Clam open source unix antivirus scanner development

Renato Botelho | 1 Mar 2010 20:22

Picon

Tests failing on FreeBSD 6.x

Hello one more time,

I was trying to update clamav-devel port to a more recent snapshot
and I got some segfaults during make test, like you can see here:

g++42: -rpath=/usr/local/lib/gcc42: linker input file unused because
linking not done
  CXX    llvmunittest_JIT-JITMemoryManagerTest.o
g++42 -DHAVE_CONFIG_H -I.  -I./llvm/include -I./llvm/include
-D__STDC_LIMIT_MACROS -D__STDC_CONSTANT_MACROS -D_DEBUG -D_GNU_SOURCE
-I./llvm/utils/unittest/googletest/include -I/usr/local/include
-Woverloaded-virtual -pedantic -Wno-long-long -Wall -W
-Wno-unused-parameter -Wwrite-strings -Wno-missing-field-initializers
-Wno-variadic-macros -fno-exceptions -O2 -fno-strict-aliasing -pipe
-Wl,-rpath=/usr/local/lib/gcc42 -c -o
llvmunittest_JIT-JITMemoryManagerTest.o `test -f
'llvm/unittests/ExecutionEngine/JIT/JITMemoryManagerTest.cpp' || echo
'./'`llvm/unittests/ExecutionEngine/JIT/JITMemoryManagerTest.cpp
g++42: -rpath=/usr/local/lib/gcc42: linker input file unused because
linking not done
  CXX    llvmunittest_JIT-JITTest.o
g++42 -DHAVE_CONFIG_H -I.  -I./llvm/include -I./llvm/include
-D__STDC_LIMIT_MACROS -D__STDC_CONSTANT_MACROS -D_DEBUG -D_GNU_SOURCE
-I./llvm/utils/unittest/googletest/include -I/usr/local/include
-Woverloaded-virtual -pedantic -Wno-long-long -Wall -W
-Wno-unused-parameter -Wwrite-strings -Wno-missing-field-initializers
-Wno-variadic-macros -fno-exceptions -O2 -fno-strict-aliasing -pipe
-Wl,-rpath=/usr/local/lib/gcc42 -c -o llvmunittest_JIT-JITTest.o `test
-f 'llvm/unittests/ExecutionEngine/JIT/JITTest.cpp' || echo
'./'`llvm/unittests/ExecutionEngine/JIT/JITTest.cpp

(Continue reading)

Török Edwin | 1 Mar 2010 21:41

Picon

Re: Tests failing on FreeBSD 6.x

On 03/01/2010 09:22 PM, Renato Botelho wrote:
> Hello one more time,
> 
> I was trying to update clamav-devel port to a more recent snapshot
> and I got some segfaults during make test, like you can see here:

Which FreeBSD version, and which architecture?

> 
> g++42: -rpath=/usr/local/lib/gcc42: linker input file unused because
> linking not done
>   CXX    llvmunittest_JIT-JITMemoryManagerTest.o
> g++42 -DHAVE_CONFIG_H -I.  -I./llvm/include -I./llvm/include
> -D__STDC_LIMIT_MACROS -D__STDC_CONSTANT_MACROS -D_DEBUG -D_GNU_SOURCE
> -I./llvm/utils/unittest/googletest/include -I/usr/local/include
> -Woverloaded-virtual -pedantic -Wno-long-long -Wall -W
> -Wno-unused-parameter -Wwrite-strings -Wno-missing-field-initializers
> -Wno-variadic-macros -fno-exceptions -O2 -fno-strict-aliasing -pipe
> -Wl,-rpath=/usr/local/lib/gcc42 -c -o
> llvmunittest_JIT-JITMemoryManagerTest.o `test -f
> 'llvm/unittests/ExecutionEngine/JIT/JITMemoryManagerTest.cpp' || echo
> './'`llvm/unittests/ExecutionEngine/JIT/JITMemoryManagerTest.cpp
> g++42: -rpath=/usr/local/lib/gcc42: linker input file unused because
> linking not done
>   CXX    llvmunittest_JIT-JITTest.o
> g++42 -DHAVE_CONFIG_H -I.  -I./llvm/include -I./llvm/include
> -D__STDC_LIMIT_MACROS -D__STDC_CONSTANT_MACROS -D_DEBUG -D_GNU_SOURCE
> -I./llvm/utils/unittest/googletest/include -I/usr/local/include
> -Woverloaded-virtual -pedantic -Wno-long-long -Wall -W
> -Wno-unused-parameter -Wwrite-strings -Wno-missing-field-initializers

