Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Can't use v1.4.4 due to a "trojan" #538

Closed
jerbob92 opened this issue May 31, 2024 · 5 comments · Fixed by #540
Closed

Can't use v1.4.4 due to a "trojan" #538

jerbob92 opened this issue May 31, 2024 · 5 comments · Fixed by #540

Comments

@jerbob92
Copy link

jerbob92 commented May 31, 2024
edited
Loading

My virusscanner blocks v1.4.4 of this package due to it containing a trojan.

You can see the VirusTotal results here: https://www.virustotal.com/gui/file/f00deb54ef962ad59bae824216aa1d160133c3a3ce669db9463e1de966729a24?nocache=1

Is there any way to get around this? Is there some file in there to test against an Archbomb?
@gabriel-vasile
Copy link
Owner

gabriel-vasile commented May 31, 2024
edited
Loading

Hi, it probably complains about one or more files from testdata folder.

VirusTotal says something about trojan.gzip, but the gzip file seems clean.
I will try to work on this, but no promises.
If you feel like helping, please identify the offending file/s from testdata and I will replace them.

@jerbob92
Copy link
Author

jerbob92 commented May 31, 2024
edited
Loading

I have tried the previous version and that doesn't list the Archbomb: https://www.virustotal.com/gui/file/406883c1b971bf560f6e87960c4493835ea016c1a8275353f8c547cf815ef216?nocache=1

When comparing the two versions, only the following file has been added to testdata:
testdata/tar.issue464.tar

@gabriel-vasile
Copy link
Owner

gabriel-vasile commented May 31, 2024
edited
Loading

Ah, right... issue 464 added detection for a tarbomb.

Let me see what I can do to remove the file but still keep the testcase.

Edit: now I wonder if I've been social engineered into distributing tarbombs...

gabriel-vasile added a commit that referenced this issue Jun 2, 2024
@gabriel-vasile
remove tarbomb from testdata folder
73c1ce3 
fixes #538
@gabriel-vasile gabriel-vasile mentioned this issue Jun 2, 2024
Merged
gabriel-vasile added a commit that referenced this issue Jun 5, 2024
@gabriel-vasile
remove tarbomb from testdata folder (#540)
3267116 
fixes #538
@jerbob92
Copy link
Author

jerbob92 commented Jul 2, 2024

@gabriel-vasile thanks for fixing! Would you mind rolling a release?

@gabriel-vasile
Copy link
Owner

@jerbob92 https://github.com/gabriel-vasile/mimetype/releases/tag/v1.4.5

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

remove tarbomb from testdata folder gabriel-vasile/mimetype
2 participants
@jerbob92 @gabriel-vasile