Bug#1073128: marked as done (clamav: unaligned access on armhf architecture)

Debian Bug Tracking System Fri, 28 Jun 2024 11:54:22 -0700

Your message dated Fri, 28 Jun 2024 18:50:10 +0000
with message-id <e1sngfi-004yyh...@fasolo.debian.org>
and subject line Bug#1073128: fixed in clamav 1.3.1+dfsg-4
has caused the Debian Bug report #1073128,
regarding clamav: unaligned access on armhf architecture
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1073128: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1073128
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Source: clamav
Version: 1.3.1+dfsg-3
Severity: serious
tags: patch

Hello, in Ubuntu, where the kernel is configured to forbid unaligned accesses 
on armhf, the package FTBFS
(this should be reproducible also on some Debian buildd machines, this is why 
I'm reporting as serious severity)
example of failure:
https://launchpadlibrarian.net/734963041/buildlog_ubuntu-oracular-armhf.clamav_1.3.1+dfsg-3ubuntu1_BUILDING.txt.gz


3: clamscan/fp_check_test.py::TC::test_fp_for_normalized PASSED             [ 
52%]
5: freshclam_test.py::TC::test_freshclam_08_cdiff_update_twice PASSED       
[100%]
5:
5: =============================== warnings summary 
===============================
5: freshclam_test.py:20
5:   /<<PKGBUILDDIR>>/unit_tests/freshclam_test.py:20: DeprecationWarning: 
'cgi' is deprecated and slated for removal in Python 3.13
5:     import cgi
5:
5: -- Docs: https://docs.pytest.org/en/stable/how-to/capture-warnings.html
5: ================== 10 passed, 1 skipped, 1 warning in 49.40s 
===================
3: clamscan/fp_check_test.py::TC::test_fp_for_normalized_wild PASSED        [ 
54%]
4: clamd_test.py::TC::test_clamd_08_VirusEvent PASSED                       [ 
69%]
3: clamscan/fp_check_test.py::TC::test_fp_for_zipped_file PASSED            [ 
56%]
3: clamscan/fp_check_test.py::TC::test_fp_for_zipped_file_wild PASSED       [ 
58%]
2/6 Test #5: freshclam ........................   Passed   51.50 sec
test 6
    Start 6: sigtool

