Setup Install clamav. In Ubuntu, for instance, you can run the following command:  sudo apt-get install clamav clamav-daemon Enable clamav on Moodle site:  Site administration > Plugins > Antivirus plugins > Manage antivirus plugins   Specify path to clamscan:  Site administration > Plugins > Antivirus plugins > ClamAV antivirus   Access to " Site administration > Server > PHP info " and check the values for memory_limit and upload_max_filesize parameters. You'll need to annotate both and find a file bigger than memory_limit and smaller than upload_max_filesize. For instance, if memory_limit=128MB and upload_max_filesize=200MB, the file you'll need later could be one of 150MB. Testing instructions In lib/classes/antivirus/manager.php, change the code for the method scan_file() in the try{} block (at or about line 75) to: try { throw new  \core\antivirus\scanner_exception( "test" ); $result = $antivirus->scan_file($file, $filename); } Log in as admin Select 'Private files' from the sliding side menu (this will avoid the quota imposed on regular users). Upload a file larger than the memory_limit setting (but smaller than the upload_max_filesize). Check the filepicker dialog appears and displays an exception. Open the server log file (for instance, in Apache it's located in /var/log/apacher/error.log). Check no "PHP Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 154348408 bytes)" error is displayed (number might change depending on your configuration)   Technical details about this test (not required for testing the issue): The two code files of concern are both in the lib/classes/antivirus directory. The code change to be tested is in scanner.php::get_incident_details, however for that code to be called you need to generate or simulate an exception in mananger.php::scan_file(). The focus of this test is not whether the antivirus detects an infected or problematic file, but rather when it does, it can generate a content hash for that file to include in the notification. The bug manifested as a memory exhaustion fatal error when large files were scanned and failed. It will be practical to use a very large file to test, one that is larger than the max. allowed memory setting. If for example, your max memory is 256MB, use a file that is 300MB or larger. Running the fixed code, it is not so important, but for comparison to the unfixed code where you want to exhibit the bug, the file needs to be larger than the max. memory setting.