Re: [Clamav-devel] Request: Please remove PhishingScanURLs or make it off by default

2007-11-14 Thread Török Edwin
David F. Skoll wrote: Hello, Please see the thread at http://lurker.clamav.net/thread/20071112.182941.5cf0dbce.en.html#20071112.182941.5cf0dbce Once again, I request the developers to turn off PhishingScanURLs by default or even remove the entire codebase. It is undermining my (and many

Re: [Clamav-devel] libclamav.jar

2007-11-16 Thread Török Edwin
Bivaud François wrote: Thanks, we implement this way and we verify the memory usage. That's just complicated because we develop under win32 and exploit under linux suze. But us application don't need portable. You can connect to clamd using a TCP socket, and send it simple commands to scan

Re: [Clamav-devel] symbol visibilty, public API, and internal function useage

2007-11-20 Thread Török Edwin
Stephen Gran wrote: Hi all, So I've been thinking about how to reduce the breakage that occasionally happens to other bits of software on upgrades of libclamav, and I think I've come up with something that might be of some use. libtool lets you use a version script to (on platforms that

Re: [Clamav-devel] cl_scanmem, inotify

2007-12-29 Thread Török Edwin
Dilyan Palauzov wrote: Hello, Scanning memory regions: I was wondering if in libclamav there are some intentions to introduce a function that scans data in memory, something similar to That can only be done, if all scan functions in libclamav are tought to scan mmap-ed

Re: [Clamav-devel] Configure patch for OS X 10.5 Leopard

2008-02-09 Thread Török Edwin
Mark Allan wrote: Hi folks, Here's a patch to allow ClamAV to configure properly on Mac OS X 10.5. The nidump tool was deprecated a long time ago and is no longer included in 10.5 as netinfo doesn't exist any more. The dscl tool is the preferred method from at least 10.3 onwards.

Re: [Clamav-devel] Errors compiling Development Snapshot

2008-02-18 Thread Török Edwin
Michael H. Martel wrote: Greetings! Hi, gcc -g -O2 -o .libs/clamscan output.o getopt.o cfgparser.o misc.o options.o clamscan.o others.o manager.o treewalk.o ../libclamav/.libs/libclamav.so -lpthread -Wl,--rpath -Wl,/usr/local/lib ../libclamav/.libs/libclamav.so: undefined reference

Re: [Clamav-devel] libclamav OLE segfaults in ole2_walk_property_tree (patch included)

2008-03-02 Thread Török Edwin
Ladar Levison wrote: I've been having a problem with libclamav segfaulting. And since its linked into my mail server code (on lavabit.com), its been taking down the server. Please open a bugreport and attach the sample, so we can have a look. I've taken the temporary step of disabling

Re: [Clamav-devel] file descriptor passing

2008-04-14 Thread Török Edwin
Marc Balmer wrote: I just noticed that I need to register and login to propose this via bugzilla. Registration is automatic, and needed to avoid spam. Did you encounter problems during registration? The developers do not accept diffs via email, it seems. I will mail a diff against 0.93

Re: [Clamav-devel] Autoconf error

2008-04-14 Thread Török Edwin
aledr wrote: Good day! Just reporting in... I'm always building my clamav rpms with these instructions: -- %install %{__aclocal} %{__autoconf} %{__automake} Please make sure you are not using an old

Re: [Clamav-devel] Autoconf error

2008-04-14 Thread Török Edwin
aledr wrote: Good day! Just reporting in... I'm always building my clamav rpms with these instructions: -- %install %{__aclocal} %{__autoconf} %{__automake} %configure --enable-experimental --disable-clamav

Re: [Clamav-devel] Patch to improve loading speed of compressed database

2008-07-16 Thread Török Edwin
On 2008-07-15 11:30, Damien Deville wrote: Dear Clamav-Devel, Here is a set of patches of libclamav and clamd for clamav-0.93.3 that reduces the loading time of compressed antiviral database in cvd files. They can be found at the following url: http://pbmtp.free.fr/clamav/ We noticed by

Re: [Clamav-devel] installation of 64bit libaries in /usr/lib ?

2008-08-28 Thread Török Edwin
On 2008-08-28 11:00, Per Jessen wrote: I've just built 0.93.3 on an AMD64 machine - for some reason, the libraries were installed in /usr/lib, not /usr/lib64. Is that intentional ? What OS? On my amd64 Debian Linux /usr/lib64 is a symlink to /usr/lib. Best regards, --Edwin

Re: [Clamav-devel] Removal of clamscan's --no-phishing-restrictedscan option

2008-10-02 Thread Török Edwin
On 2008-10-02 10:25, Robert Allerstorfer wrote: Hi, clamscan 0.94 is the first version after 0.9 where the --no-phishing-restrictedscan option is no more mentioned in the output of 'clamscan -h'. However, that option has in fact been removed earlier - at least in the 0.93.x versions that

Re: [Clamav-devel] Clamav snapshot 20081114 build error at FreeBSD

2008-11-17 Thread Török Edwin
On 2008-11-17 17:29, Renato Botelho wrote: Hello, Hi, libtool: link: `/home/garga/prs/clamav-devel/work/clamav-devel-20081114/libltdl/dlopen.la' is not a valid libtool archive gmake[4]: *** [libclamav.la] Error 1 gmake[4]: Leaving directory