6: Test command: /usr/bin/pytest "-v" "sigtool_test.py"
6: Working Directory: /<<PKGBUILDDIR>>/unit_tests
6: Environment variables:
6:  PYTHONTRACEMALLOC=1
6:  VERSION=1.3.1
6:  SOURCE=/<<PKGBUILDDIR>>
6:  BUILD=/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf
6:  TMP=/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/unit_tests
6:  CK_FORK=no
6:  CK_DEFAULT_TIMEOUT=300
6:  
LD_LIBRARY_PATH=/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/libfreshclam:/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/libclamav:/usr/lib/arm-linux-gnueabihf:
6:  
DYLD_LIBRARY_PATH=/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/libfreshclam:/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/libclamav:/usr/lib/arm-linux-gnueabihf:
6:  PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
6:  LIBSSL=/usr/lib/arm-linux-gnueabihf/libssl.so
6:  LIBCRYPTO=/usr/lib/arm-linux-gnueabihf/libcrypto.so
6:  LIBZ=/usr/lib/arm-linux-gnueabihf/libz.so
6:  LIBBZ2=/usr/lib/arm-linux-gnueabihf/libbz2.so
6:  LIBPCRE2=/usr/lib/arm-linux-gnueabihf/libpcre2-8.so
6:  LIBXML2=/usr/lib/arm-linux-gnueabihf/libxml2.so
6:  LIBCURL=/usr/lib/arm-linux-gnueabihf/libcurl.so
6:  LIBJSONC=/usr/lib/arm-linux-gnueabihf/libjson-c.so
6:  LIBICONV=
6:  LLVM_LIBS=
6:  LLVM_DIRS=
6:  LIBPTHREADW32=
6:  LIBWIN32COMPAT=
6:  
LIBCLAMAV=/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/libclamav/libclamav.so.12.0.2
6:  LIBCLAMMSPACK=/usr/lib/arm-linux-gnueabihf/libmspack.so
6:  LIBCLAMUNRARIFACE=
6:  LIBCLAMUNRAR=
6:  
CHECK_CLAMAV=/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/unit_tests/check_clamav
6:  CHECK_CLAMD=/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/unit_tests/check_clamd
6:  
CHECK_FPU_ENDIAN=/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/unit_tests/check_fpu_endian
6:  CLAMBC=/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/clambc/clambc
6:  CLAMD=/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/clamd/clamd
6:  CLAMDSCAN=/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/clamdscan/clamdscan
6:  CLAMDTOP=/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/clamdtop/clamdtop
6:  CLAMSCAN=/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/clamscan/clamscan
6:  CLAMSUBMIT=/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/clamsubmit/clamsubmit
6:  CLAMCONF=/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/clamconf/clamconf
6:  FRESHCLAM=/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/freshclam/freshclam
6:  SIGTOOL=/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/sigtool/sigtool
6:  
CLAMAV_MILTER=/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/clamav-milter/clamav-milter
6:  CLAMONACC=/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/clamonacc/clamonacc
6: Test timeout computed to be: 1500
3: clamscan/fuzzy_img_hash_test.py::TC::test_sigs_bad_algorithm PASSED      [ 
60%]
3: clamscan/fuzzy_img_hash_test.py::TC::test_sigs_bad_hamming PASSED        [ 
62%]
3: clamscan/fuzzy_img_hash_test.py::TC::test_sigs_bad_hash PASSED           [ 
64%]
3: clamscan/fuzzy_img_hash_test.py::TC::test_sigs_good_allmatch PASSED      [ 
66%]
4: clamd_test.py::TC::test_clamd_09_clamdscan_ExcludePath PASSED            [ 
76%]
6: ============================= test session starts 
==============================
6: platform linux -- Python 3.12.3, pytest-7.4.4, pluggy-1.5.0 -- 
/usr/bin/python3
6: cachedir: .pytest_cache
6: rootdir: /<<PKGBUILDDIR>>/unit_tests
6: collecting ... collected 3 items
6:
3: clamscan/heuristics_test.py::TC::test_allmatch FAILED                    [ 
67%]
6: sigtool_test.py::TC::test_sigtool_00_version PASSED                      [ 
33%]
3: clamscan/heuristics_test.py::TC::test_allmatch_precedence FAILED         [ 
69%]
6: sigtool_test.py::TC::test_sigtool_01_run_cdiff PASSED                    [ 
66%]
4: clamd_test.py::TC::test_clamd_10_allmatch_not_sticky PASSED              [ 
84%]
3: clamscan/heuristics_test.py::TC::test_hidden_by_strong_indicator FAILED  [ 
71%]
6: sigtool_test.py::TC::test_sigtool_02_rust_logs_messages_work PASSED      
[100%]
6:
6: ============================== 3 passed in 2.98s 
===============================
4: clamd_test.py::TC::test_clamd_11_alertexceedsmax_maxfilesize PASSED      [ 
92%]
3: clamscan/heuristics_test.py::TC::test_only_heur FAILED                   [ 
73%]
3/6 Test #6: sigtool ..........................   Passed    4.61 sec
3: clamscan/heuristics_test.py::TC::test_precedence PASSED                  [ 
75%]
4: clamd_test.py::TC::test_clamd_12_onenote_disabled PASSED                 
[100%]
4:
4: ======================== 13 passed in 76.89s (0:01:16) 
=========================
3: clamscan/image_extraction_test.py::TC::test_HTML_style_with_detection PASSED 
[ 77%]
3: clamscan/image_extraction_test.py::TC::test_xls_jpeg_png PASSED          [ 
79%]
3: clamscan/image_extraction_test.py::TC::test_xls_with_detection PASSED    [ 
81%]
4/6 Test #4: clamd ............................   Passed   79.82 sec
3: clamscan/match_offsets_test.py::TC::test_LDB_VI PASSED                   [ 
83%]
3: clamscan/match_offsets_test.py::TC::test_yara_at_offset PASSED           [ 
84%]
1: libclamav_test.py::TC::test_libclamav_00_unit_test PASSED                
[100%]
1:
1: ======================== 1 passed in 100.35s (0:01:40) 
=========================
3: clamscan/match_offsets_test.py::TC::test_yara_in_range PASSED            [ 
86%]
3: clamscan/phishing_test.py::TC::test_not_enabled PASSED                   [ 
88%]
