[Dbmail-dev] [DBMail 0000161]: dbmail-smtp SIG11 on following message

bugtrack Wed, 19 Jan 2005 11:58:54 +0100 (CET)

A BUGNOTE has been added to this bug.
======================================================================
http://www.dbmail.org/mantis/bug_view_advanced_page.php?bug_id=0000161
======================================================================
Reported By:                xing
Assigned To:                
======================================================================
Project:                    DBMail
Bug ID:                     161
Category:                   PIPE delivery (dbmail-smtp)
Reproducibility:            always
Severity:                   major
Priority:                   normal
Status:                     new
======================================================================
Date Submitted:             16-Jan-05 02:41 CET
Last Modified:              19-Jan-05 11:58 CET
======================================================================
Summary:                    dbmail-smtp SIG11 on following message
Description: 
Postix Message:
Jan 15 17:18:33 mail postfix/pipe[25015]: 3A51E5E0075:
to=<[EMAIL PROTECTED]>, relay=dbmail, delay=212906,
status=deferred (Command died with signal 11:
"/usr/local/sbin/dbmail-smtp")


(ignore the postfix log timestamp vs trace descprency..I did the trace via
command line and copied one of the postfix log entries when I confirmed seg
fault)

Dbmail Trace:

Jan 15 17:34:37 mail dbmail/smtp[3565]: GetConfigValue(): searching value
for config item [host]
Jan 15 17:34:37 mail dbmail/smtp[3565]: GetConfigValue(): found value
[localhost]
Jan 15 17:34:37 mail dbmail/smtp[3565]: GetConfigValue(): searching value
for config item [db]
Jan 15 17:34:37 mail dbmail/smtp[3565]: GetConfigValue(): found value
[dbmail]
Jan 15 17:34:37 mail dbmail/smtp[3565]: GetConfigValue(): searching value
for config item [user]
Jan 15 17:34:37 mail dbmail/smtp[3565]: GetConfigValue(): found value
[postfix]
Jan 15 17:34:37 mail dbmail/smtp[3565]: GetConfigValue(): searching value
for config item [pass]
Jan 15 17:34:37 mail dbmail/smtp[3565]: GetConfigValue(): found value
[postfix]
Jan 15 17:34:37 mail dbmail/smtp[3565]: GetConfigValue(): searching value
for config item [sqlport]
Jan 15 17:34:37 mail dbmail/smtp[3565]: GetConfigValue(): item not found
Jan 15 17:34:37 mail dbmail/smtp[3565]: GetConfigValue(): searching value
for config item [sqlsocket]
Jan 15 17:34:37 mail dbmail/smtp[3565]: GetConfigValue(): found value
[/tmp/mysql.sock]
Jan 15 17:34:37 mail dbmail/smtp[3565]: dbmysql.c,db_query: executing
query [SELECT 1=1 FROM dbmail_physmessage LIMIT 1 OFFSET 0]
Jan 15 17:34:37 mail dbmail/smtp[3565]: header.c,consume_header_line:
error reading header line
Jan 15 17:34:37 mail dbmail/smtp[3565]: main.c,main splitmessage failed
Jan 15 17:34:37 mail dbmail/smtp[3565]: main(): freeing dsnuser list
Jan 15 17:34:37 mail dbmail/smtp[3565]: main(): freeing all other lists
Jan 15 17:34:37 mail dbmail/smtp[3565]: main(): freeing memory blocks


======================================================================

----------------------------------------------------------------------
 paul - 16-Jan-05 09:18 CET 
----------------------------------------------------------------------
The message is seriously corrupted, breaking the message parser.

"""
        for <[EMAIL PROTECTED]>; Thu, 13 Jan 2005 06:10:07 -0800
(PST)
Received: from wefbt6.abltech.com^M (wefbt6.abltech.com^M [157.0.144.139])
by 200.72.232.5 with SMTP id n063F9Ln8488;
         Wed, 12 Jan 2005 21:10:30 -0500
Message-ID: <[EMAIL PROTECTED]>
From: "Osvaldo York" <[EMAIL PROTECTED]>
"""

Here we see carriage-returns embedded within a line, without a new-line.
This will trip header.c, consume_header_line.

This behaviour will have changed in cvs-head, where the whole parsing of
incoming messages is handled by gmime, but I'm not at all sure how gmime
will handle such corrupted messages.

----------------------------------------------------------------------
 aaron - 19-Jan-05 11:58 CET 
----------------------------------------------------------------------
Unfortunately, because it's a segfault, the message will be retried for a
long time until Postfix gives up and bounces it. Much as the 2.0 MIME
parser is a pain in the butt, we at least need to make it not crash.

Bug History
Date Modified  Username       Field                    Change              
======================================================================
16-Jan-05 02:41xing           New Bug                                      
16-Jan-05 02:41xing           File Added: postfix_queue_file.gz                 
   
16-Jan-05 09:18paul           Bugnote Added: 0000537                       
19-Jan-05 11:58aaron          Bugnote Added: 0000553                       
======================================================================

[Dbmail-dev] [DBMail 0000161]: dbmail-smtp SIG11 on following message

Reply via email to