Phil Pennock <[email protected]> wrote: > On 2009-08-02 at 16:29 +0200, Andreas Metzler wrote: >> ocassionally somebody reports a segfault in exim. Usually the response is >> "Delete the contents of $spooldir/db." People do this and the problem >> goes away.
> That's strange. What corrupted the files in the first place? Perhaps a crash, I do not know. > What happens if you build Exim against a different DB backend? It's not > usual in Exim to just accept crashes; especially since those DBs contain > data derived from emails, so if this can be deterministically reproduced > then it might be somehow exploitable (corrupt the DB to upset the > application and insert shellcode). > In fact, that's really worrying. I don't recall hearing of this before > now. http://news.gmane.org/find-root.php?message_id=%3c1130182572.14477.5.camel%40murdegern.hindenburgdamm.example%3e http://news.gmane.org/find-root.php?message_id=%3cPine.LNX.4.60.0506211419550.21320%40hermes%2d1.csi.cam.ac.uk%3e Results of a quick search. I am pretty sure I have stumbled upon this more often already. > The most usual cause of crashes I've seen is someone with an Exim built > against one version of OpenSSL but running against another version, and > then something in some session tickles an OpenSSL ABI incompatibility. These Debian binaries, using GnuTLS. >> Is this the right way to handle the problem? I am wondering because I >> recently received a bug report on the issue and do not want to cut >> corners. > Can you get more details? I will try. thanks, cu andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
