Hi All, I'm still seeing this Malformed database error with freshclam on an older system. Going back prior to 25410 seems to resolve the issue.
I'd like to work on the code and see if I can find the bug or system library causing the issue. Can anyone help give me a pointer where I can drill into the malformed header check specifically where is the code located for engine->dbinfo? I'm having some logic issues figuring out what routine / class that is calling. Regards, KAM -------- Forwarded Message -------- Subject: Re: [clamav-users] Malformed pattern daily.ldb version 25410 Date: Sat, 6 Apr 2019 06:37:31 -0400 From: Kevin A. McGrail <kmcgr...@pccc.com> To: clamav-users@lists.clamav.net On 4/5/2019 9:40 PM, David Shrimpton via clamav-users wrote: > This appears to be a different problem than the sigtool --list problem on > daily Thanks for the impressive list of debug ideas. Whatever this is, it's a bug in clamav or an underlying library. The machine with the issue is a hodgepodge system. Ran wget http://db.US.clamav.net/main.cvd Here's the file size: 117892267 Here's the sha1: d275ad7d79af6ecf602d8813173a0bb0a0a00a88 main.cvd All this is correct information but fails with I ran sigtool: /usr/local/clamav/bin/sigtool --info main.cvd File: main.cvd Build time: 07 Jun 2017 17:38 -0400 Version: 58 Signatures: 4566249 Functionality level: 60 Builder: sigmgr MD5: 57462fd73f1cfdb356b9dca66da2b732 Digital signature: KWRdhTG+Own6ohh0wn5+vqg1d8ULKCxxxQeKuSA155B3ijxBKgf+bV3IXPcmZrIBUDn1xi8FmyvB63UieykwN/Avq5mTjHIVO8zFnC7wVF7dhdcEYn9Nt+Pmk/HXXx0voylYkidvgZmrxI8jx4a/Re6n3hHQJoCZrkHM15GER8j LibClamAV Error: cli_cvdload: Corrupted CVD header ERROR: cvdinfo: Verification: Malformed database On another machine with the same version of clamav 0.100.3, it passes sigtool: /usr/local/clamav/bin/sigtool --info main.cvd File: main.cvd Build time: 07 Jun 2017 17:38 -0400 Version: 58 Signatures: 4566249 Functionality level: 60 Builder: sigmgr MD5: 57462fd73f1cfdb356b9dca66da2b732 Digital signature: KWRdhTG+Own6ohh0wn5+vqg1d8ULKCxxxQeKuSA155B3ijxBKgf+bV3IXPcmZrIBUDn1xi8FmyvB63UieykwN/Avq5mTjHIVO8zFnC7wVF7dhdcEYn9Nt+Pmk/HXXx0voylYkidvgZmrxI8jx4a/Re6n3hHQJoCZrkHM15GER8j Verification OK. Modifying cvd.c, I changed the CL_EMALFDB to be a little more specific so I can see that the call to dbinfo = engine->dbinfo; is failing. After that, though, I need some pointers of what routine/class provides that. Maybe I can keep drilling down and find out what's got a bug that's throwing a fit. Regards, KAM
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
