Bug 854754 - CL_EFORMAT: Bad format or broken data ERROR
Summary: CL_EFORMAT: Bad format or broken data ERROR
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: clamav
Version: el6
Hardware: i686
OS: Linux
unspecified
unspecified
Target Milestone: ---
Assignee: Steven Pritchard
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-09-05 18:29 UTC by kevin foote
Modified: 2013-04-03 00:55 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-04-03 00:55:39 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)
thunderbird file that demos error (19.41 MB, application/x-bzip)
2012-09-05 18:29 UTC, kevin foote 		no flags Details
View All


Links
System ID Private Priority Status Summary Last Updated
Launchpad 1015405 0 None None None 2012-09-05 18:29:01 UTC

Description kevin foote 2012-09-05 18:29:01 UTC 
Created attachment 610106 [details]
thunderbird file that demos error

Description of problem: 
Scanning errors on some file types: DOCX, tar.bz2, XLSX. See clamscan output below.

/tmp/phpF1EYUZ: CL_EFORMAT: Bad format or broken data ERROR

----------- SCAN SUMMARY -----------
Known viruses: 1299629
Engine version: 0.97.5
Scanned directories: 0
Scanned files: 0
Infected files: 0
Total errors: 1
Data scanned: 0.47 MB
Data read: 0.24 MB (ratio 1.98:1)
Time: 4.861 sec (0 m 4 s)

Version-Release number of selected component (if applicable):

Name        : clamav
Arch        : i686
Version     : 0.97.5
Release     : 1.el6
Size        : 15 M
Repo        : installed
From repo   : epel
Summary     : Anti-virus software
URL         : http://www.clamav.net/
License     : GPLv2

How reproducible:
YES

Steps to Reproduce:
1. yum install clamav clamav-db
1a. once clamav is installed and sigs updated. run clamscan on a known appropriate file. (thunderbird-14.0b4.tar.bz2 attached)
2. # clamscan $FILENAME
  
Actual results:

thunderbird-14.0b4.tar.bz2: CL_EFORMAT: Bad format or broken data ERROR

----------- SCAN SUMMARY -----------
Known viruses: 1299629
Engine version: 0.97.5
Scanned directories: 0
Scanned files: 0
Infected files: 0
Total errors: 1
Data scanned: 69.72 MB
Data read: 19.41 MB (ratio 3.59:1)
Time: 11.293 sec (0 m 11 s)

Expected results:

FILENAME: OK

Additional info:

relevant bug and patch found at Ubuntu bug reporting.

https://bugs.launchpad.net/ubuntu/+source/clamav/+bug/1015405
Comment 1 Steven Roberts 2012-12-25 04:20:14 UTC 
This looks to have been fixed in the 0.97.6 release:

=====================================================================
[nsavm01] strobert 20:15 Mon /tmp>clamscan thunder.tar.bz2
thunder.tar.bz2: OK                                       
                                                          
----------- SCAN SUMMARY -----------                      
Known viruses: 1453264                                    
Engine version: 0.97.6                                    
Scanned directories: 0                                    
Scanned files: 1                                          
Infected files: 0                                         
Data scanned: 69.72 MB                                    
Data read: 19.41 MB (ratio 3.59:1)                        
Time: 9.969 sec (0 m 9 s)                                 
=====================================================================
(thunder.tar.bz2 is the attachement from this bug)

From looking at hte Debian bug the bug at clamav:
https://bugzilla.clamav.net/show_bug.cgi?id=5252
in there says it should be fixed in 0.97.6
Note You need to log in before you can comment on or make changes to this bug.