Talk:UPX

VfD
On April 12, 2005, this article was nominated for deletion. The result was keep. See Votes for deletion/UPX for a record of the discussion. Mindspillage (spill yours?) 04:11, 25 Apr 2005 (UTC)
 * I would really wanted to understand why someone in his good senses nominated this article for deletion... Pretty stupid. Loudenvier 12:02, 17 August 2006 (UTC)

UPX lossy compression
I have found that a binary compiled with DJGPP, then run through UPX, then run through UPX -d, will come out significantly smaller (sometimes by a factor of five or more!). Obviously UPX is stripping some useless parts of the binary &mdash; maybe debugging symbols. Could someone add to the article a section on this use of UPX? --Quuxplusone 28 June 2005 23:49 (UTC)
 * It does indeed strip debugging symbols, but so will the  utility included with DJGPP. Nickptar 29 June 2005 01:47 (UTC)
 * Maybe your app is compiled with G++, which latest versions (for no good reason) add the .bss to the .data section ... or something like that, I forget. UPX does strip that off, though, when unpacking. Armslurp (talk) 01:50, 22 January 2009 (UTC)

Do not tag this article for deletion again, please
There are some users who are tagging this article for deletion despite the consensus that it shouldn't be deleted. Please, refrain from adding it back. If you really think it should be delete, discuss it in this talk page, so a consensus could be reached. Regards. Loudenvier 17:02, 23 February 2007 (UTC)

Misuse
Shouldn't the misuse section be removed?

The only link of "evidence" itself points to a 2006 newsgroup discussion by a random person questioning, who is then given several reasons why this could be completely innocent, including:

- The author of UPX sublicences the code and could well have sublicensed it to NEAD. - Decompression using a particular program doesn't mean that program was "stolen" in order to compress/decompress the data elsewhere. - There is no definitive proof at all that anything copyrightable has been used in the production of the NEAD program. - There is no official word from the authors themselves in that discussion or any other (since 2006!)

To my mind, that removes any and all credibility to the claims and at a minimum pours scorn on the veracity of the evidence in the article itself. It could be potentially problematic if NEAD decide that those claims are unfounded or incorrect.

--ledow (talk) 13:18, 16 July 2009 (UTC)

Use of UPX in Stuxnet and Duqu?
It is remarkable that UPX was used in Duqu and Stuxnet, isn't it? 46.138.85.154 (talk) 20:13, 27 October 2011 (UTC)

UPX and antivirus software
I've removed the sentence about "most antivirus" flagging UPX as harmful. My own original research using virustotal.com says that between 1 and 5 products, out of 61 total flags UPX compressed executables. This is not "most". JensRex (talk) 03:09, 6 December 2017 (UTC)

FreeDOS uses DOS/EXE or DOS/SYS format, plus a custom stub
The article has a footnote specifying "The facility to compress DOS .COM-style files can be utilized also to compress other binary executable files. Some FreeDOS and EDR-DOS kernel files are known to be UPX-compressible this way."

This is wrong about the FreeDOS kernel in two ways. First, historically the format used was DOS/EXE, and it is still used for uncompressed kernel files larger than about 64 KiB. The other format used is DOS/SYS.

Second, it is a stretch to call the kernel "UPX-compressible" considering the lengths that the kernel build process goes to to utilise UPX. UPX does not exactly support operation on any DOS kernel executable formats. As concerns UPX it compresses a regular DOS executable, which the kernel's exeflat utility then relocates and gives an additional stub so that it allows running as a kernel file loaded to segment 60h (and also passing a CONFIG block and the boot load unit information to the kernel). 2A02:3036:D:C10:976B:BEB0:B96B:BA92 (talk) 13:58, 23 May 2022 (UTC)