A NOTE has been added to this issue. ====================================================================== http://www.dbmail.org/mantis/view.php?id=628 ====================================================================== Reported By: dimonic Assigned To: paul ====================================================================== Project: DBMail Issue ID: 628 Category: IMAP daemon Reproducibility: random Severity: major Priority: normal Status: feedback target: ====================================================================== Date Submitted: 16-Jul-07 21:12 CEST Last Modified: 11-Sep-07 16:34 CEST ====================================================================== Summary: Corrupted e-mail Description: Below is the text of a corrupted e-mail. It appears this way in dbmail_messageblks.
Be Inspired f' ====================================================================== ---------------------------------------------------------------------- paul - 18-Jul-07 22:22 ---------------------------------------------------------------------- I need to pin the exact release or revision that introduced this problem. Is it related to bug http://www.dbmail.org/mantis/view.php?id=624? ---------------------------------------------------------------------- dimonic - 18-Jul-07 23:57 ---------------------------------------------------------------------- This issue is /not/ exclusive to forwarded e-mails (as in bug 624), but happend on inbound e-mails from normally reliable sources. Also, my strings | grep of the broken attachments does not reveal sql statements like in this case, ---------------------------------------------------------------------- paul - 19-Jul-07 09:42 ---------------------------------------------------------------------- Dominic, I understand, but am I correct in assuming 2.2.5-rc2 did *not* have this problem? I've been doing a bisect on the changes since rc2 and I've already discovered some problematic changes, but I need to know if I should go back further in time. ---------------------------------------------------------------------- dimonic - 31-Jul-07 15:53 ---------------------------------------------------------------------- We are not experiencing this problem with 2.2.5rc2 (or at least it has not been reported to me). ---------------------------------------------------------------------- dimonic - 01-Aug-07 17:11 ---------------------------------------------------------------------- A user has just complained that she is still getting incomplete messages. It might be a clue that the messages are in Portugese (on my ut8 system) 2.2.5+2.2.6rc1-1. Here is the message with header info: Received: from mail.lbs.ca (localhost [127.0.0.1]) by mail.lbs.ca (Postfix) with ESMTP id 79D7A768054 for ; Tue, 31 Jul 2007 10:08:55 -0400 (EDT) X-Spam-Checker-Version: SpamAssassin 3.1.7-deb (2006-10-05) on mail.peerlesstravel.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=MSGID_FROM_MTA_HEADER autolearn=failed version=3.1.7-deb Received: from bay0-omc2-s38.bay0.hotmail.com (bay0-omc2-s38.bay0.hotmail.com [65.54.246.174]) by mail.lbs.ca (Postfix) with ESMTP id 43B18768035 for ; Tue, 31 Jul 2007 10:07:55 -0400 (EDT) Received: from hotmail.com ([65.54.175.34]) by bay0-omc2-s38.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668); Tue, 31 Jul 2007 07:07:54 -0700 Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Tue, 31 Jul 2007 07:07:54 -0700 Message-ID: Received: from 65.54.175.200 by by104fd.bay104.hotmail.msn.com with HTTP; Tue, 31 Jul 2007 14:07:51 GMT X-Originating-IP: [74.100.195.156] X-Originating-Email: [EMAIL PROTECTED] X-Sender: [EMAIL PROTECTED] From: "Vanuza Oliveira" To: [EMAIL PROTECTED] Subject: Preco de passagens Date: Tue, 31 Jul 2007 10:07:51 -0400 X-OriginalArrivalTime: 31 Jul 2007 14:07:54.0183 (UTC) FILETIME=[30398570:01C7D37C] Return-Path: "Vanuza Oliveira" MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1; format=flowed Olaaaa Ficaria mto grata se vcs pudessem me passar precos de passagens para o Brasil...com saida entre 15 It was abruptly terminated at "entre 15", there should be more content after that point. The complete message would have continued with an accented 'a' character. It is interesting that I cannot paste the message, I get the same truncation effect when I click "Update Information". It seems to be a code page problem. Although I can read the message in Hotmail in the same browser, ---------------------------------------------------------------------- dimonic - 14-Aug-07 19:10 ---------------------------------------------------------------------- Below is an example of one type of corruption experienced. What should be seen is an attachment in pdf format. What occurs appears to be some random binary data interspersed with sql statements. This suggests