Re: [Clamav-devel] Clamav snapshot 20081114 build error at FreeBSD

2008-11-17 Thread Török Edwin
On 2008-11-17 19:35, Renato Botelho wrote: On Mon, Nov 17, 2008 at 3:16 PM, Török Edwin [EMAIL PROTECTED] wrote: On 2008-11-17 17:29, Renato Botelho wrote: libtool: link: `/home/garga/prs/clamav-devel/work/clamav-devel-20081114/libltdl/dlopen.la' is not a valid libtool archive

Re: [Clamav-devel] Clamav snapshot 20081114 build error at FreeBSD

2008-11-17 Thread Török Edwin
On 2008-11-17 20:02, Renato Botelho wrote: It built removing libtool dependency, thanks!!! Ok. Anyway, the current ports version (20081105) build without any problems, something happened between 05 and 14 Nov that make it stop building. Yep, libltdl was added. Also I

Re: [Clamav-devel] clamAV scanning algorithm

2008-12-04 Thread Török Edwin
On 2008-12-04 00:41, Thomasz Blaszczyk wrote: Thank you for reply, Török Edwin, Very, very good web seminar! Thanks I have 2 more questions: 1) I'd like to measure compare performance of AC BM algorithms. clamscan displays in 'scan summary' a 'time'. Does this time include disc

Re: [Clamav-devel] build debugging ex1.c

2008-12-07 Thread Török Edwin
On 2008-12-06 20:34, Thomasz Blaszczyk wrote: Thanks, There were many troubles. (I am building project from files I have copied from libclamav to my new created project folder). In many files a line #include inttypes.h was missing. Guess something wrong with cltypes.h (#ifndef __CLTYPES_H).

Re: [Clamav-devel] build debugging ex1.c

2008-12-09 Thread Török Edwin
On 2008-12-10 01:31, Thomasz Blaszczyk wrote: Another thing, If I force troot-ac_only=0 If I force groot-ac_only to 1 I got 'segmet fault' (seg fault is another funciotn - cli_scanraw) That is not the way to go. If you want aconly, use the --dev-ac-only flag, don't forcibly set it. You

Re: [Clamav-devel] build debugging ex1.c

2008-12-16 Thread Török Edwin
On 2008-12-16 01:13, Thomasz Blaszczyk wrote: Hello, I just reviewed few multi-pattern string scanning algorithms. And there are many variants for multi-pattern for Boyer-Moore. I am curious if the one implemented in Clamav is Boyer-Moore-Horspool or the one taken from authors of GLIMPSE or

Re: [Clamav-devel] clamAV scanning algorithm

2008-12-17 Thread Török Edwin
On 2008-12-17 18:37, Thomasz Blaszczyk wrote: ok, it seems that limits.maxfilesize limits to 10MB, but I am able to scan up to 25MB files. see below: (when I scan 30MB file the data scanned is 0, Why is like that? and I am able to scan nearly 25MB) Read the archives of -users. This

Re: [Clamav-devel] clamAV scanning algorithm

2008-12-17 Thread Török Edwin
On 2008-12-17 20:27, Thomasz Blaszczyk wrote: I just got first results here, http://omploader.org/vMTExNA What do you think about them? What kind of data was scanned? Was it hand-crafted, automatically generated, or real world files? What is the confidence of the values you measured? (I

Re: [Clamav-devel] clamAV scanning algorithm

2008-12-17 Thread Török Edwin
On 2008-12-17 21:28, Thomasz Blaszczyk wrote: What kind of data was scanned? Was it hand-crafted, automatically generated, or real world files? I create files by calling in loop function: fputc('my_byte') i.e: file_builder -n sizeoffile -xB8 So entire file consists of bytes 'B8'

Re: [Clamav-devel] clamAV scanning algorithm

2008-12-17 Thread Török Edwin
On 2008-12-17 18:12, Thomasz Blaszczyk wrote: Hi, I have notice kind of limitation in ClamAV. When time of scanning one file is longer than 1 sec, the entire file scan is droped. There is no such limitation in ClamAV. Best regards, --Edwin ___

Re: [Clamav-devel] Queries on signature database organization/loading

2008-12-29 Thread Török Edwin
On 2008-12-29 12:53, Babu.N wrote: Hi, I am developing SHIM layer for ClamAV to support Freescale pattern matching hardware. Could you please clarify a few queries: 1. Freescale has a pattern matching engine with 64k pattern capacity. How long can the patterns be? Does it support

Re: [Clamav-devel] [fabio....@libero.it: [Pkg-clamav-devel] Bug#512776: License incompatibility with libgmp (GPLv2 only linking to LGPLv3 or later)]

2009-02-20 Thread Török Edwin
On 2009-02-20 03:13, Stephen Gran wrote: Now that I've been doing some looking, I see that there is also a bundled -ltdl in the source tree. I'm not aware of any license issues with libtool (although as it's an FSF project, I wouldn't be surprised to see it move to v3 in the future). Is this

