[Pkg-clamav-devel] Bug#604621: libclamav6: Clamscan and Clamd crash on Lenny32Bit/VIA-Cpu while scanning PDFs, Lenny32Bit/AMD works fine

Ralf Spenneberg ralf at spenneberg.net
Tue Nov 23 06:23:33 UTC 2010 

Package: libclamav6
Version: 0.96.4+dfsg-1~volatile1
Severity: important



-- System Information:
Debian Release: 5.0.6
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-2-486
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages libclamav6 depends on:
ii  libbz2-1.0             1.0.5-1+lenny1    high-quality block-sorting file co
ii  libc6                  2.7-18lenny6      GNU C Library: Shared libraries
ii  libgcc1                1:4.3.2-1.1       GCC support library
ii  libltdl3               1.5.26-4+lenny1   A system independent dlopen wrappe
ii  libstdc++6             4.3.2-1.1         The GNU Standard C++ Library v3
ii  libtommath0            0.39-3            multiple-precision integer library
ii  zlib1g                 1:1.2.3.3.dfsg-12 compression library - runtime

libclamav6 recommends no packages.

Versions of packages libclamav6 suggests:
pn  libclamunrar6                 <none>     (no description available)

-- no debconf information

Using clamscan or clamd to scan PDF files crashes the process on 32-Bit Lenny 
running on  VIA Samuel 2 CPU. Scanning the same file on AMD Athlon(tm) 64 X2 
works fine. 
I already checked the checksums of the files: ok.
I already removed the clamav database and downloaded it again using freshclam.
I rebooted the machine to fix any memory issues.
The issue is reproducable every time.

Calling clamscan --debug on the file shows the following results (last lines):
LibClamAV debug: cli_pdf: more than 2 filters per obj flagged in object 30 0
LibClamAV debug: cli_pdf: 30 0 obj flags: 10403
LibClamAV debug: cli_pdf: 31 0 obj flags: 02
LibClamAV debug: cli_pdf: 1 0 obj flags: 10023
LibClamAV debug: cli_pdf: 2 0 obj flags: 02
LibClamAV debug: cli_pdf: 3 0 obj flags: 02
LibClamAV debug: cli_pdf: 4 0 obj flags: 02
LibClamAV debug: cli_pdf: 5 0 obj flags: 02
LibClamAV debug: cli_pdf: 6 0 obj flags: 02
LibClamAV debug: cli_pdf: 7 0 obj flags: 02
LibClamAV debug: cli_pdf: 8 0 obj flags: 03
LibClamAV debug: cli_pdf: 9 0 obj flags: 02
LibClamAV debug: Bytecode executing hook id 258 (2 hooks)
LibClamAV debug: Bytecode 4: executing in JIT mode
Illegal instruction (core dumped)

On AMD the debug log continues:
....
LibClamAV debug: Bytecode 4: executing in JIT mode
47474747474747474747624762474747bytecode finished in 212us
LibClamAV debug: Bytecode 4 returned 0
LibClamAV debug: Bytecode 6: executing in JIT mode
bytecode finished in 10us
LibClamAV debug: Bytecode 6 returned 0
LibClamAV debug: Bytecode: executed 2 bytecodes for this hook
LibClamAV debug: cli_pdf: dumping obj 12 3072

Full report can be provided.

More information about the Pkg-clamav-devel mailing list