|Main Archive Page > Month Archives > clamav-users archives|
I noticed the following anomaly when scanning a tar.gz file compared to scanning the result of untarring it. Scanning the tar.gz file results in less "data read" than scanning the files which it expands to (as one would expect), but the "data scanned" amount is *much* more for the tar.gz file than for the resultant files in the directory tree.
Does this indicate some problem with the way clamav handles compressed files, or is it some peculiarity of this tar.gz file?
09:51:08 user@host:~/src/openssl> clamscan -ri openssl-0.9.8k/
09:51:24 user@host:~/src/openssl> clamscan openssl-0.9.8k.tar.gz openssl-0.9.8k.tar.gz: OK