Re: [Clamav-devel] use system libtommath when present

2009-02-20 Thread Török Edwin
On 2009-02-20 02:12, Stephen Gran wrote: Hopefully this will be a useful patch. Cheers, [PATCH] Modify build system to conditionally use system install of libtommath - it will be used if it is installed, or if it is explicitly enabled in configure Signed-off-by: Stephen Gran

Re: [Clamav-devel] Safebrowsing and web

2009-03-19 Thread Török Edwin
On 2009-03-17 04:13, Henrik K wrote: Quote from http://www.clamav.net/support/faq-safebrowsing: It is mainly targeted at people who are using ClamAV to filter web traffic. Seems unlikely as only mbox files are currently phishingChecked. Would it be possible to: - Enable phishingChecks

Re: [Clamav-devel] Help to fix some code with new API

2009-03-25 Thread Török Edwin
On 2009-03-25 19:54, Renato Botelho wrote: On Wed, Mar 25, 2009 at 2:46 PM, Renato Botelho rbga...@gmail.com wrote: On Wed, Mar 25, 2009 at 2:14 PM, Gianluigi Tiesi sher...@netfarm.it wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Renato Botelho wrote: Hello, I

Re: [Clamav-devel] Problems building 0.95.2 under FreeBSD 6.3

2009-06-17 Thread Török Edwin
On 2009-06-17 01:58, Renato Botelho wrote: Hi, After upgrade clamav on FreeBSD ports collection i recieved this email from a user, talking about this problem building on 6.3. warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. configure:3597: $? = 0 configure:3604:

Re: [Clamav-devel] Problems building 0.95.2 under FreeBSD 6.3

2009-06-18 Thread Török Edwin
On 2009-06-18 14:12, Renato Botelho wrote: 2009/6/17 Török Edwin edwinto...@gmail.com: On 2009-06-17 01:58, Renato Botelho wrote: Hi, After upgrade clamav on FreeBSD ports collection i recieved this email from a user, talking about this problem building on 6.3. warranty; not even

Re: [Clamav-devel] Making the shared directory a convenience library

2009-08-24 Thread Török Edwin
On 2009-08-23 03:24, Stephen Gran wrote: Hi all, This patch makes the shared/ subdirectory build a convenience library. Hi Stephen, Did you git add shared/Makefile.am? I don't see it in your patch. This means that on builds, each object file is only built once, then compiled into a

Re: [Clamav-devel] Error building 0.95.3 on FreeBSD 7.2

2009-11-16 Thread Török Edwin
On 2009-11-16 13:54, Renato Botelho wrote: A user reported me he is having problems building 0.95.3 under FreeBSD 7.2, here is the error: libtool: link: ranlib .libs/libclamunrar_iface.a libtool: link: ( cd .libs rm -f libclamunrar_iface.la ln -s ../libclamunrar_iface.la

Re: [Clamav-devel] Error building 20091216 snapshot on FreeBSD

2009-12-16 Thread Török Edwin
On 2009-12-16 13:51, Renato Botelho wrote: I got following error trying to build recent snapshot under FreeBSD gmake[4]: Entering directory `/home/garga/prs/clamav-devel/work/clamav-devel-20091216/libclamav/c++' CXXLD tblgen /usr/bin/ld: cannot find -ldl gmake[4]: *** [tblgen] Error 1

Re: [Clamav-devel] Prblems building snapshots on FreeBSD [FIXED]

2009-12-21 Thread Török Edwin
On 2009-12-21 16:30, Renato Botelho wrote: On Mon, Dec 21, 2009 at 10:21 AM, Renato Botelho rbga...@gmail.com wrote: I'm still having problems building clamav recent snapshots on FreeBSD hosts, this time on FreeBSD 6.4 and 7.2 (x86 and x86_64) Here is the log: /bin/sh ../libtool

Re: [Clamav-devel] Prblems building snapshots on FreeBSD [FIXED]

2009-12-21 Thread Török Edwin
On 2009-12-21 16:57, Renato Botelho wrote: 2009/12/21 Török Edwin edwinto...@gmail.com: Hi Renato, Thanks for the patch, what if you only wrap the include by #ifdef HAVE_UNISTD_H? Something like: #ifdef HAVE_UNISTD_H #include unistd.h #endif We have a similar bug for OS X https

Re: [Clamav-devel] Prblems building snapshots on FreeBSD [FIXED]

2009-12-22 Thread Török Edwin
On 2009-12-22 13:34, Renato Botelho wrote: 2009/12/22 Török Edwin edwinto...@gmail.com: On 2009-12-22 12:40, Renato Botelho wrote: 2009/12/22 Török Edwin edwinto...@gmail.com: On 2009-12-21 16:57, Renato Botelho wrote: 2009/12/21 Török Edwin edwinto...@gmail.com

Re: [Clamav-devel] Prblems building snapshots on FreeBSD [FIXED]

2009-12-22 Thread Török Edwin
On 2009-12-22 13:36, Török Edwin wrote: I'll ask user to test it, but anyway, here you can see a buildlog on my 7.2 tinderbox that went fine, and it was built for i386 too... http://freebsd1.asmallorange.com//logs/7.2-i386-garga/clamav-devel-20091221.log LLVM got disabled because

Re: [Clamav-devel] Prblems building snapshots on FreeBSD [FIXED]

