Hi All,
I'm still seeing this Malformed database error with freshclam on an
older system. Going back prior to 25410 seems to resolve the issue.
I'd like to work on the code and see if I can find the bug or system
library causing the issue. Can anyone help give me a pointer where I
can drill into the malformed header check specifically where is the code
located for engine->dbinfo? I'm having some logic issues figuring out
what routine / class that is calling.
Regards,
KAM
-------- Forwarded Message --------
Subject: Re: [clamav-users] Malformed pattern daily.ldb version 25410
Date: Sat, 6 Apr 2019 06:37:31 -0400
From: Kevin A. McGrail <KMcGrail@PCCC.com>
To: clamav-users@lists.clamav.net
On 4/5/2019 9:40 PM, David Shrimpton via clamav-users wrote:
> This appears to be a different problem than the sigtool --list problem on daily
Thanks for the impressive list of debug ideas. Whatever this is, it's a
bug in clamav or an underlying library. The machine with the issue is a
hodgepodge system.
Ran wget http://db.US.clamav.net/main.cvd
Here's the file size: 117892267
Here's the sha1: d275ad7d79af6ecf602d8813173a0bb0a0a00a88 main.cvd
All this is correct information but fails with I ran sigtool:
/usr/local/clamav/bin/sigtool --info main.cvd
File: main.cvd
Build time: 07 Jun 2017 17:38 -0400
Version: 58
Signatures: 4566249
Functionality level: 60
Builder: sigmgr
MD5: 57462fd73f1cfdb356b9dca66da2b732
Digital signature:
KWRdhTG+Own6ohh0wn5+vqg1d8ULKCxxxQeKuSA155B3ijxBKgf+bV3IXPcmZrIBUDn1xi8FmyvB63UieykwN/Avq5mTjHIVO8zFnC7wVF7dhdcEYn9Nt+Pmk/HXXx0voylYkidvgZmrxI8jx4a/Re6n3hHQJoCZrkHM15GER8j
LibClamAV Error: cli_cvdload: Corrupted CVD header
ERROR: cvdinfo: Verification: Malformed database
On another machine with the same version of clamav 0.100.3, it passes
sigtool:
/usr/local/clamav/bin/sigtool --info main.cvd
File: main.cvd
Build time: 07 Jun 2017 17:38 -0400
Version: 58
Signatures: 4566249
Functionality level: 60
Builder: sigmgr
MD5: 57462fd73f1cfdb356b9dca66da2b732
Digital signature:
KWRdhTG+Own6ohh0wn5+vqg1d8ULKCxxxQeKuSA155B3ijxBKgf+bV3IXPcmZrIBUDn1xi8FmyvB63UieykwN/Avq5mTjHIVO8zFnC7wVF7dhdcEYn9Nt+Pmk/HXXx0voylYkidvgZmrxI8jx4a/Re6n3hHQJoCZrkHM15GER8j
Verification OK.
Modifying cvd.c, I changed the CL_EMALFDB to be a little more specific
so I can see that the call to dbinfo = engine->dbinfo; is failing.
After that, though, I need some pointers of what routine/class provides
that. Maybe I can keep drilling down and find out what's got a bug
that's throwing a fit.
Regards,
KAM
I'm still seeing this Malformed database error with freshclam on an
older system. Going back prior to 25410 seems to resolve the issue.
I'd like to work on the code and see if I can find the bug or system
library causing the issue. Can anyone help give me a pointer where I
can drill into the malformed header check specifically where is the code
located for engine->dbinfo? I'm having some logic issues figuring out
what routine / class that is calling.
Regards,
KAM
-------- Forwarded Message --------
Subject: Re: [clamav-users] Malformed pattern daily.ldb version 25410
Date: Sat, 6 Apr 2019 06:37:31 -0400
From: Kevin A. McGrail <KMcGrail@PCCC.com>
To: clamav-users@lists.clamav.net
On 4/5/2019 9:40 PM, David Shrimpton via clamav-users wrote:
> This appears to be a different problem than the sigtool --list problem on daily
Thanks for the impressive list of debug ideas. Whatever this is, it's a
bug in clamav or an underlying library. The machine with the issue is a
hodgepodge system.
Ran wget http://db.US.clamav.net/main.cvd
Here's the file size: 117892267
Here's the sha1: d275ad7d79af6ecf602d8813173a0bb0a0a00a88 main.cvd
All this is correct information but fails with I ran sigtool:
/usr/local/clamav/bin/sigtool --info main.cvd
File: main.cvd
Build time: 07 Jun 2017 17:38 -0400
Version: 58
Signatures: 4566249
Functionality level: 60
Builder: sigmgr
MD5: 57462fd73f1cfdb356b9dca66da2b732
Digital signature:
KWRdhTG+Own6ohh0wn5+vqg1d8ULKCxxxQeKuSA155B3ijxBKgf+bV3IXPcmZrIBUDn1xi8FmyvB63UieykwN/Avq5mTjHIVO8zFnC7wVF7dhdcEYn9Nt+Pmk/HXXx0voylYkidvgZmrxI8jx4a/Re6n3hHQJoCZrkHM15GER8j
LibClamAV Error: cli_cvdload: Corrupted CVD header
ERROR: cvdinfo: Verification: Malformed database
On another machine with the same version of clamav 0.100.3, it passes
sigtool:
/usr/local/clamav/bin/sigtool --info main.cvd
File: main.cvd
Build time: 07 Jun 2017 17:38 -0400
Version: 58
Signatures: 4566249
Functionality level: 60
Builder: sigmgr
MD5: 57462fd73f1cfdb356b9dca66da2b732
Digital signature:
KWRdhTG+Own6ohh0wn5+vqg1d8ULKCxxxQeKuSA155B3ijxBKgf+bV3IXPcmZrIBUDn1xi8FmyvB63UieykwN/Avq5mTjHIVO8zFnC7wVF7dhdcEYn9Nt+Pmk/HXXx0voylYkidvgZmrxI8jx4a/Re6n3hHQJoCZrkHM15GER8j
Verification OK.
Modifying cvd.c, I changed the CL_EMALFDB to be a little more specific
so I can see that the call to dbinfo = engine->dbinfo; is failing.
After that, though, I need some pointers of what routine/class provides
that. Maybe I can keep drilling down and find out what's got a bug
that's throwing a fit.
Regards,
KAM