Re: [clamav-users] [Clamav-devel] ClamAV® blog: ClamAV 0.101.1 Patch has been released

[Gary R. Schmidt]

On 09/01/2019 00:01, Joel Esler (jesler) wrote:

Solaris is definitely not one of the OSs in our build farm.  Just FYI.

Oh, I'm not surprised about that, I can't even attempt to justify you 
having an x64 VM set-up to build clamav, given that the set of Solaris 
clamav users may be no greater than 1!  :-)


That said, I had a bit more of a look at the problem, it appears to be a 
32-bit build only problem, 64-bit builds do not show this problem, on 
either Solaris or OpenSUSE Tumbleweed.


Getting 64-bit builds working completely on Solaris is a bitch-fight 
with configure, I didn't try to get a 32-bit build working on Tumbleweed.


Given that the problem has also been seen on a Linux system, I expect it 
will be dealt with, in the fullness of time.  ;-)


Cheers,
GaryB-)


On Jan 8, 2019, at 1:05 AM, Gary R. Schmidt  wrote:

On 08/01/2019 05:33, Joel Esler (jesler) wrote:


https://blog.clamav.net/2019/01/clamav-01011-patch-has-been-released.html 


ClamAV 0.101.1 Patch has been released

ClamAV 0.101.1 is an urgent patch release to address an issue in 0.101.0 
specifically for developers that depend on libclamav. The issue in 0.101.0 is 
that clamav.h required supporting headers that were not provided on make 
install. To address this issue, the internal cltypes.h header has been replaced 
by a clamav-types.h that is generated on ./configure and will be installed 
alongside clamav.h.

Other changes

Increased the default CommandReadTimeout to reduce the chance of mail loss if 
using clamav-milter with the TCP socket. Contribution by Scott Kitterman. Fixes 
for --with-libjson and --with-libcurl to correctly accept library install path 
arguments.

Acknowledgements

  The ClamAV team thanks the following individuals for their code submissions: 
Scott Kitterman

Known Issues

Some users have observed crashes the first time running freshclam after 
upgrading from 0.100 to 0.101. We haven't yet tracked down the source of the 
issue, but have found that the issue resolves itself and that subsequent calls 
to freshclam work as expected.

Please download and update to 0.101.1 , send us your 
feedback on ClamAV-Users 
.

Building on Solaris 11.3 with GCC/G++ 7.3.0 and I just noticed gives this 
warning.  The warning was also in 0.101.0, and possibly earlier versions, but I 
didn't notice it.

--
libtool: compile:  gcc -DHAVE_CONFIG_H -I. -I.. -I../libclammspack -I.. -I./nsis 
-I../libltdl -DWARN_DLOPEN_FAIL -I/usr/local/include -I/opt/local/include 
-I../libclammspack/mspack -DHAVE_INTERNAL_MSPACK -DHAVE_YARA 
-DSEARCH_LIBDIR=\"/opt/local/lib\" -I/usr/local/include -I/usr/include/json-c 
-I/usr/local/include -I/usr/local/include -I/usr/include/libxml2 -g -O2 
-fno-strict-aliasing -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -MT 
libclamav_la-pdf.lo -MD -MP -MF .deps/libclamav_la-pdf.Tpo -c pdf.c  -fPIC -DPIC -o 
.libs/libclamav_la-pdf.o
pdf.c: In function 'find_length':
pdf.c:947:80: warning: passing argument 5 of 'cli_strntoul_wrap' from 
incompatible pointer type [-Wincompatible-pointer-types]
 if (CL_SUCCESS != cli_strntoul_wrap(index, bytes_remaining, 0, 10, 
)) {

^
In file included from yara_clam.h:46:0,
 from others.h:58,
 from matcher.h:29,
 from others.h:22,
 from pdf.c:56:
str.h:78:12: note: expected 'long unsigned int *' but argument is of type 
'size_t * {aka unsigned int *}'
cl_error_t cli_strntoul_wrap(const char *buf, size_t buf_size, int 
fail_at_nondigit, int base, unsigned long *result);
^
--

Cheers,
GaryB-)
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml



___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml



___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] sendmail w clamav-milter stops errors with: write(D) returned -1, expected 23: Broken pipe, Fedora 29

[Robert Kudyba]

>
> sm-client.service: Failed to parse PID from file /run/sm-client.pid:
> Invalid argument
>
> I'm not too familiar with sendmail client, so I'll defer this to someone
> else more knowledgeable.
>

A bug that won't get fixed?
https://bugzilla.redhat.com/show_bug.cgi?id=748171

Anyways any idea why this error happens:
Milter (clamav-milter): write(D) returned -1, expected 23: Broken pipe
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] sendmail w clamav-milter stops errors with: write(D) returned -1, expected 23: Broken pipe, Fedora 29

[Micah Snyder (micasnyd)]

Hi Robert,

LibClamAV Error: cli_get_filepath_from_filedesc: File path for fd [10] is: 
/tmp/clamav-f71a825e6280ce33121e5fdc8578591a.tmp

The above is not actually an error. In 0.101.1 we have already changed it to be 
a debug level message instead. Sorry about the confusion.

sm-client.service: Failed to parse PID from file /run/sm-client.pid: Invalid 
argument

I'm not too familiar with sendmail client, so I'll defer this to someone else 
more knowledgable.