2009-12-22 Thread Török Edwin
On 2009-12-22 14:23, Renato Botelho wrote: 2009/12/22 Török Edwin edwinto...@gmail.com: On 2009-12-22 13:36, Török Edwin wrote: I'll ask user to test it, but anyway, here you can see a buildlog on my 7.2 tinderbox that went fine, and it was built for i386 too... http://freebsd1

Re: [Clamav-devel] Prblems building snapshots on FreeBSD [FIXED]

2009-12-22 Thread Török Edwin
On 2009-12-22 14:28, Renato Botelho wrote: 2009/12/22 Török Edwin edwinto...@gmail.com: On 2009-12-22 13:36, Török Edwin wrote: I'll ask user to test it, but anyway, here you can see a buildlog on my 7.2 tinderbox that went fine, and it was built for i386 too... http://freebsd1

Re: [Clamav-devel] Prblems building snapshots on FreeBSD [FIXED]

2009-12-22 Thread Török Edwin
On 2009-12-22 14:38, Renato Botelho wrote: 2009/12/22 Török Edwin edwinto...@gmail.com: On 2009-12-22 13:36, Török Edwin wrote: I'll ask user to test it, but anyway, here you can see a buildlog on my 7.2 tinderbox that went fine, and it was built for i386 too... http://freebsd1

Re: [Clamav-devel] Prblems building snapshots on FreeBSD [FIXED]

2009-12-22 Thread Török Edwin
On 2009-12-22 14:43, Renato Botelho wrote: 2009/12/22 Török Edwin edwinto...@gmail.com: Because the compiler is too old: checking for supported C++ compiler version... configure: error: C++ compiler too old (3.4.6) By default, ports use the default base system compiler, of course

Re: [Clamav-devel] Prblems building snapshots on FreeBSD [FIXED]

2010-01-26 Thread Török Edwin
On 12/22/2009 02:39 PM, Renato Botelho wrote: 2009/12/22 Török Edwin edwinto...@gmail.com: Yes, I opened a bug about that now: https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1781 For now the workaround for the user is to set the CPU for the build to at least i486. OK, i'll mark

Re: [Clamav-devel] Prblems building snapshots on FreeBSD [FIXED]

2010-01-27 Thread Török Edwin
On 01/27/2010 12:48 PM, Renato Botelho wrote: 2010/1/26 Török Edwin edwinto...@gmail.com: On 12/22/2009 02:39 PM, Renato Botelho wrote: 2009/12/22 Török Edwin edwinto...@gmail.com: Yes, I opened a bug about that now: https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1781

Re: [Clamav-devel] Prblems building snapshots on FreeBSD [FIXED]

2010-01-27 Thread Török Edwin
On 01/27/2010 01:27 PM, Renato Botelho wrote: 2010/1/27 Török Edwin edwinto...@gmail.com: On 01/27/2010 12:48 PM, Renato Botelho wrote: 2010/1/26 Török Edwin edwinto...@gmail.com: On 12/22/2009 02:39 PM, Renato Botelho wrote: 2009/12/22 Török Edwin edwinto

Re: [Clamav-devel] Error at unit tests, 20100127 snapshot on FreeBSD 8

2010-01-28 Thread Török Edwin
On 01/28/2010 12:16 PM, Renato Botelho wrote: Hello again, I've tested this snapshot on my personal tinderboxes and got no problems, but after commit the changes i recieved an email from QAT, freebsd automated tests with an error on unit tests. Buildlog can be found here:

Re: [Clamav-devel] Tests failing on FreeBSD 6.x

2010-03-01 Thread Török Edwin
On 03/01/2010 10:46 PM, Renato Botelho wrote: 2010/3/1 Török Edwin edwinto...@gmail.com: On 03/01/2010 09:22 PM, Renato Botelho wrote: Hello one more time, I was trying to update clamav-devel port to a more recent snapshot and I got some segfaults during make test, like you can see here

Re: [Clamav-devel] Do I really have to upgrade to 0.95 ?...

2010-03-02 Thread Török Edwin
On 03/02/2010 02:00 PM, Limor Tal wrote: 1. Can I keep using code that is older than 0.95 with the future CVD files Why? What prevents you from upgrading? What version are you running now? (those that will be distributed starting from May 2010) if I do not use sigtool and cdiff? If you

Re: [Clamav-devel] Tests failing on FreeBSD 6.x

2010-03-04 Thread Török Edwin
On 03/04/2010 03:12 PM, Renato Botelho wrote: I got a real 6.4 amd64 machine, and i reproduced the problem, here is the data i collected after build with -g: Did you set CXXFLAGS to -g? Setting CFLAGS has no effect on libclamav/c++ testegw# gdb ./llvmunittest_ADT GNU gdb 6.1.1 [FreeBSD]

Re: [Clamav-devel] Tests failing on FreeBSD 6.x

2010-03-04 Thread Török Edwin
On 03/04/2010 04:07 PM, Renato Botelho wrote: 2010/3/4 Török Edwin edwinto...@gmail.com: On 03/04/2010 03:12 PM, Renato Botelho wrote: I got a real 6.4 amd64 machine, and i reproduced the problem, here is the data i collected after build with -g: Did you set CXXFLAGS to -g? Setting CFLAGS has

