Bug#921450: fetchmail: Fetchmail segfaults upon execution
- Mail original - > Thanks! Do you get the message via procmail and / or does it get > deleted from your server? Each time I launch fetchmail, I retrieve a copy of the same first message in my local mailbox, but this message is not deleted from my server. I don't know if this other piece of information can help, but this issue is not the only issue I encounters since the last update of fetchmail. Actually, I also use fetchmail to retrieve messages from another mail server (my ISP's). Since the last update of fetchmail, recovery on this server fails (without segmentation fault) for another reason: $ env LC_ALL=C fetchmail -v -v -v --nodetach --nosyslog -b 2 Old UID list from pop.free.fr: Scratch list of UIDs: fetchmail: removing stale lockfile fetchmail: 6.4.0.beta4 querying pop.free.fr (protocol POP3) at Tue Feb 5 23:33:22 2019: poll started Trying to connect to 212.27.48.3/110...connected. fetchmail: POP3< +OK POP3 ready <1391411951.1549406002@popn1> fetchmail: POP3> CAPA fetchmail: POP3< +OK Capability list follows fetchmail: POP3< TOP fetchmail: POP3< USER fetchmail: POP3< UIDL fetchmail: POP3< SASL LOGIN PLAIN fetchmail: POP3< . fetchmail: POP3> STLS fetchmail: POP3< -ERR invalid command fetchmail: invalid command fetchmail: pop.free.fr: upgrade to TLS failed. fetchmail: Unknown login or authentication error on sebastien.di...@pop.free.fr fetchmail: socket error while fetching from sebastien.di...@pop.free.fr fetchmail: 6.4.0.beta4 querying pop.free.fr (protocol POP3) at Tue Feb 5 23:33:22 2019: poll completed Merged UID list from pop.free.fr: fetchmail: Query status=2 (SOCKET) fetchmail: normal termination, status 2 Sébastien
Bug#921450: fetchmail: Fetchmail segfaults upon execution
On Tue, Feb 5, 2019 at 10:36 PM Sébastien Dinot wrote: > I didn't find the fetchmail-dbgsym package, but here is what the > suggested command displays: [...] > fetchmail: POP3> LIST 1 > fetchmail: POP3< +OK 1 474 > fetchmail: POP3> RETR 1 > fetchmail: POP3< +OK 474 octets > reading message m...@mail.example.com:1 of 22 (474 octets) About to rewrite > Return-Path: ... > ...rewritten version is Return-Path: . > About to rewrite From: Fail2Ban ... > ...rewritten version is From: Fail2Ban . > About to rewrite To: r...@example.com... > ...rewritten version is To: r...@example.com. > fetchmail: about to deliver with: /usr/bin/procmail -Y -d 'me' > #*** flushed > fetchmail: POP3> DELE 1 > fetchmail: POP3< +OK Marked to be deleted. > Segmentation fault Thanks! Do you get the message via procmail and / or does it get deleted from your server? Cheers, Laszlo/GCS
Bug#921450: fetchmail: Fetchmail segfaults upon execution
On Tue, 5 Feb 2019 19:22:21 +0100
=?UTF-8?B?TMOhc3psw7MgQsO2c3rDtnJtw6lueWkgKEdDUyk=?= wrote:
> Control: tags -1 +unreproducible moreinfo
>
> Hi James,
>
> On Tue, Feb 5, 2019 at 6:09 PM James Henried wrote:
> > fetchmail has stopped working in version 6.4.0~beta4-2.
> Which previous version did you use?
>
> > Running the daemon gets the first mail in the queue delivered, but then it
> > segfaults.
> Please install fetchmail-dbgsym if it may give more information.
>
> What happens if you stop the daemon and run it from the command line?
> What's the output if it still fails?
> Are you open to provide detailed log like the following produces?
> $ env LC_ALL=C fetchmail -v -v -v --nodetach --nosyslog -b 2
I can reproduce it well if it's the same problem.
Here is your stack information, with minimal anonymization.
For me it's not crashing ASAP, it skips two messages with "bad header"
status and crashes upon encountering the first good message.
