A NOTE has been added to this issue. ====================================================================== http://dbmail.org/mantis/view.php?id=842 ====================================================================== Reported By: bjohnson Assigned To: ====================================================================== Project: DBMail Issue ID: 842 Category: Authentication layer Reproducibility: always Severity: crash Priority: normal Status: new target: ====================================================================== Date Submitted: 26-Mar-10 04:03 CET Last Modified: 14-Apr-10 16:02 CEST ====================================================================== Summary: stack smashing in usermap code Description: Original bug reported here.
http://permalink.gmane.org/gmane.mail.imap.dbmail/13033 ====================================================================== ---------------------------------------------------------------------- (0003036) lonish (reporter) - 14-Apr-10 16:02 http://dbmail.org/mantis/view.php?id=842#c3036 ---------------------------------------------------------------------- We have detected the same problem and behaviour with POP3 and IMAP servers on RHEL5 i386. Looks like the cause of stack smashing is too small size returned by sizeof(struct sockaddr_storage) function in case if IPv6 protocol is enabled. Our quick fix patch which has solved the problem: --- dbmail-2.2.15.orig/db.c 2010-04-14 15:20:15.000000000 +0300 +++ dbmail-2.2.15.test/db.c 2010-04-14 15:20:34.000000000 +0300 @@ -4698,7 +4698,7 @@ } else { /* get the socket the client is connecting on */ int serr; - socklen_t len = sizeof(struct sockaddr_storage); + socklen_t len = sizeof(saddr); char host[NI_MAXHOST], serv[NI_MAXSERV]; if (getsockname(fileno(ci->tx), &saddr, &len) < 0) { Thank you, Leontiy Onishchuk Fine Soft Studio Issue History Date Modified Username Field Change ====================================================================== 26-Mar-10 04:03 bjohnson New Issue 06-Apr-10 09:10 lemmster Issue Monitored: lemmster 14-Apr-10 16:02 lonish Note Added: 0003036 ====================================================================== _______________________________________________ Dbmail-dev mailing list Dbmail-dev@dbmail.org http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail-dev