Re: [Clamav-devel] Tests failing on FreeBSD 6.x

2010-03-04 Thread Török Edwin
On 03/04/2010 06:02 PM, Renato Botelho wrote: Without -O2, results changed #10 0x in ?? () #11 0x in ?? () #12 0x in ?? () #13 0x in ?? () #14 0x0001 in ?? () #15 0x in ?? () #16

Re: [Clamav-devel] Tests failing on FreeBSD 6.x

2010-03-04 Thread Török Edwin
On 03/04/2010 07:01 PM, Renato Botelho wrote: 2010/3/4 Török Edwin edwinto...@gmail.com: On 03/04/2010 06:02 PM, Renato Botelho wrote: Without -O2, results changed #10 0x in ?? () #11 0x in ?? () #12 0x in ?? () #13 0x

Re: [Clamav-devel] Tests failing on FreeBSD 6.x

2010-03-04 Thread Török Edwin
On 03/04/2010 07:25 PM, Renato Botelho wrote: testegw# ldd llvmunittest_ADT llvmunittest_ADT: libthr.so.2 = /usr/lib/libthr.so.2 (0x8006e7000) libstdc++.so.6 = /usr/local/lib/gcc42/libstdc++.so.6 (0x8007fe000) libm.so.4 = /lib/libm.so.4 (0x800a0a000)

Re: [Clamav-devel] Tests failing on FreeBSD 6.x

2010-03-04 Thread Török Edwin
On 03/04/2010 08:51 PM, Renato Botelho wrote: 2010/3/4 Török Edwin edwinto...@gmail.com: On 03/04/2010 08:44 PM, Renato Botelho wrote: 2010/3/4 Török Edwin edwinto...@gmail.com: On 03/04/2010 08:37 PM, Renato Botelho wrote: 2010/3/4 Török Edwin edwinto...@gmail.com: On 03/04/2010 08:29 PM

Re: [Clamav-devel] Bytecode interpreter

2010-03-11 Thread Török Edwin
On 2010-03-11 15:44, Renato Botelho wrote: IIRC, you can use --enable-llvm=no at ./configure to disable. That just disables the JIT, not the interpreter. On 2010-03-11 16:26, Tomasz Kojm wrote: On Thu, 11 Mar 2010 13:29:16 + (GMT) G.W. Haywood clamav-de...@jubileegroup.co.uk wrote:

Re: [Clamav-devel] One more problem on unit tests at freebsd 9

2010-03-11 Thread Török Edwin
On 03/11/2010 09:57 PM, Renato Botelho wrote: On Thu, Mar 11, 2010 at 4:54 PM, Renato Botelho rbga...@gmail.com wrote: A FreeBSD user contacted me reporting a problem building clamav under FreeBSD 9. I reproduced it locally, using 20100308 snapshot: [--] 3 tests from

Re: [Clamav-devel] One more problem on unit tests at freebsd 9

2010-03-11 Thread Török Edwin
On 03/11/2010 10:31 PM, Renato Botelho wrote: I needed to stop and start again, now I got this: FAIL: LLVM :: CodeGen/X86/bswap-inline-asm.ll (1340 of 2135) TEST 'LLVM :: CodeGen/X86/bswap-inline-asm.ll' FAILED Script: -- llc

Re: [Clamav-devel] Bytecode interpreter

2010-03-12 Thread Török Edwin
On 03/12/2010 06:54 PM, G.W. Haywood wrote: Hi there, On Fri, 12 Mar 2010 Tomasz Kojm wrote: G.W. Haywood wrote: I'd like to add my voice to those who want an easy way to disable [the bytecode interpreter] - I can see nothing in the clamd.conf man page for 0.96-rc1 which offers any

[Clamav-devel] Announcing ClamAV bytecode compiler 0.10

2010-03-12 Thread Török Edwin
Hi! The ClamAV bytecode compiler version 0.10 is now available. You can get it by using one of these commands: $ git clone git://git.clamav.net/git/clamav-bytecode-compiler $ git clone http://git.clamav.net/clamav-bytecode-compiler.git The repository can be browsed online here:

Re: [Clamav-devel] 0.96 checks still fail on FreeBSD 6.x

2010-04-05 Thread Török Edwin
On 04/05/2010 04:48 PM, Renato Botelho wrote: I used --threads=1 and that problem was fixed Ok. , now I got a core dumped: make check-TESTS Segmentation fault (core dumped) FAIL: check_clamav PASS: check_freshclam.sh PASS: check_sigtool.sh SKIP: check_unit_vg.sh PASS:

Re: [Clamav-devel] The upcoming 15 April kill-switch

2010-04-07 Thread Török Edwin
On 04/07/2010 09:21 PM, David F. Skoll wrote: Hi, I have a question about the CVD that will contain a special signature which disables all clamd installations older than 0.95. What exactly will this do? Will old versions always report No virus? Or will they always report Virus? Or

Re: [Clamav-devel] Two buglets on 0.96

2010-04-07 Thread Török Edwin
On 04/07/2010 10:17 PM, Jose-Marcio Martins da Cruz wrote: Sun Studio Compiler finds two buglets in 0.96. ** CC bcrun.o bcrun.c, line 240: warning: initializer does not fit or is out of range: -1 Line 240 is : unsigned int fd = -1; An

