Date: Fri, 3 Sep 2010 10:17:07 GMT From: Frank Wall <fw@moov.de> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/150243: [PATCH] security/clamav: fix hung clamd on FreeBSD 7.1 Message-ID: <201009031017.o83AH7vZ022579@www.freebsd.org> Resent-Message-ID: <201009031020.o83AK8j2086603@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 150243 >Category: ports >Synopsis: [PATCH] security/clamav: fix hung clamd on FreeBSD 7.1 >Confidential: no >Severity: critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Fri Sep 03 10:20:08 UTC 2010 >Closed-Date: >Last-Modified: >Originator: Frank Wall >Release: 7.1-RELEASE-p8 >Organization: >Environment: FreeBSD XXX 7.1-RELEASE-p8 FreeBSD 7.1-RELEASE-p8 #0: Fri Oct 2 07:10:41 UTC 2009 root@i386-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386 >Description: Current ClamAV 0.96.2 has a bug which breaks clamd on FreeBSD 7.1: https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2235 This means current ClamAV is broken on FreeBSD 7.1 after update to version 0.96.2. Please commit the attached patch ASAP. >How-To-Repeat: 1. install security/clamav on FreeBSD 7.1 2. edit /etc/rc.conf: add clamav_clamd_enable="YES" 3. start clamd: /usr/local/etc/rc.d/clamav-clamd start Now try to connect to clamd: # /usr/local/bin/clamdtop [...] Connecting to: /var/run/clamav/clamd.sock /var/run/clamav/clamd.sock: Resource temporarily unavailable Now try to stop clamd: # /usr/local/etc/rc.d/clamav-clamd stop Stopping clamav_clamd. Waiting for PIDS: 59203, 59203, 59203, 59203 [...] (wait forever) >Fix: The ClamAV people kindly provide a patch, see attached file. My (slightly modified) patch adds two files to the port: files/patch-libclamav__bytecode.c files/patch-libclamav__bytecode2llvm.cpp Or take a look at the original patch: http://git.clamav.net/gitweb?p=clamav-devel.git;a=commitdiff_plain;h=71ca3536c4e0ed6454315a7c3ad5950ba212fbe1 Patch attached with submission follows: --- security/clamav/files/patch-libclamav__bytecode.c 1970-01-01 01:00:00.000000000 +0100 +++ security/clamav/files/patch-libclamav__bytecode.c 2010-09-03 11:59:05.000000000 +0200 @@ -0,0 +1,10 @@ +--- libclamav/bytecode.c ++++ libclamav/bytecode.c +@@ -2107,6 +2107,7 @@ static int run_selfcheck(struct cli_all_bc *bcs) + cli_bytecode_context_setfuncid(ctx, bc, 0); + + cli_dbgmsg("bytecode self test running\n"); ++ ctx->bytecode_timeout = 0; + rc = cli_bytecode_run(bcs, bc, ctx); + cli_bytecode_context_destroy(ctx); + if (rc != CL_SUCCESS) { --- security/clamav/files/patch-libclamav__bytecode2llvm.cpp 1970-01-01 01:00:00.000000000 +0100 +++ security/clamav/files/patch-libclamav__bytecode2llvm.cpp 2010-09-03 11:59:30.000000000 +0200 @@ -0,0 +1,34 @@ +--- libclamav/c++/bytecode2llvm.cpp ++++ libclamav/c++/bytecode2llvm.cpp +@@ -1637,11 +1637,15 @@ int cli_vm_execute_jit(const struct cli_all_bc *bcs, struct cli_bc_ctx *ctx, + 0 + }; + +- if ((ret = pthread_create(&thread, NULL, bytecode_watchdog, &w))) { +- errs() << "Bytecode: failed to create new thread!"; +- errs() << cli_strerror(ret, buf, sizeof(buf)); +- errs() << "\n"; +- return CL_EBYTECODE; ++ if (ctx->bytecode_timeout) { ++ /* only spawn if timeout is set. ++ * we don't set timeout for selfcheck (see bb #2235) */ ++ if ((ret = pthread_create(&thread, NULL, bytecode_watchdog, &w))) { ++ errs() << "Bytecode: failed to create new thread!"; ++ errs() << cli_strerror(ret, buf, sizeof(buf)); ++ errs() << "\n"; ++ return CL_EBYTECODE; ++ } + } + + ret = bytecode_execute((intptr_t)code, ctx); +@@ -1649,7 +1653,9 @@ int cli_vm_execute_jit(const struct cli_all_bc *bcs, struct cli_bc_ctx *ctx, + w.finished = 1; + pthread_cond_signal(&w.cond); + pthread_mutex_unlock(&w.mutex); +- pthread_join(thread, NULL); ++ if (ctx->bytecode_timeout) { ++ pthread_join(thread, NULL); ++ } + + if (cli_debug_flag) { + gettimeofday(&tv1, NULL); >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201009031017.o83AH7vZ022579>