(Continue reading)

Renato Botelho | 1 Mar 2010 21:46

Picon

Re: Tests failing on FreeBSD 6.x

2010/3/1 Török Edwin <edwintorok <at> gmail.com>:
> On 03/01/2010 09:22 PM, Renato Botelho wrote:
>> Hello one more time,
>>
>> I was trying to update clamav-devel port to a more recent snapshot
>> and I got some segfaults during make test, like you can see here:
>
> Which FreeBSD version, and which architecture?

6.4-RELEASE amd64

> Can you get a gdb backtrace for one of these? (when built with debug
> symbols)
> Just run gdb ./llvmunittest_ADT
> (gdb) run
> ...
> (gdb) bt

I don't have a real FreeBSD 6.4 machine around, I was testing it using
tinderbox [1], i'll read tinderbox documentation and see if there is a way
to stop the building without clean environment, so I can do it.

--

-- 
Renato Botelho
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net

Török Edwin | 1 Mar 2010 23:10

Picon

Re: Tests failing on FreeBSD 6.x

On 03/01/2010 10:46 PM, Renato Botelho wrote:
> 2010/3/1 Török Edwin <edwintorok <at> gmail.com>:
>> On 03/01/2010 09:22 PM, Renato Botelho wrote:
>>> Hello one more time,
>>>
>>> I was trying to update clamav-devel port to a more recent snapshot
>>> and I got some segfaults during make test, like you can see here:
>> Which FreeBSD version, and which architecture?
> 
> 6.4-RELEASE amd64

I have 6.4 i386 in a VM :(

I just installed gcc42 on it (pkg_add needed some convincing to use
packages-6-stable instead of packages-6.4-release), and llvmunittest_ADT
worked.

I did this:
./configure CXX=g++42 CC=gcc42 --disable-clamav --enable-llvm
cd libclamav/c++
make llvmunittest_ADT
./llvmunittest_ADT

It told me that 92 tests passed.

My guess is that something goes wrong during startup, the ADT test is
really simple and tehre isn't much that can segfault there.

> 
>> Can you get a gdb backtrace for one of these? (when built with debug

(Continue reading)

Renato Botelho | 2 Mar 2010 00:37

Picon

Re: Tests failing on FreeBSD 6.x

2010/3/1 Török Edwin <edwintorok <at> gmail.com>:
> On 03/01/2010 10:46 PM, Renato Botelho wrote:
>> 2010/3/1 Török Edwin <edwintorok <at> gmail.com>:
>>> On 03/01/2010 09:22 PM, Renato Botelho wrote:
>>>> Hello one more time,
>>>>
>>>> I was trying to update clamav-devel port to a more recent snapshot
>>>> and I got some segfaults during make test, like you can see here:
>>> Which FreeBSD version, and which architecture?
>>
>> 6.4-RELEASE amd64
>
> I have 6.4 i386 in a VM :(
>
> I just installed gcc42 on it (pkg_add needed some convincing to use
> packages-6-stable instead of packages-6.4-release), and llvmunittest_ADT
> worked.
>
> I did this:
> ./configure CXX=g++42 CC=gcc42 --disable-clamav --enable-llvm
> cd libclamav/c++
> make llvmunittest_ADT
> ./llvmunittest_ADT
>
> It told me that 92 tests passed.
>
> My guess is that something goes wrong during startup, the ADT test is
> really simple and tehre isn't much that can segfault there.
>
>>

(Continue reading)

Limor Tal | 2 Mar 2010 13:00

Picon

Do I really have to upgrade to 0.95 ?...

1. Can I keep using code that is older than 0.95 with the future CVD files
(those that will be distributed starting from May 2010) if I do not use
sigtool and cdiff?
2. Are those the only places in the code where the long signatures in the
daily file cause a problem?
3. Is the signature length the only incompatibility issue?
4. Can I choose to ignore the "special signature which disables all clamd
installations older than 0.95"?
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net

Török Edwin | 2 Mar 2010 13:42

Picon

Re: Do I really have to upgrade to 0.95 ?...

On 03/02/2010 02:00 PM, Limor Tal wrote:
> 1. Can I keep using code that is older than 0.95 with the future CVD files

Why? What prevents you from upgrading?
What version are you running now?

