[Pkg-clamav-devel] Bug#604621: libclamav6: Clamscan and Clamd crash on Lenny32Bit/VIA-Cpu while scanning PDFs, Lenny32Bit/AMD works fine

Török Edwin edwin at clamav.net
Tue Nov 23 09:00:49 UTC 2010 

On Tue, 23 Nov 2010 07:23:33 +0100
Ralf Spenneberg <ralf at spenneberg.net> wrote:

> Package: libclamav6
> Version: 0.96.4+dfsg-1~volatile1
> Severity: important
> 
> 
> 
> -- System Information:
> Debian Release: 5.0.6
>   APT prefers stable
>   APT policy: (500, 'stable')
> Architecture: i386 (i686)
> 
> Kernel: Linux 2.6.26-2-486
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/bash
> 
> Versions of packages libclamav6 depends on:
> ii  libbz2-1.0             1.0.5-1+lenny1    high-quality
> block-sorting file co ii  libc6                  2.7-18lenny6
> GNU C Library: Shared libraries ii  libgcc1
> 1:4.3.2-1.1       GCC support library ii  libltdl3
> 1.5.26-4+lenny1   A system independent dlopen wrappe ii
> libstdc++6             4.3.2-1.1         The GNU Standard C++ Library
> v3 ii  libtommath0            0.39-3            multiple-precision
> integer library ii  zlib1g                 1:1.2.3.3.dfsg-12
> compression library - runtime
> 
> libclamav6 recommends no packages.
> 
> Versions of packages libclamav6 suggests:
> pn  libclamunrar6                 <none>     (no description
> available)
> 
> -- no debconf information
> 
> Using clamscan or clamd to scan PDF files crashes the process on
> 32-Bit Lenny running on  VIA Samuel 2 CPU. Scanning the same file on
> AMD Athlon(tm) 64 X2 works fine. 
> I already checked the checksums of the files: ok.
> I already removed the clamav database and downloaded it again using
> freshclam. I rebooted the machine to fix any memory issues.
> The issue is reproducable every time.
> 
> Calling clamscan --debug on the file shows the following results
> (last lines): LibClamAV debug: cli_pdf: more than 2 filters per obj
> flagged in object 30 0 LibClamAV debug: cli_pdf: 30 0 obj flags: 10403
> LibClamAV debug: cli_pdf: 31 0 obj flags: 02
> LibClamAV debug: cli_pdf: 1 0 obj flags: 10023
> LibClamAV debug: cli_pdf: 2 0 obj flags: 02
> LibClamAV debug: cli_pdf: 3 0 obj flags: 02
> LibClamAV debug: cli_pdf: 4 0 obj flags: 02
> LibClamAV debug: cli_pdf: 5 0 obj flags: 02
> LibClamAV debug: cli_pdf: 6 0 obj flags: 02
> LibClamAV debug: cli_pdf: 7 0 obj flags: 02
> LibClamAV debug: cli_pdf: 8 0 obj flags: 03
> LibClamAV debug: cli_pdf: 9 0 obj flags: 02
> LibClamAV debug: Bytecode executing hook id 258 (2 hooks)
> LibClamAV debug: Bytecode 4: executing in JIT mode
> Illegal instruction (core dumped)

Hi Ralf,

Looks like a bug in the JIT.

Please install gdb, and run this command (using the attached gdbscript
file):
$ gdb -batch -x gdbscript -c core >log 2>&1

Where 'core' is the coredump created above (it might be core.<pid> or
something similar).
Then attach the file 'log' to this bugreport.

Also please provide the output of 'clamconf -n' (I'm interested in the
Platform information section), and 'cat /proc/cpuinfo' (I need the
family, model, and stepping mostly but please include all the output).

Best regards,
--Edwin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gdbscript
Type: application/octet-stream
Size: 124 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-clamav-devel/attachments/20101123/fce3165d/attachment.obj>

More information about the Pkg-clamav-devel mailing list