Possible DoS in file 4.20
Kimmo Suominen
kimmo at global-wire.fi
Wed Apr 4 10:54:22 EEST 2007
Forwarding -- he is not subscribed to the list.
----- Forwarded message from file-bounces at mx.gw.com -----
From: file-bounces at mx.gw.com
To: file-owner at mx.gw.com
Date: Wed, 04 Apr 2007 10:29:25 +0300
Message-ID: <mailman.1.1175671765.4812.file at mx.gw.com>
Subject: Forward of moderated message
From: Noah Baker <noah at lsit.ucsb.edu>
To: file at mx.gw.com
Date: Tue, 03 Apr 2007 09:13:46 -0700
Message-ID: <34794F3D7339657B4FB40FB3 at bort.lsit.ucsb.edu>
Subject: Possible DoS in file 4.20
I've just upgraded file (used in conjunction with amavisd-new) to 4.20 on
my Gentoo Linux mail server, and it appears to have opened up a new DoS.
The offending files are text files containing 2.7 million linefeed
characters. Hexdump output:
00000000 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a
|................|
*
002a6450 0a 0a |..|
002a6452
The files run through file 4.19 without a problem, but with file 4.20
processing takes ~10 minutes at 100% cpu on an unloaded machine.
Has anyone else seen this yet? Can others replicate it? Anyone have a
suggested fix?
Noah Baker
Systems Administrator
noah at lsit.ucsb.edu
----- End forwarded message -----
More information about the File
mailing list