Could someone please explain how the messageDedup() routine
in libclamav/message.c is supposed to work? It doesn't seem
to actually be de-allocating anything.
It's spinning in the second for() loop. Since t2 is
defined as t1->t_next, how will the strcmp() of d1 and d2
ever be 0? I'm added some extra debugging statements, and
the lineUnlink() routine is never called, so "saved" is
always 0, so it keeps going through all the lines. If I'm
missing some subtle thing it's doing, please explain it
to me.
The problem we're having is with certain customer emails
that have very large text attachments (~250,000 lines),
especially Autocad files. We run ClamAV under qmail, so
the memory is limited by softlimit. It runs out of memory
with these large files, so it calls messageDedup() from
messageAddStr(). It then winds up doing a strcmp 250,000
times for *each* of the 250,000 lines.
It only happens on our 64bit boxes, and the ones that get
it worse have libc-2.3.5.so, the libc-2.3.3 boxes aren't
so bad.
Strangely, I can repeat it on my Redhat 9 box if I comment
out the perror("malloc_problem") call in cli_malloc().
Maybe the newer library fixes perror() so it doesn't
segfault in this case, which is what I've seen from the
core dumps.
If any one can explain why messageDedup is not
de-allocating anything, I'd appreciate it. Any pointers
to solving this problem would help.
--
Brian Bebeau
SecurePipe, Inc.
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