some kind of buffer overflow is happening, and some dbmail code is being inserted into the database. ---start of corrupted e-mail--- This e-mail was auto-generated by Air Canada Vacations. The attachment contains information pertaining to a new or revised transaction between Air Canada Vacations and your organization. Should you have any questions or comments regarding this e-mail, please help us to appropriately direct your inquiry by contacting us as outlined in the attached document. Thank you for your cooperation. This document requires Adobe Acrobat Reader. If you cannot open this document, please download the required software from: http://www.adobe.com/products/acrobat/readstep2_allversions.html Le pr+ ---------------------------------------------------------------------- dimonic - 14-Aug-07 19:11 ---------------------------------------------------------------------- Once again (as in the above note) this bug-tracker ignores certain special characters, so I cannot paste the info here. I will try attaching instead ---------------------------------------------------------------------- paul - 25-Aug-07 16:52 ---------------------------------------------------------------------- Dominic, could you please upload a dump of the messageblks involved? I'm starting to think this corruption doesn't happen during insertion, but rather during retrieval. ---------------------------------------------------------------------- paul - 26-Aug-07 10:27 ---------------------------------------------------------------------- Dominic, I've located a possible source of the memory corruption, and committed the change. But I still need the info I requested earlier. thanks. ---------------------------------------------------------------------- paul - 03-Sep-07 20:39 ---------------------------------------------------------------------- Without further feedback this issue will be closed. Please re-open if this turns out to be premature. ---------------------------------------------------------------------- dimonic - 10-Sep-07 19:08 ---------------------------------------------------------------------- I was on my honeymoon for the last two weeks, and so unable to read or post further. I have mentioned (in very first bug posting) that the truncation is in the messageblks, and therefore not happening during the extraction process. I will find some instances of both the truncation and the corruption (interspersed SQL code) and post them. Are you using some mozilla project code? That also seems to posess the character set/truncation problem. ---------------------------------------------------------------------- dimonic - 11-Sep-07 16:34 ---------------------------------------------------------------------- There may be two distinct bugs. The bug which causes insertion of SELECT statements into viewed messages seems specific to mozilla based clients (SeaMonkey and Thunderbird). It would however appear to be a dbmail bug, since there should be no way to retrieve program code from an IMAP server. I am here including what Sea Monkey saw when I retrieved the message whose messageblk I uploaded just now. Issue History Date Modified Username Field Change ====================================================================== 16-Jul-07 21:12 dimonic New Issue 16-Jul-07 22:10 paul Relationship added related to 0000624 18-Jul-07 22:22 paul Note Added: 0002296 18-Jul-07 23:57 dimonic Note Added: 0002298 19-Jul-07 09:42 paul Note Added: 0002299 29-Jul-07 22:50 paul Assigned To => paul 29-Jul-07 22:50 paul Status new => feedback 31-Jul-07 15:53 dimonic Note Added: 0002315 01-Aug-07 14:46 dimonic Note Added: 0002316 01-Aug-07 16:31 dimonic Note Edited: 0002316 01-Aug-07 17:07 dimonic Note Edited: 0002316 01-Aug-07 17:10 dimonic Note Edited: 0002316 01-Aug-07 17:11 dimonic Note Edited: 0002316 05-Aug-07 16:11 nethzt Issue Monitored: nethzt 14-Aug-07 19:10 dimonic Note Added: 0002323 14-Aug-07 19:11 dimonic Note Added: 0002324 14-Aug-07 19:12 dimonic File Added: e-mail.txt 25-Aug-07 16:52 paul Note Added: 0002329 26-Aug-07 10:23 paul Relationship deleted related to 0000624 26-Aug-07 10:27 paul Note Added: 0002331 03-Sep-07 20:39 paul Note Added: 0002351 03-Sep-07 20:39 paul Status feedback => resolved 03-Sep-07 20:39 paul Resolution open => fixed 03-Sep-07 20:39 paul Fixed in Version => 2.2.6 10-Sep-07 19:08 dimonic Status resolved => feedback 10-Sep-07 19:08 dimonic Resolution fixed => reopened 10-Sep-07 19:08 dimonic Note Added: 0002362 11-Sep-07 16:30 dimonic File Added: email-messageblk.txt 11-Sep-07 16:34 dimonic Note Added: 0002364 ====================================================================== _______________________________________________ Dbmail-dev mailing list Dbmail-dev@dbmail.org http://twister.fastxs.net/mailman/listinfo/dbmail-dev