[R-pkg-devel] False positive antivirus reports on package vignettes
Ivan Krylov
|kry|ov @end|ng |rom d|@root@org
Tue Feb 18 15:03:36 CET 2025
On Tue, 18 Feb 2025 07:31:59 -0600
Dirk Eddelbuettel <edd using debian.org> wrote:
> I have no idea. They have not communicated with me. I am only the
> relevant author so why whould they.
That's unfortunate. I've just fed the RcppArmadillo-sparseMatrix
vignette to VirusTotal, and, indeed, there is one match:
https://www.virustotal.com/gui/url/f8d4551cce926dbe1ca4ade853038e9b358a65ce06e448f83825247df0c9f375
> Can you translate that tip into an actionable `sed` (or, of course
> `Rscript` or `r`) expression I could add to the Makefile?
It's probably doable with `sed`, but here's R:
contents <- readBin(pdf_file, raw(), file.size(pdf_file))
# both PDFTeX and QPDF add a 4-byte comment here that can be changed
stopifnot(grepl(
'^%PDF-1.5\n%[^\n]{4}\n$',
rawToChar(contents[1:15]),
useBytes = TRUE
))
# so replace it with spaces
contents[11:14] <- charToRaw(' ')
writeBin(contents, pdf_file)
No matches after the four-byte change:
https://www.virustotal.com/gui/file/e0bf6c55e5d1377c3375b962b24bbaaead4424d0bf5f9bcdaadd47c39b36abe7
Your bytes match what QPDF usually writes when re-compressing a
vignette [*], not PDFTeX's "PTEX" + (not xor) 128. This is also to be
expected.
--
Best regards,
Ivan
[*]
https://github.com/qpdf/qpdf/blob/8a1d34bb74e6bae1b57076485386fc56e7c22aaa/libqpdf/QPDFWriter.cc#L2321-L2323
More information about the R-package-devel
mailing list