subject:"Re\: Qpopper 4 buffer overflow\?"

Re: Qpopper 4 buffer overflow?

2001-04-22 Thread Qpopper Bugs


At 9:23 AM -0500 4/20/01, Brad Blix wrote:

>   I've been doing some testing on this. It does appears to be related to
>   chunky-writes. With chunky-writes set to always in the config file I get
>   corrupted message retrieval for lines between 513 and 1023 
> characters long. When
>   I set chunky-writes to never this problem disappears.
>
>   Brad



This is fixed in Qpopper 4.0.1b2, now available at 
.

(It wasn't a buffer overflow, by the way.  Just an error in the 
accounting of large chunks.  As you noted, it only happened when 
using chunky-writes.)

>
>   Eric Luyten wrote:
>
>>   > We haven't looked into this a great deal, but we've rolled back 
>> to Qpopper
>>   > 3.1.2 due to this.
>>   >
>>   > It appears that Qpopper 4 overflows when a line in a message 
>> body contains
>>   > 515 characters or more in it.
>>
>>   Just an idea :
>>
>>   In version 4 an extra constant was introduced
>>   in popper.h
>>
>>  #define OUT_BUF_SIZE512
>>
>>   as well as an associated buffer structure
>>
>>  charpcOutBuf[OUT_BUF_SIZE];
>>
>>   The relevant code section appears to be in pop_write_chunk
>>   (file pop_send.c, lines 733 through end)
>>
>>   Eric.

Re: Qpopper 4 buffer overflow?

2001-04-20 Thread Brad Blix

I've been doing some testing on this. It does appears to be related to
chunky-writes. With chunky-writes set to always in the config file I get
corrupted message retrieval for lines between 513 and 1023 characters long. When
I set chunky-writes to never this problem disappears.

Brad

Eric Luyten wrote:

> > We haven't looked into this a great deal, but we've rolled back to Qpopper
> > 3.1.2 due to this.
> >
> > It appears that Qpopper 4 overflows when a line in a message body contains
> > 515 characters or more in it.
>
> Just an idea :
>
> In version 4 an extra constant was introduced
> in popper.h
>
>#define OUT_BUF_SIZE512
>
> as well as an associated buffer structure
>
>charpcOutBuf[OUT_BUF_SIZE];
>
> The relevant code section appears to be in pop_write_chunk
> (file pop_send.c, lines 733 through end)
>
> Eric.

Re: Qpopper 4 buffer overflow?

2001-04-20 Thread Eric Luyten


> We haven't looked into this a great deal, but we've rolled back to Qpopper
> 3.1.2 due to this.
> 
> It appears that Qpopper 4 overflows when a line in a message body contains
> 515 characters or more in it.

Just an idea :

In version 4 an extra constant was introduced
in popper.h

   #define OUT_BUF_SIZE512

as well as an associated buffer structure

   charpcOutBuf[OUT_BUF_SIZE];

The relevant code section appears to be in pop_write_chunk 
(file pop_send.c, lines 733 through end)


Eric.

Re: Qpopper 4 buffer overflow?

2001-04-20 Thread Mark


I have tried this with email with 550 characters in a single line. The 
spool file is clean but when popper delivers it, it causes binary junk to 
be inserted right after the long line. I have had numerous customer 
complaints on this also. I  have reverted back to 3.1 but because the speed 
increase 4.0 has shown, I hope the Qpopper team fixes this quickly.

Mark


At 01:36 PM 4/19/2001 -0500, Michael Smith wrote:
>I just tried a message with a 3 lines almost 4k in size each in the body and
>didn't notice any problems with 4.0 when popping the message, or the
>message after it.  We too are having problems where customers
>are having problems retrieving certain messages, but I think
>the garbage may be an external factor not related to qpopper.
>Did you check the spool file to see if the garbage is there too?
>
>On Tue, Apr 17, 2001 at 12:40:03PM -0500, Jason Brunette wrote:
> > We haven't looked into this a great deal, but we've rolled back to Qpopper
> > 3.1.2 due to this.
> >
> > It appears that Qpopper 4 overflows when a line in a message body contains
> > 515 characters or more in it.
> >
> > We started seeing customers have trouble retrieving certain messages since
> > upgrading to Qpopper 4.  Telnetting to Qpopper and retrieving the problem
> > messages showed that qpopper returned the message, and "garbage" typical of
> > a buffer overflow.
> >
> > 
> 
> > Jason Brunette   Excel.Net, Inc.   Phone: (920) 
> 452-0455
> > [EMAIL PROTECTED] "Your excellent Internet provider"   Fax: (920) 
> 452-8118
> >  http://www.excel.net/ Toll Free: (888) 
> 489-9995
> > 
> 
>
>--
>   Michael Smith  ...  We build e-business infrastructure 
> solutions
>   SysAdmin, 
> DataFoundry.net  ...   www.datafoundry.net

RE: Qpopper 4 buffer overflow?

2001-04-19 Thread Jason Brunette

It's not specific to a mail program.  You can telnet into qpopper, retrieve
the message and see the garbage.

The spools are definately clean, no corruption or otherwise unusual data in
them.

