Recent Posts

1

Nightly builds / Re: The 20 May 2024 build (13521) is out.

« Last post by nenin on Today at 01:02:20 pm »

False positives are a plague, specially with libraries. If any malware uses a library, some AV vendors will flag all software using said library as a virus.

I use UPX for packing the executables in my company's web page: Recently they are being flagged as virus even if some of them have not changed in the last ten years. This is because some malware uses UPX, not because UPX itself is infected.

Week ago I built some lib with CMake. CMake compile some small codes to verify access to C functions like v*printf. So, one of these small exe (5 line of code) was catch by AV as the threat and exterminated.     However, CMake was happy and library was built finally. 10 year ago some most paranoid AV attacked gdb.  Now more or less normal AVs have problems with very plain code just because compiler differs from their expectations.

2

Nightly builds / Re: The 20 May 2024 build (13521) is out.

« Last post by Miguel Gimenez on Today at 12:49:53 pm »

False positives are a plague, specially with libraries. If any malware uses a library, some AV vendors will flag all software using said library as a virus.

I use UPX for packing the executables in my company's web page: Recently they are being flagged as virus even if some of them have not changed in the last ten years. This is because some malware uses UPX, not because UPX itself is infected.

3

Nightly builds / Virused or not ? The 20 May 2024 build (13521) is out.

« Last post by ThierryD on Today at 12:13:27 pm »

Thank's for your comments and responses.

After search on Net about this "false or true" malware  "Gen:Variant.Barys.459296", I download MalwareBytes yesterday and run it (tempory test of tool).
Result : PUP detected on my two computers.
I decide to suppress all files detected with this tool. I rerun and no alert appear ... Good!

Today, I download (with Firefox) last nightly (20 may), and result is the same : download blocked another time with same alert.  It's annoying!
I conserve version 13518 (05 may) of CB to continue "my work" (current test : integrate last version of OneAPI Intel C/C++ compiler into IDE, it's work !).

Thank's.

Thierry D.

4

Development / new feature of wxSmith in r13522

« Last post by ollydbg on Today at 08:51:38 am »

[r13522]

Some new feature is added.

If no ID field is set, the generated code will use "wxID_ANY".

Another good feature is the "Use Items array" option. If this option is set, the wxChoice will use an array like below:

Code

    const wxString Choice_choices[] = {
    _("AAA"),
    _("BBB"),
    };
    Choice = new wxChoice(Panel, wxID_ANY, wxDefaultPosition, wxSize(280,-1), 2, Choice_choices, 0, wxDefaultValidator);

instead of the statement like:

Code

    Choice = new wxChoice(Panel, ID_CHOICE10, wxDefaultPosition, wxSize(280,-1), 0, 0, 0, wxDefaultValidator, _T("ID_CHOICE10"));
    Choice->Append(_("AAA"));
    Choice->Append(_("BBB"));

So, the array can be used by other code.

5

Nightly builds / Re: The 20 May 2024 build (13521) is out.

« Last post by nenin on Today at 07:44:22 am »

I don't think so. The other Mingw-w64 distributions don't have these problems.

This is not correct. Some nixMan builds also face this problem.
https://github.com/niXman/mingw-builds-binaries/issues
Likely it is related to the "heuristic" detection, which was problematic ab initio.

6

Nightly builds / Re: The 20 May 2024 build (13521) is out.

« Last post by stahta01 on Today at 03:09:16 am »

Windows Defender flagged the "CB_20240520_rev13521_win64.7z" file as containing "Trojan:Script/Wacatac.B!ml" and blocked the download. I allowed the download and scanned the file - which reported no issues.

Uncompressed the 7z file to a fresh folder and scanned: no issues.

This leads me to think it might be MS FUD issue. https://en.wikipedia.org/wiki/Fear,_uncertainty,_and_doubt

Tim S.

7

Nightly builds / Re: The 20 May 2024 build (13521) is out.

« Last post by ChosenName on Yesterday at 10:03:33 pm »

Windows Defender flagged the "CB_20240520_rev13521_win64.7z" file as containing "Trojan:Script/Wacatac.B!ml" and blocked the download. I allowed the download and scanned the file - which reported no issues.

Uncompressed the 7z file to a fresh folder and scanned: no issues.

8

Nightly builds / Re: The 20 May 2024 build (13521) is out.

« Last post by nina on Yesterday at 09:36:59 pm »

Hello,

I think false positives. Anyone with experience and knowledge what could trigger this, and how we can avoid this ?

I don't think so. The other Mingw-w64 distributions don't have these problems.
Did you read my previous message (May 09, 2024) ?

Hi,

First of all, thank you very much for your work.
I signed up just to let you know that some versions of Winlibs contain viruses, so you'll have to be very careful. Among other things, there is a potential risk of malicious code injection into CB.
Thank you again.

 --- > https://github.com/brechtsanders/winlibs_mingw/issues/199
https://github.com/brechtsanders/winlibs_mingw/issues/201
https://www.virustotal.com/gui/file/16c15e587a488ca24b49f7b178028efa719aed3eb9db7ce79449fce097909cbd/relations
(Have a look at the bundled files: for example, nvptx-arch.exe (related to llvm but) has 15/72 detections, this contrasts sharply with the 2/35 of the package.)

9

Nightly builds / Re: The 20 May 2024 build (13521) is out.

« Last post by killerbot on Yesterday at 09:17:07 pm »

I think false positives. Anyone with experience and knowledge what could trigger this, and how we can avoid this ?

10

Nightly builds / Virused or not ? The 20 May 2024 build (13521) is out.

« Last post by ThierryD on Yesterday at 03:22:07 pm »

Hi,

Me too, Bit Defender alert me about two "last" nigthly build. I must force "de"push in "quarantain" to restore file signaled by virus Gen:Variant.Barys.459296
With 9 may version, only C:\Codeblocks\Codeblocks.dll is affected.

But, with 19 may version, not only this file, but also C:\Codeblocks\Share\CodeBlocks\Plugins\Exporter.dll, C:\Codeblocks\Share\CodeBlocks\Plugins\NassiShneiderman.dll, C:\Codeblocks\Share\CodeBlocks\Plugins\wxSmithAui.dll, C:\Codeblocks\Share\CodeBlocks\Plugins\wxSmithContribItems.dll and C:\CodeBlocks\Share\CodeBlocks\codesnippets.dll are advertised with same "virus". GRRR!
Many files  ...  I'm not quiet ...

"False positive" or not ?

Thank's.

PS : My apologies about CB Team, if they are ...  "Waste of time", sure !!!