Re: [clamav-users] [Clamav-devel] ClamAV® blog: ClamAV 0.101.1 Patch has been released

2019-01-12 Thread Sergey 
On Monday 07 January 2019, Joel Esler (jesler) wrote:

> > ClamAV 0.101.1 Patch has been released

I seen that systemd's unit files exist now for clamd and frashclam
but this file isn't exist for clamav-milter. This is a small problem,
but it may be should to add a file for uniformity.

-- 
Regards,
Sergey
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] [Clamav-devel] ClamAV® blog: ClamAV 0.101.1 Patch has been released

2019-01-10 Thread Gary R. Schmidt 

On 11/01/2019 04:34, Micah Snyder (micasnyd) wrote:
[SNIP]
>
Type casting to disable warnings sometimes only masks potential issues 
and should only be done with extreme care.



This!  This!!  So many, many, many times this!!!

Cheers,
GaryB-)
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] [Clamav-devel] ClamAV® blog: ClamAV 0.101.1 Patch has been released

2019-01-10 Thread Micah Snyder (micasnyd) 
Hi Alan,

I'm not sure which source files belong to that third party library.
The two non-bogus warnings I got were:

libclamunrar/arcread.cpp:32:3: warning: 'ReadSize' may be used uninitialized in 
this function
libclamunrar/rijndael.cpp:101:21: warning: 'uKeyLenInBytes' may be used 
uninitialized in this function

These seem to assume that an input variable takes on an allowed value;
I don't know if that assumption can always be guaranteed.

libclamunrar is in fact UnRAR 5.6.5 from RARLab with very, very limited changes 
from our team.  I just spoke with a developer from their team and he's happy to 
initialize those variables when they're defined, to appease the compiler, even 
though they do actually get initialized later.  The UnRAR developers are 
extremely responsive and helpful.

The warnings in our own code regarding integers of different
signedness are probably most concerning.  I very much want to take a
stab at cleaning those up as soon as I find time, but it will require
much care and heavy regression testing as it can be very easy to
break things when changing variable types.

Indeed.  On-the-spot typecasting is less invasive but more awkward.

Type casting to disable warnings sometimes only masks potential issues and 
should only be done with extreme care.

-Micah
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] [Clamav-devel] ClamAV® blog: ClamAV 0.101.1 Patch has been released

2019-01-10 Thread Micah Snyder (micasnyd) 
Joel wasn't aware, but we do actually test ClamAV builds on Solaris on a Sparc 
machine before each release because it's the only big-endian machine we have on 
hand. Our testing is limited to a manual cursory build and run-test though. We 
have limited access to the machine (it's in a shared environment) and it is 
incredibly slow.

I also have an x64 Solaris VM in our build-acceptance Jenkins node-set, but not 
our full QA-suite node-set. However, it is presently disabled because getting 
builds working correctly was a fight and I ran out of time the last time I was 
working on it.  I've been meaning to give it another go sometime.

I think you're right about this warning manifesting on only 32bit machines. I 
think we need to add some automated checks for warnings (discounting some 
harmless ones) in our build-acceptance and/or QA test suites to alert on this 
kind of thing.  We don't manually build on 32bit machines often.

Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.


On Jan 9, 2019, at 10:02 PM, Gary R. Schmidt 
mailto:grschm...@acm.org>> wrote:

On 09/01/2019 00:01, Joel Esler (jesler) wrote:
Solaris is definitely not one of the OSs in our build farm.  Just FYI.
Oh, I'm not surprised about that, I can't even attempt to justify you having an 
x64 VM set-up to build clamav, given that the set of Solaris clamav users may 
be no greater than 1!  :-)

That said, I had a bit more of a look at the problem, it appears to be a 32-bit 
build only problem, 64-bit builds do not show this problem, on either Solaris 
or OpenSUSE Tumbleweed.

Getting 64-bit builds working completely on Solaris is a bitch-fight with 
configure, I didn't try to get a 32-bit build working on Tumbleweed.