5/6 Test #1: libclamav ........................   Passed  103.82 sec
3: clamscan/phishing_test.py::TC::test_ssl_and_cloak PASSED                 [ 
90%]
3: clamscan/regex_test.py::TC::test_ldb_multi_pcre PASSED                   [ 
92%]
3: clamscan/regex_test.py::TC::test_ldb_offset_pcre PASSED                  [ 
94%]
3: clamscan/regex_test.py::TC::test_pcre_flag PASSED                        [ 
96%]
3: clamscan/regex_test.py::TC::test_slash_colon PASSED                      [ 
98%]
3: clamscan/regex_test.py::TC::test_yara PASSED                             
[100%]
3:
3: =================================== FAILURES 
===================================
3: _______________________________ TC.test_allmatch 
_______________________________
3:
3: self = <heuristics_test.TC testMethod=test_allmatch>
3:
3:     def test_allmatch(self):
3:         '''
3:         This test uses a ZIP that has two things:
3:         1. malformed file that will alert with  --alert-broken-media
3:         2. the clam.exe file that will alert normally.
3:         The idea is that since the malformed file is first, the heuristic 
alert will be encountered first.
3:
3:         In this test we use --allmatch but we don't use 
--heuristic-scan-precedence.
3:         That means the NDB sig should alert first, even though the heuristic 
is encountered first.
3:         Note the verify_output() uses STRICT_ORDER.
3:         '''
3:         self.step_name('Test that a clam heuristic alert will alert LAST in 
allmatch mode without heuristic-precedence.')
3:
3:         testfile = TC.heuristics_testfile
3:
3:         command = '{valgrind} {valgrind_args} {clamscan} -d {clam_exe_db} 
{testfiles} --alert-broken-media \
3:              --allmatch'.format(
3:             valgrind=TC.valgrind, valgrind_args=TC.valgrind_args, 
clamscan=TC.clamscan,
3:             clam_exe_db=TC.path_tmp / 'clam.ndb',
3:             testfiles=testfile,
3:         )
3:         output = self.execute_command(command)
3:
3: >       assert output.ec == 1  # virus
3: E       AssertionError: assert 135 == 1
3: E        +  where 135 = CmdResult(ec=135, out='', err='Bus error (core 
dumped)\n').ec
3:
3: /<<PKGBUILDDIR>>/unit_tests/clamscan/heuristics_test.py:158: AssertionError
3: ----------------------------- Captured stdout call 
-----------------------------
3:
3: [INFO]: 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3: [INFO]: Test that a clam heuristic alert will alert LAST in allmatch mode 
without heuristic-precedence.
3: [INFO]: 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3: [DEBUG]: Run command:   /<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/clamscan/clamscan -d 
/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/unit_tests/TC-r8erx0vs/clam.ndb 
/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/unit_tests/TC-r8erx0vs/heuristics-test.zip 
--alert-broken-media              --allmatch
3: [DEBUG]: Exit code: 135
3: [DEBUG]: stdout:
3: [DEBUG]: stderr: Bus error (core dumped)
3:
3:
3: _________________________ TC.test_allmatch_precedence 
__________________________
3:
3: self = <heuristics_test.TC testMethod=test_allmatch_precedence>
3:
3:     def test_allmatch_precedence(self):
3:         '''
3:         This test uses a ZIP that has two things:
3:         1. malformed file that will alert with  --alert-broken-media
3:         2. the clam.exe file that will alert normally.
3:         The idea is that since the malformed file is first, the heuristic 
alert will be encountered first.
3:
3:         In this test we use --allmatch AND we use 
--heuristic-scan-precedence.
3:         That means the heuristic is encountered first and should be treated 
equally, so it should alert first.
3:         Note the verify_output() uses STRICT_ORDER.
3:         '''
3:         self.step_name('Test that a clam heuristic alert will alert FIRST in 
allmatch mode with heuristic-precedence.')
3:
3:         testfile = TC.heuristics_testfile
3:
3:         command = '{valgrind} {valgrind_args} {clamscan} -d {clam_exe_db} 
{testfiles} --alert-broken-media \
3:              --allmatch \
3:              --heuristic-scan-precedence'.format(
3:             valgrind=TC.valgrind, valgrind_args=TC.valgrind_args, 
clamscan=TC.clamscan,
3:             clam_exe_db=TC.path_tmp / 'clam.ndb',
3:             testfiles=testfile,
3:         )
3:         output = self.execute_command(command)
3:
3: >       assert output.ec == 1  # virus
3: E       AssertionError: assert 135 == 1
3: E        +  where 135 = CmdResult(ec=135, 
out='/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/unit_tests/TC-r8erx0vs/heuristics-test.zip:
 Heuristics.Broken.Media.PNG.EOFReadingChunk FOUND\n', err='Bus error (core dumped)\n').ec
3:
3: /<<PKGBUILDDIR>>/unit_tests/clamscan/heuristics_test.py:190: AssertionError
3: ----------------------------- Captured stdout call 
-----------------------------
3:
3: [INFO]: 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3: [INFO]: Test that a clam heuristic alert will alert FIRST in allmatch mode 
with heuristic-precedence.
3: [INFO]: 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3: [DEBUG]: Run command:   /<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/clamscan/clamscan -d 
/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/unit_tests/TC-r8erx0vs/clam.ndb 
/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/unit_tests/TC-r8erx0vs/heuristics-test.zip 
--alert-broken-media              --allmatch              --heuristic-scan-precedence
3: [DEBUG]: Exit code: 135
