied to
>>>>>>>>>>
>>>>>>>>> the build tools as they become available and this seems to
>>>>>>>>> satisfy all
>>>>>>> other software that build from source except ClamAV.
>>>>>>>
>>>>>>>>>> Having everything build with GCC 4.0 would allow me/us to
>>>>>>>>>> re-deploy
>>>>>>>>>>
>>>>>>>>> ClamAV and contribute to the code base again (I have in the
>>>>>>>>> past) but
>>>>>>> the
>>>>>>> chances of this are slim to non from what I recall because my OS and
>>>>>>> build
>>>>>>> tools are dated and listening to rants about ancient and
>>>>>>> deprecated is
>>>>>>> nothing more than someone spewing stupidity.
>>>>>>>
>>>>>>>>>> The fact that I ensure all bugs and updates to the build tools
>>>>>>>>>> are
>>>>>>>>>>
>>>>>>>>> fixed/added allows me to keep everything in harmony and there
>>>>>>>>> is no
>>>>>>> reason
>>>>>>> to update anything to build a single software package when all other
>>>>>>> software sources seem to be content with the existing build
>>>>>>> environment.
>>>>>>>
>>>>>>>>>> If you wish to go off-list to continue the discussion I have no
>>>>>>>>>>
>>>>>>>>> objections.
>>>>>>>>>> -- Dale
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Mar 20, 2014, at 16:35 PM, Joel Esler (jesler) wrote:
>>>>>>>>>>> Dale,
>>>>>>>>>>>
>>>>>>>>>>> Thanks for your email. I'm not sure exactly what you are
>>>>>>>>>>> referring
>>>>>>>>>>>
>>>>>>>>>> to. Maybe I am missing a connection here or something, but the
>>>>>>> discussion
>>>>>>> was around scanning DMG and XAR, which I think, if there's a
>>>>>>> issue with,
>>>>>>> we'd be more than happy to work with anyone to try and square away.
>>>>>>>
>>>>>>>>>>> You seem to be discussing a build issue, and you say that it's a
>>>>>>>>>>>
>>>>>>>>>> waste of time. When did you get the impression that working
>>>>>>>>>> with the
>>>>>>> developers was a waste of time? If we're not communicating well
>>>>>>> enough,
>>>>>>> we
>>>>>>> can fix that. But I think the team is doing a good job of that
>>>>>>> judging
>>>>>>> by
>>>>>>> the amount of complaints I have received since we took over the
>>>>>>> project
>>>>>>> from the old ClamAV team.
>>>>>>>
>>>>>>>>>>> Please let me know if we need to take this offline and
>>>>>>>>>>> discuss or
>>>>>>>>>>>
>>>>>>>>>> anything I can do to help.
>>>>>>>>>>> --
>>>>>>>>>>> Joel Esler
>>>>>>>>>>> Open Source Manager
>>>>>>>>>>> Threat Intelligence Team Lead
>>>>>>>>>>> Vulnerability Research Team
>>>>>>>>>>>
>>>>>>>>>>> On Mar 20, 2014, at 3:55 PM, Dale Walsh <dale@daleenterprise.com
>>>>>>>>>>>
>>>>>>>>>> <mailto:dale@daleenterprise.com>> wrote:
>>>>>>>>>>> Mark, this has been an issue for many versions along with a
>>>>>>>>>>> slew of
>>>>>>>>>>>
>>>>>>>>>> others things not working as expected.
>>>>>>>>>>> As much as I liked ClamAV, we've abandoned it as a mail solution
>>>>>>>>>>>
>>>>>>>>>> shortly after things stopped working correctly and they
>>>>>>>>>> changed the
>>>>>>> required build tools so you can no longer build it with GCC
>>>>>>> 3.3/4.0/4.1/4.2
>>>>>>> and have a fully functional app.
>>>>>>>
>>>>>>>>>>> Yes there are flags to get it to build but certain modules and
>>>>>>>>>>>
>>>>>>>>>> features don't build and making an incomplete and partially
>>>>>>>>>> functional
>>>>>>> binary isn't appealing.
