Fwd: Mailscanner child freezes

Julian Field MailScanner at ecs.soton.ac.uk
Sat Nov 22 19:01:59 GMT 2008


Please try the attached (gzipped) Message.pm file. Just drop it into 
/usr/lib/MailScanner/MailScanner/Message.pm if you are running the 
latest version, and restart MailScanner.

On 22/11/08 09:58, Glenn Steen wrote:
> 2008/11/21 Scott Silva<ssilva at sgvwater.com>:
>    
>> on 11-21-2008 7:10 AM Glenn Steen spake the following:
>>      
>>> Guys,
>>>
>>> I know my quoting style will drive you nuts, but ... please look at this.
>>> It's a heads up for 4.72.5, keep a lookout for children busy-looping
>>> while "cleaning messages".
>>> Hopefully Jules, or one of you, will have a solution ... really quick.
>>>
>>> Cheers
>>> -- Glenn
>>>
>>>        
>> Glenn,
>> If you have a sample of this available, I can run it through my sendmail box
>> and see if it is only postfix related or deeper.
>>
>>      
> The trouble is in Message.pm, so it probably affects all. You can
> easily create a testcase yourself:
> zip any file into an archive called "archive.zip" (or whatever you
> like:-), then zip "archive.zip" into a new zip file named
> "archive.zip"... then send it through .... Keep an eye on top and
> you'll see one MS child "get stuck" in "cleaning messages" eating
> close to 100% CPU.
> This bug only affect 4.72.5 (and later, from what it seems ... from
> reading the code), so all who run 4.71 are unaffected.
>
> Since this is easily and readily exploitable, I hesitated "going
> public" with this... I'm looking at finding a solution (it should be
> something simple, either safeguarding when constructing the hashes, or
> "loop-detecting" when travesing the "hash list"), but as always...
> Jules genius (and superior understanding of all nuances of the code)
> would likely find a simple solution to this in no time at all:-).
>
> I'd appreciate if you did do a test Scott.
>
> Cheers
>    

Jules

-- 
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store

MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
PGP public key: http://www.jules.fm/julesfm.asc


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: Message.pm.gz
Type: application/x-gzip
Size: 70475 bytes
Desc: not available
Url : http://lists.mailscanner.info/pipermail/mailscanner/attachments/20081122/18716361/Message.pm-0001.gz


More information about the MailScanner mailing list