HIPS scanner causes buffer overrun


I have just installed the new public release of CAVS 2.0 after uninstalling the previous version (CAVS 1.1). It seems to be working well besides the User’s profiling Dialog (UPSDbMaker.exe) that keeps crashing after scanning for a little while with the following error message:

[i]Microsoft Visual C++ Runtime Library

Buffer overrun detected!

Program : …\UpSDbMaker.exe

A buffer overrun has benn detected which has corrupted the program’s internal state. The program cannot safely continue execution and must now be terminated.[/i]

So I decided to disable the HIPS application control to avoid problem with this incomplete scan but I would like to get it to work. Any idea about a potential solution to this problem?



I installed 2 machines yesterday without this issue. If you are coming from 1.1 you might have some bits left that are causing problems with the 2.x installation. I recommend the uninstall utility on this forum it worked wonders on my second machine, hat is getting rid of 1.1. You might also try a reinstall of the 2.x revision in case we have some missing parts in there from a bad download or a bad installation.

The other question is what are your specs, system O/S,cpu, memory those might be helpful. I think there is also a log file you can send though I am not sure were that is kept myself atm.

Hi beletteitr,
Even though UPSDbMaker.exe does not run, you can enjoy with HIPS functionality without any problem. In this case, you may feel bit slower bootup or application opening for first time.

But, still we want to find out the reason for UPSDbMaker.exe crash. Does it crash on any specific file? To recheck, you can run UPSDBMaker.exe from Comodo AntiVirus folder.

You can save the trouble shootlog from Settings->Reports->Troubleshoot Log → Save Log. Pls upload/submit troubleshoot log for UPSDBMaker.exe.

2. UPSDBMakerErrorLog.zip


Hi everyone!

I finally found the source of my problem. Based on the log, I noticed that the problem always occured on the same file. Once I deleted that file, the problem just started on the next file in the same folder. I finally solved the problem by renaming the folder with a shorter folder name and it passed without a problem. (it was a folder with archive files so I have been able to do that without causing any conflict, avoid that if you’ve got a folder with executable files in)

I would suspect the problem to be related to some accentuated characters in the path name that might make that path name to be interpreted as being longer than it actually is by the scanner program. I did not remove the accentuated characters to make it pass, I just made the folder name shorter and it worked.

Thanks for your support! (:WAV)