On Mon, 2004-10-25 at 17:38, Scott Beck wrote: > > The person that sent this bug report to me initially managed to track it > down further today. Here is what they said: > > The story seems to go like that: > > - the jpeg file is not an archive and is not a mail, hence scan options > are 0 > - the cli_magic_scandesc decides it is in raw mode and refuses to read > the beginning of the file to fetch its magic, so type remains 0 > instead of CL_TYPE_GRAPHICS; > - the cli_validatesig sees the file is not a picture, and does not > call cli_check_jpeg_exploit, which results in Exploit.JPEG.Comment.FA > not being neutralized, so we end up with a false positive > > Will you please pursue the matter, since I'm not subscribed to clamav > lists. > > A quick workaround (e.g. to turn turn up some random flag) is an > inappropriate solution.
Stock 0.80 clamscan/clamdscan does not find a match in this file. You have the following choices: 1. Use clamscan/clamdscan 2. Try CVS with your code. -trog _______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-devel
