Re: [clamav-users] [ext] ClamAV 1.0.0 release candidate now available

Andrew C Aitchison via clamav-users Wed, 02 Nov 2022 13:38:31 -0700

On Wed, 2 Nov 2022, Micah Snyder (micasnyd) wrote:

Hi Andrew,

Should cli_cvdverify() even be used to verify .cld files ?


Indeed, it should not.

Here is my PR to fix the issue.  Are you able to try it out to help verify it 
resolves the issue on your end?
https://github.com/Cisco-Talos/clamav/pull/740
[https://opengraph.githubassets.com/fe53b48c8ddd353921519a3075391788df3c30af039e250ba6728bbf35776e86/Cisco-Talos/clamav/pull/740]<https://github.com/Cisco-Talos/clamav/pull/740>
Clam 2167 freshclam cld incremental update by micahsnyder · Pull Request #740 · 
Cisco-Talos/clamav<https://github.com/Cisco-Talos/clamav/pull/740>
Freshclam: fix incremental update on CLD database When adding the 
cl_cvdunpack() API that (optionally) verifies the database signature, we used 
it in libfreshclam in a place where it may also unpac...
github.com


That patch looks good and my tests are looking good, but I managed to
fall foul of the rate limit so cannot confirm for 24 hours :-(

________________________________
From: Andrew C Aitchison <and...@aitchison.me.uk>
Sent: Wednesday, November 2, 2022 8:40 AM
To: Micah Snyder (micasnyd) <micas...@cisco.com>
Cc: ClamAV users ML <clamav-users@lists.clamav.net>; Andrew C Aitchison 
<cla...@aitchison.me.uk>
Subject: Re: [clamav-users] [ext] ClamAV 1.0.0 release candidate now available

On Tue, 1 Nov 2022, Micah Snyder (micasnyd) wrote:

Oh I see! It is on the second incremental update that the failure occurs -- 
when the CLD is unpacked to be updated. That should be a very easy fix.

If you can help test it, I will share something as soon as it is ready.


I think I have found the problem.

These .cld files have headers like

ClamAV-VDB:01 Nov 2022 03-52 -0400:26706:2009713:90:X:X:raynman:1667289154

with X in place of both the MD5 and the Digital signature
so cli_cvdverify() has nothing to match and thus fails.

Do *downloaded* .cld files (as opposed to updated and repacked files)
have MD5 and the Digital signature ?

Should cli_cvdverify() even be used to verify .cld files ?

--
Andrew C. Aitchison                      Kendal, UK
                   and...@aitchison.me.uk


--
Andrew C. Aitchison                      Kendal, UK
                   and...@aitchison.me.uk
_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat

Re: [clamav-users] [ext] ClamAV 1.0.0 release candidate now available

Reply via email to