http://bugzilla.spamassassin.org/show_bug.cgi?id=4017
Summary: Infinite loop
Product: Spamassassin
Version: 3.0.0
Platform: Other
OS/Version: other
Status: NEW
Severity: critical
Priority: P1
Component: spamassassin
AssignedTo: [email protected]
ReportedBy: [EMAIL PROTECTED]
Spamassassin v3.0.0 appears to be using an excessive amount
of open file descriptors for dns use. This is likely a bug.
The exact amount depends on the message being processed.
For example, the particular spam I've been testing with
below needs at least 97 open fds to successfully complete.
The process limit is 64.
Once you hit the fd limit, there's the potential of getting
stuck in an infinite loop (i.e. some code continuely retries
opening a file on errno "too many open files").
You can tell if you've hit this bug by the following error
in your procmail log:
procmail: Rescue of unfiltered data succeeded
procmail: Timeout, terminating "/usr/local/bin/spamassassin.new"
procmail: Kernel-lock failed
procmail: Kernel-unlock failed
Here's a patch:
*** /usr/local/test-sa/lib/site_perl/5.8.0/Mail/SpamAssassin/Util.pm Mon Sep
13
19:34:05 2004
--- Mail/SpamAssassin/Util.pm Fri Dec 3 15:31:59 2004
***************
*** 724,766 ****
###########################################################################
- # thanks to http://www2.picante.com:81/~gtaylor/autobuse/ for this
- # code.
sub secure_tmpfile {
! my $tmpdir = Mail::SpamAssassin::Util::untaint_file_path(
! File::Spec->tmpdir()
! );
! if (!$tmpdir) {
! die "Cannot find a temporary directory! set TMP or TMPDIR in env";
! }
! my ($reportfile,$tmpfile);
! my $umask = umask 077;
! do {
# we do not rely on the obscurity of this name for security...
# we use a average-quality PRG since this is all we need
! my $suffix = join ('',
! (0..9, 'A'..'Z','a'..'z')[rand 62,
! rand 62,
! rand 62,
! rand 62,
! rand 62,
! rand 62]);
! $reportfile = File::Spec->catfile(
! $tmpdir,
! join ('.',
! "spamassassin",
! $$,
! $suffix,
! "tmp",
! )
! );
# ...rather, we require O_EXCL|O_CREAT to guarantee us proper
# ownership of our file; read the open(2) man page.
! } while (! sysopen ($tmpfile, $reportfile, O_RDWR|O_CREAT|O_EXCL, 0600));
! umask $umask;
! return ($reportfile, $tmpfile);
}
###########################################################################
--- 724,766 ----
###########################################################################
sub secure_tmpfile {
! my ($reportfile, $suffix, $tmpdir, $tmpfile, $umask);
! my $count = 0;
!
! $tmpdir = Mail::SpamAssassin::Util::untaint_file_path(File::Spec->tmpdir)
! or die "Cannot find a temporary directory! set TMP or TMPDIR in env";
!
! $umask = umask 077;
! while (1) {
# we do not rely on the obscurity of this name for security...
# we use a average-quality PRG since this is all we need
! $suffix = join ('', (0..9,'A'..'Z','a'..'z')[rand 62,
! rand 62,
! rand 62,
! rand 62,
! rand 62,
! rand 62]);
! $reportfile = File::Spec->catfile($tmpdir, join('.',
! "spamassassin",
! $$,
! $suffix,
! "tmp"));
! die "Problem creating temporary file" if ++$count > 100_000;
!
! next if -e $reportfile;
!
# ...rather, we require O_EXCL|O_CREAT to guarantee us proper
# ownership of our file; read the open(2) man page.
! sysopen $tmpfile, $reportfile, O_RDWR|O_CREAT|O_EXCL, 0600
! or die "Cannot create temporary file \"$reportfile\": $!";
!
! last;
! }
! umask $umask;
! return($reportfile, $tmpfile);
}
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