Re: [Clamav-devel] The upcoming 15 April kill-switch

2010-04-07 Thread Török Edwin
On 04/08/2010 12:05 AM, David F. Skoll wrote: Török Edwin wrote: Would you prefer freshclam/ClamAV crash/corrupt memory when loading the new databases with 980 byte lines? No. I can think of ways around this to make things degrade gracefully: o The server You mean to do this on all

Re: [Clamav-devel] Python with thread support enabled is required

2010-04-09 Thread Török Edwin
On 04/09/2010 07:06 PM, Renato Botelho wrote: After upgrade FreeBSD ports tree to 0.96, a user filled this PR: http://www.freebsd.org/cgi/query-pr.cgi?pr=145520 Would be nice if clamav checks installed python and detect this situation, what do you think? See the -users archives, yes I think

Re: [Clamav-devel] One more FreeBSD user problem report

2010-04-13 Thread Török Edwin
On 04/13/2010 07:11 PM, Renato Botelho wrote: 2010/4/13 Török Edwinedwinto...@gmail.com: On 04/13/2010 06:59 PM, Renato Botelho wrote: http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/145509 Any idea? Its probably one of the broken compilers listed here:

Re: [Clamav-devel] One more FreeBSD user problem report

2010-04-13 Thread Török Edwin
On 04/13/2010 07:26 PM, Renato Botelho wrote: 2010/4/13 Török Edwined...@clamav.net: On 04/13/2010 07:11 PM, Renato Botelho wrote: 2010/4/13 Török Edwinedwinto...@gmail.com: On 04/13/2010 06:59 PM, Renato Botelho wrote: http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/145509 Any idea?

Re: [Clamav-devel] One more FreeBSD user problem report

2010-04-15 Thread Török Edwin
On 04/15/2010 02:58 PM, nicolas dumont wrote: Hello ! I'm trying to compile clamav 0.96 on FreeBSD 7.2 release gcc 4.2.1 and I have same kind of issue as Renato : This looks like a different issue, does GCC complain about an internal error for you? In function `(anonymous

Re: [Clamav-devel] One more FreeBSD user problem report

2010-04-15 Thread Török Edwin
On 04/15/2010 04:00 PM, nicolas dumont wrote: 2010/4/15 Török Edwined...@clamav.net On 04/15/2010 02:58 PM, nicolas dumont wrote: Hello ! I'm trying to compile clamav 0.96 on FreeBSD 7.2 release gcc 4.2.1 and I have same kind of issue as Renato : This looks like a different issue, does

[Clamav-devel] EOL signature for = 0.94.2 is live

2010-04-15 Thread Török Edwin
Hi, The EOL signature for ClamAV = 0.94.2 is now live (daily 10749). Best regards, --Edwin ___ http://lurker.clamav.net/list/clamav-devel.html Please submit your patches to our Bugzilla: http://bugs.clamav.net

[Clamav-devel] FreeBSD 6.2 ClamAV/zlib problems and solution

2010-04-16 Thread Török Edwin
Hi, I just had a chat on #clamav with 2 people having problem with ClamAV 0.96 on FreeBSD 6.2. (everything was OK on FreeBSD 6.3) The symptom is that clamscan/clamd never starts, just loops infinitely trying to load the DB, --debug shows: Libclamav debug: in cli_tgzload() The system was

Re: [Clamav-devel] VirusDB hashes and CVE

2010-04-16 Thread Török Edwin
On 04/16/2010 07:15 PM, Henri Salo wrote: It would be very nice to see hashes and possible CVEs in submissions in virusdb-mailinglist. Every submission should have at least MD5-, SHA1-checksums Of the databases? The database itself contains the hash, and it is digitally signed. The public key

Re: [Clamav-devel] VirusDB hashes and CVE

2010-04-16 Thread Török Edwin
On 04/16/2010 07:31 PM, Henri Salo wrote: On Fri, 16 Apr 2010 19:18:23 +0300 Török Edwinedwinto...@gmail.com wrote: On 04/16/2010 07:15 PM, Henri Salo wrote: It would be very nice to see hashes and possible CVEs in submissions in virusdb-mailinglist. Every submission should have at least

Re: [Clamav-devel] Emulation

2010-04-18 Thread Török Edwin
On 2010-04-18 16:10, Mohammed Al-Saleh wrote: Hi, Does ClamAV do code emulation to detect viruses/worms? No. Unless you consider the trivial emulator in yc_poly_emulator() to be an emulator. Best regards, --Edwin ___

Re: [Clamav-devel] clamav-0.96 is this properly working???

2010-04-19 Thread Török Edwin
On 04/19/2010 09:21 AM, Dale Walsh wrote: Foreground = yes Debug = yes Since you have Foreground+Debug active please redirect the stderr output of clamd to a file. Then scan the files in test/ Then open a bugreport on bugs.clamav.net, and attach the stderr output (not the syslog output, since

Re: [Clamav-devel] clamav-0.96 is this properly working???

2010-04-19 Thread Török Edwin
On 2010-04-19 12:44, Dale Walsh wrote: On Apr 19, 2010, at 05:11 AM, Török Edwin wrote: You can remove daily.cvd/cld, and stop freshclam as temporary solution to get 0.92 working, until you get 0.95.3, or 0.96 working. Best regards, --Edwin

Re: [Clamav-devel] clamav-0.96 is this properly working???

