New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Security concern about Windows binary (v2.23.0) #869
Labels
bug
Something isn't working
Comments
Thanks for opening your first issue here! In case you're facing a bug, please update navi to the latest version first. Maybe the bug is already solved! :) |
Geogboe
changed the title
Windows binary (v2.23.0) getting flagged by VirusTotal
Security concern about Windows binary (v2.23.0)
Dec 19, 2023
I can disable upx for Windows :) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
Want to first clarify that I believe this is a false positive but still wanted to bring it to the attention of the maintainers. When I tried to download the archive for this via Firefox I got a warning which prompted me to run it through virustotal which is flagging it for a multiple reasons -- all of which I don't fully understand not being familiar with the code.
Here's the report: https://www.virustotal.com/gui/file/be1c45308c479db5d0ef6db49eefdbd41c2dbe543027807909e180b49fec2f0e
Edit: updated description
To Reproduce
NA
Expected behavior
NA
Screenshots
NA
Versions:
Additional context
Here's what I tested
archive file:
Name: navi-v2.23.0-x86_64-pc-windows-gnu.zip
Size: 2611933 bytes (2550 KiB)
SHA256: 97539b0aa149c60dee1315d90e9339d84fb33ec80311b6d3c85aac07e5f22f22
executable:
Name: navi.exe
Size: 5172488 bytes (5051 KiB)
SHA256: be1c45308c479db5d0ef6db49eefdbd41c2dbe543027807909e180b49fec2f0e
VirusTotal report: https://www.virustotal.com/gui/file/be1c45308c479db5d0ef6db49eefdbd41c2dbe543027807909e180b49fec2f0e
I looked through the code base and build pipeline it looks like upx is being used to compress the binary: https://github.com/denisidoro/navi/actions/runs/7156992883/job/19487333651#step:5:208 and I'm thinking that might be making the bin more suspicious to scanners. I found a similar issue for another rust project: svenstaro/miniserve#1210 (comment) and even a pinned issue for upx itself: upx/upx#437
These are pretty small binaries so I just wonder how much larger it would be without running it through upx and if that would remove some of the warnings?
The text was updated successfully, but these errors were encountered: