Out Of Memory (C++ Exception)
JKFischer opened this issue · 8 comments
I have multiple PCs that are throwing this. I had been using 1.2.19.0. I tried with 2.0.2.4 and get the same results. I've run it both with and without /lowpriority. I restarted the PC before running. No .OUT file is created. I've saved the minidump file, if it is needed.
PC Info per WMIC:
Model TotalPhysicalMemory
Precision 3650 Tower 34067255296
DeviceID DriveType FreeSpace ProviderName Size VolumeName
C: 3 885631496192 1021365448704 OS
STATUS.TXT
Scan Start: 2022-01-06T04:53:57-0500
Run status : Failed
Unhandled Exception Detected - Reason: Out Of Memory (C++ Exception) (0xe06d7363) at address 0x00007FF9C24B4F69
Creating minidump file C:\ITSTemp\01062022501400153.mdmp with crash details.
How large is the Minidump file? I would like to get my hands on it.
Not that large. I've attached it here.
01062022501400153.zip
So, it appears we are choking on the following file:
C:\ProgramData\SafeNet Sentinel\Sentinel RMS Development Kit\System\prsgrc.tgz
Apparently, the tar library we are using takes an odd turn if the file size of the uncompressed tarball stream is less than 512 bytes. It starts computing an MD5 hash.
Everything on the stack after that is junk. The crash occurs because tarlib is attempting to allocate memory for a std::string which it was going to stuff with a huge chunk of binary data.
How large is the C:\ProgramData\SafeNet Sentinel\Sentinel RMS Development Kit\System\prsgrc.tgz on your disk?
Really tiny. The folder it is in gets installed with IBM SPSS Statistics 28.0.0.0. IBM has a patch for SPSS that brings it to 28.0.1 and fixes the vulnerability, but we haven't deployed it yet.
Should be fixed with this release: https://github.com/Qualys/log4jscanwin/releases/tag/2.0.2.7
Downloaded new version and ran it against offending PCs. Worked like a charm. Thanks, Rom.