On 4/5/2019 9:40 PM, David Shrimpton via clamav-users wrote: > This appears to be a different problem than the sigtool --list problem on > daily
Thanks for the impressive list of debug ideas. Whatever this is, it's a bug in clamav or an underlying library. The machine with the issue is a hodgepodge system. Ran wget http://db.US.clamav.net/main.cvd Here's the file size: 117892267 Here's the sha1: d275ad7d79af6ecf602d8813173a0bb0a0a00a88 main.cvd All this is correct information but fails with I ran sigtool: /usr/local/clamav/bin/sigtool --info main.cvd File: main.cvd Build time: 07 Jun 2017 17:38 -0400 Version: 58 Signatures: 4566249 Functionality level: 60 Builder: sigmgr MD5: 57462fd73f1cfdb356b9dca66da2b732 Digital signature: KWRdhTG+Own6ohh0wn5+vqg1d8ULKCxxxQeKuSA155B3ijxBKgf+bV3IXPcmZrIBUDn1xi8FmyvB63UieykwN/Avq5mTjHIVO8zFnC7wVF7dhdcEYn9Nt+Pmk/HXXx0voylYkidvgZmrxI8jx4a/Re6n3hHQJoCZrkHM15GER8j LibClamAV Error: cli_cvdload: Corrupted CVD header ERROR: cvdinfo: Verification: Malformed database On another machine with the same version of clamav 0.100.3, it passes sigtool: /usr/local/clamav/bin/sigtool --info main.cvd File: main.cvd Build time: 07 Jun 2017 17:38 -0400 Version: 58 Signatures: 4566249 Functionality level: 60 Builder: sigmgr MD5: 57462fd73f1cfdb356b9dca66da2b732 Digital signature: KWRdhTG+Own6ohh0wn5+vqg1d8ULKCxxxQeKuSA155B3ijxBKgf+bV3IXPcmZrIBUDn1xi8FmyvB63UieykwN/Avq5mTjHIVO8zFnC7wVF7dhdcEYn9Nt+Pmk/HXXx0voylYkidvgZmrxI8jx4a/Re6n3hHQJoCZrkHM15GER8j Verification OK. Modifying cvd.c, I changed the CL_EMALFDB to be a little more specific so I can see that the call to dbinfo = engine->dbinfo; is failing. After that, though, I need some pointers of what routine/class provides that. Maybe I can keep drilling down and find out what's got a bug that's throwing a fit. Regards, KAM _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