(gdb) bt
#0 pop3_delete (sock=, ctl=0x555b4db0, number=3) at
pop3.c:1362
#1 0x555669b0 in fetch_messages (msgsizes=0x5559f480 ,
transient_errors=,
deletions=, dispatches=,
fetches=, maxfetch=1000,
count=, ctl=0x555b4db0, mailserver_socket=3) at
driver.c:812
#2 do_session (ctl=ctl@entry=0x555b4db0, proto=proto@entry=0x5559a200
, maxfetch=maxfetch@entry=1000)
at driver.c:1435
#3 0x55567df9 in do_protocol (ctl=0x555b4db0, proto=0x5559a200
) at driver.c:1677
#4 0xfb48 in query_host (ctl=0x555b4db0) at fetchmail.c:1546
#5 0xa37b in main (argc=, argv=0x7fffe5d8) at
fetchmail.c:793
(gdb) display ctl
1: ctl = (struct query *) 0x555b4db0
(gdb) display *ctl
2: *ctl = {server = {pollname = 0x555b4cf0 "MYSERVER", via = 0x0, akalist =
0x0, localdomains = 0x0, protocol = 3,
service = 0x0, interval = 0, authenticate = 1, timeout = 300, envelope =
0x0, envskip = 0, qvirtual = 0x0,
skip = 0 '\000', dns = 1 '\001', uidl = 0 '\000', sdps = 0 '\000',
checkalias = 0 '\000', tracepolls = 0 '\000',
principal = 0x0, esmtp_name = 0x0, esmtp_password = 0x0, badheader =
BHREJECT, interface = 0x0, monitor = 0x0,
monitor_io = 0, interface_pair = 0x0, plugin = 0x0, plugout = 0x0,
base_protocol = 0x5559a200 , poll_count = 0,
queryname = 0x555b3f90 "MYSERVER", truename = 0x555b4020
"MYSERVER", trueaddr = 0x555fcf50,
trueaddr_len = 16, lead_server = 0x0, esmtp_options = 3, workarounds = 0},
localnames = 0x555b4d50, wildcard = 0,
remotename = 0x555b4cd0 "ANON", password = 0x555b4d10 "ANON",
mailboxes = 0x555b4080,
smtphunt = 0x555b4060, domainlist = 0x0, smtpaddress = 0x0, smtpname =
0x0, antispam = 0x555b4d90, mda = 0x0,
bsmtp = 0x0, listener = 83 'S', preconnect = 0x0, postconnect = 0x0, keep = 0
'\000', fetchall = 1 '\001', flush = 0 '\000',
limitflush = 0 '\000', rewrite = 1 '\001', stripcr = 0 '\000', forcecr = 0
'\000', pass8bits = 0 '\000',
dropstatus = 0 '\000', dropdelivered = 0 '\000', mimedecode = 0 '\000', idle
= 0 '\000', limit = 0, warnings = 3600,
fetchlimit = 0, fetchsizelimit = 100, fastuidl = 4, fastuidlcount = 0,
batchlimit = 70, expunge = 1000, use_ssl = 1 '\001',
sslkey = 0x0, sslcert = 0x0, sslproto = 0x0, sslcertfile = 0x0, sslcertpath =
0x0, sslcertck = 1 '\001',
sslcommonname = 0x0, sslfingerprint = 0x0, properties = 0x0, active = 1
'\001', destaddr = 0x5564c7e0 "localhost",
errcount = 0, authfailcount = 0, wehaveauthed = 1, wehavesentauthnote = 0,
wedged = 0,
smtphost = 0x555b4040 "localhost", smtphostmode = 83 'S', smtp_socket =
4, uid = 103, skipped = 0x0, oldsaved = {
pat_root = 0x555b41c0, records = 0x555dbd00, records_max = 2048,
records_next = 1888, num_ndx = {records = 0x0,
pos_0_value = 4294967295, end_value = 4294967295}}, newsaved = {pat_root
= 0x0, records = 0x555b4130,
records_max = 16, records_next = 0, num_ndx = {records = 0x0, pos_0_value =
4294967295, end_value = 4294967295}},
lastdigest = '\000' , folder = 0x0, mimemsg = 1, digest =
'\000' , next = 0x0}
Valgrind confirms:
==4368== Invalid write of size 4
==4368==at 0x10DDDA: pop3_delete (pop3.c:1374)
==4368==by 0x10DDDA: pop3_delete.cold.13 (pop3.c:1362)
==4368==by 0x11A9AF: fetch_messages (driver.c:812)
==4368==by 0x11A9AF: do_session (driver.c:1435)
==4368==by 0x11BDF8: do_protocol (driver.c:1677)
