[clamav-users] Memory allocation issue
Paul Netpresto
paul at netpresto.co.uk
Tue Mar 14 22:37:44 UTC 2023
Hello
Currently using Clamav 0.103.8 and I am looking at Clamav 1.0.1 as our
next LTS service.
I have one small custom .wdb file which works fine with 0.103.8 and
earlier versions.
However this .wdb will not play with 1.0.1 and produces
root at myhouse:/home/paule# /usr/local/bin/clamscan --debug -d
/etc/clamav/phishing/spoofwhitelist.wdb clam-v3.rar
LibClamAV debug: searching for unrar, user-searchpath: /usr/local/lib
LibClamAV debug: unrar support loaded from
/usr/local/lib/libclamunrar_iface.so.11.0.0
LibClamAV debug: Initialized 1.0.1 engine
LibClamAV debug: Initializing phishcheck module
LibClamAV debug: Phishcheck: Compiling regex: ^
*(http|https|ftp:(//)?)?[0-9]{1,3}(\.[0-9]{1,3}){3}[/?:]? *$
LibClamAV debug: Phishcheck module initialized
LibClamAV debug: Bytecode initialized in interpreter mode
LibClamAV debug: Loading regex_list
LibClamAV Warning: cli_realloc(): File or section is too large to scan
(0 bytes)
. For your safety, ClamAV limits how much memory an
operation can allocate to 1073741824 bytes
LibClamAV Error: Can't load /etc/clamav/phishing/spoofwhitelist.wdb:
Can't allocate memory
ERROR: Can't allocate memory
LibClamAV debug: Cleaning up phishcheck
LibClamAV debug: Freeing phishcheck struct
LibClamAV debug: Phishcheck cleaned up
If I replace spoofwhitelist.wdb (33 sigs) with daily.wdb there is no
memory allocation issue error. So no doubt something in my file is
initiating the problem on 1.0.1
Any pointers welcome
Paul
More information about the clamav-users
mailing list