Hi,
I am testing libclamav on a FreeBSD RELENG_4 host and am seeing very odd
behaviour with the library. Once scanning is completed and the trie is freed, a
call to exit(3) causes a segmentation violation.
Using this source which does nothing except call libclamav functions:
int main (int ac, char **av) {
int rc;
char *virus;
struct cl_node *root = NULL;
struct cl_limits limits;
/* Load clamav databases */
if ((rc = cl_loaddbdir(cl_retdbdir(), &root, NULL)) != 0) {
printf("Unable to load virus definitions: %s", cl_perror(rc));
exit(EX_SOFTWARE);
}
/* Create trie */
cl_buildtrie(root);
/* Scan the file */
limits.maxfiles = 100;
limits.maxfilesize = 50 * 1048756;
limits.maxreclevel = 16;
rc = cl_scanfile(av[1], &virus, NULL, root, &limits, CL_ARCHIVE);
/* Report results to log and client */
switch (rc) {
case CL_CLEAN:
printf("2 No infection found.\r\n");
break;
case CL_VIRUS:
printf("5 Infection found [%s].\r\n", virus);
break;
default:
printf("4 Scanning error. See server logs.\r\n", cl_perror(rc));
break;
}
/* Release the trie */
cl_freetrie(root);
exit(EX_OK);
}
and compiling with:
gcc -g -Wall -I/usr/local/include -L/usr/local/lib -o clscan clscan.c -lclamav
causes a segfault:
[EMAIL PROTECTED]:[clscan] (140) # ./clscan ~ollie/eicar.com
5 Infection found [Eicar-Test-Signature].
Segmentation fault (core dumped)
The backtrace is not very revealing I'm afraid:
(gdb) bt
#0 0x280f7da4 in .cerror () from /usr/lib/libc.so.4
#1 0x2818ccbf in _exit () from /usr/lib/libc_r.so.4
#2 0x280f7ca3 in exit () from /usr/lib/libc.so.4
#3 0x8048755 in main (ac=1, av=0xbfbffac0) at clscan.c:56
The compiler generates the following warnings during compilation, but I don't
think they're necessarily anything to worry about:
/usr/lib/libc_r.so.4: WARNING! setkey(3) not present in the system!
/usr/lib/libc_r.so.4: warning: this program uses gets(), which is unsafe.
/usr/lib/libc_r.so.4: warning: mktemp() possibly used unsafely; consider using
mkstemp()
/usr/lib/libc_r.so.4: WARNING! des_setkey(3) not present in the system!
/usr/lib/libc_r.so.4: WARNING! encrypt(3) not present in the system!
/usr/lib/libc_r.so.4: warning: tmpnam() possibly used unsafely; consider using
mkstemp()
/usr/lib/libc_r.so.4: warning: this program uses f_prealloc(), which is not
recommended.
/usr/lib/libc_r.so.4: WARNING! des_cipher(3) not present in the system!
/usr/lib/libc_r.so.4: warning: tempnam() possibly used unsafely; consider using
mkstemp()
I'm a bit confused as to why the segfault might be occurring during exit(3).
Has anyone else seen this behaviour before? The host is running FreeBSD
4.9-PRERELEASE and I have reproduced the problem with the same code on FreeBSD
4.5-RELEASE. They are both running clamav-0.60.
Any pointers on how to track down this problem would be gratefully received (or
indeed a pointer to my own mistake!).
Thanks.
Yours,
Ollie
--
Oliver Cook Systems Administrator, Claranet UK
[EMAIL PROTECTED] 020 7903 3065
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users