Given that the problem has also been seen on a Linux system, I expect it will 
be dealt with, in the fullness of time.  ;-)

Cheers,
Gary B-)

On Jan 8, 2019, at 1:05 AM, Gary R. Schmidt 
mailto:grschm...@acm.org>> wrote:

On 08/01/2019 05:33, Joel Esler (jesler) wrote:

https://blog.clamav.net/2019/01/clamav-01011-patch-has-been-released.html 


ClamAV 0.101.1 Patch has been released

ClamAV 0.101.1 is an urgent patch release to address an issue in 0.101.0 
specifically for developers that depend on libclamav. The issue in 0.101.0 is 
that clamav.h required supporting headers that were not provided on make 
install. To address this issue, the internal cltypes.h header has been replaced 
by a clamav-types.h that is generated on ./configure and will be installed 
alongside clamav.h.

Other changes

Increased the default CommandReadTimeout to reduce the chance of mail loss if 
using clamav-milter with the TCP socket. Contribution by Scott Kitterman. Fixes 
for --with-libjson and --with-libcurl to correctly accept library install path 
arguments.

Acknowledgements

 The ClamAV team thanks the following individuals for their code submissions: 
Scott Kitterman

Known Issues

Some users have observed crashes the first time running freshclam after 
upgrading from 0.100 to 0.101. We haven't yet tracked down the source of the 
issue, but have found that the issue resolves itself and that subsequent calls 
to freshclam work as expected.

Please download and update to 0.101.1 , send 
us your feedback on ClamAV-Users 
.
Building on Solaris 11.3 with GCC/G++ 7.3.0 and I just noticed gives this 
warning.  The warning was also in 0.101.0, and possibly earlier versions, but I 
didn't notice it.

--
libtool: compile:  gcc -DHAVE_CONFIG_H -I. -I.. -I../libclammspack -I.. 
-I./nsis -I../libltdl -DWARN_DLOPEN_FAIL -I/usr/local/include 
-I/opt/local/include -I../libclammspack/mspack -DHAVE_INTERNAL_MSPACK 
-DHAVE_YARA -DSEARCH_LIBDIR=\"/opt/local/lib\" -I/usr/local/include 
-I/usr/include/json-c -I/usr/local/include -I/usr/local/include 
-I/usr/include/libxml2 -g -O2 -fno-strict-aliasing -D_LARGEFILE_SOURCE 
-D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -MT libclamav_la-pdf.lo -MD -MP 
-MF .deps/libclamav_la-pdf.Tpo -c pdf.c  -fPIC -DPIC -o .libs/libclamav_la-pdf.o
pdf.c: In function 'find_length':
pdf.c:947:80: warning: passing argument 5 of 'cli_strntoul_wrap' from 
incompatible pointer type [-Wincompatible-pointer-types]
if (CL_SUCCESS != cli_strntoul_wrap(index, bytes_remaining, 0, 10, 
)) {

   ^
In file included from yara_clam.h:46:0,
from others.h:58,
from matcher.h:29,
from others.h:22,
from pdf.c:56:
str.h:78:12: note: expected 'long unsigned int *' but argument is of type 
'size_t * {aka unsigned int *}'
cl_error_t cli_strntoul_wrap(const char *buf, size_t buf_size, int 
fail_at_nondigit, int base, unsigned long *result);
   ^

Re: [clamav-users] [Clamav-devel] ClamAV® blog: ClamAV 0.101.1 Patch has been released

2019-01-09 Thread Gary R. Schmidt 

On 09/01/2019 00:01, Joel Esler (jesler) wrote:

Solaris is definitely not one of the OSs in our build farm.  Just FYI.

Oh, I'm not surprised about that, I can't even attempt to justify you 
having an x64 VM set-up to build clamav, given that the set of Solaris 
clamav users may be no greater than 1!  :-)


That said, I had a bit more of a look at the problem, it appears to be a 
32-bit build only problem, 64-bit builds do not show this problem, on 
either Solaris or OpenSUSE Tumbleweed.


Getting 64-bit builds working completely on Solaris is a bitch-fight 
with configure, I didn't try to get a 32-bit build working on Tumbleweed.


