AMF icon indicating copy to clipboard operation
AMF copied to clipboard

Published 20 hours ago verified publisher icon GPUOpen-LibrariesAndSDKs

[Bug]: Virus Reported in file_to_header.exe

Open jet082 opened this issue 2 years ago • 6 comments

Describe the bug The file file_to_header.exe seems to have a virus or a false positive.

To Reproduce Run the file_to_header.exe file into virustotal. Oddly, the previous version on this repository seems to be clean.

Setup (please complete the following information): Windows 11.

Debug Log (please upload or paste):

N/A

Expected behavior No viruses detected.

Screenshots You can see the result here - https://www.virustotal.com/gui/file/4430f8912ad061519c33891a6fa8854da5634f37f050bd309ee175b10a53d574

Additional context I'm not sure what changed between the last version and this one.

jet082 avatar Apr 24 '22 11:04 jet082

This virus report is indeed a false positive. The exe is used to turn input shaders into bytecode format. Common antivirus vendors might have recently updated their heuristics in a way that flags this binary. The windows file has not been updated since July-20, 2021 (AMF 1.4.21).

rhutsAMD avatar Apr 25 '22 15:04 rhutsAMD

@rhutsAMD would it be possible to add the source code for the executable to the repo or is the executable under an incompatible license or some other restriction?

1480c1 avatar Apr 25 '22 16:04 1480c1

The source code is trivial and is mostly IO fopen / fclose / fread / fwrite etc …, but we would need to bring it up to public standards and clear it with legal in order to publish.

We have seen such a false positive before.

rhutsAMD avatar Apr 25 '22 17:04 rhutsAMD

I see, understandable then.

Would it be possible to request a recompile with the latest, or at least a later version, of Visual Studio to see if it changes the false positive?

1480c1 avatar Apr 25 '22 17:04 1480c1

The current suggestion is to add this file to your antivirus’s list of allowed exceptions since you cannot compile the binary locally.

Another option is to wait a few days for the next antivirus update or to submit a ticket to the antivirus support team.

I have recompiled the binary with the latest VS 2022 and shared it. The cause of the flag may be related to the binary being downloaded from the internet. Regardless, if you would like to try it, I have shared this recompiled version below: file_to_header.zip

rhutsAMD avatar Apr 25 '22 18:04 rhutsAMD

Just a quick update, the recompiled file_to_header.exe is now pushed to the repo itself.

rhutsAMD avatar Apr 27 '22 19:04 rhutsAMD