>>>>>>>
>>>>>>>>>>> Advice on updating build tools is a waste of time as there is no
>>>>>>>>>>>
>>>>>>>>>> reason to update the build tools just to build ClamAV as it's the
>>>>>>> only one
>>>>>>> that has this ridiculous built-tool requirement and only an idiot
>>>>>>> would
>>>>>>> tell me to update.
>>>>>>>
>>>>>>>>>>> My thoughts on this is simple, if it doesn't build with the
>>>>>>>>>>> basic GNU
>>>>>>>>>>>
>>>>>>>>>> GCC compiler tools then it's seriously flawed and needs these
>>>>>>>>>> other
>>>>>>> tools
>>>>>>> to overcome the short-comings of poorly written/implemented code.
>>>>>>>
>>>>>>>>>>> When I say build, I mean build with full functionality so
>>>>>>>>>>> don't go
>>>>>>>>>>>
>>>>>>>>>> off the deep-end stating it builds, partial functionality may be
>>>>>>> acceptable
>>>>>>> to you bhut it isn't to me.
>>>>>>>
>>>>>>>>>>> At this time, for personal use, I use the source code but
>>>>>>>>>>> repackage
>>>>>>>>>>>
>>>>>>>>>> the build environment to work with what I have and I'm
>>>>>>>>>> comfortable
>>>>>>> with
>>>>>>> submitting corrections and patches, too much focus and complaints
>>>>>>> on my
>>>>>>> build tools so why waste my time.
>>>>>>>
>>>>>>>>>>> -- Dale
>>>>>>>>>>>
>>>>>>>>>>> On Mar 19, 2014, at 11:34 AM, Rafael Ferreira wrote:
>>>>>>>>>>>
>>>>>>>>>>> Interesting... let me run some tests and get back to you.
>>>>>>>>>>>
>>>>>>>>>>> On Mar 19, 2014, at 8:33 AM, Mark Allan <markjallan@gmail.com
>>>>>>>>>>> <mailto:
>>>>>>>>>>>
>>>>>>>>>> markjallan@gmail.com>> wrote:
>>>>>>>>>>> Just out of interest, did you test to see if it *actually*
>>>>>>>>>>> worked?
>>>>>>>>>>>
>>>>>>>>>>> My configure output shows that dmg and xar are supported, but it
>>>>>>>>>>>
>>>>>>>>>> doesn't actually detect the Eicar test file within a disk image.
>>>>>>>>>>> configure: Summary of engine detection features
>>>>>>>>>>> autoit_ea06 : yes
>>>>>>>>>>> bzip2 : ok
>>>>>>>>>>> zlib : /usr
>>>>>>>>>>> unrar : yes
>>>>>>>>>>> dmg and xar : yes, from /usr
>>>>>>>>>>>
>>>>>>>>>>> When I create a new disk image, copy the Eicar test file in,
>>>>>>>>>>> and scan
>>>>>>>>>>>
>>>>>>>>>> the dmg, it shows up as being clean.
>>>>>>>>>>> clamscan test.dmg
>>>>>>>>>>> test.dmg: OK
>>>>>>>>>>>
>>>>>>>>>>> ----------- SCAN SUMMARY -----------
>>>>>>>>>>> Known viruses: 3259558
>>>>>>>>>>> Engine version: 0.98.1
>>>>>>>>>>> Scanned directories: 0
>>>>>>>>>>> Scanned files: 1
>>>>>>>>>>> Infected files: 0
>>>>>>>>>>> Data scanned: 10.07 MB
>>>>>>>>>>> Data read: 10.02 MB (ratio 1.01:1)
>>>>>>>>>>> Time: 4.845 sec (0 m 4 s)
>>>>>>>>>>>
>>>>>>>>>>> Does this work as expected for anyone else?
>>>>>>>>>>>
>>>>>>>>>>> Mark
>>>>>>>>>>>
>>>>>>>>>>> On 10 Feb 2014, at 23:38, Rafael Ferreira <raf@uvasoftware.com
>>>>>>>>>>>
>>>>>>>>>> <mailto:raf@uvasoftware.com>> wrote:
>>>>>>>>>>> That worked, thanks!
>>>>>>>>>>>
>>>>>>>>>>> On February 10, 2014 at 4:29:41 PM, Steven Morgan (
>>>>>>>>>>>
>>>>>>>>>> smorgan@sourcefire.com<mailto:smorgan@sourcefire.com>) wrote:
>>>>>>>>>>> Rafael,
>>>>>>>>>>>
>>>>>>>>>>> Probably all you need to do install libxml&libxml2-dev, which
>>>>>>>>>>> is used
>>>>>>>>>>>
>>>>>>>>>> by
>>>>>>>> dmg and xar, then do your configure/make.
>>>>>>>>>>> Steve
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On Mon, Feb 10, 2014 at 6:05 PM, Rafael Ferreira <
>>>>>>>>>>> raf@uvasoftware.com
>>>>>>>>>>>
>>>>>>>>>> <mailto:raf@uvasoftware.com>>wrote:
>>>>>>>>>>> Folks,
>>>>>>>>>>>
>>>>>>>>>>> I'm compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and
>>>>>>>>>>> I'm not
>>>>>>>>>>> getting the new super awesome DMG and XAR file support:
>>>>>>>>>>>
>>>>>>>>>>> configure: Summary of detected features follows
>>>>>>>>>>> OS : linux-gnu
>>>>>>>>>>> pthreads : yes (-lpthread)
>>>>>>>>>>> configure: Summary of miscellaneous features
>>>>>>>>>>> check : no (auto)
>>>>>>>>>>> fanotify : yes
>>>>>>>>>>> fdpassing : 1
>>>>>>>>>>> IPv6 : yes
>>>>>>>>>>> configure: Summary of optional tools
>>>>>>>>>>> clamdtop : (auto)
>>>>>>>>>>> milter : yes (disabled)
>>>>>>>>>>> configure: Summary of engine performance features)
>>>>>>>>>>> release mode: yes
>>>>>>>>>>> jit : yes (auto)
>>>>>>>>>>> mempool : yes
>>>>>>>>>>> configure: Summary of engine detection features
>>>>>>>>>>> autoit_ea06 : yes
>>>>>>>>>>> bzip2 : ok
>>>>>>>>>>> zlib : /usr
>>>>>>>>>>> unrar : yes
>>>>>>>>>>> dmg and xar : no
>>>>>>>>>>>
>>>>>>>>>>> Am I missing a configure flag or third party library?
>>>>>>>>>>>
>>>>>>>>>>> Thanks in advance,
>>>>>>>>>>>
>>>>>>>>>>> - Rafael
>>>>>>>>>>>
>>>>>>>>>>> ----
>>>>>>>>>>> scanii.com<http://scanii.com> - the web friendly malware
>>>>>>>>>>> scanner!
>>>>>>>>>>> _______________________________________________
>>>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>>>> Please submit your patches to our Bugzilla:
>>>>>>>>>>> http://bugs.clamav.net
>>>>>>>>>>> _______________________________________________
>>>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>>>> Please submit your patches to our Bugzilla:
>>>>>>>>>>> http://bugs.clamav.net
>>>>>>>>>>> _______________________________________________
>>>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>>>> Please submit your patches to our Bugzilla:
>>>>>>>>>>> http://bugs.clamav.net
>>>>>>>>>>>
>>>>>>>>>>> _______________________________________________
>>>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>>>> Please submit your patches to our Bugzilla:
>>>>>>>>>>> http://bugs.clamav.net
>>>>>>>>>>>
>>>>>>>>>>> _______________________________________________
>>>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>>>> Please submit your patches to our Bugzilla:
>>>>>>>>>>> http://bugs.clamav.net
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> _______________________________________________
>>>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>>>> Please submit your patches to our Bugzilla:
>>>>>>>>>>> http://bugs.clamav.net
>>>>>>>>>>>
>>>>>>>>>>> _______________________________________________
>>>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>>>> Please submit your patches to our Bugzilla:
>>>>>>>>>>> http://bugs.clamav.net
>>>>>>>>>>>
>>>>>>>>>> _______________________________________________
>>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>>> Please submit your patches to our Bugzilla:
>>>>>>>>>> http://bugs.clamav.net
>>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>