3: [DEBUG]: stdout: 
/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/unit_tests/TC-r8erx0vs/heuristics-test.zip:
 Heuristics.Broken.Media.PNG.EOFReadingChunk FOUND
3:
3: [DEBUG]: stderr: Bus error (core dumped)
3:
3:
3: ______________________ TC.test_hidden_by_strong_indicator 
______________________
3:
3: self = <heuristics_test.TC testMethod=test_hidden_by_strong_indicator>
3:
3:     def test_hidden_by_strong_indicator(self):
3:         '''
3:         This test uses a ZIP that has two things:
3:         1. malformed file that will alert with  --alert-broken-media
3:         2. the clam.exe file that will alert normally.
3:         The idea is that since the malformed file is first, the heuristic 
alert will be encountered first.
3:
3:         In this test the heuristic alert must not alert because neither 
allmatch is specified, nor --heuristic-scan-precedence
3:         '''
3:         self.step_name('Test that a clam heuristic not alert because regular 
sig alerts first.')
3:
3:         testfile = TC.heuristics_testfile
3:
3:         command = '{valgrind} {valgrind_args} {clamscan} -d {clam_exe_db} 
{testfiles} --alert-broken-media'.format(
3:             valgrind=TC.valgrind, valgrind_args=TC.valgrind_args, 
clamscan=TC.clamscan,
3:             clam_exe_db=TC.path_tmp / 'clam.ndb',
3:             testfiles=testfile,
3:         )
3:         output = self.execute_command(command)
3:
3: >       assert output.ec == 1  # virus
3: E       AssertionError: assert 135 == 1
3: E        +  where 135 = CmdResult(ec=135, out='', err='Bus error (core 
dumped)\n').ec
3:
3: /<<PKGBUILDDIR>>/unit_tests/clamscan/heuristics_test.py:70: AssertionError
3: ----------------------------- Captured stdout call 
-----------------------------
3:
3: [INFO]: 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3: [INFO]:  Test that a clam heuristic not alert because regular sig alerts 
first.
3: [INFO]: 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3: [DEBUG]: Run command:   /<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/clamscan/clamscan -d 
/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/unit_tests/TC-r8erx0vs/clam.ndb 
/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/unit_tests/TC-r8erx0vs/heuristics-test.zip --alert-broken-media
3: [DEBUG]: Exit code: 135
3: [DEBUG]: stdout:
3: [DEBUG]: stderr: Bus error (core dumped)
3:
3:
3: ______________________________ TC.test_only_heur 
_______________________________
3:
3: self = <heuristics_test.TC testMethod=test_only_heur>
3:
3:     def test_only_heur(self):
3:         '''
3:         This test uses a ZIP that has two things:
3:         1. malformed file that will alert with  --alert-broken-media
3:         2. the clam.exe file that will alert normally.
3:         The idea is that since the malformed file is first, the heuristic 
alert will be encountered first.
3:
3:         In this test the heuristic alert must alert because we don't use the 
sig for the other file.
3:         '''
3:         self.step_name('Test that a clam heuristic will alert, because it is 
the only detection.')
3:
3:         testfile = TC.heuristics_testfile
3:
3:         # Add an empty NDB file, because we need to pass in some sort of 
database.
3:         (TC.path_tmp / 'empty.ndb').write_text(
3:             "# Just a comment\n"
3:         )
3:
3:         command = '{valgrind} {valgrind_args} {clamscan} -d {clam_exe_db} 
{testfiles} --alert-broken-media'.format(
3:             valgrind=TC.valgrind, valgrind_args=TC.valgrind_args, 
clamscan=TC.clamscan,
3:             clam_exe_db=TC.path_tmp / 'empty.ndb',
3:             testfiles=testfile,
3:         )
3:         output = self.execute_command(command)
3:
3: >       assert output.ec == 1  # virus
3: E       AssertionError: assert 135 == 1
3: E        +  where 135 = CmdResult(ec=135, out='', err='Bus error (core 
dumped)\n').ec
3:
3: /<<PKGBUILDDIR>>/unit_tests/clamscan/heuristics_test.py:101: AssertionError
3: ----------------------------- Captured stdout call 
-----------------------------
3:
3: [INFO]: 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3: [INFO]: Test that a clam heuristic will alert, because it is the only 
detection.
3: [INFO]: 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3: [DEBUG]: Run command:   /<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/clamscan/clamscan -d 
/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/unit_tests/TC-r8erx0vs/empty.ndb 
/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/unit_tests/TC-r8erx0vs/heuristics-test.zip --alert-broken-media
3: [DEBUG]: Exit code: 135
3: [DEBUG]: stdout:
3: [DEBUG]: stderr: Bus error (core dumped)
3:
3:
3: =========================== short test summary info 
============================
3: FAILED clamscan/heuristics_test.py::TC::test_allmatch - AssertionError: 
asser...
3: FAILED clamscan/heuristics_test.py::TC::test_allmatch_precedence - 
AssertionE...
3: FAILED clamscan/heuristics_test.py::TC::test_hidden_by_strong_indicator - 
Ass...
3: FAILED clamscan/heuristics_test.py::TC::test_only_heur - AssertionError: 
asse...
3: =================== 4 failed, 49 passed in 110.64s (0:01:50) 
===================
6/6 Test #3: clamscan .........................***Failed  114.20 sec
============================= test session starts ==============================
platform linux -- Python 3.12.3, pytest-7.4.4, pluggy-1.5.0 -- /usr/bin/python3
cachedir: .pytest_cache
rootdir: /<<PKGBUILDDIR>>/unit_tests
collecting ... collected 53 items