> (those that will be distributed starting from May 2010) if I do not use
> sigtool and cdiff?

If you somehow workaround the special signature (your question 4), then
the CVD will load. It may, or may not work; it may, or may not crash.

There is also bug #1331 (which got fixed in 0.95) affecting libclamav
with logical signatures.

All signatures can specify a "functionality level" to say what is the
minimum engine version needed to load them. When we release a signature
that makes use of these new features, we usually set the minimum
functionality level (so old engines will skip the signature).

However due to bug #1331, ClamAV <0.95 which tries to load a logical
signature with a functionality level specified, it will either read
uninitialized memory, or crash.
So even if we wanted to add functionality level to the new ldbs, so that
older engines (than 0.95) can load it, we can't since adding the
functionality level would cause a crash for them.
If we don't add the functionality level, libclamav won't crash, but will
probably fail to load the signature with a syntax error.

> 2. Are those the only places in the code where the long signatures in the

(Continue reading)

Brandon Perry | 2 Mar 2010 16:44

Picon

Re: Do I really have to upgrade to 0.95 ?...

I can understand that on some legacy production systems, it would be easier
to work around than upgrade. I have run into FC3 production machines, and
just compiling clamav or such wouldn't just work.

Limor, can you give us a reason why it's an issue?

2010/3/2 Török Edwin <edwintorok <at> gmail.com>

> On 03/02/2010 02:00 PM, Limor Tal wrote:
> > 1. Can I keep using code that is older than 0.95 with the future CVD
> files
>
> Why? What prevents you from upgrading?
> What version are you running now?
>
> > (those that will be distributed starting from May 2010) if I do not use
> > sigtool and cdiff?
>
> If you somehow workaround the special signature (your question 4), then
> the CVD will load. It may, or may not work; it may, or may not crash.
>
> There is also bug #1331 (which got fixed in 0.95) affecting libclamav
> with logical signatures.
>
> All signatures can specify a "functionality level" to say what is the
> minimum engine version needed to load them. When we release a signature
> that makes use of these new features, we usually set the minimum
> functionality level (so old engines will skip the signature).
>
> However due to bug #1331, ClamAV <0.95 which tries to load a logical

(Continue reading)

Matt Watchinski | 2 Mar 2010 19:18

ClamAV Community Announcement

The release date for ClamAV 0.96 RC 1 has been moved up to March 10th, 2010.
With that in mind, I wanted to take a moment to highlight some of the new
features we've been working on and a new product for ClamAV Windows users.
Additionally, I'd like to encourage users to try out the RC when its released on
March 10th to help us find bugs before the final release.

First up, let's talk about 0.96 and some of its major new features.

1. The Bytecode Interpreter - The Bytecode Interpreter allows ClamAV sig-makers
to create very complex AV signatures for complex pieces of malware.  This is a
pretty major addition to the detection technologies inside of ClamAV.

2. Native Windows Support - ClamAV will now build natively under Visual Studio.
This will allow 3rd Party application developers on windows to easily integrate
LibClamAV into their applications.

3. UPX 3.0 unpacking support - Add support to decompressing UPX version 3.0
packed applications.

4. 7zip archive support - Add support for decompressing 7zip archives and
inspecting their contents.

5. OSX Mach-O support - Add support for parsing OSX Mach-O binaries files and
intelligently inspecting their contents

6. 64-bit ELF support - Add support for intelligently parsing and detecting
malware in 64-Bit ELF binaries.

7. InstallShield archives support - Add support for unpacking and inspecting the
contents of InstallShield archives.

(Continue reading)

Brandon Perry | 2 Mar 2010 19:27

Picon

ClamAV Community Announcement

This is awesome. You guys rock hardcore.

On Mar 2, 2010 12:24 PM, "Matt Watchinski" <mwatchinski <at> sourcefire.com>
wrote:

The release date for ClamAV 0.96 RC 1 has been moved up to March 10th, 2010.
With that in mind, I wanted to take a moment to highlight some of the new
features we've been working on and a new product for ClamAV Windows users.
Additionally, I'd like to encourage users to try out the RC when its
released on
March 10th to help us find bugs before the final release.

First up, let's talk about 0.96 and some of its major new features.

1. The Bytecode Interpreter - The Bytecode Interpreter allows ClamAV
sig-makers
to create very complex AV signatures for complex pieces of malware.  This is
a
pretty major addition to the detection technologies inside of ClamAV.