>>>>>>> _______________________________________________
>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>
>>>>>>
>>>>> _______________________________________________
>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>
>>>
>> _______________________________________________
>> http://lurker.clamav.net/list/clamav-devel.html
>> Please submit your patches to our Bugzilla: http://bugs.clamav.net

_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
Re: enabling DMG and XAR support [ In reply to ]
Sorry, gcc version:

[root@localhost clamav-0.98.1]# gcc --version
gcc (GCC) 4.0.0 20050519 (Red Hat 4.0.0-8)
Copyright (C) 2005 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

[root@localhost clamav-0.98.1]#



On 03/25/2014 05:54 PM, Brandon Perry wrote:
> 'CCFLAGS="-O0" ./configure && make'
>
> [root@localhost clamav-0.98.1]# clamscan/clamscan --version
> ClamAV 0.98.1
> [root@localhost clamav-0.98.1]# uname -a
> Linux localhost.localdomain 2.6.11-1.1369_FC4 #1 Thu Jun 2 22:55:56 EDT
> 2005 i686 athlon i386 GNU/Linux
> [root@localhost clamav-0.98.1]#
>
>
> If you don't set CCFLAGS configure fails because of an optimization bug
> in the compiler, which is what I am assuming you are talking about by
> doesn't compile.
>
> Being nice gets you more friends on the internet, and everyone knows
> internet friends are the best kind of friends. :)
>
>
> On 03/25/2014 05:29 PM, Brandon Perry wrote:
>> Thanks, I don't have a PPC here, but I am going to install fedora core 4
>> x86 and x86_64 inside of virtual machines and will see if I run into any
>> issues.
>>
>> Legacy systems are unfortunate. However, I think you would be hard
>> pressed to find any open source project today supporting that, so I
>> don't think it is that ridiculous to not expend the effort to actively
>> support it. I wouldn't be surprised if the code required to make it
>> compile on your system *and* modern systems caused performance decreases
>> (or even not compile on modern gcc!).
>>
>> There might be a small chance that you would need to maintain a separate
>> patchset to maintain this compatibility since having it compile on both
>> your legacy and modern systems would be detrimental to other ClamAV users.
>>
>> On 03/25/2014 05:18 PM, Dale Walsh wrote:
>>> You're right, it shouldn't matter, PowerPC
>>>
>>> The next question coming will be OS related so I'll answer ahead of
>>> time, OS is Mac OS X 10.4.x.
>>>
>>> The reason is simple, I must support the OS the customer uses so there
>>> is no upgrading the OS, no changing OS and no changing the hardware.
>>>
>>> Since it stopped building correctly/completely under GCC 4.x we were
>>> left with no choice but to abandon it.
>>>
>>> -- Dale
>>>
>>>
>>>
>>> On Mar 24, 2014, at 18:57 PM, Brandon Perry wrote:
>>>
>>>> Dale,
>>>>
>>>> Not that it *should* matter, but what is your architecture?
>>>>
>>>> On 03/24/2014 05:33 PM, Shawn Webb wrote:
>>>>> On what up-to-date OSs can I find gcc 4.0 in active use? I'll
>>>>> briefly try
>>>>> to recreate the problem in my spare time for you.
>>>>>
>>>>>
>>>>> On Mon, Mar 24, 2014 at 6:22 PM, Dale Walsh
>>>>> <dale@daleenterprise.com> wrote:
>>>>>
>>>>>> When it builds completely under GCC 4.0, I would be more than happy to
>>>>>> offer detailed debugging information and dumps that would be
>>>>>> beneficial to
>>>>>> the project but as it stands, a bug report at bugzilla.clamav.net
>>>>>> isn't
>>>>>> anything I would consider wasting my time on but you are more than
>>>>>> welcome
>>>>>> to file the report yourself.