clamscan/_basic_test.py::TC::test_00_version PASSED                      [  1%]
clamscan/_basic_test.py::TC::test_01_all_testfiles PASSED                [  3%]
clamscan/_basic_test.py::TC::test_02_all_testfiles_ign2 PASSED           [  5%]
clamscan/allmatch_test.py::TC::test_exe_imphash_plus_zipsfx PASSED       [  7%]
clamscan/allmatch_test.py::TC::test_exe_pattern_plus_zipsfx PASSED       [  9%]
clamscan/allmatch_test.py::TC::test_many_sigs PASSED                     [ 11%]
clamscan/allmatch_test.py::TC::test_many_sigs_no_allmatch PASSED         [ 13%]
clamscan/allmatch_test.py::TC::test_pe_allmatch PASSED                   [ 15%]
clamscan/allmatch_test.py::TC::test_regression_cbc_and_ndb PASSED        [ 16%]
clamscan/allmatch_test.py::TC::test_regression_imphash_nosize PASSED     [ 18%]
clamscan/allmatch_test.py::TC::test_txt_plus_clam_zipsfx PASSED          [ 20%]
clamscan/assorted_test.py::TC::test_00_version PASSED                    [ 22%]
clamscan/assorted_test.py::TC::test_iso_missing_joliet PASSED            [ 24%]
clamscan/assorted_test.py::TC::test_onenote_disabled PASSED              [ 26%]
clamscan/assorted_test.py::TC::test_pe_cert_block PASSED                 [ 28%]
clamscan/assorted_test.py::TC::test_pe_cert_trust PASSED                 [ 30%]
clamscan/assorted_test.py::TC::test_pe_cert_trust_archive PASSED         [ 32%]
clamscan/assorted_test.py::TC::test_weak_indicator_icon PASSED           [ 33%]
clamscan/bytecode_test.py::TC::test_pdf_hook PASSED                      [ 35%]
clamscan/container_sigs_test.py::TC::test_clamscan_container_cache PASSED [ 37%]
clamscan/container_sigs_test.py::TC::test_container PASSED               [ 39%]
clamscan/container_sigs_test.py::TC::test_intermediates PASSED           [ 41%]
clamscan/container_sigs_test.py::TC::test_intermediates_cache PASSED     [ 43%]
clamscan/fp_check_test.py::TC::test_alerts_on_normalized PASSED          [ 45%]
clamscan/fp_check_test.py::TC::test_alerts_on_zip PASSED                 [ 47%]
clamscan/fp_check_test.py::TC::test_fp_for_nonnormalized PASSED          [ 49%]
clamscan/fp_check_test.py::TC::test_fp_for_nonnormalized_wild PASSED     [ 50%]
clamscan/fp_check_test.py::TC::test_fp_for_normalized PASSED             [ 52%]
clamscan/fp_check_test.py::TC::test_fp_for_normalized_wild PASSED        [ 54%]
clamscan/fp_check_test.py::TC::test_fp_for_zipped_file PASSED            [ 56%]
clamscan/fp_check_test.py::TC::test_fp_for_zipped_file_wild PASSED       [ 58%]
clamscan/fuzzy_img_hash_test.py::TC::test_sigs_bad_algorithm PASSED      [ 60%]
clamscan/fuzzy_img_hash_test.py::TC::test_sigs_bad_hamming PASSED        [ 62%]
clamscan/fuzzy_img_hash_test.py::TC::test_sigs_bad_hash PASSED           [ 64%]
clamscan/fuzzy_img_hash_test.py::TC::test_sigs_good_allmatch PASSED      [ 66%]
clamscan/heuristics_test.py::TC::test_allmatch FAILED                    [ 67%]
clamscan/heuristics_test.py::TC::test_allmatch_precedence FAILED         [ 69%]
clamscan/heuristics_test.py::TC::test_hidden_by_strong_indicator FAILED  [ 71%]
clamscan/heuristics_test.py::TC::test_only_heur FAILED                   [ 73%]
clamscan/heuristics_test.py::TC::test_precedence PASSED                  [ 75%]
clamscan/image_extraction_test.py::TC::test_HTML_style_with_detection PASSED [ 
77%]
clamscan/image_extraction_test.py::TC::test_xls_jpeg_png PASSED          [ 79%]
clamscan/image_extraction_test.py::TC::test_xls_with_detection PASSED    [ 81%]
clamscan/match_offsets_test.py::TC::test_LDB_VI PASSED                   [ 83%]
clamscan/match_offsets_test.py::TC::test_yara_at_offset PASSED           [ 84%]
clamscan/match_offsets_test.py::TC::test_yara_in_range PASSED            [ 86%]
clamscan/phishing_test.py::TC::test_not_enabled PASSED                   [ 88%]
clamscan/phishing_test.py::TC::test_ssl_and_cloak PASSED                 [ 90%]
clamscan/regex_test.py::TC::test_ldb_multi_pcre PASSED                   [ 92%]
clamscan/regex_test.py::TC::test_ldb_offset_pcre PASSED                  [ 94%]
clamscan/regex_test.py::TC::test_pcre_flag PASSED                        [ 96%]
clamscan/regex_test.py::TC::test_slash_colon PASSED                      [ 98%]
clamscan/regex_test.py::TC::test_yara PASSED                             [100%]

