http://bugzilla.spamassassin.org/show_bug.cgi?id=3924
------- Additional Comments From [EMAIL PROTECTED] 2004-10-27 13:30 ------- > Should I move this into a security ticket If you do, you and I won't get to see it :-( [Insert rant about security measures that make security more difficult]. Can't we just say that the cat is out of the bag and there isn't yet enough use of SpamAssassin under Windows to make an attack worthwhile? Regarding Justin's comment #30, I intend to put together a test case that just uses the IO::Socket and IO::Select that this issue generates. As far as I can tell it is not even a Net::DNS problem, but is in the layer under that. Fred, I can't get to that for another 10 or 12 hours, at least. If you have a chance, that might help. What I was thinking of was adding a few dbg statements in URIDNSBL.pm to capture the arguments in the calls to bgsend, bgread, and bgisready, then produce a test case which makes the same calls to bgsend, saving the sockets in a hash, then going through making the calls to bgisready and bgread. If we are lucky it will demonstrate the crash. Then we can just use the appropriate IO::Socket and IO::Select calls to demonstrate the peoblem with Net::DNS being involved. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