>>>>>>
>>>>>> It makes no sense for me to file a report as I may use the source
>>>>>> files
>>>>>> but nothing else, I repackage it so I can build it and rather than
>>>>>> listen
>>>>>> to stupidity about my method of building being the root of the
>>>>>> problem,
>>>>>> informing you like other have should be sufficient to warrant an
>>>>>> in-depth
>>>>>> investigation into the matter.
>>>>>>
>>>>>> -- Dale
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Mar 24, 2014, at 17:32 PM, Steven Morgan wrote:
>>>>>>
>>>>>> Yes, a dmg issue and an xar issue were mentioned. If the issue(s)
>>>>>> remain,
>>>>>>> please open a bug at bugzilla.clamav.net or send some files or
>>>>>>> --debug
>>>>>>> output.
>>>>>>>
>>>>>>>
>>>>>>> On Sun, Mar 23, 2014 at 5:17 PM, Joel Esler (jesler)
>>>>>>> <jesler@cisco.com
>>>>>>>> wrote:
>>>>>>> Then I am sure the developers would be glad to help figure out the
>>>>>>>> problem
>>>>>>>> and fix it.
>>>>>>>>
>>>>>>>> --
>>>>>>>> Joel Esler
>>>>>>>> Sent from my iPhone
>>>>>>>>
>>>>>>>> On Mar 22, 2014, at 13:32, "Dale Walsh" <dale@daleenterprise.com>
>>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>> 0.98.1 DMG does not work.
>>>>>>>>>
>>>>>>>>> -- Dale
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Mar 21, 2014, at 09:16 AM, Joel Esler (jesler) wrote:
>>>>>>>>>> DMG support was just added in the last version of ClamAV. How
>>>>>>>>>> long ago
>>>>>>>>>>
>>>>>>>>> did you do this testing?
>>>>>>>>>> On Mar 20, 2014, at 8:22 PM, Dale Walsh <dale@daleenterprise.com>
>>>>>>>>>> wrote:
>>>>>>>>>>> You did miss it but it's a two headed nail.
>>>>>>>>>>>
>>>>>>>>>>> PDF, DMG, XAR and RAR have had issues not recognizing the test
>>>>>>>>>>> viruses
>>>>>>>>>>>
>>>>>>>>>> to name just a couple that spring to mind that we've had
>>>>>>>>>> trouble with
>>>>>>>> and
>>>>>>>> this all started happening when the clang and crap entered the
>>>>>>>> picture.
>>>>>>>>
>>>>>>>>>>> I've worked with the developers in the past, once the build
>>>>>>>>>>>
>>>>>>>>>> environment dependancies changed and I was told I had to
>>>>>>>>>> upgrade my OS
>>>>>>>> and
>>>>>>>> build tools is when it was no longer possible to resolve these
>>>>>>>> issues as
>>>>>>>> the update solely for the purpose of building ClamAV is not an
>>>>>>>> option
>>>>>>>> and I
>>>>>>>> shouldn't be forced to use someone else's built tool preferences
>>>>>>>> just
>>>>>>>> because they have the luxury of updating on a whim or purely for
>>>>>>>> bragging
>>>>>>>> rights.
>>>>>>>>
>>>>>>>>>>> It does not matter if my OS is dated, security patches are
>>>>>>>>>>> applied to
>>>>>>>>>>>
>>>>>>>>>> the build tools as they become available and this seems to
>>>>>>>>>> satisfy all
>>>>>>>> other software that build from source except ClamAV.
>>>>>>>>
>>>>>>>>>>> Having everything build with GCC 4.0 would allow me/us to
>>>>>>>>>>> re-deploy
>>>>>>>>>>>
>>>>>>>>>> ClamAV and contribute to the code base again (I have in the
>>>>>>>>>> past) but
>>>>>>>> the
>>>>>>>> chances of this are slim to non from what I recall because my OS and
>>>>>>>> build
>>>>>>>> tools are dated and listening to rants about ancient and
>>>>>>>> deprecated is
>>>>>>>> nothing more than someone spewing stupidity.
>>>>>>>>
>>>>>>>>>>> The fact that I ensure all bugs and updates to the build tools
>>>>>>>>>>> are
>>>>>>>>>>>
>>>>>>>>>> fixed/added allows me to keep everything in harmony and there
>>>>>>>>>> is no
>>>>>>>> reason
>>>>>>>> to update anything to build a single software package when all other
>>>>>>>> software sources seem to be content with the existing build
>>>>>>>> environment.
>>>>>>>>
>>>>>>>>>>> If you wish to go off-list to continue the discussion I have no
>>>>>>>>>>>
>>>>>>>>>> objections.
>>>>>>>>>>> -- Dale
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On Mar 20, 2014, at 16:35 PM, Joel Esler (jesler) wrote:
>>>>>>>>>>>> Dale,
>>>>>>>>>>>>
>>>>>>>>>>>> Thanks for your email. I'm not sure exactly what you are
>>>>>>>>>>>> referring
>>>>>>>>>>>>
>>>>>>>>>>> to. Maybe I am missing a connection here or something, but the
>>>>>>>> discussion
>>>>>>>> was around scanning DMG and XAR, which I think, if there's a
>>>>>>>> issue with,
>>>>>>>> we'd be more than happy to work with anyone to try and square away.
>>>>>>>>
>>>>>>>>>>>> You seem to be discussing a build issue, and you say that it's a
>>>>>>>>>>>>
>>>>>>>>>>> waste of time. When did you get the impression that working
>>>>>>>>>>> with the
>>>>>>>> developers was a waste of time? If we're not communicating well
>>>>>>>> enough,
>>>>>>>> we
>>>>>>>> can fix that. But I think the team is doing a good job of that
>>>>>>>> judging
>>>>>>>> by
>>>>>>>> the amount of complaints I have received since we took over the
>>>>>>>> project
>>>>>>>> from the old ClamAV team.
>>>>>>>>
>>>>>>>>>>>> Please let me know if we need to take this offline and
>>>>>>>>>>>> discuss or
>>>>>>>>>>>>
>>>>>>>>>>> anything I can do to help.
>>>>>>>>>>>> --
>>>>>>>>>>>> Joel Esler
>>>>>>>>>>>> Open Source Manager
>>>>>>>>>>>> Threat Intelligence Team Lead
>>>>>>>>>>>> Vulnerability Research Team
>>>>>>>>>>>>
>>>>>>>>>>>> On Mar 20, 2014, at 3:55 PM, Dale Walsh <dale@daleenterprise.com
>>>>>>>>>>>>
>>>>>>>>>>> <mailto:dale@daleenterprise.com>> wrote:
>>>>>>>>>>>> Mark, this has been an issue for many versions along with a
>>>>>>>>>>>> slew of
>>>>>>>>>>>>
>>>>>>>>>>> others things not working as expected.
>>>>>>>>>>>> As much as I liked ClamAV, we've abandoned it as a mail solution
>>>>>>>>>>>>
>>>>>>>>>>> shortly after things stopped working correctly and they
>>>>>>>>>>> changed the
>>>>>>>> required build tools so you can no longer build it with GCC
>>>>>>>> 3.3/4.0/4.1/4.2
>>>>>>>> and have a fully functional app.
>>>>>>>>
>>>>>>>>>>>> Yes there are flags to get it to build but certain modules and
>>>>>>>>>>>>
>>>>>>>>>>> features don't build and making an incomplete and partially
>>>>>>>>>>> functional
>>>>>>>> binary isn't appealing.
>>>>>>>>
>>>>>>>>>>>> Advice on updating build tools is a waste of time as there is no
>>>>>>>>>>>>
>>>>>>>>>>> reason to update the build tools just to build ClamAV as it's the
>>>>>>>> only one
>>>>>>>> that has this ridiculous built-tool requirement and only an idiot
>>>>>>>> would
>>>>>>>> tell me to update.
>>>>>>>>
>>>>>>>>>>>> My thoughts on this is simple, if it doesn't build with the
>>>>>>>>>>>> basic GNU
>>>>>>>>>>>>
>>>>>>>>>>> GCC compiler tools then it's seriously flawed and needs these
>>>>>>>>>>> other
>>>>>>>> tools
>>>>>>>> to overcome the short-comings of poorly written/implemented code.