Given that the problem has also been seen on a Linux system, I expect it 
will be dealt with, in the fullness of time.  ;-)


Cheers,
GaryB-)


On Jan 8, 2019, at 1:05 AM, Gary R. Schmidt  wrote:

On 08/01/2019 05:33, Joel Esler (jesler) wrote:


https://blog.clamav.net/2019/01/clamav-01011-patch-has-been-released.html 


ClamAV 0.101.1 Patch has been released

ClamAV 0.101.1 is an urgent patch release to address an issue in 0.101.0 
specifically for developers that depend on libclamav. The issue in 0.101.0 is 
that clamav.h required supporting headers that were not provided on make 
install. To address this issue, the internal cltypes.h header has been replaced 
by a clamav-types.h that is generated on ./configure and will be installed 
alongside clamav.h.

Other changes

Increased the default CommandReadTimeout to reduce the chance of mail loss if 
using clamav-milter with the TCP socket. Contribution by Scott Kitterman. Fixes 
for --with-libjson and --with-libcurl to correctly accept library install path 
arguments.

Acknowledgements

  The ClamAV team thanks the following individuals for their code submissions: 
Scott Kitterman

Known Issues

Some users have observed crashes the first time running freshclam after 
upgrading from 0.100 to 0.101. We haven't yet tracked down the source of the 
issue, but have found that the issue resolves itself and that subsequent calls 
to freshclam work as expected.

Please download and update to 0.101.1 , send us your 
feedback on ClamAV-Users 
.

Building on Solaris 11.3 with GCC/G++ 7.3.0 and I just noticed gives this 
warning.  The warning was also in 0.101.0, and possibly earlier versions, but I 
didn't notice it.

--
libtool: compile:  gcc -DHAVE_CONFIG_H -I. -I.. -I../libclammspack -I.. -I./nsis 
-I../libltdl -DWARN_DLOPEN_FAIL -I/usr/local/include -I/opt/local/include 
-I../libclammspack/mspack -DHAVE_INTERNAL_MSPACK -DHAVE_YARA 
-DSEARCH_LIBDIR=\"/opt/local/lib\" -I/usr/local/include -I/usr/include/json-c 
-I/usr/local/include -I/usr/local/include -I/usr/include/libxml2 -g -O2 
-fno-strict-aliasing -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -MT 
libclamav_la-pdf.lo -MD -MP -MF .deps/libclamav_la-pdf.Tpo -c pdf.c  -fPIC -DPIC -o 
.libs/libclamav_la-pdf.o
pdf.c: In function 'find_length':
pdf.c:947:80: warning: passing argument 5 of 'cli_strntoul_wrap' from 
incompatible pointer type [-Wincompatible-pointer-types]
 if (CL_SUCCESS != cli_strntoul_wrap(index, bytes_remaining, 0, 10, 
)) {

^
In file included from yara_clam.h:46:0,
 from others.h:58,
 from matcher.h:29,
 from others.h:22,
 from pdf.c:56:
str.h:78:12: note: expected 'long unsigned int *' but argument is of type 
'size_t * {aka unsigned int *}'
cl_error_t cli_strntoul_wrap(const char *buf, size_t buf_size, int 
fail_at_nondigit, int base, unsigned long *result);
^
--

Cheers,
GaryB-)
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml



___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml



___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] [Clamav-devel] ClamAV® blog: ClamAV 0.101.1 Patch has been released

2019-01-09 Thread Alan Stern 
On Wed, 9 Jan 2019, Micah Snyder (micasnyd) wrote:

> Hi Alan,
> 
> It sounds like your system defaults to having the -Wall and -Wextra
> compiler flags enabled.  We do indeed still have a lot of work to
> clean up warnings when building with -Wall and -Wextra, I certainly
> want to clean up all the warnings long term, but the other remaining
> ones are, to my knowledge, not as worrisome.

That makes sense.

> I wasn't actually able to reproduce the warning that Gary reported
> (with clang or gcc on Mac or Ubuntu 18), but a quick look at the code
> showed that the issue was real.

I got the same warning as Gary, as well.

> The "Variable may be used uninitialized" type warnings are more
> serious-sounding ones but if I recall correctly, they occur in the
> tomsfastmath 3rd party library code.  It's on my to-do list to see if
> there's an update for that code as our copy hasn't been updated in a
> while.

I'm not sure which source files belong to that third party library.  
The two non-bogus warnings I got were:

libclamunrar/arcread.cpp:32:3: warning: 'ReadSize' may be used uninitialized in 
this function
libclamunrar/rijndael.cpp:101:21: warning: 'uKeyLenInBytes' may be used 
uninitialized in this function

These seem to assume that an input variable takes on an allowed value;  
I don't know if that assumption can always be guaranteed.