==4368==by 0x113B47: query_host (fetchmail.c:1546)
==4368==by 0x10E37A: main (fetchmail.c:793)
==4368== Address 0x14 is not stack'd, malloc'd or (recently) free'd
==4368==
==4368==
==4368== Process terminating with default action of signal 11 (SIGSEGV)
==4368== Access not within mapped region at address 0x14
==4368==at 0x10DDDA: pop3_delete (pop3.c:1374)
==4368==by 0x10DDDA: pop3_delete.cold.13 (pop3.c:1362)
==4368==by 0x11A9AF: fetch_messages (driver.c:812)
==4368==by 0x11A9AF:
Bug#921450: fetchmail: Fetchmail segfaults upon execution
Hi, I have the same problem with the same version of fetchmail package. I didn't find the fetchmail-dbgsym package, but here is what the suggested command displays: $ env LC_ALL=C fetchmail -v -v -v --nodetach --nosyslog -b 2 Old UID list from mail.example.com: Scratch list of UIDs: fetchmail: removing stale lockfile fetchmail: 6.4.0.beta4 querying mail.example.com (protocol POP3) at Tue Feb 5 22:22:59 2019: poll started Trying to connect to 12.34.56.78/110...connected. fetchmail: POP3< +OK Dovecot (Debian) ready. fetchmail: POP3> CAPA fetchmail: POP3< +OK fetchmail: POP3< CAPA fetchmail: POP3< TOP fetchmail: POP3< UIDL fetchmail: POP3< RESP-CODES fetchmail: POP3< PIPELINING fetchmail: POP3< AUTH-RESP-CODE fetchmail: POP3< STLS fetchmail: POP3< SASL fetchmail: POP3< . fetchmail: POP3> STLS fetchmail: POP3< +OK Begin TLS negotiation now. fetchmail: Certificate chain, from root to peer, starting at depth 2: fetchmail: Issuer Organization: Digital Signature Trust Co. fetchmail: Issuer CommonName: DST Root CA X3 fetchmail: Subject CommonName: DST Root CA X3 fetchmail: Certificate at depth 1: fetchmail: Issuer Organization: Digital Signature Trust Co. fetchmail: Issuer CommonName: DST Root CA X3 fetchmail: Subject CommonName: Let's Encrypt Authority X3 fetchmail: Server certificate: fetchmail: Issuer Organization: Let's Encrypt fetchmail: Issuer CommonName: Let's Encrypt Authority X3 fetchmail: Subject CommonName: mail.example.com fetchmail: Subject Alternative Name: mail.example.com fetchmail: Subject Alternative Name: smtp.example.com fetchmail: mail.example.com key fingerprint: A8:63:B2:92:47:25:A2:89:E5:00:09:F6:80:B2:47:D5 fetchmail: SSL/TLS: using protocol TLSv1.3, cipher TLS_AES_256_GCM_SHA384, 256/256 secret/processed bits fetchmail: POP3> CAPA fetchmail: POP3< +OK fetchmail: POP3< CAPA fetchmail: POP3< TOP fetchmail: POP3< UIDL fetchmail: POP3< RESP-CODES fetchmail: POP3< PIPELINING fetchmail: POP3< AUTH-RESP-CODE fetchmail: POP3< USER fetchmail: POP3< SASL PLAIN fetchmail: POP3< . fetchmail: mail.example.com: upgrade to TLS succeeded. fetchmail: POP3> USER me fetchmail: POP3< +OK fetchmail: POP3> PASS * fetchmail: POP3< +OK Logged in. fetchmail: selecting or re-polling default folder fetchmail: POP3> STAT fetchmail: POP3< +OK 22 262046 22 messages for me at mail.example.com (262046 octets). fetchmail: POP3> LIST 1 fetchmail: POP3< +OK 1 474 fetchmail: POP3> RETR 1 fetchmail: POP3< +OK 474 octets reading message m...@mail.example.com:1 of 22 (474 octets) About to rewrite Return-Path: ... ...rewritten version is Return-Path: . About to rewrite From: Fail2Ban ... ...rewritten version is From: Fail2Ban . About to rewrite To: r...@example.com... ...rewritten version is To: r...@example.com. fetchmail: about to deliver with: /usr/bin/procmail -Y -d 'me' #*** flushed fetchmail: POP3> DELE 1 fetchmail: POP3< +OK Marked to be deleted. Segmentation fault
