Amavis 2.10.1 dies and is unusable when put under moderate load
quanah at zimbra.com
Wed Jan 27 17:52:03 CET 2016
--On Wednesday, January 27, 2016 4:40 PM +0100 Mark Martinec
<Mark.Martinec+amavis at ijs.si> wrote:
> The change log to Convert::UUlib 1.50 shows:
> Revision history for Perl extension Convert::UUlib.
> 1.5 Sat Jul 11 03:56:06 CEST 2015
> - fix a heap overflow (testcase by Krzysztof Wojtaś).
> - on systems that support it (posix + mmap + map_anonymous),
> allocate all dynamic areas via mmap and put four guard
> pages around them, to catch similar heap overflows
> safely in the future.
> - find a safer way to pass in CC/CFLAGS to uulib.
> - added stability canary support.
> The extra protection (guard pages) is probably what is
> causing your crashes: previously some heap overflow could
> cause corruption and havoc without necessarily being noticed,
> bringing down a process. If I understand the changelog
> correctly, the new guard pages make it possible to detect
> some runaway memory access in uulib and terminate the process
> if this occurs, instead of letting a corruption spread.
> This is a good step in guarding against security exploits:
> better crash than let a leak be exploitable. Unfortunately
> the violation cannot be contained, which affects apparent
Great, thanks Mark!
Zimbra :: the leader in open source messaging and collaboration
More information about the amavis-users