Mail Archives: cygwin/2016/05/13/14:51:45

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2016/05/13/14:51:45

X-Recipient: archive-cygwin AT delorie DOT com

DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:subject:to:references:from:message-id:date

:mime-version:in-reply-to:content-type

:content-transfer-encoding; q=dns; s=default; b=OClG66cuTyPJIJBH

GF6hsTeIJTncW6EOTqdLEdVqZzQ5O97OAmcEzGuzIq3FOTVq7piuu1ovek2rhj9u

muX5FJh+VuoBMZHfWyI6V4MO6wOGB5KbQsmPqzWIk7sl/y6GQS66le390SMSuBqV

PLP1WbMEQsGAT1xEQnkyMohHNZA=

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:subject:to:references:from:message-id:date

:mime-version:in-reply-to:content-type

:content-transfer-encoding; s=default; bh=PAMpFYII8UTWoEIMOm7kPK

/OwKs=; b=NJ7zQjuGK39qMDtaUZBfTjAAAYNKzZgFmLdsRa/wblqrBmEAI63841

9UIdz3gzPYMbdtQq3hc3/EHilQvUVsNBLI1FH7E9EEO4pwUmOwHcjkQyAPD0uefQ

T6aGM3KCXndr+uPmpcCvDnpc0cwlNdPVSp/fQW04cMYzu3f9e0ObI=

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Authentication-Results: sourceware.org; auth=none

X-Virus-Found: No

X-Spam-SWARE-Status: No, score=-0.8 required=5.0 tests=BAYES_00,EXECUTABLE_URI,KAM_EXEURI,RP_MATCHES_RCVD,SPF_HELO_PASS autolearn=no version=3.3.2 spammy=signing, Hx-languages-length:1846, viruses, young

X-HELO: mx1.redhat.com

Subject: Re: [ANNOUNCEMENT] clamav 0.99.1-1

To: cygwin AT cygwin DOT com

References: <announce DOT 201603301732 DOT u2UHW4eN011967 AT int-mx11 DOT intmail DOT prod DOT int DOT phx2 DOT redhat DOT com> <6da62132-1e66-41c9-043d-c552f4faf1c3 AT redhat DOT com> <4f86f77b-e2cb-b654-760b-499623dd61a1 AT cygwin DOT com> <360d98a0-8e44-e816-ea44-d87a2e2655a4 AT redhat DOT com> <91F687B2-C7E2-444D-91C3-2FAD580955A2 AT etr-usa DOT com>

From: Mike Bonnet <mikeb AT redhat DOT com>

Message-ID: <d165fc48-cf32-6e55-9bfa-d727899dcc76@redhat.com>

Date: Fri, 13 May 2016 11:51:05 -0700

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0) Gecko/20100101 Thunderbird/45.0

MIME-Version: 1.0

In-Reply-To: <91F687B2-C7E2-444D-91C3-2FAD580955A2@etr-usa.com>

X-IsSubscribed: yes

On 5/11/16 9:14 AM, Warren Young wrote:
> On May 11, 2016, at 10:10 AM, Mike Bonnet wrote:
>>
>> On 5/11/16 8:18 AM, Yaakov Selkowitz wrote:
>>> On 2016-05-11 09:35, Mike Bonnet wrote:
>>>
>>>> Any chance we could get a new 64-bit build?
>>>
>>> We'd need to find the real cause of this before it would be of any help.
>>> I'd start with updating to 0.99.2, however we borrow Fedora's -norar
>>> sources but they haven't bumped yet (#1333949).
>>
>> I'll retry with 0.99.2 when it's available.
>
> Or you could rebuild 0.99.1 from the sources and see if that fixes the symptom.  If it does, you have a reason to reject Yaakov’s answer.  If not, Yaakov was right to disbelieve your hypothesis.

The build issue was a red herring, sorry about that. It turns out a 
specific file, xdate.exe, is causing clamscan to segfault. This is an 
old file, from 2012, used for date formatting, but it has just started 
causing problems. I've reproduced the segfault in 0.99.1-1 and 0.98.7-2 
running on Cygwin64 on Windows Server 2012, but didn't go any further 
back than that. I've verified that there are no viruses in the file 
(according to virustotal.com):

https://virustotal.com/en/file/937800ed6b0408b9dba4e4dc507cd0b1962d3adb6285947db520009d19cbe24e/analysis/1463097443/

The file is here (it's listed as "free for any use"):

http://people.redhat.com/mikeb/clamscan-segfault/xdate.exe

The output from running "clamscan --debug xdate.exe" is here:

http://people.redhat.com/mikeb/clamscan-segfault/clamscan-debug-xdate.log

and the stackdump is here:

http://people.redhat.com/mikeb/clamscan-segfault/clamscan.exe.stackdump

Sounds like this should be reported to Clamav upstream. Is anyone 
involved with Clamav already, that could report this to the right 
people, or do I need to start signing up for mailing lists? :)

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:subject:to:references:from:message-id:date
	:mime-version:in-reply-to:content-type
	:content-transfer-encoding; q=dns; s=default; b=OClG66cuTyPJIJBH
	GF6hsTeIJTncW6EOTqdLEdVqZzQ5O97OAmcEzGuzIq3FOTVq7piuu1ovek2rhj9u
	muX5FJh+VuoBMZHfWyI6V4MO6wOGB5KbQsmPqzWIk7sl/y6GQS66le390SMSuBqV
	PLP1WbMEQsGAT1xEQnkyMohHNZA=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:subject:to:references:from:message-id:date
	:mime-version:in-reply-to:content-type
	:content-transfer-encoding; s=default; bh=PAMpFYII8UTWoEIMOm7kPK
	/OwKs=; b=NJ7zQjuGK39qMDtaUZBfTjAAAYNKzZgFmLdsRa/wblqrBmEAI63841
	9UIdz3gzPYMbdtQq3hc3/EHilQvUVsNBLI1FH7E9EEO4pwUmOwHcjkQyAPD0uefQ
	T6aGM3KCXndr+uPmpcCvDnpc0cwlNdPVSp/fQW04cMYzu3f9e0ObI=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Virus-Found:	No
X-Spam-SWARE-Status:	No, score=-0.8 required=5.0 tests=BAYES_00,EXECUTABLE_URI,KAM_EXEURI,RP_MATCHES_RCVD,SPF_HELO_PASS autolearn=no version=3.3.2 spammy=signing, Hx-languages-length:1846, viruses, young
X-HELO:	mx1.redhat.com
Subject:	Re: [ANNOUNCEMENT] clamav 0.99.1-1
To:	cygwin AT cygwin DOT com
References:	<announce DOT 201603301732 DOT u2UHW4eN011967 AT int-mx11 DOT intmail DOT prod DOT int DOT phx2 DOT redhat DOT com> <6da62132-1e66-41c9-043d-c552f4faf1c3 AT redhat DOT com> <4f86f77b-e2cb-b654-760b-499623dd61a1 AT cygwin DOT com> <360d98a0-8e44-e816-ea44-d87a2e2655a4 AT redhat DOT com> <91F687B2-C7E2-444D-91C3-2FAD580955A2 AT etr-usa DOT com>
From:	Mike Bonnet <mikeb AT redhat DOT com>
Message-ID:	<d165fc48-cf32-6e55-9bfa-d727899dcc76@redhat.com>
Date:	Fri, 13 May 2016 11:51:05 -0700
User-Agent:	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0) Gecko/20100101 Thunderbird/45.0
MIME-Version:	1.0
In-Reply-To:	<91F687B2-C7E2-444D-91C3-2FAD580955A2@etr-usa.com>
X-IsSubscribed:	yes