Is there a way to programmatically extract the .exe file version from a file on a network drive without local antivirus insisting on scanning the whole damn file?
Is there a way to programmatically extract the .exe file version from a file on a network drive without local antivirus insisting on scanning the whole damn file?
#filesystem #antivirus
#filesystem #antivirus
I'm pretty sure there isn't any... that's just one part of the cost you have to pay(besides av license) when you run one...
ReplyDeleteUnfortunately, FileAge is not an option as the files may have been transferred through FTP, hence the create time and file time may be unreliable.
ReplyDeleteYeah, I've been thinking along those lines as well, but by registering the file in a database instead. Currently, the files are duplicated in different staging directories for different sites as well. A single file location and a site specific entry in the db would make distribution faster and safer.
ReplyDeleteUninstalling the antivirus software is not an option. Corporate networks and policies.
What a co-incidence. That's exactly the problem I've been up against recently. In the end I simply added the file version to the end of the filename instead of extracting it from the executable.
ReplyDeleteIf you can specify a single file location, just put the version into the directory name (concat it as a suffix etc...). Or put a dummy .lnk file with a string containing version number.
ReplyDeleteAre you truly solving for file version, or do you just need to know that it is the file that it is? If you have the CRC, for instance, of the downloaded/uploaded file (you know what to expect) then you can check that.
ReplyDeleteOtherwise you really ARE going to want to scan any file that was FTPed into place because, really, where DID that thing come from?
I know it's a performance drain, but the world is a hacker's paradise.
Can you FTP them to a "safe place" and then check versions in a thread and output the information to text so that you can check it without impacting (much) your currently running program?
Just thoughts.
If the file in the trusted staging directory is newer than the local file, it is copied. If it was scanned for copy, that is ok - but to scan the entire file, just because you are extracting the version resource - is silly. Tempting to put the whole thing behind a web service.
ReplyDeleteI don't disagree, but I don't know enough about how triggering virus checkers works to comment on a work-around for that. You might want to reach out to Dmitry Vasiliev at Greatis software http://greatis.com/delphicb/ He has a file version object that they wrote in their Ultimate pack (or one of them) so he might have a better idea of how to get around the problem.
ReplyDeleteLow-level file block access, "hard-decoding" the Windows-NT version info from its hard-coded position in the PE file...? The byte offset from the beginning of the file is documented somewhere, I'm fairly certain.
ReplyDeleteSure, feels pretty C-ish (or even ASM-ish!), but it's the only officially supported way to do precisely what you ask, AFAICS.
Christian Conrad I don't think that's going to be viable on a network share. Lars Fosdal What about a post transfer person that runs the program with a pattern to register its own version in a DB or to text file?
ReplyDeleteBut if it's on a network share, one would think that it'd been put there by a network admin, or at least a somewhat advanced user, who could be assumed to know what the heck he is doing... Seemed reasonable to assume that the case where the software itself must find out what version it is because the user is a luser would most probably be about the luser's own local disk.
ReplyDeleteNo. Good antivirus always check file sanity on access
ReplyDeleteChristian Conrad If local AV software isn't configured to exclude what should be trusted network locations, assumptions can no longer be made about who's putting what where.
ReplyDeleteAh, I see. Yep, Anthony Frazier, right you are, got it now.
ReplyDelete