> The warnings in our own code regarding integers of different
> signedness are probably most concerning.  I very much want to take a
> stab at cleaning those up as soon as I find time, but it will require
> much care and heavy regression testing as it can be very easy to
> break things when changing variable types.

Indeed.  On-the-spot typecasting is less invasive but more awkward.

Alan Stern

___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] [Clamav-devel] ClamAV® blog: ClamAV 0.101.1 Patch has been released

2019-01-09 Thread Micah Snyder (micasnyd) 
Hi Alan,

It sounds like your system defaults to having the -Wall and -Wextra compiler 
flags enabled.  We do indeed still have a lot of work to clean up warnings when 
building with -Wall and -Wextra, I certainly want to clean up all the warnings 
long term, but the other remaining ones are, to my knowledge, not as worrisome.

I wasn't actually able to reproduce the warning that Gary reported (with clang 
or gcc on Mac or Ubuntu 18), but a quick look at the code showed that the issue 
was real.

The "Variable may be used uninitialized" type warnings are more 
serious-sounding ones but if I recall correctly, they occur in the tomsfastmath 
3rd party library code.  It's on my to-do list to see if there's an update for 
that code as our copy hasn't been updated in a while.

The warnings in our own code regarding integers of different signedness are 
probably most concerning.  I very much want to take a stab at cleaning those up 
as soon as I find time, but it will require much care and heavy regression 
testing as it can be very easy to break things when changing variable types.

-Micah



On Jan 8, 2019, at 4:16 PM, Alan Stern 
mailto:st...@rowland.harvard.edu>> wrote:

If anyone is interested, on my system (Fedora 28) building ClamAV
generates a ton of warning messages.  Some of them are bogus, but a lot
are valid.  Things like:

Variable may be used uninitialized;

Variable defined but not used;

Variable set but not used;

Static function declared but not used;

Statement label defined but not used;

Comparing integers of different signedness;

Misleading indentation of "if" - "else" clauses;

Unrecognized command line option ('-Wno-logical-op-parentheses');

Suggest parentheses around '&&' within '||';

Writing to an object with no trivial copy-assignment; use
copy-assignment or copy-initialization instead;

Left-hand operand of comma expression has no effect;

and a few others.  I can send the log file to a developer if anyone
would like to see it.

Alan Stern

On Tue, 8 Jan 2019, Scott Kitterman wrote:

On Tuesday, January 08, 2019 05:05:37 PM Gary R. Schmidt wrote:
On 08/01/2019 05:33, Joel Esler (jesler) wrote:
https://blog.clamav.net/2019/01/clamav-01011-patch-has-been-released.html


ClamAV 0.101.1 Patch has been released

ClamAV 0.101.1 is an urgent patch release to address an issue in 0.101.0
specifically for developers that depend on libclamav. The issue in
0.101.0 is that clamav.h required supporting headers that were not
provided on make install. To address this issue, the internal cltypes.h
header has been replaced by a clamav-types.h that is generated on
./configure and will be installed alongside clamav.h.

Other changes

Increased the default CommandReadTimeout to reduce the chance of mail
loss if using clamav-milter with the TCP socket. Contribution by Scott
Kitterman. Fixes for --with-libjson and --with-libcurl to correctly
accept library install path arguments.

Acknowledgements

 The ClamAV team thanks the following individuals for their code
 submissions: Scott Kitterman>>
Known Issues

Some users have observed crashes the first time running freshclam after
upgrading from 0.100 to 0.101. We haven't yet tracked down the source of
the issue, but have found that the issue resolves itself and that
subsequent calls to freshclam work as expected.

Please download and update to 0.101.1 ,
send us your feedback on ClamAV-Users
.
Building on Solaris 11.3 with GCC/G++ 7.3.0 and I just noticed gives
this warning.  The warning was also in 0.101.0, and possibly earlier
versions, but I didn't notice it.

