The following issue has been RESOLVED. ====================================================================== http://www.dbmail.org/mantis/view.php?id=842 ====================================================================== Reported By: bjohnson Assigned To: paul ====================================================================== Project: DBMail Issue ID: 842 Category: Authentication layer Reproducibility: always Severity: crash Priority: normal Status: resolved target: Resolution: fixed Fixed in Version: 2.2.16 ====================================================================== Date Submitted: 26-Mar-10 04:03 CET Last Modified: 15-Apr-10 09:54 CEST ====================================================================== Summary: stack smashing in usermap code Description: Original bug reported here.
http://permalink.gmane.org/gmane.mail.imap.dbmail/13033 ====================================================================== ---------------------------------------------------------------------- (0003036) lonish (reporter) - 14-Apr-10 17:41 http://www.dbmail.org/mantis/view.php?id=842#c3036 ---------------------------------------------------------------------- We have detected the same problem and behaviour with POP3 and IMAP servers on RHEL5 i386. dbmail version 2.2.15. Looks like the cause of stack smashing is too small size returned by sizeof(struct sockaddr_storage) function in case if IPv6 protocol is enabled. Our quick fix patch which has solved the problem: --- dbmail-2.2.15.orig/db.c 2010-04-14 15:20:15.000000000 +0300 +++ dbmail-2.2.15.test/db.c 2010-04-14 15:20:34.000000000 +0300 @@ -4698,7 +4698,7 @@ } else { /* get the socket the client is connecting on */ int serr; - socklen_t len = sizeof(struct sockaddr_storage); + socklen_t len = sizeof(saddr); char host[NI_MAXHOST], serv[NI_MAXSERV]; if (getsockname(fileno(ci->tx), &saddr, &len) < 0) { Thank you, Leontiy Onishchuk Fine Soft Studio ---------------------------------------------------------------------- (0003037) paul (administrator) - 15-Apr-10 09:54 http://www.dbmail.org/mantis/view.php?id=842#c3037 ---------------------------------------------------------------------- patch applied. please re-open this report if this doesn't fix the problem after all. Issue History Date Modified Username Field Change ====================================================================== 26-Mar-10 04:03 bjohnson New Issue 06-Apr-10 09:10 lemmster Issue Monitored: lemmster 14-Apr-10 16:02 lonish Note Added: 0003036 14-Apr-10 17:41 lonish Note Edited: 0003036 15-Apr-10 09:54 paul Note Added: 0003037 15-Apr-10 09:54 paul Assigned To => paul 15-Apr-10 09:54 paul Status new => resolved 15-Apr-10 09:54 paul Resolution open => fixed 15-Apr-10 09:54 paul Fixed in Version => 2.2.16 ====================================================================== _______________________________________________ Dbmail-dev mailing list Dbmail-dev@dbmail.org http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail-dev
