Tarball missing for 10 days about libmspack HOT 7 CLOSED

The problem is my own ISP is intentionally deleting the release, because my ISP are idiots, and they scan all files uploaded for "viruses", and ClamAV is telling them the file test/test_files/chmd/cve-2015-4467-reset-interval-zero.chm is a BC.Legacy.Exploit.CVE_2012_1458-1 "virus".

CVE-2012-1458 and CVE-2015-4467 are the same exploit for the same lines of code in chmd.c, the former reported only to ClamAV and the latter reported to me.

In other words, the test file I intentionally include to prove that libmspack is no longer exploitable by a 6 year old exploit, is still in ClamAV's database as something that can be used to exploit 6 year old copies of ClamAV, and therefore that's a "virus", which will continually block and prevent the release of the latest libmspack 0.7

Thanks a bunch, ClamAV.

from libmspack.

now there's a valid use of a facepalm

from libmspack.

libmspack 0.7.1alpha has been released. The only change over libmspack 0.7alpha is that it obfuscates the file which ClamAV objects to, so that ClamAV won't claim the release is "infected".

The file is deobfuscated during the build process, so libmspack can still be tested and proven not vulnerable to this old vulnerability.

from libmspack.

thanks!

from libmspack.

Sorry about that Stuart! I think we had a similar issue back in the day (long before my time) with the non-malicious test samples we use in unit testing. Ours are also generated now to prevent ClamAV from flagging its own tarball.

By the way, I'd like to collaborate more closely with you in the future, particularly with regards to vulnerability reports and such. Feel free to PM me on Twitter (@0xC0000063) or by email (micasnyd -at- cisco -dot- com).

from libmspack.

Sorry, this was a Gentoo build issue. We now have to copy sources and can no longer do out-of-source builds. Not a big deal.

from libmspack.

Which has nothing to do with the original issue though. Open a new issue next time ...

from libmspack.