--
libtool: compile:  gcc -DHAVE_CONFIG_H -I. -I.. -I../libclammspack -I..
-I./nsis -I../libltdl -DWARN_DLOPEN_FAIL -I/usr/local/include
-I/opt/local/include -I../libclammspack/mspack -DHAVE_INTERNAL_MSPACK
-DHAVE_YARA -DSEARCH_LIBDIR=\"/opt/local/lib\" -I/usr/local/include
-I/usr/include/json-c -I/usr/local/include -I/usr/local/include
-I/usr/include/libxml2 -g -O2 -fno-strict-aliasing -D_LARGEFILE_SOURCE
-D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -MT libclamav_la-pdf.lo -MD
-MP -MF .deps/libclamav_la-pdf.Tpo -c pdf.c  -fPIC -DPIC -o
.libs/libclamav_la-pdf.o
pdf.c: In function 'find_length':
pdf.c:947:80: warning: passing argument 5 of 'cli_strntoul_wrap' from
incompatible pointer type [-Wincompatible-pointer-types]
 if (CL_SUCCESS != cli_strntoul_wrap(index,
bytes_remaining, 0, 10, )) {

^
In file included from yara_clam.h:46:0,
 from others.h:58,
 from matcher.h:29,
 from others.h:22,
 from pdf.c:56:
str.h:78:12: note: expected 'long unsigned int *' but argument is of
type 'size_t * {aka unsigned int *}'
 cl_error_t cli_strntoul_wrap(const char *buf, size_t buf_size, int

Re: [clamav-users] [Clamav-devel] ClamAV® blog: ClamAV 0.101.1 Patch has been released

2019-01-08 Thread Alan Stern 
If anyone is interested, on my system (Fedora 28) building ClamAV 
generates a ton of warning messages.  Some of them are bogus, but a lot 
are valid.  Things like:

Variable may be used uninitialized;

Variable defined but not used;

Variable set but not used;

Static function declared but not used;

Statement label defined but not used;

Comparing integers of different signedness;

Misleading indentation of "if" - "else" clauses;

Unrecognized command line option ('-Wno-logical-op-parentheses');

Suggest parentheses around '&&' within '||';

Writing to an object with no trivial copy-assignment; use 
copy-assignment or copy-initialization instead;

Left-hand operand of comma expression has no effect;

and a few others.  I can send the log file to a developer if anyone
would like to see it.

Alan Stern

On Tue, 8 Jan 2019, Scott Kitterman wrote:

> On Tuesday, January 08, 2019 05:05:37 PM Gary R. Schmidt wrote:
> > On 08/01/2019 05:33, Joel Esler (jesler) wrote:
> > >> https://blog.clamav.net/2019/01/clamav-01011-patch-has-been-released.html
> > >>  > >> ml>
> > >> 
> > >> ClamAV 0.101.1 Patch has been released
> > >> 
> > >> ClamAV 0.101.1 is an urgent patch release to address an issue in 0.101.0
> > >> specifically for developers that depend on libclamav. The issue in
> > >> 0.101.0 is that clamav.h required supporting headers that were not
> > >> provided on make install. To address this issue, the internal cltypes.h
> > >> header has been replaced by a clamav-types.h that is generated on
> > >> ./configure and will be installed alongside clamav.h.
> > >> 
> > >> Other changes
> > >> 
> > >> Increased the default CommandReadTimeout to reduce the chance of mail
> > >> loss if using clamav-milter with the TCP socket. Contribution by Scott
> > >> Kitterman. Fixes for --with-libjson and --with-libcurl to correctly
> > >> accept library install path arguments.
> > >> 
> > >> Acknowledgements
> > >> 
> > >>   The ClamAV team thanks the following individuals for their code
> > >>   submissions: Scott Kitterman>> 
> > >> Known Issues
> > >> 
> > >> Some users have observed crashes the first time running freshclam after
> > >> upgrading from 0.100 to 0.101. We haven't yet tracked down the source of
> > >> the issue, but have found that the issue resolves itself and that
> > >> subsequent calls to freshclam work as expected.
> > >> 
> > >> Please download and update to 0.101.1 ,
> > >> send us your feedback on ClamAV-Users
> > >> .
> > Building on Solaris 11.3 with GCC/G++ 7.3.0 and I just noticed gives
> > this warning.  The warning was also in 0.101.0, and possibly earlier
> > versions, but I didn't notice it.
> > 
> > --
> > libtool: compile:  gcc -DHAVE_CONFIG_H -I. -I.. -I../libclammspack -I..
> > -I./nsis -I../libltdl -DWARN_DLOPEN_FAIL -I/usr/local/include
> > -I/opt/local/include -I../libclammspack/mspack -DHAVE_INTERNAL_MSPACK
> > -DHAVE_YARA -DSEARCH_LIBDIR=\"/opt/local/lib\" -I/usr/local/include
> > -I/usr/include/json-c -I/usr/local/include -I/usr/local/include
> > -I/usr/include/libxml2 -g -O2 -fno-strict-aliasing -D_LARGEFILE_SOURCE
> > -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -MT libclamav_la-pdf.lo -MD
> > -MP -MF .deps/libclamav_la-pdf.Tpo -c pdf.c  -fPIC -DPIC -o
> > .libs/libclamav_la-pdf.o
> > pdf.c: In function 'find_length':
> > pdf.c:947:80: warning: passing argument 5 of 'cli_strntoul_wrap' from
> > incompatible pointer type [-Wincompatible-pointer-types]
> >   if (CL_SUCCESS != cli_strntoul_wrap(index,
> > bytes_remaining, 0, 10, )) {
> > 
> >  ^
> > In file included from yara_clam.h:46:0,
> >   from others.h:58,
> >   from matcher.h:29,
> >   from others.h:22,
> >   from pdf.c:56:
> > str.h:78:12: note: expected 'long unsigned int *' but argument is of
> > type 'size_t * {aka unsigned int *}'
> >   cl_error_t cli_strntoul_wrap(const char *buf, size_t buf_size, int
> > fail_at_nondigit, int base, unsigned long *result);
> >  ^
> 
> In Debian we haven't uploaded 0.101.1, so I can't confirm that.  I did go 
> back 
> and look at build logs and for us we have the same warning for 0.101.0.  It 
> is 
> not present in 0.100.2, so this is a new issue.
> 
> Scott K

