clamav/clamav-0.96-jitoff.patch

Index: clamav-0.96/etc/clamd.conf
===================================================================
--- clamav-0.96.orig/etc/clamd.conf
+++ clamav-0.96/etc/clamd.conf
@@ -476,6 +476,10 @@ AllowSupplementaryGroups yes
 # BytecodeTimeout 60000
  
 # Disable JIT and fallback to interpreter. WARNING: disabling JIT affects performance.
-# 
-# Default: no
+#
+# This option has been turned off in Fedora due to security concerns
+# by default.  You might need to enable the 'clamd_use_jit' SELinux
+# boolean after enabling this option.
+#
+# Default: yes
 #BytecodeDisableJIT no
Index: clamav-0.96/shared/optparser.c
===================================================================
--- clamav-0.96.orig/shared/optparser.c
+++ clamav-0.96/shared/optparser.c
@@ -252,7 +252,7 @@ const struct clam_option __clam_options[
 	"Set bytecode security level.\nPossible values:\n\tNone - no security at all, meant for debugging. DO NOT USE THIS ON PRODUCTION SYSTEMS\n\tTrustSigned - trust bytecode loaded from signed .c[lv]d files,\n\t\t insert runtime safety checks for bytecode loaded from other sources\n\tParanoid - don't trust any bytecode, insert runtime checks for all\nRecommended: TrustSigned, because bytecode in .cvd files already has these checks\n","TrustSigned"},
     { "BytecodeTimeout", "bytecode-timeout", 0, TYPE_NUMBER, MATCH_NUMBER, 60000, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN, 
 	"Set bytecode timeout in miliseconds.\n","60000"},
-    { "BytecodeDisableJIT", "bytecode-disable-jit", 0, TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN, 
+    { "BytecodeDisableJIT", "bytecode-disable-jit", 0, TYPE_BOOL, MATCH_BOOL, 1, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN, 
 	"Disable JIT and fallback to interpreter. WARNING: disabling JIT affects performance.\n","no"},
 
     { "DetectPUA", "detect-pua", 0, TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN, "Detect Potentially Unwanted Applications.", "yes" },