[Pkg-clamav-devel] Bug#600088: clamav: Clamscan crashes when scanning windows autorun.exe file

Andreas Joerg ajoerg123 at yahoo.de
Wed Oct 13 15:15:12 UTC 2010


Package: clamav
Version: 0.96.3+dfsg-2~volatile1
Severity: normal


Clamscan crashes when scanning a short (16k) windows file autorun.exe copied from a CD.

The copied file  has been on our server for many years, but the problem only occured some time
ago with one of the recent updates of clamav / libclamav.

The error can be repeated.

Error message: illegal instruction (core dumped)

The autorun.exe file can be provided. 
The output from the --debug option of clamscan can be provided.
A screenshot of the crash can be provided.
The core-dump-file core.3950 could maybe be provided, as it's size is 99 megabytes.

-- Package-specific info:
--- configuration ---
#Automatically Generated by clamav-base postinst
#To reconfigure clamd run #dpkg-reconfigure clamav-base
#Please read /usr/share/doc/clamav-base/README.Debian.gz for details
LocalSocket /var/run/clamav/clamd.ctl
FixStaleSocket true
LocalSocketGroup clamav
LocalSocketMode 666
# TemporaryDirectory is not set to its default /tmp here to make overriding
# the default with environment variables TMPDIR/TMP/TEMP possible
User clamav
AllowSupplementaryGroups true
ScanMail true
ScanArchive true
ArchiveBlockEncrypted false
MaxDirectoryRecursion 15
FollowDirectorySymlinks false
FollowFileSymlinks false
ReadTimeout 180
MaxThreads 12
MaxConnectionQueueLength 15
LogSyslog false
LogFacility LOG_LOCAL6
LogClean false
LogVerbose false
PidFile /var/run/clamav/clamd.pid
DatabaseDirectory /var/lib/clamav
SelfCheck 3600
Foreground false
Debug false
ScanPE true
ScanOLE2 true
ScanHTML true
DetectBrokenExecutables false
ExitOnOOM false
LeaveTemporaryFiles false
AlgorithmicDetection true
ScanELF true
IdleTimeout 30
PhishingSignatures true
PhishingScanURLs true
PhishingAlwaysBlockSSLMismatch false
PhishingAlwaysBlockCloak false
DetectPUA false
ScanPartialMessages false
HeuristicScanPrecedence false
StructuredDataDetection false
CommandReadTimeout 5
SendBufTimeout 200
MaxQueue 100
ExtendedDetectionInfo true
StreamMaxLength 10M
LogFile /var/log/clamav/clamav.log
LogTime true
LogFileUnlock false
LogFileMaxSize 0
Bytecode true
BytecodeSecurity TrustSigned
BytecodeTimeout 60000
OfficialDatabaseOnly false
CrossFilesystems true
# Automatically created by the clamav-freshclam postinst
# Comments will get lost when you reconfigure the clamav-freshclam package

DatabaseOwner clamav
UpdateLogFile /var/log/clamav/freshclam.log
LogVerbose false
LogSyslog false
LogFacility LOG_LOCAL6
LogFileMaxSize 0
LogTime no
Foreground false
Debug false
MaxAttempts 5
DatabaseDirectory /var/lib/clamav/
DNSDatabaseInfo current.cvd.clamav.net
AllowSupplementaryGroups false
PidFile /var/run/clamav/freshclam.pid
ConnectTimeout 30
ReceiveTimeout 30
TestDatabases yes
ScriptedUpdates yes
CompressLocalDatabase no
Bytecode true
DatabaseMirror db.local.clamav.net
DatabaseMirror database.clamav.net
DatabaseMirror db.fr.clamav.net

--- data dir ---
total 64304
-rw-r--r-- 1 clamav clamav   320512 Oct  6 01:01 bytecode.cld
-rw-r--r-- 1 clamav clamav  8765440 Oct 13 16:03 daily.cld
-rw-r--r-- 1 clamav clamav 56671744 Apr  8  2010 main.cld
-rw------- 1 clamav clamav     1976 Oct 13 16:03 mirrors.dat

-- System Information:
Debian Release: 5.0.6
  APT prefers stable
  APT policy: (990, 'stable')
Architecture: i386 (i586)

Kernel: Linux 2.6.26-2-486
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash

Versions of packages clamav depends on:
ii  clamav-freshclam 0.96.3+dfsg-2~volatile1 anti-virus utility for Unix - viru
ii  libc6            2.7-18lenny4            GNU C Library: Shared libraries
ii  libclamav6       0.96.3+dfsg-2~volatile1 anti-virus utility for Unix - libr
ii  zlib1g           1:1.2.3.3.dfsg-12       compression library - runtime

Versions of packages clamav recommends:
ii  clamav-base      0.96.3+dfsg-2~volatile1 anti-virus utility for Unix - base

Versions of packages clamav suggests:
ii  clamav-docs      0.96.3+dfsg-2~volatile1 anti-virus utility for Unix - docu

-- no debconf information





More information about the Pkg-clamav-devel mailing list