=================================== FAILURES ===================================
_______________________________ TC.test_allmatch _______________________________

self = <heuristics_test.TC testMethod=test_allmatch>

    def test_allmatch(self):
        '''
        This test uses a ZIP that has two things:
        1. malformed file that will alert with  --alert-broken-media
        2. the clam.exe file that will alert normally.
        The idea is that since the malformed file is first, the heuristic alert 
will be encountered first.

In this test we use --allmatch but we don't use --heuristic-scan-precedence.

        That means the NDB sig should alert first, even though the heuristic is 
encountered first.
        Note the verify_output() uses STRICT_ORDER.
        '''
        self.step_name('Test that a clam heuristic alert will alert LAST in 
allmatch mode without heuristic-precedence.')

testfile = TC.heuristics_testfile command = '{valgrind} {valgrind_args} {clamscan} -d {clam_exe_db} {testfiles} --alert-broken-media \

             --allmatch'.format(
            valgrind=TC.valgrind, valgrind_args=TC.valgrind_args, 
clamscan=TC.clamscan,
            clam_exe_db=TC.path_tmp / 'clam.ndb',
            testfiles=testfile,
        )
        output = self.execute_command(command)

      assert output.ec == 1  # virus

E       AssertionError: assert 135 == 1
E        +  where 135 = CmdResult(ec=135, out='', err='Bus error (core 
dumped)\n').ec

/<<PKGBUILDDIR>>/unit_tests/clamscan/heuristics_test.py:158: AssertionError
----------------------------- Captured stdout call -----------------------------

[INFO]: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[INFO]: Test that a clam heuristic alert will alert LAST in allmatch mode 
without heuristic-precedence.
[INFO]: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[DEBUG]: Run command:   /<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/clamscan/clamscan -d 
/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/unit_tests/TC-r8erx0vs/clam.ndb 
/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/unit_tests/TC-r8erx0vs/heuristics-test.zip 
--alert-broken-media              --allmatch
[DEBUG]: Exit code: 135
[DEBUG]: stdout:
[DEBUG]: stderr: Bus error (core dumped)


_________________________ TC.test_allmatch_precedence __________________________

self = <heuristics_test.TC testMethod=test_allmatch_precedence>

    def test_allmatch_precedence(self):
        '''
        This test uses a ZIP that has two things:
        1. malformed file that will alert with  --alert-broken-media
        2. the clam.exe file that will alert normally.
        The idea is that since the malformed file is first, the heuristic alert 
will be encountered first.

In this test we use --allmatch AND we use --heuristic-scan-precedence.

        That means the heuristic is encountered first and should be treated 
equally, so it should alert first.
        Note the verify_output() uses STRICT_ORDER.
        '''
        self.step_name('Test that a clam heuristic alert will alert FIRST in 
allmatch mode with heuristic-precedence.')

testfile = TC.heuristics_testfile command = '{valgrind} {valgrind_args} {clamscan} -d {clam_exe_db} {testfiles} --alert-broken-media \

             --allmatch \
             --heuristic-scan-precedence'.format(
            valgrind=TC.valgrind, valgrind_args=TC.valgrind_args, 
clamscan=TC.clamscan,
            clam_exe_db=TC.path_tmp / 'clam.ndb',
            testfiles=testfile,
        )
        output = self.execute_command(command)

      assert output.ec == 1  # virus

E       AssertionError: assert 135 == 1
E        +  where 135 = CmdResult(ec=135, 
out='/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/unit_tests/TC-r8erx0vs/heuristics-test.zip:
 Heuristics.Broken.Media.PNG.EOFReadingChunk FOUND\n', err='Bus error (core dumped)\n').ec

/<<PKGBUILDDIR>>/unit_tests/clamscan/heuristics_test.py:190: AssertionError
----------------------------- Captured stdout call -----------------------------

[INFO]: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[INFO]: Test that a clam heuristic alert will alert FIRST in allmatch mode with 
heuristic-precedence.
[INFO]: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[DEBUG]: Run command:   /<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/clamscan/clamscan -d 
/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/unit_tests/TC-r8erx0vs/clam.ndb 
/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/unit_tests/TC-r8erx0vs/heuristics-test.zip 
--alert-broken-media              --allmatch              --heuristic-scan-precedence
[DEBUG]: Exit code: 135
[DEBUG]: stdout: 
/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/unit_tests/TC-r8erx0vs/heuristics-test.zip:
 Heuristics.Broken.Media.PNG.EOFReadingChunk FOUND

[DEBUG]: stderr: Bus error (core dumped)


______________________ TC.test_hidden_by_strong_indicator ______________________

self = <heuristics_test.TC testMethod=test_hidden_by_strong_indicator>

    def test_hidden_by_strong_indicator(self):
        '''
        This test uses a ZIP that has two things:
        1. malformed file that will alert with  --alert-broken-media
        2. the clam.exe file that will alert normally.
        The idea is that since the malformed file is first, the heuristic alert 
will be encountered first.

