Amavis 2.10.1 dies and is unusable when put under moderate load

Quanah Gibson-Mount quanah at
Wed Jan 27 17:52:03 CET 2016

--On Wednesday, January 27, 2016 4:40 PM +0100 Mark Martinec 
<Mark.Martinec+amavis at> wrote:

> The change log to Convert::UUlib 1.50 shows:
>    Revision history for Perl extension Convert::UUlib.
>    1.5  Sat Jul 11 03:56:06 CEST 2015
>    - fix a heap overflow (testcase by Krzysztof Wojtaś).
>    - on systems that support it (posix + mmap + map_anonymous),
>      allocate all dynamic areas via mmap and put four guard
>      pages around them, to catch similar heap overflows
>      safely in the future.
>    - find a safer way to pass in CC/CFLAGS to uulib.
>    - added stability canary support.
> The extra protection (guard pages) is probably what is
> causing your crashes: previously some heap overflow could
> cause corruption and havoc without necessarily being noticed,
> bringing down a process. If I understand the changelog
> correctly, the new guard pages make it possible to detect
> some runaway memory access in uulib and terminate the process
> if this occurs, instead of letting a corruption spread.
> This is a good step in guarding against security exploits:
> better crash than let a leak be exploitable. Unfortunately
> the violation cannot be contained, which affects apparent
> stability.

Great, thanks Mark!



Quanah Gibson-Mount
Platform Architect
Zimbra, Inc.
Zimbra ::  the leader in open source messaging and collaboration

More information about the amavis-users mailing list