system
25
Well, 7126 emails later (with 147 infected files moved to the avast “chest”) I think I found an email message that causes the bufferrun!
It appears to have at least two malfomed headers and I was able to crash avast twice while attempting to download this specific message.
On first glance at the source of the message the problem did not jump out at me but by using a hex-editor I saw lots of trailing spaces in the boundary header line and also a weird line after the Status: header.
I zipped up the mail message (two copies downloaded a few minutes apart, each time crashing avast. I had to reboot between crashes to get the avast Internet Mail provider to start and crash again.)
Vlk, I am sending you an email with the files in a zip. I hope this can help fix the problem. Both messages are identical and display ok in Thunderbird and Outlook Express so the mail clients appear to be more forgiving of the malformed headers then the avast parser. I imagine that the other crashes we have had leading up to this did not necessarily have the identical flaws that this one has but it should help the programmers to figure out how to deal with non RFC headers and try and deal with incorrectly formatted messages.
The message that caused the crash had no attachments and just basic html in the body.
Thanks LeLe for hanging in there and keeping this thread going. I kind of feel bad about this thread popping to the top of the board whenever I post because I do not want folks to think the avast is fatally flawed. I like the program so much I just felt I had to do my best to help identify the problem so that it can be fixed.
Looking forward to the programmers’ analysis and hope this helps produce a “fix” for the problem. (I sure hope you can repeat the crash with the files I am sending!)
Sean D