Control: found -1 0.98.7+dfsg-1 Hi Marc,
On 30.05.2015 13:31, Marc SCHAEFER wrote: > since the last clamav-daemon LTS update, clamdscan gets one test less than > clamscan: > > despam@shakotay:~$ bin/test_clamdscan.sh > 8c8 > < /usr/share/clamav-testfiles/clam_cache_emax.tgz: OK > --- >> /usr/share/clamav-testfiles/clam_cache_emax.tgz: ClamAV-Test-File FOUND > 49c49 > < Infected files: 38 > --- >> Infected files: 39 > > despam@shakotay:~$ clamscan /usr/share/clamav-testfiles/clam_cache_emax.tgz > /usr/share/clamav-testfiles/clam_cache_emax.tgz: ClamAV-Test-File FOUND I can reproduce this in with the version in stretch as well. > However, the problem already existed in previous releases, because my > test script contains a lot of OKs. It just got worse by one case. However, I can't reproduce these other cases. > Could this be due to some PATH issue in the daemon, not finding some > archivers ? Very unlikely, as libclamav doesn't open any archivers, it has them built in. > #! /bin/bash > > clamdscan /usr/share/clamav-testfiles/* \ > | egrep -v '^Time: ' \ > | diff - <(cat <<"EOF" > /usr/share/clamav-testfiles/clam.7z: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam.arj: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam-aspack.exe: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam.bin-be.cpio: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam.bin-le.cpio: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam.bz2.zip: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam.cab: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam_cache_emax.tgz: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam.chm: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam.d64.zip: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam.ea05.exe: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam.ea06.exe: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam.exe: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam.exe.binhex: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam.exe.bz2: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam.exe.html: OK > /usr/share/clamav-testfiles/clam.exe.mbox.base64: OK > /usr/share/clamav-testfiles/clam.exe.mbox.uu: OK Both clamscan and clamdscan detect these for me: /usr/share/clamav-testfiles/clam.exe.html: ClamAV-Test-File FOUND /usr/share/clamav-testfiles/clam.exe.mbox.base64: ClamAV-Test-File FOUND /usr/share/clamav-testfiles/clam.exe.mbox.uu: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam.exe.rtf: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam.exe.szdd: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam-fsg.exe: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam.impl.zip: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam_IScab_ext.exe: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam_IScab_int.exe: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam_ISmsi_ext.exe: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam_ISmsi_int.exe: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam.mail: OK This works here too: /usr/share/clamav-testfiles/clam.mail: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam-mew.exe: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam.newc.cpio: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam-nsis.exe: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam.odc.cpio: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam.ole.doc: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam.pdf: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam-pespin.exe: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam-petite.exe: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam.ppt: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam.sis: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam.tar.gz: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam.tnef: OK /usr/share/clamav-testfiles/clam.tnef: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam-upack.exe: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam-upx.exe: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam-v2.rar: OK > /usr/share/clamav-testfiles/clam-v3.rar: OK For these two to be detected, one has to install libclamunrar6 from non-free. > /usr/share/clamav-testfiles/clam-wwpack.exe: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam-yc.exe: ClamAV-Test-File FOUND > /usr/share/clamav-testfiles/clam.zip: ClamAV-Test-File FOUND > > ----------- SCAN SUMMARY ----------- > Infected files: 39 > EOF > ) I found the reason, why clam_cache_emax.tgz is not detected by clamdscan: It hits the MaxRecursion limit of 10, while it needs 17 recursions. Thus I think we should probably increase the default recursion limit, e.g. to 20. > > -- Package-specific info: > --- configuration --- > Checking configuration files in /etc/clamav > > Config file: clamd.conf > ----------------------- > MaxRecursion = "10" Set this to 20 and restart clamav-daemon. Then clam_cache_emax.tgz should be detected. Can you confirm this? However, I don't know, why it worked previously. Best regards, Andreas -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
