You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2004/08/22 18:27:21 UTC

[Bug 3712] New: High mem useage with many newlines (> 10'000)

http://bugzilla.spamassassin.org/show_bug.cgi?id=3712

           Summary: High mem useage with many newlines (> 10'000)
           Product: Spamassassin
           Version: unspecified
          Platform: Other
        OS/Version: other
            Status: NEW
          Severity: critical
          Priority: P1
         Component: spamassassin
        AssignedTo: spamassassin-dev@incubator.apache.org
        ReportedBy: mbr@freebsd.org


I'm using RC1 of spamassassin 3.0 and have observed that spamassassin does
allocate over 100MB memory if a mail contains many newlines (20'000 - 40'000).
With 60'000 newlines it consumes even over 200MB ram. If a attack has a bunch
of such mails it can lead to heavy swapping and cause slow or even crashing
system.

Unfortunalty it seems that spammers are now using this trick.

SA should crush the input by stripping every blank line after the first
two in a group (in other words, if it finds more than 3 consecutive
newlines, it should delete newlines 4 to N).  This would solve the
problem, and shouldn't change any rule hits.

Martin



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.