On 10/07/2011 04:33 PM, Stephane CHAZELAS wrote: > Hiya, > > (that's on debian testing amd64 with libclamav6 0.97.2+dfsg-1) > > I had a few c-icap crashes on scanning some debian packages for firefox > (for instance: > http://ftp.se.debian.org/debian/pool/main/i/iceweasel/iceweasel_7.0.1-2_amd64.deb) > > It can be reproduced on amd64 with > clamscan --max-recursion=5 iceweasel_7.0.1-2_amd64.deb > > That gives: > *** glibc detected *** clamscan: double free or corruption > [...] > Here recursion not increased but magic_scandesc reentered somehow via > cli_scanraw() -> ??? -> cli_bcapi_extract_new().
Thanks for the report. There were only 2 bytecodes using that API, so I dropped them until the API is fixed in libclamav (at which point I will readd them). Bytecode.cvd 146 and 147 should not crash anymore, can you confirm (once you get the update via freshclam, in ~15m)? Best regards, --Edwin _______________________________________________ http://lurker.clamav.net/list/clamav-devel.html Please submit your patches to our Bugzilla: http://bugs.clamav.net
