A NOTE has been added to this issue. ====================================================================== http://www.dbmail.org/mantis/view.php?id=574 ====================================================================== Reported By: aaron Assigned To: aaron ====================================================================== Project: DBMail Issue ID: 574 Category: Sieve (delivery, dbmail-sievecmd, dbmail-timsieved) Reproducibility: unable to reproduce Severity: minor Priority: normal Status: assigned target: ====================================================================== Date Submitted: 18-Apr-07 22:35 CEST Last Modified: 03-Sep-07 20:40 CEST ====================================================================== Summary: Reports of crashes in libSieve at message delivery time Description: Paul has seen libSieve crash at message delivery time. Aaron cannot reproduce the crashes. This bug will take over for the various reports that have sprinkled a few other bugs.
Aaron: testing with the sent.eml (from bug http://www.dbmail.org/mantis/view.php?id=573) the sieve layer is causing segfaults. With sieve=no all works well. The user doesn't have any sieve scripts. libsieve-2.2.3 ==29107== Invalid read of size 1 ==29107== at 0x401E2DD: strcmp (mc_replace_strmem.c:341) ==29107== by 0x424814F: libsieve_eval (in /usr/lib/libsieve.so.1.0.5) ==29107== by 0x4247B82: libsieve_eval (in /usr/lib/libsieve.so.1.0.5) ==29107== by 0x42497D2: sieve2_execute (in /usr/lib/libsieve.so.1.0.5) ==29107== by 0x806D3B7: sort_process (sortsieve.c:762) ==29107== by 0x806BF59: sort_and_deliver (sort.c:86) ==29107== by 0x8069990: insert_messages (pipe.c:589) ==29107== by 0x8051845: main (main.c:341) ==29107== Address 0x0 is not stack'd, malloc'd or (recently) free'd ==29107== ==29107== Process terminating with default action of signal 11 (SIGSEGV) ==29107== Access not within mapped region at address 0x0 ==29107== at 0x401E2DD: strcmp (mc_replace_strmem.c:341) ==29107== by 0x424814F: libsieve_eval (in /usr/lib/libsieve.so.1.0.5) ==29107== by 0x4247B82: libsieve_eval (in /usr/lib/libsieve.so.1.0.5) ==29107== by 0x42497D2: sieve2_execute (in /usr/lib/libsieve.so.1.0.5) ==29107== by 0x806D3B7: sort_process (sortsieve.c:762) ==29107== by 0x806BF59: sort_and_deliver (sort.c:86) ==29107== by 0x8069990: insert_messages (pipe.c:589) ==29107== by 0x8051845: main (main.c:341) Paul: I can't reproduce the libSieve segfault! I've downgraded to libSieve 2.2.3, tried with scripts, with empty scripts, script with all whitespace, with no scripts, no segfault. Can you get me a backtrace? ====================================================================== ---------------------------------------------------------------------- aaron - 29-Jun-07 23:27 ---------------------------------------------------------------------- Further mailing list discussion has pretty much put the blame on the libSieve address parser. It needs more sanity checks and better fallbacks. ---------------------------------------------------------------------- paul - 03-Sep-07 20:40 ---------------------------------------------------------------------- I'm currently also unable to re-produce this. I propose to close this for now. Issue History Date Modified Username Field Change ====================================================================== 18-Apr-07 22:35 aaron New Issue 19-Apr-07 01:13 jasb Issue Monitored: jasb 19-Apr-07 09:14 paul Relationship added duplicate of 0000550 19-Apr-07 10:06 paul Relationship deleted duplicate of 0000550 29-Jun-07 23:27 aaron Note Added: 0002269 29-Jun-07 23:27 aaron Status new => assigned 29-Jun-07 23:27 aaron Assigned To => aaron 03-Sep-07 20:40 paul Note Added: 0002352 ====================================================================== _______________________________________________ Dbmail-dev mailing list Dbmail-dev@dbmail.org http://twister.fastxs.net/mailman/listinfo/dbmail-dev