>>>>>>>>
>>>>>>>>>>>> When I say build, I mean build with full functionality so
>>>>>>>>>>>> don't go
>>>>>>>>>>>>
>>>>>>>>>>> off the deep-end stating it builds, partial functionality may be
>>>>>>>> acceptable
>>>>>>>> to you bhut it isn't to me.
>>>>>>>>
>>>>>>>>>>>> At this time, for personal use, I use the source code but
>>>>>>>>>>>> repackage
>>>>>>>>>>>>
>>>>>>>>>>> the build environment to work with what I have and I'm
>>>>>>>>>>> comfortable
>>>>>>>> with
>>>>>>>> submitting corrections and patches, too much focus and complaints
>>>>>>>> on my
>>>>>>>> build tools so why waste my time.
>>>>>>>>
>>>>>>>>>>>> -- Dale
>>>>>>>>>>>>
>>>>>>>>>>>> On Mar 19, 2014, at 11:34 AM, Rafael Ferreira wrote:
>>>>>>>>>>>>
>>>>>>>>>>>> Interesting... let me run some tests and get back to you.
>>>>>>>>>>>>
>>>>>>>>>>>> On Mar 19, 2014, at 8:33 AM, Mark Allan <markjallan@gmail.com
>>>>>>>>>>>> <mailto:
>>>>>>>>>>>>
>>>>>>>>>>> markjallan@gmail.com>> wrote:
>>>>>>>>>>>> Just out of interest, did you test to see if it *actually*
>>>>>>>>>>>> worked?
>>>>>>>>>>>>
>>>>>>>>>>>> My configure output shows that dmg and xar are supported, but it
>>>>>>>>>>>>
>>>>>>>>>>> doesn't actually detect the Eicar test file within a disk image.
>>>>>>>>>>>> configure: Summary of engine detection features
>>>>>>>>>>>> autoit_ea06 : yes
>>>>>>>>>>>> bzip2 : ok
>>>>>>>>>>>> zlib : /usr
>>>>>>>>>>>> unrar : yes
>>>>>>>>>>>> dmg and xar : yes, from /usr
>>>>>>>>>>>>
>>>>>>>>>>>> When I create a new disk image, copy the Eicar test file in,
>>>>>>>>>>>> and scan
>>>>>>>>>>>>
>>>>>>>>>>> the dmg, it shows up as being clean.
>>>>>>>>>>>> clamscan test.dmg
>>>>>>>>>>>> test.dmg: OK
>>>>>>>>>>>>
>>>>>>>>>>>> ----------- SCAN SUMMARY -----------
>>>>>>>>>>>> Known viruses: 3259558
>>>>>>>>>>>> Engine version: 0.98.1
>>>>>>>>>>>> Scanned directories: 0
>>>>>>>>>>>> Scanned files: 1
>>>>>>>>>>>> Infected files: 0
>>>>>>>>>>>> Data scanned: 10.07 MB
>>>>>>>>>>>> Data read: 10.02 MB (ratio 1.01:1)
>>>>>>>>>>>> Time: 4.845 sec (0 m 4 s)
>>>>>>>>>>>>
>>>>>>>>>>>> Does this work as expected for anyone else?
>>>>>>>>>>>>
>>>>>>>>>>>> Mark
>>>>>>>>>>>>
>>>>>>>>>>>> On 10 Feb 2014, at 23:38, Rafael Ferreira <raf@uvasoftware.com
>>>>>>>>>>>>
>>>>>>>>>>> <mailto:raf@uvasoftware.com>> wrote:
>>>>>>>>>>>> That worked, thanks!
>>>>>>>>>>>>
>>>>>>>>>>>> On February 10, 2014 at 4:29:41 PM, Steven Morgan (
>>>>>>>>>>>>
>>>>>>>>>>> smorgan@sourcefire.com<mailto:smorgan@sourcefire.com>) wrote:
>>>>>>>>>>>> Rafael,
>>>>>>>>>>>>
>>>>>>>>>>>> Probably all you need to do install libxml&libxml2-dev, which
>>>>>>>>>>>> is used
>>>>>>>>>>>>
>>>>>>>>>>> by
>>>>>>>>> dmg and xar, then do your configure/make.
