Bug Tracker item #2823000, was opened at 2009-07-17 13:01
Message generated for change (Comment added) made by sbajic
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=1126467&aid=2823000&group_id=250683
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: None
Group: v3.9.0
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: Carlo Rodrigues (csmr)
Assigned to: Stevan Bajic (sbajic)
Summary: dspam generates a SIGSEGV when users do not have a '@'
Initial Comment:
When processing or classyfing mail for users that do not have a @, dspam
crashes and generates a SIGSEGV.
$ dspam --process --user x...@domain --stdout --deliver=summary < email.eml
X-DSPAM-Result: x...@domain; result="Innocent"; class="Innocent";
probability=0.0023; confidence=1.00; signature=8,4a605763133761002958514
$ dspam --process --user xpto --stdout --deliver=summary < email.eml
Segmentation fault
I made a patch that I've been using for 9 months now and it's been working ok
since then.
----------------------------------------------------------------------
>Comment By: Stevan Bajic (sbajic)
Date: 2009-07-28 15:50
Message:
Hallo Carlo,
I can't reproduce this on my end. No matter what I do. Anyway.... I can
read the code and see why the error could happen.
The original code checks for those conditions:
001 !strcmp (user, username)
002 !strcmp(user, "*")
003 (!strncmp(user, "*@", 2) && !strcmp(user+1, strchr(username,'@')))
001 checks if user (from the group definition) is equal to current user
[true/false]
002 checks if user (from the group definition) is equal to "*"
[true/false]
003 checks all the conditions below (AND):
001) if first 2 characters from user (from the group definition) is
equal to "*@" [true/false]
002) if after 1st character from user (from the group definition) is
equal to all the characters after "@" in the username [true/false]
The problem is now that on 003 the 2nd check (003.002) could result in
"strchr(username,'@')" to be NULL and passing NULL to strcmp is something
not good. So the additional check you added does check that first and
ensures that no NULL is passed to strchr.
I would however like to change the above condition/extend your condition
to be case insensive:
if (
strcasecmp(user, username) == 0 ||
strcmp(user, "*") == 0 ||
(strncmp(user, "*@", 2) == 0 && strchr(username, "@") != NULL &&
strcasecmp(user+1, strchr(username, "@")) == 0)
)
Any objection from your part?
Kind Regards from Switzerland
Stevan Bajic
----------------------------------------------------------------------
Comment By: Carlo Rodrigues (csmr)
Date: 2009-07-28 14:25
Message:
Yes, but it happens with any name without @. Existent or non-existent.
----------------------------------------------------------------------
Comment By: Stevan Bajic (sbajic)
Date: 2009-07-28 14:16
Message:
Hallo Carlo
I see it now. It's a group name. Sorry.
Kind Regards from Switzerland
Stevan Bajic
----------------------------------------------------------------------
Comment By: Stevan Bajic (sbajic)
Date: 2009-07-28 14:07
Message:
Hallo Carlo
Is the user "internet" a valid DSPAM user on your setup?
Kind Regards from Switzerland
Stevan Bajic
----------------------------------------------------------------------
Comment By: Carlo Rodrigues (csmr)
Date: 2009-07-28 13:14
Message:
Hey, Stevan.
Yes, latest git still has the same issue. I'm going to attach my
dspam.conf,
my $DSPAM_HOME/group:
internet:shared,managed:*
[email protected]:shared,managed:*[email protected]
$ dspam --process --user internet --stdout --deliver=summary < email.eml
Segmentation fault
$ dspam --version
DSPAM Anti-Spam Suite GIT (agent/library)
Copyright (c) 2002-2009 DSPAM Project
http://dspam.sourceforge.net.
DSPAM may be copied only under the terms of the GNU General Public
License,
a copy of which can be found with the DSPAM distribution kit.
Configuration parameters: '--prefix=/usr' '--with-logdir=/var/log/dspam'
'--with-dspam-home=/var/dspam' '--with-dspam-home-mode=2775'
'--with-dspam-home-owner=dspam' '--with-dspam-home-group=dspam'
'--with-dspam-mode=0755' '--with-dspam-owner=dspam'
'--with-dspam-group=dspam' '--sysconfdir=/etc' '--enable-daemon'
'--enable-clamav' '--enable-virtual-users' '--enable-preferences-extension'
'--with-storage-driver=mysql_drv'
'--with-delivery-agent=/usr/sbin/sendmail'
'--with-mysql-libraries=/usr/lib64/mysql'
'--with-mysql-includes=/usr/include/mysql' '--enable-debug'
----------------------------------------------------------------------
Comment By: Stevan Bajic (sbajic)
Date: 2009-07-28 10:24
Message:
Hallo Carlo
Do you still have that problem with the latest GIT? Would you mind
attaching here your dspam.conf?
Kind Regards from Switzerland
Stevan Bajic
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=1126467&aid=2823000&group_id=250683
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
Dspam-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dspam-devel
