[exim-dev] [Bug 2274] exim 4.91: segfault ... error 4 in libc-2.17.so

2018-06-06 Thread admin--- via Exim-dev 
https://bugs.exim.org/show_bug.cgi?id=2274

Git Commit  changed:

   What|Removed |Added

 CC||g...@exim.org

--- Comment #21 from Git Commit  ---
Git commit:
https://git.exim.org/exim.git/commitdiff/675ae646c0506f6740bb8afa28c8c4892dabbdaf

commit 675ae646c0506f6740bb8afa28c8c4892dabbdaf
Author: Jeremy Harris 
AuthorDate: Wed Jun 6 10:41:51 2018 +0100
Commit: Jeremy Harris 
CommitDate: Wed Jun 6 10:43:18 2018 +0100

Fix logging of cmdline args when starting in an unlinked cwd.  Bug 2274
---
 src/src/exim.c | 17 +++--
 1 file changed, 11 insertions(+), 6 deletions(-)

diff --git a/src/src/exim.c b/src/src/exim.c
index 810550d..9f6efaf 100644
--- a/src/src/exim.c
+++ b/src/src/exim.c
@@ -4083,18 +4083,23 @@ a debugging feature for finding out what arguments
certain MUAs actually use.
 Don't attempt it if logging is disabled, or if listing variables or if
 verifying/testing addresses or expansions. */

-if (((debug_selector & D_any) != 0 || LOGGING(arguments))
+if (  (debug_selector & D_any  ||  LOGGING(arguments))
   && really_exim && !list_options && !checking)
   {
   int i;
   uschar *p = big_buffer;
   Ustrcpy(p, "cwd= (failed)");

-  Ustrncpy(p + 4, initial_cwd, big_buffer_size-5);
-  p += 4 + Ustrlen(initial_cwd);
-  /* in case p is near the end and we don't provide enough space for
-   * string_format to be willing to write. */
-  *p = '\0';
+  if (!initial_cwd)
+p += 13;
+  else
+{
+Ustrncpy(p + 4, initial_cwd, big_buffer_size-5);
+p += 4 + Ustrlen(initial_cwd);
+/* in case p is near the end and we don't provide enough space for
+ * string_format to be willing to write. */
+*p = '\0';
+}

   (void)string_format(p, big_buffer_size - (p - big_buffer), " %d args:",
argc);
   while (*p) p++;

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim 
details at http://www.exim.org/ ##

[exim-dev] [Bug 2274] exim 4.91: segfault ... error 4 in libc-2.17.so

2018-06-06 Thread admin--- via Exim-dev 
https://bugs.exim.org/show_bug.cgi?id=2274

--- Comment #20 from Jeremy Harris  ---
(In reply to Alex from comment #15)
> > Perhaps if os_getcwd() fails?  Could it be that the spam-checker has 
> > chdir()'d to a directory which it unlinks, but calls Exim from inside, 
> > so that Exim's os_getcwd() fails?

I'd say that's a good bet.  Try prefixing that Ustrncpy() at src/exim.c line
4093
with "if (initial_cwd) ".

Actually, that's so obviously needed I'll commit it right away.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim 
details at http://www.exim.org/ ##

[exim-dev] [Bug 2274] exim 4.91: segfault ... error 4 in libc-2.17.so

2018-06-06 Thread admin--- via Exim-dev 
https://bugs.exim.org/show_bug.cgi?id=2274

--- Comment #19 from Alex  ---
Sorry to say that, the patch did not help. Another crash happened recently on 

- 2018-06-04 12:00:10 at 14:27 


Seems to be all the same:


[root@server ccpp-2018-06-04-12:00:10-14027]# gdb /usr/sbin/exim coredump
GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-110.el7
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
For bug reporting instructions, please see:
...
Reading symbols from /usr/sbin/exim...done.
[New LWP 14027]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Core was generated by `/usr/sbin/exim -oMr spam-scanned -bS'.
Program terminated with signal 11, Segmentation fault.
#0  __strncpy_sse2_unaligned () at
../sysdeps/x86_64/multiarch/strcpy-sse2-unaligned.S:296
296 movdqu  (%rsi), %xmm1


(gdb) bt
#0  __strncpy_sse2_unaligned () at
../sysdeps/x86_64/multiarch/strcpy-sse2-unaligned.S:296
#1  0x004269f6 in main (argc=4, cargv=) at exim.c:4093

(gdb) frame 0
#0  __strncpy_sse2_unaligned () at
../sysdeps/x86_64/multiarch/strcpy-sse2-unaligned.S:296
296 movdqu  (%rsi), %xmm1

(gdb) frame 1
#1  0x004269f6 in main (argc=4, cargv=) at exim.c:4093
4093  Ustrncpy(p + 4, initial_cwd, big_buffer_size-5);
(gdb)

And I'm sure the exim was patched:

[root@server directadmin]# ls -la `which exim`
-rwsr-xr-x 1 root root 3981672 May 29 08:36 /sbin/exim

[root@server directadmin]# ls -la
/usr/local/directadmin/custombuild/exim-4.91-patched/src/exim.c
-rw-r--r-- 1 root root 179138 May 29 08:32
/usr/local/directadmin/custombuild/exim-4.91-patched/src/exim.c


Please advice.

Regards,
Alex.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim 
details at http://www.exim.org/ ##