Package: tin Version: 1:1.9.4-1 Severity: minor If tin receives 500 for both CAPABILITIES and MODE READER, it loops trying both and eventually crashes.
The cause of the crash seems to be on line 1148 of src/nntplib.c, where the check_extensions function is called recursively if both CAPABILITIES and MODE READER fail, eventually exhausting the stack space. The comment says that this is for a second attempt, but there is no check that we aren't already in the second (or the five hundreth) attempt. (Minor because this was uncovered in testing an incomplete server - I do not know how widespread servers that trigger this are in the wild. However, I do not believe a client should crash however broken the server is.) -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.29.2-ibid-1 (SMP w/2 CPU cores; PREEMPT) Locale: LANG=fi_FI.UTF-8, LC_CTYPE=fi_FI.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages tin depends on: ii debconf [debconf-2.0] 1.5.26 Debian configuration management sy ii libc6 2.9-9 GNU C Library: Shared libraries ii libcanlock2 2b-5 library for creating and verifying ii libidn11 1.14-3 GNU Libidn library, implementation ii libncursesw5 5.7+20090411-1 shared libraries for terminal hand ii libpcre3 7.8-2 Perl 5 Compatible Regular Expressi ii libuu0 0.5.20-3.1 Library for decoding/encoding seve Versions of packages tin recommends: ii postfix [mail-transport-agent 2.5.5-1.1 High-performance mail transport ag Versions of packages tin suggests: ii gnupg 1.4.9-4 GNU privacy guard - a free PGP rep ii ispell 3.1.20.0-4.4 International Ispell (an interacti ii metamail 2.7-54 implementation of MIME -- debconf information excluded -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org