2010-04-19 Thread Török Edwin
On 2010-04-19 15:40, Dale Walsh wrote: On Apr 19, 2010, at 07:05 AM, Török Edwin wrote: On 2010-04-19 12:44, Dale Walsh wrote: I submitted the clamd stderr information as requested,, is there anything else you need? I tested on a Mac OS X 10.5.8 ppc, with gcc 4.0.1 and all testfiles

Re: [Clamav-devel] Error building clamav on FreeBSD 8.0 sparc64

2010-04-22 Thread Török Edwin
On 04/22/2010 02:10 PM, Renato Botelho wrote: Hi, Since it's a platform i don't have access, i'll just show you the error and you tell me if you have any idea what could be happening. http://pointyhat.FreeBSD.org/errorlogs/sparc64-errorlogs/a.8.20100421055147/clamav-0.96_1.log LLVM

Re: [Clamav-devel] libclamav grew by 10Mb ?

2010-04-26 Thread Török Edwin
On 04/26/2010 01:07 PM, Reini Urban wrote: 2010/4/26 nicolas dumont nicolas.dumont.pe...@gmail.com: Could you explain why it has so much increase between 0.95.3 and 0.96 ? Is there a way, by disable some new features ( bytecoder for ex ) to decrease the size of the lib ? Is it that

Re: [Clamav-devel] Question

2010-04-26 Thread Török Edwin
On 04/24/2010 11:39 PM, Mohammed Al-Saleh wrote: Does ClamAV use Aho-Corasick algorithm to match files against static signatures and Boyer-Moore against signatures that have *'s and ??'s ? No it is not as simple as that, and it is usually the other way around. read the cli_parse_add()

Re: [Clamav-devel] libclamav grew by 10Mb ?

2010-04-27 Thread Török Edwin
On 04/27/2010 02:19 PM, Per Jessen wrote: Reini Urban wrote: 2010/4/26 nicolas dumont nicolas.dumont.pe...@gmail.com: Could you explain why it has so much increase between 0.95.3 and 0.96 ? Is there a way, by disable some new features ( bytecoder for ex ) to decrease the size of the lib ?

Re: [Clamav-devel] libclamav grew by 10Mb ?

2010-04-27 Thread Török Edwin
On 04/27/2010 09:58 PM, Per Jessen wrote: Török Edwin wrote: --enable-llvm Enable 'llvm' JIT/verifier support [default=auto] (automatic selection based on what?) It is automatically enabled if you have a known-to-work GNU C++ compiler installed, and you have a CPU supported by the LLVM

Re: [Clamav-devel] MAXSOPATLEN and Signatures

2010-05-12 Thread Török Edwin
On 2010-05-12 20:53, Mohammed Al-Saleh wrote: Hi, I have two questions. Thanks in advance for answers. 1- MAXSOPATLEN constant was commented in more than one location to contain the value 32 but in the actual implementation its value is 8. So, was it implemented first as 32 then changed

Re: [Clamav-devel] Bug?

2010-05-14 Thread Török Edwin
On 05/14/2010 08:59 PM, Mohammed Al-Saleh wrote: Is this a bug in ClamAV (filtering.c)? case CLI_MATCH_NIBBLE_LOW: spec-start = (p 0xf); spec-end = 0xf0 | spec-start; spec-step = 0x10; Should not the step be 1 here? NIBBLE_LOW means the low

Re: [Clamav-devel] Adding targets for the bytecode interpreter

2010-05-17 Thread Török Edwin
On 05/17/2010 09:26 PM, Mark Allan wrote: Hi there, I'm sending this to clamav-devel rather than clamav-users as I suspect I may have missed something during the configure/compile phase rather than at runtime. If I'm wrong, I'll happily repost to the -users list. Please open a bugreport,

Re: [Clamav-devel] Virus DB Repo

2010-05-17 Thread Török Edwin
On 05/17/2010 10:21 PM, Mohammed Al-Saleh wrote: Hi, Is the virus database updated through a repository (for example svn or cvs)? No. I would like to see how virus database changes over time. You can look at the emails on clamav-virusdb@ (although signature removals don't show up there).

Re: [Clamav-devel] Virus DB Repo

2010-05-18 Thread Török Edwin
On 05/18/2010 03:13 PM, David F. Skoll wrote: From: Mohammed Al-Saleh moealsa...@gmail.com Is the virus database updated through a repository (for example svn or cvs)? I would like to see how virus database changes over time. Interesting. I guess there's nothing stopping you from putting

Re: [Clamav-devel] Virus DB Repo

2010-05-18 Thread Török Edwin
On 05/18/2010 03:18 PM, Brandon Perry wrote: I agree that this would be neat as long as the current way is still available. I don't want to have to install git or svn on the servers just to be able to update my clam sigs. Distributing the virus DB via git/svn wouldn't scale, I don't think

