This Trac instance is not used for development anymore!

We migrated our development workflow to git and Gitea.
To test the future redirection, replace trac by ariadne in the page URL.

Opened 20 months ago

Closed 20 months ago

Last modified 19 months ago

#6693 closed task (wontfix)

Review malware reported by clamav

Reported by: Andrew Owned by:
Priority: Should Have Milestone:
Component: Build & Packages Keywords: malware virus
Cc: Patch:

Description

In the sourcecode cloned from github malware was reported when running clamscan. Here's the output:

0ad/build/bin/cxxtestgen.exe: Win.Malware.Python-9941399-0 FOUND

This should be looked into, if not already known.

Change History (4)

comment:1 by Stan, 20 months ago

Milestone: Alpha 27

comment:2 by Langbart, 20 months ago

I can reproduce the issue, installed the software with Homebrew and tested the 0ad folder. cxxtestgen.exe is the only file where it reports malware to be FOUND. 

❯ clamscan --recursive .
Loading:    18s, ETA:   0s [========================>]    8.65M/8.65M sigs       
Compiling:   4s, ETA:   0s [========================>]       41/41 tasks 

...
/Users/paria/Developer/0ad/build/bin/cxxtestgen.exe: Win.Malware.Python-9941399-0 FOUND
...

----------- SCAN SUMMARY -----------
Known viruses: 8648933
Engine version: 1.0.0
Scanned directories: 13086
Scanned files: 186208
Infected files: 1
Data scanned: 16757.98 MB
Data read: 22862.25 MB (ratio 0.73:1)
Time: 3246.375 sec (54 m 6 s)
Start Date: 2023:01:17 07:45:15
End Date:   2023:01:17 08:39:21

bisect

The following changeset is the first to contain the alleged malware.

  • 07/Mar/14 [14818] (hash: 9a840c3be8) 
❯ git log --oneline --format="%cd %h %an %s" build/bin/cxxtestgen.exe
# 27/Aug/14 6c136aa9a8 Yves Updated cxxtestgen.exe for cxxtest4.4 (created as described in #2450).
# 07/Mar/14 9a840c3be8 Yves Upgrades cxxtest.
# 08/Jun/06 0816bfbca1 philip Exefied cxxtestgen.pl

related IRC discussion

IRC 0ad-dev 26/June/20 

19:00 < FeXoR> ... And what is cxxtest :p
...
19:30 < Stan> FeXoR, cxxtests is our test framework. The python files
19:31 < Stan> Generate cpp files corresponding tour our test.h files

IRC 0ad-dev 17/May/20 

12:37 < wraitii> Itms: I had this vague idea that perhaps it would be a good idea to some day change the library we use for testing. For one thing, CXXTest is getting outdated. Further, the auto-generation is still broken on XCode and is kinda wonky
12:38 < wraitii> (I feel like we might also just compile tests as part of the main executable someday, but that's another topic)
12:43 <@Itms> yes, cxxtest is not great
12:43 < Stan> linkmauve: What do you use for unit tests in your projects?
12:43 <@Itms> but I don't know about the alternatives
Last edited 20 months ago by Langbart (previous) (diff)

comment:3 by Stan, 20 months ago

Milestone: Alpha 27
Resolution: wontfix
Status: newclosed

Virus Total says it's okay https://www.virustotal.com/gui/url/a7837916d2a1c67c0cd5356f334b659461a6652f3eb903cc0458035c1c4d4976?nocache=1

I suppose it's a false positive and should be reported to them. I just submitted a report.

Thanks for your ticket! And thanks for testing langbart.

comment:4 by Langbart, 19 months ago

Update: 6/Feb/23 - it's OK 

❯ clamscan build/bin/cxxtestgen.exe
Loading:    16s, ETA:   0s [========================>]    8.65M/8.65M sigs       
Compiling:   4s, ETA:   0s [========================>]       41/41 tasks 

/Users/paria/Developer/0ad/build/bin/cxxtestgen.exe: OK

----------- SCAN SUMMARY -----------
Known viruses: 8651667
Engine version: 1.0.0
Scanned directories: 0
Scanned files: 1
Infected files: 0
Data scanned: 3.60 MB
Data read: 3.38 MB (ratio 1.06:1)
Time: 22.752 sec (0 m 22 s)
Start Date: 2023:02:06 14:39:47
End Date:   2023:02:06 14:40:10
Last edited 19 months ago by Langbart (previous) (diff)
Note: See TracTickets for help on using tickets.