You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2004/12/04 00:06:41 UTC
[Bug 4017] New: Infinite loop
http://bugzilla.spamassassin.org/show_bug.cgi?id=4017
Summary: Infinite loop
Product: Spamassassin
Version: 3.0.0
Platform: Other
OS/Version: other
Status: NEW
Severity: critical
Priority: P1
Component: spamassassin
AssignedTo: dev@spamassassin.apache.org
ReportedBy: pobox@rgrs.com
Spamassassin v3.0.0 appears to be using an excessive amount
of open file descriptors for dns use. This is likely a bug.
The exact amount depends on the message being processed.
For example, the particular spam I've been testing with
below needs at least 97 open fds to successfully complete.
The process limit is 64.
Once you hit the fd limit, there's the potential of getting
stuck in an infinite loop (i.e. some code continuely retries
opening a file on errno "too many open files").
You can tell if you've hit this bug by the following error
in your procmail log:
procmail: Rescue of unfiltered data succeeded
procmail: Timeout, terminating "/usr/local/bin/spamassassin.new"
procmail: Kernel-lock failed
procmail: Kernel-unlock failed
Here's a patch:
*** /usr/local/test-sa/lib/site_perl/5.8.0/Mail/SpamAssassin/Util.pm Mon Sep 13
19:34:05 2004
--- Mail/SpamAssassin/Util.pm Fri Dec 3 15:31:59 2004
***************
*** 724,766 ****
###########################################################################
- # thanks to http://www2.picante.com:81/~gtaylor/autobuse/ for this
- # code.
sub secure_tmpfile {
! my $tmpdir = Mail::SpamAssassin::Util::untaint_file_path(
! File::Spec->tmpdir()
! );
! if (!$tmpdir) {
! die "Cannot find a temporary directory! set TMP or TMPDIR in env";
! }
! my ($reportfile,$tmpfile);
! my $umask = umask 077;
! do {
# we do not rely on the obscurity of this name for security...
# we use a average-quality PRG since this is all we need
! my $suffix = join ('',
! (0..9, 'A'..'Z','a'..'z')[rand 62,
! rand 62,
! rand 62,
! rand 62,
! rand 62,
! rand 62]);
! $reportfile = File::Spec->catfile(
! $tmpdir,
! join ('.',
! "spamassassin",
! $$,
! $suffix,
! "tmp",
! )
! );
# ...rather, we require O_EXCL|O_CREAT to guarantee us proper
# ownership of our file; read the open(2) man page.
! } while (! sysopen ($tmpfile, $reportfile, O_RDWR|O_CREAT|O_EXCL, 0600));
! umask $umask;
! return ($reportfile, $tmpfile);
}
###########################################################################
--- 724,766 ----
###########################################################################
sub secure_tmpfile {
! my ($reportfile, $suffix, $tmpdir, $tmpfile, $umask);
! my $count = 0;
!
! $tmpdir = Mail::SpamAssassin::Util::untaint_file_path(File::Spec->tmpdir)
! or die "Cannot find a temporary directory! set TMP or TMPDIR in env";
!
! $umask = umask 077;
! while (1) {
# we do not rely on the obscurity of this name for security...
# we use a average-quality PRG since this is all we need
! $suffix = join ('', (0..9,'A'..'Z','a'..'z')[rand 62,
! rand 62,
! rand 62,
! rand 62,
! rand 62,
! rand 62]);
! $reportfile = File::Spec->catfile($tmpdir, join('.',
! "spamassassin",
! $$,
! $suffix,
! "tmp"));
! die "Problem creating temporary file" if ++$count > 100_000;
!
! next if -e $reportfile;
!
# ...rather, we require O_EXCL|O_CREAT to guarantee us proper
# ownership of our file; read the open(2) man page.
! sysopen $tmpfile, $reportfile, O_RDWR|O_CREAT|O_EXCL, 0600
! or die "Cannot create temporary file \"$reportfile\": $!";
!
! last;
! }
! umask $umask;
! return($reportfile, $tmpfile);
}
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4017] Infinite loop
Posted by bu...@bugzilla.spamassassin.org.
http://bugzilla.spamassassin.org/show_bug.cgi?id=4017
------- Additional Comments From pobox@rgrs.com 2004-12-03 15:15 -------
Created an attachment (id=2546)
--> (http://bugzilla.spamassassin.org/attachment.cgi?id=2546&action=view)
here's the patch
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4017] Infinite loop
Posted by bu...@bugzilla.spamassassin.org.
http://bugzilla.spamassassin.org/show_bug.cgi?id=4017
------- Additional Comments From spamassassin-contrib@msquadrat.de 2004-12-03 15:47 -------
Please use the unified format (diff -u) to create the patch. Thanks.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 4017] Infinite loop
Posted by bu...@bugzilla.spamassassin.org.
http://bugzilla.spamassassin.org/show_bug.cgi?id=4017
------- Additional Comments From spamassassin-contrib@msquadrat.de 2004-12-03 15:48 -------
*** Bug 4016 has been marked as a duplicate of this bug. ***
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.