2. Native Windows Support - ClamAV will now build natively under Visual
Studio.
This will allow 3rd Party application developers on windows to easily
integrate
LibClamAV into their applications.

3. UPX 3.0 unpacking support - Add support to decompressing UPX version 3.0
packed applications.

4. 7zip archive support - Add support for decompressing 7zip archives and

(Continue reading)

Group

gmane.comp.security.virus.clamav.devel.

Project Web Page

Clam open source unix antivirus scanner development

Search Archive

Page

1 | 2 | 3 | 4 | 5 | 6

Articles in period: 54

March 2010

Language

Change language

Options

Current view: Threads only / Showing only 20 lines / Not hiding cited text.
Change to All messages, whole messages, or hide cited text.

Post a message
NNTP Newsgroup
Classic Gmane web interface
XML

XML

RSS Feed
List Information

About Gmane

Recent entries

Contribution: libclamav.dll + Python (22 May 2013)
clamav-devel Digest, Vol 100, Issue 6 (23 Mar 2013)
Does clamav work with hex or characters? (23 Mar 2013)
New Version of ClamAV (22 Mar 2013)
New Version of ClamAV (20 Mar 2013)
ClamAV 0.97.7 has been released! (19 Mar 2013)
Contribute signatures (17 Mar 2013)
ClamAV 0.97.7 has been released! (16 Mar 2013)
ClamAV 0.97.7 has been released! (16 Mar 2013)
ClamAV 0.97.7 has been released! (15 Mar 2013)
smaller db ? (25 Feb 2013)
JIT code generation on Windows x64 / MSVC (9 Jan 2013)
New Contributor - Loïc Maury (28 Dec 2012)
Contribution. (10 Nov 2012)
Placebo - A ClamAV Central Management Toolkit (18 Oct 2012)
Interesting Project for a 6-month Internship (12 Sep 2012)
Libclamav - filetype detection functionality (11 Sep 2012)
Patch: add jitter to freshclam's update period (22 Aug 2012)
Question about matcher-bm.c (2 Jul 2012)
Mail backlog on clamav-users? (14 Jun 2012)
Test suit cannot fork process for debugging with clamav. (10 May 2012)

Archives

2	May 2013
25	March 2013
6	February 2013
5	January 2013
2	December 2012
2	November 2012
1	October 2012
3	September 2012
9	August 2012
2	July 2012
1	June 2012
3	May 2012
27	April 2012
4	March 2012
24	February 2012
7	January 2012
15	December 2011
12	October 2011
7	September 2011
6	August 2011
22	July 2011
11	June 2011
5	May 2011
5	March 2011
6	February 2011
7	January 2011
12	December 2010
7	November 2010
17	October 2010
15	September 2010
16	August 2010
5	July 2010
16	June 2010
23	May 2010
95	April 2010
54	March 2010
13	January 2010
27	December 2009
8	November 2009
1	October 2009
7	September 2009
5	August 2009
6	July 2009
6	June 2009
14	May 2009
9	April 2009
46	March 2009
8	February 2009
15	January 2009
42	December 2008
17	November 2008
5	October 2008
5	September 2008
31	August 2008
10	July 2008
10	June 2008
13	May 2008
15	April 2008
15	March 2008
9	February 2008
9	January 2008
30	December 2007
22	November 2007
18	October 2007
12	September 2007
4	August 2007
3	July 2007
24	June 2007
26	May 2007
18	April 2007
75	March 2007
52	February 2007
20	January 2007
15	December 2006
36	November 2006
43	October 2006
61	September 2006
9	August 2006
20	July 2006
33	June 2006
39	May 2006
42	April 2006
40	March 2006
12	February 2006
75	January 2006
26	December 2005
39	November 2005
22	October 2005
18	September 2005
26	August 2005
52	July 2005
58	June 2005
89	May 2005
67	April 2005
122	March 2005
124	February 2005
102	January 2005
82	December 2004
83	November 2004
103	October 2004
54	September 2004
56	August 2004
64	July 2004
79	June 2004
58	May 2004
106	April 2004
145	March 2004
80	February 2004
39	January 2004
53	December 2003
82	November 2003
39	October 2003
137	September 2003
70	August 2003
2	July 2003
1	March 2003

Design

Zawodny | Right Menu | Left Menu

Your Own Design

Paste the URL of your CSS below. Download CSS template