Re: [Clamav-devel] Question

2010-05-18 Thread Török Edwin
On 05/18/2010 09:09 PM, Mohammed Al-Saleh wrote: Hi Edwin, On Apr 27, 2010, at 7:19 AM, Török Edwin wrote: On 04/26/2010 10:20 PM, Mohammed Al-Saleh wrote: Hi Edwin, Thanks for your reply. I need to know the cases where ClamAV has performance bottlenecks or issues. The best way to do

Re: [Clamav-devel] Boyer-Moore

2010-05-23 Thread Török Edwin
On 05/23/2010 04:11 AM, Mohammed Al-Saleh wrote: I've read ClamAV's Boyer-Moore implementation. It does not seem to me that it uses Boyer-Moore algorithm at all. It is a multi-pattern version of Boyer Moore, I don't know its exact name. Boyer-Moore algorithm itself allows you to search for 1

Re: [Clamav-devel] daily.cvd vs main.cvd

2010-05-27 Thread Török Edwin
On 05/27/2010 06:51 PM, Mohammed Al-Saleh wrote: Hi, I first thought that the daily signatures are added to the main ones every while ( and thus removed from the daily.cvd). They are transferred, but main.cvd updates are rare: main.cvd is only at version 52, while daily is at version 11072

Re: [Clamav-devel] Sharing samples

2010-06-05 Thread Török Edwin
On 06/05/2010 11:20 AM, Henri Salo wrote: Is there an email-address where I can send my samples automatically to ClamAV? I am collecting malware with automated scripts and checking those with several AV-engines. I could share everything, which isn't detected by the newest ClamAV-databases.

Re: [Clamav-devel] what does the filter do?

2010-06-26 Thread Török Edwin
On Fri, 25 Jun 2010 11:56:48 +0800 唐杰 outstandingca...@gmail.com wrote: Hi all~ I am a freshman of clamav and is reading the code of clamscan recently. I don't know why we need a filter? Does it filter some files which can be confirmed not a virus? Do you mean the --exclude command-line

Re: [Clamav-devel] what does the LLVM do?

2010-06-28 Thread Török Edwin
On Mon, 28 Jun 2010 10:43:22 +0800 candy outstandingca...@gmail.com wrote: Hi all~ When the ClamAV scanning a PE file, does it use the LLVM and why use it? Yes, it can execute a bytecode program when scanning PE files. Bytecode can be executed either by the builtin interpreter (which

Re: [Clamav-devel] Some Questions in the PE section scanning

2010-06-30 Thread Török Edwin
On Wed, 30 Jun 2010 11:45:15 +0800 candy outstandingca...@gmail.com wrote: Hi all~ Thank you for solving my problem before. I still have some other questions when analysing the codes of ClamAV. Could anybody help me again? What does the member variable uint32_t *soff stands for? Have a

Re: [Clamav-devel] Some Questions in the PE section scanning

2010-06-30 Thread Török Edwin
On Wed, 30 Jun 2010 15:37:07 +0800 candy outstandingca...@gmail.com wrote: Thanks for your reply. I am very interesting in the virus engien. I want to know the whole algorithm of scaning and trying to optimize the int cli_scanpe(cli_ctx *ctx, icon_groupset *iconset) function. I have read the

Re: [Clamav-devel] win32 x64 build patch

2010-08-01 Thread Török Edwin
On Sun, 01 Aug 2010 13:21:10 +0100 Mark Weaver mark-cl...@npsl.co.uk wrote: This patch adds an x64 target to the Windows build. (socket code in this build is not guaranteed to work due to casting the 64-bit SOCKET type to a 32-bit int, I will send a separate patch to address this). Hi

Re: [Clamav-devel] [QUESTION] How does clamAV updates the signature database on-the-fly?

2010-08-14 Thread Török Edwin
/** * @file /magma/providers/external/clamav.c * * @brief Interface for the ClamAV library. * * $Author: Ladar Levison $ * $Date: 2010/08/13 10:32:38 $ * $Revision: ecaee526d4ba88a141c5b889dd023b13c05c2654 $ // Scan the message. The OLE code has a bug in it that causes

Re: [Clamav-devel] 0.96.2 scan discrepency/reliability in Mac OS X 10.4, 10.5 and 10.6.

2010-08-14 Thread Török Edwin
On Sat, 14 Aug 2010 08:35:42 -0400 Dale Walsh d...@daleenterprise.com wrote: all older versions and dependancies have been removed, config files updated per instructions. Tested on PowerPC and Intel based Macs with the same results. TEST SCAN USING CLAMSCAN: clam.ea06.exe not

Re: [Clamav-devel] question about the database in clamav

2010-08-29 Thread Török Edwin
On Thu, 26 Aug 2010 19:33:44 -0700 (PDT) outstandingcandy outstandingca...@gmail.com wrote: Hi all! Does anybody know what is the following signature mean (especially the last two sections)? VBS.Redlof-1:3:*:666f73b2079706f735b695d3d79:0:26 See signatures.pdf, the last two are minimum

Re: [Clamav-devel] what does ftonly in cli_fmap_scandesc mean?

2010-08-29 Thread Török Edwin
On Fri, 27 Aug 2010 15:49:02 -0400 Liu Yang yangliu...@gmail.com wrote: I am a beginner of ClamAV and I am working on a malware detection project. Recently I was reading the ClamAV source code and have some questions. One question I have is: what does ftonly mean in scan file types only

  1   2   >