[Pkg-clamav-devel] Bug#635340: clamav: "LibClamAV Error: Opcode 20 of type 0 is not implemented yet!" error messages

Martin von Wittich martin.von.wittich at iserv.eu
Mon Jul 25 11:03:56 UTC 2011 

Package: clamav
Version: 0.97.1+dfsg-1~lenny1
Severity: normal

Since July 15th we are getting error messages like the following from
our Debian servers that are running clamscan:

LibClamAV Error: Opcode 20 of type 0 is not implemented yet!
LibClamAV Warning: Bytecode 2 failed to run: Invalid argument passed to
function

One of the files causing this error seems to be the IE8 executable:

iserv ~/Martin # md5sum iexplore.exe 
b60dddd2d63ce41cb8c487fcfbb6419e  iexplore.exe
iserv ~/Martin # clamscan -v iexplore.exe 
Scanning iexplore.exe
LibClamAV Error: Opcode 20 of type 0 is not implemented yet!
LibClamAV Warning: Bytecode 14 failed to run: Invalid argument passed to
function
iexplore.exe: OK

----------- SCAN SUMMARY -----------
Known viruses: 1006625
Engine version: 0.97.1
Scanned directories: 0
Scanned files: 1
Infected files: 0
Data scanned: 0.61 MB
Data read: 0.61 MB (ratio 1.01:1)
Time: 5.911 sec (0 m 5 s)

Unfortunately I don't know whether I'm allowed to attach this file
(copyright?).

Just a few days earlier there was an update so I guess this might be
related:

Aptitude 0.4.11.11: log report
Sun, Jul 10 2011 03:29:37 +0200

IMPORTANT: this log only lists intended actions; actions which fail due
to dpkg problems may not be completed.

Will install 5 packages, and remove 0 packages.
2154kB of disk space will be used
===============================================================================
[UPGRADE] clamav 0.97+dfsg-2~lenny1 -> 0.97.1+dfsg-1~lenny1
[UPGRADE] clamav-base 0.97+dfsg-2~lenny1 -> 0.97.1+dfsg-1~lenny1
[UPGRADE] clamav-daemon 0.97+dfsg-2~lenny1 -> 0.97.1+dfsg-1~lenny1
[UPGRADE] clamav-freshclam 0.97+dfsg-2~lenny1 -> 0.97.1+dfsg-1~lenny1
[UPGRADE] libclamav6 0.97+dfsg-2~lenny1 -> 0.97.1+dfsg-1~lenny1
===============================================================================

Log complete.


-- Package-specific info:
--- configuration ---
Checking configuration files in /etc/clamav

Config file: clamd.conf
-----------------------
LogFile = "/var/log/clamav/clamav.log"
LogFileUnlock disabled
LogFileMaxSize = "4294967295"
LogTime = "yes"
LogClean disabled
LogSyslog disabled
LogFacility = "LOG_LOCAL6"
LogVerbose disabled
ExtendedDetectionInfo = "yes"
PidFile = "/var/run/clamav/clamd.pid"
TemporaryDirectory = "/tmp"
DatabaseDirectory = "/var/lib/clamav"
OfficialDatabaseOnly disabled
LocalSocket = "/var/run/clamav/clamd.ctl"
LocalSocketGroup = "clamav"
LocalSocketMode = "666"
FixStaleSocket = "yes"
TCPSocket disabled
TCPAddr disabled
MaxConnectionQueueLength = "15"
StreamMaxLength = "10485760"
StreamMinPort = "1024"
StreamMaxPort = "2048"
MaxThreads = "12"
ReadTimeout = "180"
CommandReadTimeout = "5"
SendBufTimeout = "200"
MaxQueue = "100"
IdleTimeout = "30"
ExcludePath disabled
MaxDirectoryRecursion = "15"
FollowDirectorySymlinks disabled
FollowFileSymlinks disabled
CrossFilesystems = "yes"
SelfCheck = "3600"
VirusEvent disabled
ExitOnOOM disabled
Foreground disabled
Debug disabled
LeaveTemporaryFiles disabled
User = "clamav"
AllowSupplementaryGroups = "yes"
Bytecode = "yes"
BytecodeSecurity = "TrustSigned"
BytecodeTimeout = "60000"
BytecodeUnsigned disabled
BytecodeMode = "Auto"
DetectPUA disabled
ExcludePUA disabled
IncludePUA disabled
AlgorithmicDetection = "yes"
ScanPE = "yes"
ScanELF = "yes"
DetectBrokenExecutables disabled
ScanMail = "yes"
ScanPartialMessages disabled
PhishingSignatures = "yes"
PhishingScanURLs = "yes"
PhishingAlwaysBlockCloak disabled
PhishingAlwaysBlockSSLMismatch disabled
HeuristicScanPrecedence disabled
StructuredDataDetection disabled
StructuredMinCreditCardCount = "3"
StructuredMinSSNCount = "3"
StructuredSSNFormatNormal = "yes"
StructuredSSNFormatStripped disabled
ScanHTML = "yes"
ScanOLE2 = "yes"
OLE2BlockMacros disabled
ScanPDF = "yes"
ScanArchive = "yes"
ArchiveBlockEncrypted disabled
MaxScanSize = "104857600"
MaxFileSize = "26214400"
MaxRecursion = "16"
MaxFiles = "10000"
ClamukoScanOnAccess disabled
ClamukoScannerCount = "3"
ClamukoScanOnOpen disabled
ClamukoScanOnClose disabled
ClamukoScanOnExec disabled
ClamukoIncludePath disabled
ClamukoExcludePath disabled
ClamukoExcludeUID disabled
ClamukoMaxFileSize = "5242880"
DevACOnly disabled
DevACDepth disabled
DevLiblog disabled