In this test the heuristic alert must not alert because neither allmatch is specified, nor --heuristic-scan-precedence

        '''
        self.step_name('Test that a clam heuristic not alert because regular 
sig alerts first.')

testfile = TC.heuristics_testfile command = '{valgrind} {valgrind_args} {clamscan} -d {clam_exe_db} {testfiles} --alert-broken-media'.format(

            valgrind=TC.valgrind, valgrind_args=TC.valgrind_args, 
clamscan=TC.clamscan,
            clam_exe_db=TC.path_tmp / 'clam.ndb',
            testfiles=testfile,
        )
        output = self.execute_command(command)

      assert output.ec == 1  # virus

E       AssertionError: assert 135 == 1
E        +  where 135 = CmdResult(ec=135, out='', err='Bus error (core 
dumped)\n').ec

/<<PKGBUILDDIR>>/unit_tests/clamscan/heuristics_test.py:70: AssertionError
----------------------------- Captured stdout call -----------------------------

[INFO]: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[INFO]:  Test that a clam heuristic not alert because regular sig alerts first.
[INFO]: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[DEBUG]: Run command:   /<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/clamscan/clamscan -d 
/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/unit_tests/TC-r8erx0vs/clam.ndb 
/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/unit_tests/TC-r8erx0vs/heuristics-test.zip --alert-broken-media
[DEBUG]: Exit code: 135
[DEBUG]: stdout:
[DEBUG]: stderr: Bus error (core dumped)


______________________________ TC.test_only_heur _______________________________

self = <heuristics_test.TC testMethod=test_only_heur>

    def test_only_heur(self):
        '''
        This test uses a ZIP that has two things:
        1. malformed file that will alert with  --alert-broken-media
        2. the clam.exe file that will alert normally.
        The idea is that since the malformed file is first, the heuristic alert 
will be encountered first.

In this test the heuristic alert must alert because we don't use the sig for the other file.

        '''
        self.step_name('Test that a clam heuristic will alert, because it is 
the only detection.')

testfile = TC.heuristics_testfile # Add an empty NDB file, because we need to pass in some sort of database.

        (TC.path_tmp / 'empty.ndb').write_text(
            "# Just a comment\n"
        )

command = '{valgrind} {valgrind_args} {clamscan} -d {clam_exe_db} {testfiles} --alert-broken-media'.format(

            valgrind=TC.valgrind, valgrind_args=TC.valgrind_args, 
clamscan=TC.clamscan,
            clam_exe_db=TC.path_tmp / 'empty.ndb',
            testfiles=testfile,
        )
        output = self.execute_command(command)

      assert output.ec == 1  # virus

E       AssertionError: assert 135 == 1
E        +  where 135 = CmdResult(ec=135, out='', err='Bus error (core 
dumped)\n').ec

/<<PKGBUILDDIR>>/unit_tests/clamscan/heuristics_test.py:101: AssertionError
----------------------------- Captured stdout call -----------------------------

[INFO]: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[INFO]: Test that a clam heuristic will alert, because it is the only detection.
[INFO]: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[DEBUG]: Run command:   /<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/clamscan/clamscan -d 
/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/unit_tests/TC-r8erx0vs/empty.ndb 
/<<PKGBUILDDIR>>/obj-arm-linux-gnueabihf/unit_tests/TC-r8erx0vs/heuristics-test.zip --alert-broken-media
[DEBUG]: Exit code: 135
[DEBUG]: stdout:
[DEBUG]: stderr: Bus error (core dumped)




The following patch makes sure the unaligned access is fixed:

Description: resolve armhf failure to build from source.
Author: Vladimir Petko <vladimir.pe...@canonical.com>

--- a/libclamav/special.c
+++ b/libclamav/special.c
@@ -48,7 +48,8 @@

 int cli_check_mydoom_log(cli_ctx *ctx)
 {
-    const uint32_t *record;
+    const uint32_t record[16];
+    const uint32_t mask = 0xffffffff;
     uint32_t check, key;
     fmap_t *map         = ctx->fmap;
     unsigned int blocks = map->len / (8 * 4);
@@ -59,14 +60,20 @@
     if (blocks > 5)
         blocks = 5;