___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] [Clamav-devel] ClamAV® blog: ClamAV 0.101.1 Patch has been released

2019-01-08 Thread Micah Snyder (micasnyd) 
Thanks for bring it up Gary and Scott.  I'm sorry to see that slipped us.
I put in a ticket to address it for the next patch release.

Thank you,
Micah

Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.


On Jan 8, 2019, at 1:12 AM, Scott Kitterman 
mailto:deb...@kitterman.com>> wrote:

On Tuesday, January 08, 2019 05:05:37 PM Gary R. Schmidt wrote:
On 08/01/2019 05:33, Joel Esler (jesler) wrote:
https://blog.clamav.net/2019/01/clamav-01011-patch-has-been-released.html


ClamAV 0.101.1 Patch has been released

ClamAV 0.101.1 is an urgent patch release to address an issue in 0.101.0
specifically for developers that depend on libclamav. The issue in
0.101.0 is that clamav.h required supporting headers that were not
provided on make install. To address this issue, the internal cltypes.h
header has been replaced by a clamav-types.h that is generated on
./configure and will be installed alongside clamav.h.

Other changes

Increased the default CommandReadTimeout to reduce the chance of mail
loss if using clamav-milter with the TCP socket. Contribution by Scott
Kitterman. Fixes for --with-libjson and --with-libcurl to correctly
accept library install path arguments.

Acknowledgements

 The ClamAV team thanks the following individuals for their code
 submissions: Scott Kitterman>>
Known Issues

Some users have observed crashes the first time running freshclam after
upgrading from 0.100 to 0.101. We haven't yet tracked down the source of
the issue, but have found that the issue resolves itself and that
subsequent calls to freshclam work as expected.

Please download and update to 0.101.1 ,
send us your feedback on ClamAV-Users
.
Building on Solaris 11.3 with GCC/G++ 7.3.0 and I just noticed gives
this warning.  The warning was also in 0.101.0, and possibly earlier
versions, but I didn't notice it.

