MarkyMarkDE
commented
2 months ago have closed this ticket now, the regex issue was my fault, the default setting on regex101.com is PCRE2 (PHP >=7.3) when i change it to ECMAScript (JavaScript) @micahsnyder 's code is right and valid. I ran into the trap, sorry!
It seems we have an BUG in the regex / pcre parser.
If i write my regex pcre compilant:
clamscan fails with this Message in the log below:
ERROR: Can't allocate memory
----------- SCAN SUMMARY ----------- Known viruses: 2051532 Engine version: 1.0.7 Scanned directories: 0 Scanned files: 0 Infected files: 0 Data scanned: 0.00 MB Data read: 0.00 MB (ratio 0.00:1) Time: 6.301 sec (0 m 6 s) Start Date: 2024:09:23 03:44:01 End Date: 2024:09:23 03:44:07
But when i write it not compilant (
\-escaped like it should):----------- SCAN SUMMARY ----------- Known viruses: 8698797 Engine version: 1.0.7 Scanned directories: 0 Scanned files: 15 Infected files: 0 Data scanned: 0.58 MB Data read: 0.39 MB (ratio 1.47:1) Time: 17.506 sec (0 m 17 s) Start Date: 2024:09:25 10:31:40 End Date: 2024:09:25 10:31:57
You see "ERROR: Can't allocate memory" is gone! It would be great if we can find and fix this issue. Lot of users use for writing her regexes online-helping-tools like regex101.com, and their parsers don't accept failures, so you have to escape all pcre compatible e.g. "
\/".Please see additional #1370 and here again: @micahsnyder really HUGE thank you for analyzing and finding the issue, you did a great job!
I would never have thought that writing pcre compatible regexes would cause clamscan / clandscan to stop working. Until 1.0.7 (I came from 0.103.11 on Ubuntu 20.04.* LTS) the same code was not a problem.