Bug#921450: fetchmail: Fetchmail segfaults upon execution
Control: tags -1 +unreproducible moreinfo Hi James, On Tue, Feb 5, 2019 at 6:09 PM James Henried wrote: > fetchmail has stopped working in version 6.4.0~beta4-2. Which previous version did you use? > Running the daemon gets the first mail in the queue delivered, but then it > segfaults. Please install fetchmail-dbgsym if it may give more information. What happens if you stop the daemon and run it from the command line? What's the output if it still fails? Are you open to provide detailed log like the following produces? $ env LC_ALL=C fetchmail -v -v -v --nodetach --nosyslog -b 2 Thanks in advance, Laszlo/GCS
Processed: Re: Bug#921450: fetchmail: Fetchmail segfaults upon execution
Processing control commands: > tags -1 +unreproducible moreinfo Bug #921450 [fetchmail] fetchmail: Fetchmail segfaults upon execution Added tag(s) unreproducible and moreinfo. -- 921450: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921450 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#921450: fetchmail: Fetchmail segfaults upon execution
Package: fetchmail Version: 6.4.0~beta4-2 Severity: grave Justification: renders package unusable Dear Maintainer, fetchmail has stopped working in version 6.4.0~beta4-2. Running the daemon gets the first mail in the queue delivered, but then it segfaults. >From /var/log/syslog: Feb 5 10:58:01 mycomputer fetchmail[3690]: starting fetchmail 6.4.0.beta4 daemon Feb 5 10:58:01 mycomputer fetchmail[3690]: 21 messages for user at mail.isp.com (1413520 octets). Feb 5 10:58:01 mycomputer fetchmail[3690]: reading message u...@isp.com:1 of 21 (22515 octets) flushed Feb 5 10:58:01 mycomputer kernel: [ 296.487041] fetchmail[3690]: segfault at 14 ip 55f377747dda sp 7ffdd477ae80 error 6 in fetchmail[55f377747000+2b000] Feb 5 10:58:01 mycomputer kernel: [ 296.487050] Code: ff 25 1a 12 04 00 68 d8 00 00 00 e9 60 f2 ff ff ff 25 12 12 04 00 66 90 00 00 00 00 00 00 00 00 48 8b 04 25 00 00 00 00 0f 0b 04 25 14 00 00 00 00 00 00 00 0f 0b 66 0f 1f 84 00 00 00 00 00 -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 4.18.0-2-amd64 (SMP w/12 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages fetchmail depends on: ii adduser 3.118 ii debianutils 4.8.6.1 ii libc6 2.28-5 ii libcom-err2 1.44.5-1 ii libgssapi-krb5-2 1.17-1 ii libk5crypto3 1.17-1 ii libkrb5-3 1.17-1 ii libssl1.1 1.1.1a-1 ii lsb-base 10.2018112800 Versions of packages fetchmail recommends: ii ca-certificates 20190110 Versions of packages fetchmail suggests: ii exim4-daemon-light [mail-transport-agent] 4.92~RC5-1 ii fetchmailconf 6.4.0~beta4-2 pn resolvconf -- Configuration Files: /etc/default/fetchmail changed: # This file will be used to declare some vars for fetchmail # # Uncomment the following if you don't want localized log messages # export LC_ALL=C # If you want to specify any additional OPTION to the start # scripts specify them here # OPTIONS=... # Declare here if we want to start fetchmail. 'yes' or 'no' START_DAEMON=yes -- no debconf information