Config file: freshclam.conf
---------------------------
LogFileMaxSize = "4294967295"
LogTime disabled
LogSyslog disabled
LogFacility = "LOG_LOCAL6"
LogVerbose disabled
PidFile = "/var/run/clamav/freshclam.pid"
DatabaseDirectory = "/var/lib/clamav/"
Foreground disabled
Debug disabled
AllowSupplementaryGroups disabled
UpdateLogFile = "/var/log/clamav/freshclam.log"
DatabaseOwner = "clamav"
Checks = "12"
DNSDatabaseInfo = "current.cvd.clamav.net"
DatabaseMirror = "db.local.clamav.net", "database.clamav.net"
MaxAttempts = "3"
ScriptedUpdates = "yes"
TestDatabases = "yes"
CompressLocalDatabase disabled
ExtraDatabase disabled
DatabaseCustomURL disabled
HTTPProxyServer disabled
HTTPProxyPort disabled
HTTPProxyUsername disabled
HTTPProxyPassword disabled
HTTPUserAgent disabled
NotifyClamd = "/etc/clamav/clamd.conf"
OnUpdateExecute disabled
OnErrorExecute disabled
OnOutdatedExecute disabled
LocalIPAddress disabled
ConnectTimeout = "30"
ReceiveTimeout = "30"
SubmitDetectionStats disabled
DetectionStatsCountry disabled
DetectionStatsHostID disabled
SafeBrowsing disabled
Bytecode = "yes"

clamav-milter.conf not found

Software settings
-----------------
Version: 0.97.1
Optional features supported: MEMPOOL IPv6 FRESHCLAM_DNS_FIX AUTOIT_EA06 BZIP2 JIT

Database information
--------------------
Database directory: /var/lib/clamav/
WARNING: freshclam.conf and clamd.conf point to different database directories
daily.cld: version 13356, sigs: 161751, built on Sun Jul 24 22:01:25 2011
bytecode.cld: version 144, sigs: 41, built on Thu Jul 14 21:15:35 2011
main.cld: version 53, sigs: 846214, built on Sun Nov 14 15:58:22 2010
Total number of signatures: 1008006

Platform information
--------------------
uname: Linux 2.6.26-2-xen-amd64 #1 SMP Tue Jan 25 06:13:50 UTC 2011 x86_64
OS: linux-gnu, ARCH: i386, CPU: i486
Full OS version: Debian GNU/Linux 5.0.8 (lenny)
zlib version: 1.2.3.3 (1.2.3.3), compile flags: 55
Triple: i386-pc-linux-gnu
CPU: core2, Little-endian
platform id: 0x0a113d3d0404030201040302

Build information
-----------------
GNU C: 4.3.2 (4.3.2)
GNU C++: 4.3.2 (4.3.2)
CPPFLAGS: 
CFLAGS: -Wall -g -O2
CXXFLAGS: -Wall -g -O2
LDFLAGS: 
Configure: '--build=i486-linux-gnu' '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--disable-clamav' '--with-dbdir=/var/lib/clamav/' '--sysconfdir=/etc/clamav' '--enable-milter' '--disable-clamuko' '--with-gnu-ld' '--enable-dns-fix' '--disable-unrar' '--libdir=/usr/lib' '--with-system-tommath' '--with-ltdl-include=/usr/include' '--with-ltdl-lib=/usr/lib' 'build_alias=i486-linux-gnu' 'CFLAGS=-Wall -g -O2' 'LDFLAGS=' 'CPPFLAGS='
sizeof(void*) = 4
Engine flevel: 61, dconf: 61

--- data dir ---
insgesamt 74240
-rw-r--r-- 1 clamav clamav   478208 14. Jul 23:01 bytecode.cld
-rw-r--r-- 1 clamav clamav 10015232 24. Jul 22:53 daily.cld
drwxr-xr-x 2 clamav clamav     4096 29. Mai 2008  daily.inc
-rw-r--r-- 1 clamav clamav 65422336 14. Nov 2010  main.cld
-rw------- 1 clamav clamav     2756 25. Jul 12:53 mirrors.dat

-- System Information:
Debian Release: 5.0.8
  APT prefers oldstable
  APT policy: (500, 'oldstable')
Architecture: i386 (x86_64)

Kernel: Linux 2.6.26-2-xen-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages clamav depends on:
ii  clamav-freshclam [c 0.97.1+dfsg-1~lenny1 anti-virus utility for Unix - viru
ii  libc6               2.7-18lenny7         GNU C Library: Shared libraries
ii  libclamav6          0.97.1+dfsg-1~lenny1 anti-virus utility for Unix - libr
ii  zlib1g              1:1.2.3.3.dfsg-12    compression library - runtime

Versions of packages clamav recommends:
ii  clamav-base         0.97.1+dfsg-1~lenny1 anti-virus utility for Unix - base

Versions of packages clamav suggests:
pn  clamav-docs                   <none>     (no description available)

-- no debconf information

More information about the Pkg-clamav-devel mailing list