-    record = fmap_need_off_once(map, 0, 8 * 4 * blocks);
-    if (!record)
+    // returns unaligned memory block
+    const char* data = fmap_need_off_once(map, 0, 8 * 4 * blocks);
+    if (!data)
         return CL_CLEAN;
+
     while (blocks) { /* This wasn't probably intended but that's what the 
current code does anyway */
-        if (record[--blocks] == 0xffffffff)
+        unsigned int offset = --blocks;
+        offset *=sizeof(uint32_t);
+        // safe (but slow) on unaligned memory
+        if (!memcmp(&data[offset], &mask, sizeof(uint32_t)))
             return CL_CLEAN;
     }
-
+    // copy into aligned array to perform bit operations
+    memcpy(record, data, sizeof(record));
     key   = ~be32_to_host(record[0]);
     check = (be32_to_host(record[1]) ^ key) +
             (be32_to_host(record[2]) ^ key) +

OpenPGP_signature.asc
Description: OpenPGP digital signature

--- End Message ---

--- Begin Message ---

Source: clamav
Source-Version: 1.3.1+dfsg-4
Done: Sebastian Andrzej Siewior <sebast...@breakpoint.cc>

We believe that the bug you reported is fixed in the latest version of
clamav, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1073...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Sebastian Andrzej Siewior <sebast...@breakpoint.cc> (supplier of updated clamav 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 28 Jun 2024 20:23:21 +0200
Source: clamav
Architecture: source
Version: 1.3.1+dfsg-4
Distribution: unstable
Urgency: medium
Maintainer: ClamAV Team <pkg-clamav-de...@lists.alioth.debian.org>
Changed-By: Sebastian Andrzej Siewior <sebast...@breakpoint.cc>
Closes: 1073128 1073612
Changes:
 clamav (1.3.1+dfsg-4) unstable; urgency=medium
 .
   * Move files from lib to usr/lib (Closes: #1073612).
   * Apply patch against unaligned access. Credits to Vladimir Petko and
     Gianfranco Costamagna (Closes: #1073128).
Checksums-Sha1:
 437f344ac48040d30bb8b6353ecf10ed5e600a01 3080 clamav_1.3.1+dfsg-4.dsc
 f25e863eddc085adaaf7c536f3b4d49a9afb6cb2 229432 
clamav_1.3.1+dfsg-4.debian.tar.xz
Checksums-Sha256:
 dcf13060ad4413e503ef802228f999a9dd27737ea29c5263b12799b7cea0c436 3080 
clamav_1.3.1+dfsg-4.dsc
 437961e59783b39cc16421ebe4a6792750ed169576383d018f44b184a479b2e2 229432 
clamav_1.3.1+dfsg-4.debian.tar.xz
Files:
 ba15bb8767c5e32d2d7fd4a64c47f4b5 3080 utils optional clamav_1.3.1+dfsg-4.dsc
 d09828562437ab89aab4bdca61cbd442 229432 utils optional 
clamav_1.3.1+dfsg-4.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEZCVGlf/wqkRmzBnme5boFiqM9dEFAmZ/AQoACgkQe5boFiqM
9dEdQBAApWkQlh3gIyRCiJOdVO90CkcYCR99GE+zqDNCVEK7bnZ+DZgYxe4ZoiR+
VwhMT2tF2HawWbVuGTCXBZS0qDugO1sq4+ii9uBv6fB8RXWuBvN1+SZkZLsTsAAg
Y/E0gktpLf2pE7zqco6SvReb52o4ztwNnvsul+1KnpdKjEN1DXSO2k199c+lvimC
FNMqpyQu2r8WAcB3q7Ld6tdNZB00+TqrscpWUOdjyH937BI/+HGa67UId5jQtCR8
H8uFiA+QGMG9k+s0ZUXi6LjmExSDEA6tQ/RAYboJxAjKNiJSMV/CmNfOsQhaX8Pj
uLumS/6UE8Eo/LiOrsvQUIuhZ0lM/+bCPm3PRlLdsHvveog7wsQViIGq5jw1CYUo
9b1ieMpQ0FGLIixDFipdwsgNHnZ12ls/cpHaDXCONfTyWyoLnwShSIiso7TqtY+Z
kyv0p1hhzJdb2X4xJKY6kZhQWMuy3TafZwe6KM2Wdp/+6gGiGAa6N5mMd/EZlp53
kpQlfMlLWjCzhhMWiwA/riByt6Zq8tyR4KePke4Dqj4dfGPC50+MnGj978raLN/n
XXB2tuoWgyUNmcpILeXb3vrUGEg50vjdh7nKbreu2otC8b/LEKPmftRKTVMIhUG2
vXT2n4D9MgraVNFLyCVbK/Jgf9fGzLR757d3nkWz/8Z0+zienf4=
=eg/s
-----END PGP SIGNATURE-----

pgpaSJWpbDx9c.pgp
Description: PGP signature

--- End Message ---

Bug#1073128: marked as done (clamav: unaligned access on armhf architecture)

Reply via email to