[sanesecurity] Re: winnow_phish_complete is now invalid clamav db
- From: "tonio@xxxxxxxxxxxxxx" <tonio@xxxxxxxxxxxxxx>
- To: sanesecurity@xxxxxxxxxxxxx
- Date: Fri, 23 Oct 2009 18:04:54 +0200
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
tonio a écrit :
> Quoting Gerard <gerard@xxxxxxxxxxxxx>:
>
>> On Fri, 23 Oct 2009 13:05:38 +0200 tonio@xxxxxxxxxxxxxx
>> <tonio@xxxxxxxxxxxxxx> replied:
>>
>> [snip]
>>
>>> i've compile devel version : ClamAV
>>> devel-r5076-315-g6e246c1/9930/Fri Oct 23 04:00:24 2009
>>>
>>> it's appears to be even worse. I've deleted all signature
>>> directory and restart from fresh ones. Clamd lods well with
>>> main.cvd as usual
>>>
>>> but with other signature here the output:
>>>
>>> clamd LibClamAV Error: mpool_malloc(): Attempt to allocate
>>> 1048576 bytes. Please report to http://bugs.clamav.net
>>> LibClamAV Error: cli_ac_addpatt: Can't realloc ac_pattable
>>> LibClamAV Error: cli_parse_add(): Problem adding signature (3).
>>> LibClamAV Error: Problem parsing database at line 83031
>>> LibClamAV Error: Can't load
>>> /var/lib/clamav/INetMsg-SpamDomains-2m.ndb: Malformed database
>>> ERROR: Malformed database mx1:/var/lib/clamav# rm
>>> INetMsg-SpamDomains-2m.ndb
>>>
>>> mx1:/var/lib/clamav# clamd LibClamAV Error: mpool_malloc():
>>> Attempt to allocate 1048576 bytes. Please report to
>>> http://bugs.clamav.net LibClamAV Error: cli_ac_addpatt: Can't
>>> realloc ac_pattable LibClamAV Error: cli_parse_add(): Problem
>>> adding signature (3). LibClamAV Error: Problem parsing database
>>> at line 4148 LibClamAV Error: Can't load
>>> /var/lib/clamav/scam.ndb: Malformed database
>>> mx1:/var/lib/clamav# rm scam.ndb
>>>
>>> mx1:/var/lib/clamav# clamd LibClamAV Error: mpool_malloc():
>>> Attempt to allocate 1048576 bytes. Please report to
>>> http://bugs.clamav.net LibClamAV Error: cli_ac_addpatt: Can't
>>> realloc ac_pattable LibClamAV Error: cli_parse_add(): Problem
>>> adding signature (1). LibClamAV Error: Problem parsing database
>>> at line 275 LibClamAV Error: Can't load
>>> /var/lib/clamav/spear.ndb: Malformed database ERROR: Malformed
>>> database mx1:/var/lib/clamav# rm spear.ndb
>>>
>>> mx1:/var/lib/clamav# clamd LibClamAV Error: mpool_malloc():
>>> Attempt to allocate 1048576 bytes. Please report to
>>> http://bugs.clamav.net LibClamAV Error: cli_ac_addpatt: Can't
>>> realloc ac_pattable LibClamAV Error: cli_parse_add(): Problem
>>> adding signature (3). LibClamAV Error: Problem parsing database
>>> at line 792 LibClamAV Error: Can't load
>>> /var/lib/clamav/winnow_phish_complete.ndb: Malformed database
>>> ERROR: Malformed database mx1:/var/lib/clamav# rm
>>> winnow_phish_complete.ndb mx1:/var/lib/clamav# clamd
>>>
>>> clamd finally start but if i've stop and restart, it will
>>> complain in the same way about other sigs
>>
>> 1) Insure that you have the current version installed and that it
>> is in fact the one being run. You might have multiple versions
>> available.
>
> already done.
>
>>
>> 2) Please print you OS and version, memory, CPU, etc.
>
> see below
>>
>> 3) Depending on your OS, you might be able to use 'meminfo' to
>> determine you free memory. Different systems use different
>> methods.
>>
>> -- Gerard gerard@xxxxxxxxxxxxx
>>
>> |::::======= |::::======= |=========== |=========== |
>>
>> I have that old biological urge, I have that old irresistible
>> surge, I'm hungry.
>>
>>
>>
>
>
> cat /proc/meminfo MemTotal: 3980732 kB MemFree:
> 796620 kB Buffers: 64800 kB Cached: 609052 kB
> SwapCached: 320904 kB Active: 2084928 kB Inactive:
> 958232 kB Active(anon): 1614448 kB Inactive(anon): 787092 kB
> Active(file): 470480 kB Inactive(file): 171140 kB
> Unevictable: 0 kB Mlocked: 0 kB SwapTotal:
> 12289640 kB SwapFree: 11633700 kB Dirty: 40 kB
> Writeback: 0 kB AnonPages: 2211408 kB Mapped:
> 22912 kB Slab: 93876 kB SReclaimable: 68856 kB
> SUnreclaim: 25020 kB PageTables: 24080 kB
> NFS_Unstable: 0 kB Bounce: 0 kB
> WritebackTmp: 0 kB CommitLimit: 14280004 kB
> Committed_AS: 4917460 kB VmallocTotal: 34359738367 kB
> VmallocUsed: 39140 kB VmallocChunk: 34359682407 kB
> DirectMap4k: 4096 kB DirectMap2M: 4179968 kB
>
>
>
> cat /proc/cpuinfo processor : 0 vendor_id :
> GenuineIntel cpu family : 6 model : 23 model name
> : Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz stepping :
> 6 cpu MHz : 2997.000 cache size : 6144 KB physical id
> : 0 siblings : 2 core id : 0 cpu cores : 2
> apicid : 0 initial apicid : 0 fpu : yes
> fpu_exception : yes cpuid level : 10 wp : yes
> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr
> pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm
> pbe syscall nx lm constant_tsc arch_perfmon pebs bts rep_good pni
> dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm sse4_1
> lahf_lm tpr_shadow vnmi flexpriority bogomips : 5999.39
> clflush size : 64 cache_alignment : 64 address sizes : 36 bits
> physical, 48 bits virtual power management:
>
> processor : 1 vendor_id : GenuineIntel cpu family
> : 6 model : 23 model name : Intel(R) Core(TM)2 Duo
> CPU E8400 @ 3.00GHz stepping : 6 cpu MHz :
> 2997.000 cache size : 6144 KB physical id : 0 siblings
> : 2 core id : 1 cpu cores : 2 apicid : 1
> initial apicid : 1 fpu : yes fpu_exception : yes
> cpuid level : 10 wp : yes flags : fpu
> vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36
> clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx lm
> constant_tsc arch_perfmon pebs bts rep_good pni dtes64 monitor
> ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm sse4_1 lahf_lm
> tpr_shadow vnmi flexpriority bogomips : 5999.79 clflush size
> : 64 cache_alignment : 64 address sizes : 36 bits physical, 48
> bits virtual power management:
>
>
>
> Linux mx1.eole-its.com 2.6.28.4-xxxx-std-ipv4-64 #2 SMP Wed Feb 18
> 16:34:21 UTC 2009 x86_64 GNU/Linux
>
> debian testing
>
>
>
i've notice this problem only occurs on 64 bits platform.
All my 32 bit servers work fine with all signatures.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkrh1CYACgkQ8FtMlUNHQINzIgCguworx/NRxOiCEEJGfX7jYXLn
cBcAn04O2V037DY8cw4bevnxHer2ZQa6
=VeTg
-----END PGP SIGNATURE-----
Other related posts:
