On Tue, Mar 31, 2015 at 04:50:45PM +0200, K. Peter wrote: > Hi, > > I got a buffer overflow if a .forward file exists in the user home dir. All > mailusers are defined in a userbase table. The mailfolders are located on a > NAS and mounted via nfs. Running smtpd -dv gives: > > smtp-in: New session 0b5b409e8634b93c from host smtp.aldox.de [local] > *** buffer overflow detected ***: smtpd: [priv] terminated > ======= Backtrace: ========= > /lib64/libc.so.6(+0x73d6f)[0x7f93fc3c9d6f] > /lib64/libc.so.6(__fortify_fail+0x37)[0x7f93fc44eb67]
Did you compile with -D_FORTIFY_SOURCE? There were known false positives with fortify and smtpd on linux. Packages on some linux variants now ship with fortify disabled. https://bugs.archlinux.org/task/38124 https://launchpad.net/ubuntu/+source/opensmtpd/+changelog -- You received this mail because you are subscribed to [email protected] To unsubscribe, send a mail to: [email protected]