>>>>>>>>>>>> Steve
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> On Mon, Feb 10, 2014 at 6:05 PM, Rafael Ferreira <
>>>>>>>>>>>> raf@uvasoftware.com
>>>>>>>>>>>>
>>>>>>>>>>> <mailto:raf@uvasoftware.com>>wrote:
>>>>>>>>>>>> Folks,
>>>>>>>>>>>>
>>>>>>>>>>>> I'm compiling clamav 0.98.1 on Linux (Ubuntu 12.04 LTS) and
>>>>>>>>>>>> I'm not
>>>>>>>>>>>> getting the new super awesome DMG and XAR file support:
>>>>>>>>>>>>
>>>>>>>>>>>> configure: Summary of detected features follows
>>>>>>>>>>>> OS : linux-gnu
>>>>>>>>>>>> pthreads : yes (-lpthread)
>>>>>>>>>>>> configure: Summary of miscellaneous features
>>>>>>>>>>>> check : no (auto)
>>>>>>>>>>>> fanotify : yes
>>>>>>>>>>>> fdpassing : 1
>>>>>>>>>>>> IPv6 : yes
>>>>>>>>>>>> configure: Summary of optional tools
>>>>>>>>>>>> clamdtop : (auto)
>>>>>>>>>>>> milter : yes (disabled)
>>>>>>>>>>>> configure: Summary of engine performance features)
>>>>>>>>>>>> release mode: yes
>>>>>>>>>>>> jit : yes (auto)
>>>>>>>>>>>> mempool : yes
>>>>>>>>>>>> configure: Summary of engine detection features
>>>>>>>>>>>> autoit_ea06 : yes
>>>>>>>>>>>> bzip2 : ok
>>>>>>>>>>>> zlib : /usr
>>>>>>>>>>>> unrar : yes
>>>>>>>>>>>> dmg and xar : no
>>>>>>>>>>>>
>>>>>>>>>>>> Am I missing a configure flag or third party library?
>>>>>>>>>>>>
>>>>>>>>>>>> Thanks in advance,
>>>>>>>>>>>>
>>>>>>>>>>>> - Rafael
>>>>>>>>>>>>
>>>>>>>>>>>> ----
>>>>>>>>>>>> scanii.com<http://scanii.com> - the web friendly malware
>>>>>>>>>>>> scanner!
>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>>>>> Please submit your patches to our Bugzilla:
>>>>>>>>>>>> http://bugs.clamav.net
>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>>>>> Please submit your patches to our Bugzilla:
>>>>>>>>>>>> http://bugs.clamav.net
>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>>>>> Please submit your patches to our Bugzilla:
>>>>>>>>>>>> http://bugs.clamav.net
>>>>>>>>>>>>
>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>>>>> Please submit your patches to our Bugzilla:
>>>>>>>>>>>> http://bugs.clamav.net
>>>>>>>>>>>>
>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>>>>> Please submit your patches to our Bugzilla:
>>>>>>>>>>>> http://bugs.clamav.net
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>>>>> Please submit your patches to our Bugzilla:
>>>>>>>>>>>> http://bugs.clamav.net
>>>>>>>>>>>>
>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>>>>> Please submit your patches to our Bugzilla:
>>>>>>>>>>>> http://bugs.clamav.net
>>>>>>>>>>>>
>>>>>>>>>>> _______________________________________________
>>>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>>>> Please submit your patches to our Bugzilla:
>>>>>>>>>>> http://bugs.clamav.net
>>>>>>>>>>>
>>>>>>>>>> _______________________________________________
>>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>>
>>>>>>>
>>>>>> _______________________________________________
>>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>>>
>>>>> _______________________________________________
>>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>> _______________________________________________
>>>> http://lurker.clamav.net/list/clamav-devel.html
>>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>>>
>>>>
>>> _______________________________________________
>>> http://lurker.clamav.net/list/clamav-devel.html
>>> Please submit your patches to our Bugzilla: http://bugs.clamav.net

_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net

1 2  View All