-Micah

Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.


On Jan 9, 2019, at 11:00 AM, Robert Kudyba 
mailto:rkud...@fordham.edu>> wrote:

clamav-0.101.0-3.fc29.x86_64
clamd-0.101.0-3.fc29.x86_64
clamav-milter-0.101.0-3.fc29.x86_64
sendmail-8.15.2-29.fc29.x86_64
4.19.13-300.fc29.x86_64

Milter (clamav-milter): write(D) returned -1, expected 23: Broken pipe

Also seeing errors like:
clamd[25994]: LibClamAV Error: cli_get_filepath_from_filedesc: File path for fd 
[10] is: /tmp/clamav-f71a825e6280ce33121e5fdc8578591a.tmp

and (probably unrelated)
sm-client.service: Failed to parse PID from file /run/sm-client.pid: Invalid 
argument

The respective configs are:
clamav-milter.conf:
MilterSocket inet:
ClamdSocket tcp:127.0.0.1:3310

clamd.conf:
TCPSocket 3310
TCPAddr 127.0.0.1

sendmail.mc:
INPUT_MAIL_FILTER(`clamav-milter', 
`S=inet:@127.0.0.1, F=, T=S:4m;R:4m')dnl

Any other logs or configs I can provide?


___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] sendmail w clamav-milter stops errors with: write(D) returned -1, expected 23: Broken pipe, Fedora 29

[Robert Kudyba]

clamav-0.101.0-3.fc29.x86_64
clamd-0.101.0-3.fc29.x86_64
clamav-milter-0.101.0-3.fc29.x86_64
sendmail-8.15.2-29.fc29.x86_64
4.19.13-300.fc29.x86_64

Milter (clamav-milter): write(D) returned -1, expected 23: Broken pipe

Also seeing errors like:
clamd[25994]: LibClamAV Error: cli_get_filepath_from_filedesc: File path
for fd [10] is: /tmp/clamav-f71a825e6280ce33121e5fdc8578591a.tmp

and (probably unrelated)
sm-client.service: Failed to parse PID from file /run/sm-client.pid:
Invalid argument

The respective configs are:
clamav-milter.conf:
MilterSocket inet:
ClamdSocket tcp:127.0.0.1:3310

clamd.conf:
TCPSocket 3310
TCPAddr 127.0.0.1

sendmail.mc:
INPUT_MAIL_FILTER(`clamav-milter', `S=inet:@127.0.0.1, F=,
T=S:4m;R:4m')dnl

Any other logs or configs I can provide?
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] [Clamav-devel] ClamAV® blog: ClamAV 0.101.1 Patch has been released

[Alan Stern]

On Wed, 9 Jan 2019, Micah Snyder (micasnyd) wrote:

> Hi Alan,
> 
> It sounds like your system defaults to having the -Wall and -Wextra
> compiler flags enabled.  We do indeed still have a lot of work to
> clean up warnings when building with -Wall and -Wextra, I certainly
> want to clean up all the warnings long term, but the other remaining
> ones are, to my knowledge, not as worrisome.

That makes sense.

> I wasn't actually able to reproduce the warning that Gary reported
> (with clang or gcc on Mac or Ubuntu 18), but a quick look at the code
> showed that the issue was real.

I got the same warning as Gary, as well.

> The "Variable may be used uninitialized" type warnings are more
> serious-sounding ones but if I recall correctly, they occur in the
> tomsfastmath 3rd party library code.  It's on my to-do list to see if
> there's an update for that code as our copy hasn't been updated in a
> while.

I'm not sure which source files belong to that third party library.  
The two non-bogus warnings I got were:

libclamunrar/arcread.cpp:32:3: warning: 'ReadSize' may be used uninitialized in 
this function
libclamunrar/rijndael.cpp:101:21: warning: 'uKeyLenInBytes' may be used 
uninitialized in this function

These seem to assume that an input variable takes on an allowed value;  
I don't know if that assumption can always be guaranteed.

> The warnings in our own code regarding integers of different
> signedness are probably most concerning.  I very much want to take a
> stab at cleaning those up as soon as I find time, but it will require
> much care and heavy regression testing as it can be very easy to
> break things when changing variable types.

Indeed.  On-the-spot typecasting is less invasive but more awkward.