--
libtool: compile:  gcc -DHAVE_CONFIG_H -I. -I.. -I../libclammspack -I..
-I./nsis -I../libltdl -DWARN_DLOPEN_FAIL -I/usr/local/include
-I/opt/local/include -I../libclammspack/mspack -DHAVE_INTERNAL_MSPACK
-DHAVE_YARA -DSEARCH_LIBDIR=\"/opt/local/lib\" -I/usr/local/include
-I/usr/include/json-c -I/usr/local/include -I/usr/local/include
-I/usr/include/libxml2 -g -O2 -fno-strict-aliasing -D_LARGEFILE_SOURCE
-D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -MT libclamav_la-pdf.lo -MD
-MP -MF .deps/libclamav_la-pdf.Tpo -c pdf.c  -fPIC -DPIC -o
.libs/libclamav_la-pdf.o
pdf.c: In function 'find_length':
pdf.c:947:80: warning: passing argument 5 of 'cli_strntoul_wrap' from
incompatible pointer type [-Wincompatible-pointer-types]
 if (CL_SUCCESS != cli_strntoul_wrap(index,
bytes_remaining, 0, 10, )) {

^
In file included from yara_clam.h:46:0,
 from others.h:58,
 from matcher.h:29,
 from others.h:22,
 from pdf.c:56:
str.h:78:12: note: expected 'long unsigned int *' but argument is of
type 'size_t * {aka unsigned int *}'
 cl_error_t cli_strntoul_wrap(const char *buf, size_t buf_size, int
fail_at_nondigit, int base, unsigned long *result);
^

In Debian we haven't uploaded 0.101.1, so I can't confirm that.  I did go back
and look at build logs and for us we have the same warning for 0.101.0.  It is
not present in 0.100.2, so this is a new issue.

Scott K

___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] [Clamav-devel] ClamAV® blog: ClamAV 0.101.1 Patch has been released

2019-01-08 Thread Joel Esler (jesler) 
Solaris is definitely not one of the OSs in our build farm.  Just FYI.

> On Jan 8, 2019, at 1:05 AM, Gary R. Schmidt  wrote:
> 
> On 08/01/2019 05:33, Joel Esler (jesler) wrote:
>>> 
>>> https://blog.clamav.net/2019/01/clamav-01011-patch-has-been-released.html 
>>> 
>>> 
>>> ClamAV 0.101.1 Patch has been released
>>> 
>>> ClamAV 0.101.1 is an urgent patch release to address an issue in 0.101.0 
>>> specifically for developers that depend on libclamav. The issue in 0.101.0 
>>> is that clamav.h required supporting headers that were not provided on make 
>>> install. To address this issue, the internal cltypes.h header has been 
>>> replaced by a clamav-types.h that is generated on ./configure and will be 
>>> installed alongside clamav.h.
>>> 
>>> Other changes
>>> 
>>> Increased the default CommandReadTimeout to reduce the chance of mail loss 
>>> if using clamav-milter with the TCP socket. Contribution by Scott 
>>> Kitterman. Fixes for --with-libjson and --with-libcurl to correctly accept 
>>> library install path arguments.
>>> 
>>> Acknowledgements
>>> 
>>>  The ClamAV team thanks the following individuals for their code 
>>> submissions: Scott Kitterman
>>> 
>>> Known Issues
>>> 
>>> Some users have observed crashes the first time running freshclam after 
>>> upgrading from 0.100 to 0.101. We haven't yet tracked down the source of 
>>> the issue, but have found that the issue resolves itself and that 
>>> subsequent calls to freshclam work as expected.
>>> 
>>> Please download and update to 0.101.1 , 
>>> send us your feedback on ClamAV-Users 
>>> .
> Building on Solaris 11.3 with GCC/G++ 7.3.0 and I just noticed gives this 
> warning.  The warning was also in 0.101.0, and possibly earlier versions, but 
> I didn't notice it.
> 
> --
> libtool: compile:  gcc -DHAVE_CONFIG_H -I. -I.. -I../libclammspack -I.. 
> -I./nsis -I../libltdl -DWARN_DLOPEN_FAIL -I/usr/local/include 
> -I/opt/local/include -I../libclammspack/mspack -DHAVE_INTERNAL_MSPACK 
> -DHAVE_YARA -DSEARCH_LIBDIR=\"/opt/local/lib\" -I/usr/local/include 
> -I/usr/include/json-c -I/usr/local/include -I/usr/local/include 
> -I/usr/include/libxml2 -g -O2 -fno-strict-aliasing -D_LARGEFILE_SOURCE 
> -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -MT libclamav_la-pdf.lo -MD -MP 
> -MF .deps/libclamav_la-pdf.Tpo -c pdf.c  -fPIC -DPIC -o 
> .libs/libclamav_la-pdf.o
> pdf.c: In function 'find_length':
> pdf.c:947:80: warning: passing argument 5 of 'cli_strntoul_wrap' from 
> incompatible pointer type [-Wincompatible-pointer-types]
> if (CL_SUCCESS != cli_strntoul_wrap(index, bytes_remaining, 0, 
> 10, )) {
> 
>^
> In file included from yara_clam.h:46:0,
> from others.h:58,
> from matcher.h:29,
> from others.h:22,
> from pdf.c:56:
> str.h:78:12: note: expected 'long unsigned int *' but argument is of type 
> 'size_t * {aka unsigned int *}'
> cl_error_t cli_strntoul_wrap(const char *buf, size_t buf_size, int 
> fail_at_nondigit, int base, unsigned long *result);
>^
> --
> 
>   Cheers,
>   GaryB-)
> ___
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml



smime.p7s
Description: S/MIME cryptographic signature
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] [Clamav-devel] ClamAV® blog: ClamAV 0.101.1 Patch has been released

2019-01-07 Thread Gary R. Schmidt 

On 08/01/2019 05:33, Joel Esler (jesler) wrote:




https://blog.clamav.net/2019/01/clamav-01011-patch-has-been-released.html 


ClamAV 0.101.1 Patch has been released

ClamAV 0.101.1 is an urgent patch release to address an issue in 0.101.0 
specifically for developers that depend on libclamav. The issue in 0.101.0 is 
that clamav.h required supporting headers that were not provided on make 
install. To address this issue, the internal cltypes.h header has been replaced 
by a clamav-types.h that is generated on ./configure and will be installed 
alongside clamav.h.

Other changes

Increased the default CommandReadTimeout to reduce the chance of mail loss if 
using clamav-milter with the TCP socket. Contribution by Scott Kitterman. Fixes 
for --with-libjson and --with-libcurl to correctly accept library install path 
arguments.

Acknowledgements

  The ClamAV team thanks the following individuals for their code submissions: 
Scott Kitterman

Known Issues

Some users have observed crashes the first time running freshclam after 
upgrading from 0.100 to 0.101. We haven't yet tracked down the source of the 
issue, but have found that the issue resolves itself and that subsequent calls 
to freshclam work as expected.

Please download and update to 0.101.1 , send us your 
feedback on ClamAV-Users 
.


Building on Solaris 11.3 with GCC/G++ 7.3.0 and I just noticed gives 
this warning.  The warning was also in 0.101.0, and possibly earlier 
versions, but I didn't notice it.


--
libtool: compile:  gcc -DHAVE_CONFIG_H -I. -I.. -I../libclammspack -I.. 
-I./nsis -I../libltdl -DWARN_DLOPEN_FAIL -I/usr/local/include 
-I/opt/local/include -I../libclammspack/mspack -DHAVE_INTERNAL_MSPACK 
-DHAVE_YARA -DSEARCH_LIBDIR=\"/opt/local/lib\" -I/usr/local/include 
-I/usr/include/json-c -I/usr/local/include -I/usr/local/include 
-I/usr/include/libxml2 -g -O2 -fno-strict-aliasing -D_LARGEFILE_SOURCE 
-D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -MT libclamav_la-pdf.lo -MD 
-MP -MF .deps/libclamav_la-pdf.Tpo -c pdf.c  -fPIC -DPIC -o 
.libs/libclamav_la-pdf.o

pdf.c: In function 'find_length':
pdf.c:947:80: warning: passing argument 5 of 'cli_strntoul_wrap' from 
incompatible pointer type [-Wincompatible-pointer-types]
 if (CL_SUCCESS != cli_strntoul_wrap(index, 
bytes_remaining, 0, 10, )) {


^
In file included from yara_clam.h:46:0,
 from others.h:58,
 from matcher.h:29,
 from others.h:22,
 from pdf.c:56:
str.h:78:12: note: expected 'long unsigned int *' but argument is of 
type 'size_t * {aka unsigned int *}'
 cl_error_t cli_strntoul_wrap(const char *buf, size_t buf_size, int 
fail_at_nondigit, int base, unsigned long *result);

^
--

Cheers,
GaryB-)
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml