Amavis 2.10.1 dies and is unusable when put under moderate load
Mark Martinec
Mark.Martinec+amavis at ijs.si
Wed Jan 27 16:40:22 CET 2016
The change log to Convert::UUlib 1.50 shows:
Revision history for Perl extension Convert::UUlib.
1.5 Sat Jul 11 03:56:06 CEST 2015
- fix a heap overflow (testcase by Krzysztof Wojtaś).
- on systems that support it (posix + mmap + map_anonymous),
allocate all dynamic areas via mmap and put four guard
pages around them, to catch similar heap overflows
safely in the future.
- find a safer way to pass in CC/CFLAGS to uulib.
- added stability canary support.
The extra protection (guard pages) is probably what is
causing your crashes: previously some heap overflow could
cause corruption and havoc without necessarily being noticed,
bringing down a process. If I understand the changelog
correctly, the new guard pages make it possible to detect
some runaway memory access in uulib and terminate the process
if this occurs, instead of letting a corruption spread.
This is a good step in guarding against security exploits:
better crash than let a leak be exploitable. Unfortunately
the violation cannot be contained, which affects apparent
stability.
Mark
More information about the amavis-users
mailing list