Alan Stern

___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] [Clamav-devel] ClamAV® blog: ClamAV 0.101.1 Patch has been released

[Micah Snyder (micasnyd)]

Hi Alan,

It sounds like your system defaults to having the -Wall and -Wextra compiler 
flags enabled.  We do indeed still have a lot of work to clean up warnings when 
building with -Wall and -Wextra, I certainly want to clean up all the warnings 
long term, but the other remaining ones are, to my knowledge, not as worrisome.

I wasn't actually able to reproduce the warning that Gary reported (with clang 
or gcc on Mac or Ubuntu 18), but a quick look at the code showed that the issue 
was real.

The "Variable may be used uninitialized" type warnings are more 
serious-sounding ones but if I recall correctly, they occur in the tomsfastmath 
3rd party library code.  It's on my to-do list to see if there's an update for 
that code as our copy hasn't been updated in a while.

The warnings in our own code regarding integers of different signedness are 
probably most concerning.  I very much want to take a stab at cleaning those up 
as soon as I find time, but it will require much care and heavy regression 
testing as it can be very easy to break things when changing variable types.

-Micah



On Jan 8, 2019, at 4:16 PM, Alan Stern 
mailto:st...@rowland.harvard.edu>> wrote:

If anyone is interested, on my system (Fedora 28) building ClamAV
generates a ton of warning messages.  Some of them are bogus, but a lot
are valid.  Things like:

Variable may be used uninitialized;

Variable defined but not used;

Variable set but not used;

Static function declared but not used;

Statement label defined but not used;

Comparing integers of different signedness;

Misleading indentation of "if" - "else" clauses;

Unrecognized command line option ('-Wno-logical-op-parentheses');

Suggest parentheses around '&&' within '||';

Writing to an object with no trivial copy-assignment; use
copy-assignment or copy-initialization instead;

Left-hand operand of comma expression has no effect;

and a few others.  I can send the log file to a developer if anyone
would like to see it.

Alan Stern

On Tue, 8 Jan 2019, Scott Kitterman wrote:

On Tuesday, January 08, 2019 05:05:37 PM Gary R. Schmidt wrote:
On 08/01/2019 05:33, Joel Esler (jesler) wrote:
https://blog.clamav.net/2019/01/clamav-01011-patch-has-been-released.html


ClamAV 0.101.1 Patch has been released

ClamAV 0.101.1 is an urgent patch release to address an issue in 0.101.0
specifically for developers that depend on libclamav. The issue in
0.101.0 is that clamav.h required supporting headers that were not
provided on make install. To address this issue, the internal cltypes.h
header has been replaced by a clamav-types.h that is generated on
./configure and will be installed alongside clamav.h.

Other changes

Increased the default CommandReadTimeout to reduce the chance of mail
loss if using clamav-milter with the TCP socket. Contribution by Scott
Kitterman. Fixes for --with-libjson and --with-libcurl to correctly
accept library install path arguments.

Acknowledgements

 The ClamAV team thanks the following individuals for their code
 submissions: Scott Kitterman>>
Known Issues

Some users have observed crashes the first time running freshclam after
upgrading from 0.100 to 0.101. We haven't yet tracked down the source of
the issue, but have found that the issue resolves itself and that
subsequent calls to freshclam work as expected.

Please download and update to 0.101.1 ,
send us your feedback on ClamAV-Users
.
Building on Solaris 11.3 with GCC/G++ 7.3.0 and I just noticed gives
this warning.  The warning was also in 0.101.0, and possibly earlier
versions, but I didn't notice it.

--
libtool: compile:  gcc -DHAVE_CONFIG_H -I. -I.. -I../libclammspack -I..
-I./nsis -I../libltdl -DWARN_DLOPEN_FAIL -I/usr/local/include
-I/opt/local/include -I../libclammspack/mspack -DHAVE_INTERNAL_MSPACK
-DHAVE_YARA -DSEARCH_LIBDIR=\"/opt/local/lib\" -I/usr/local/include
-I/usr/include/json-c -I/usr/local/include -I/usr/local/include
-I/usr/include/libxml2 -g -O2 -fno-strict-aliasing -D_LARGEFILE_SOURCE
-D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -MT libclamav_la-pdf.lo -MD
-MP -MF .deps/libclamav_la-pdf.Tpo -c pdf.c  -fPIC -DPIC -o
.libs/libclamav_la-pdf.o
pdf.c: In function 'find_length':
pdf.c:947:80: warning: passing argument 5 of 'cli_strntoul_wrap' from
incompatible pointer type [-Wincompatible-pointer-types]
 if (CL_SUCCESS != cli_strntoul_wrap(index,
bytes_remaining, 0, 10, )) {

^
In file included from yara_clam.h:46:0,
 from others.h:58,
 from matcher.h:29,
 from others.h:22,
 from pdf.c:56:
str.h:78:12: note: expected 'long unsigned int *' but argument is of
type 'size_t * {aka unsigned int *}'
 cl_error_t cli_strntoul_wrap(const char *buf, size_t buf_size, int