On Tue, Jun 14, 2016 at 11:14:12AM -0700, Andrew Fresh wrote:
> On Tue, Jun 14, 2016 at 03:07:43PM +0100, Stuart Henderson wrote:
> > On 2016/06/14 01:43, Robert Urban wrote:
> > > Hello,
> > >
> > > on my mail server running postfix + amavisd, amavisd was dying
> > > occasionally when
> > > using File::LibMagic to analyze mail messages.
> > >
> > > I can reproduce it on the server (OpenBSD the-server 5.9 GENERIC.MP#3
> > > amd64)
> > > with this Perl script:
> >
> > I don't have a fix, but the problem is that the copy of the file contents
> > that ends up in ms->search->s is not null-terminated but instead has a
> > bunch of 0xdf (the "-33 'ß'" in x/c output from gdb below), indicating
> > address space that was previously used but has been free()'d.
> >
> > I'm not sure whether it's in libmagic or p5-File-LibMagic, I'm not doing
> > very well at getting debug symbols in the perl module, it probably needs a
> > hunt starting around file_or_fd() or file_buffer() in ports/devel/libmagic..
>
>
> I believe it's something in libmagic, as I can reproduce with python2.7.
Also a problem with the `file` utility that comes with libmagic.
Unfortunately, I don't know how to get any useful debugging out of it,
everything in gdb is just "in ?? ()".
#!/bin/sh
dir=/usr/ports/pobj/libmagic-5.25/file-5.25/src/
file=$PWD/p005
LD_LIBRARY_PATH=$dir
for i in $( jot 10000 ); do
$dir/file -m $dir/../magic/Magdir/ $file > /dev/null || break
[ $(( $i % 10 )) == 0 ] && echo -n .
done
l8rZ,
--
andrew - http://afresh1.com
The 3 great virtues of a programmer: Laziness, Impatience, and Hubris.
--Larry Wall
