I am the creator of bug #715
(https://wwws.clamav.net/bugzilla/show_bug.cgi?id=715) which requested
IPv6 support in freshclam. As it got integrated in r3940 I created
custom .deb packages and installed them on both of my testhosts

* #1  Debian Lenny VM (KVM), i386
* #2  Ubuntu Hardy VM (Xen), amd64

both freshclam.conf files point to db.ipv6.clamav.net rotation.

#2 has never been upgraded and still runs r3940 without any apparent
problems. I've rebuilt the Debian packages using the current trunk
revision for #1 several times and noticed that freshclam started to
crash every now and then recently. I'm pretty sure it has started with
revision r3947 which integrated a new mirror loadbalancing code.

Here is a collection of debugging information I've sent to #clamav, I
think it's better suited here on the ML.

gdb bt (r3955):         http://sial.org/pbot/31610
valgrind (r3976):       http://pastebin.ca/1080097

I've tried to understand the code but I don't think it should be
happening. I've added a few debug printf-statements and it looks like
the tempname variable in freshclam/manager.c:getpatch() gets trashed, it
is fine before and when calling getfile() in manager.c:904, fine
throughout the whole getfile() function (I've added a printf right
before return there) but is trashed at the following open statement in
manager.c:912. Partial strace for this is

write(1, "Downloading daily-7743.cdiff [10"..., 36) = 36
open(0x303431, O_RDONLY)                = -1 EFAULT (Bad address)
--- SIGSEGV (Segmentation fault) @ 0 (0) ---

so it looks like something is overwriting the pointer. I'm not an
experienced C coder so I'm stuck here, maybe someone more experienced
can have a look at this.

Crashes don't happen always, I've had cases where freshclam crashed
repeatedly directly at startup, but sometimes it took a couple of hours
or even days before it crashed. But the bogus pointer 0x303431 seems to
be stable.

Please submit your patches to our Bugzilla: http://bugs.clamav.net

Reply via email to