Jason Brunette   Excel.Net, Inc.   Phone: (920) 452-0455
[EMAIL PROTECTED] "Your excellent Internet provider"   Fax: (920) 452-8118
 http://www.excel.net/ Toll Free: (888) 489-9995

-Original Message-
From: Michael Smith [mailto:[EMAIL PROTECTED]]
Sent: Thursday, April 19, 2001 1:36 PM
To: Jason Brunette
Cc: Subscribers of Qpopper
Subject: Re: Qpopper 4 buffer overflow?

I just tried a message with a 3 lines almost 4k in size each in the body and
didn't notice any problems with 4.0 when popping the message, or the
message after it.  We too are having problems where customers
are having problems retrieving certain messages, but I think
the garbage may be an external factor not related to qpopper.
Did you check the spool file to see if the garbage is there too?

On Tue, Apr 17, 2001 at 12:40:03PM -0500, Jason Brunette wrote:
> We haven't looked into this a great deal, but we've rolled back to Qpopper
> 3.1.2 due to this.
> 
> It appears that Qpopper 4 overflows when a line in a message body contains
> 515 characters or more in it.
> 
> We started seeing customers have trouble retrieving certain messages since
> upgrading to Qpopper 4.  Telnetting to Qpopper and retrieving the problem
> messages showed that qpopper returned the message, and "garbage" typical
of
> a buffer overflow. 
> 
>

> Jason Brunette   Excel.Net, Inc.   Phone: (920)
452-0455
> [EMAIL PROTECTED] "Your excellent Internet provider"   Fax: (920)
452-8118
>  http://www.excel.net/ Toll Free: (888)
489-9995
>

-- 
  Michael Smith  ...  We build e-business infrastructure
solutions
  SysAdmin, DataFoundry.net  ...
www.datafoundry.net

Re: Qpopper 4 buffer overflow?

2001-04-19 Thread Michael Smith

I just tried a message with a 3 lines almost 4k in size each in the body and
didn't notice any problems with 4.0 when popping the message, or the
message after it.  We too are having problems where customers
are having problems retrieving certain messages, but I think
the garbage may be an external factor not related to qpopper.
Did you check the spool file to see if the garbage is there too?

On Tue, Apr 17, 2001 at 12:40:03PM -0500, Jason Brunette wrote:
> We haven't looked into this a great deal, but we've rolled back to Qpopper
> 3.1.2 due to this.
> 
> It appears that Qpopper 4 overflows when a line in a message body contains
> 515 characters or more in it.
> 
> We started seeing customers have trouble retrieving certain messages since
> upgrading to Qpopper 4.  Telnetting to Qpopper and retrieving the problem
> messages showed that qpopper returned the message, and "garbage" typical of
> a buffer overflow. 
> 
> 
> Jason Brunette   Excel.Net, Inc.   Phone: (920) 452-0455
> [EMAIL PROTECTED] "Your excellent Internet provider"   Fax: (920) 452-8118
>  http://www.excel.net/ Toll Free: (888) 489-9995
> 

-- 
  Michael Smith  ...  We build e-business infrastructure solutions
  SysAdmin, DataFoundry.net  ...   www.datafoundry.net

Re: Qpopper 4 buffer overflow?

2001-04-19 Thread Gregory Hicks

> From: Carles Xavier Munyoz <[EMAIL PROTECTED]>
> Date: Thu, 19 Apr 2001 16:08:33 +0200
> 
> On Tuesday 17 April 2001 19:40, Jason Brunette wrote:
> > It appears that Qpopper 4 overflows when a line in a message body contains
> > 515 characters or more in it.
> 
> Have you reported this bug to the Qualcom Qpopper team ?

Don't they monitor this list?

> Is this a real bug verified by the Qualcom Qpopper team ?

Can't say if this is a "real bug" or not.  I've observed it (or rather,
my users have observed it).  Some use Eudora 3.0.6, and if these users
send a note out that has a very long line (>545 chars), the remainder
of the line, when received, is 'garbage' - I presume binary of some
flavor.  Eudora 3.0.6 and Qpopper 3.1.2 does not exhibit this behaviour.

The users that use Eudora 5.x and Outlook with the qpopper 4.0 do not
see this behaviour.

Thus, is the bug in Eudora 3.x?  Or qpopper?

Some of our users here like Zmail.  Zmail and qpopper 4.0 do not seem
to work well together in that the Zmail users cannot get mail
downloaded from the qpopper 4.0 daemon...

Regards,
Gregory Hicks
-
Gregory Hicks   | Principal Systems Engineer
Cadence Design Systems  | Direct:   408.576.3609
555 River Oaks Pkwy M/S 6B1 | Fax:  408.894.3479
San Jose, CA 95134

Re: Qpopper 4 buffer overflow?

2001-04-19 Thread Carles Xavier Munyoz Baldó


-BEGIN PGP SIGNED MESSAGE-

On Tuesday 17 April 2001 19:40, Jason Brunette wrote:
> It appears that Qpopper 4 overflows when a line in a message body contains
> 515 characters or more in it.

Have you reported this bug to the Qualcom Qpopper team ?
Is this a real bug verified by the Qualcom Qpopper team ?

---
Carles Xavier Munyoz Baldó / [EMAIL PROTECTED]
---

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 5.0i for non-commercial use
MessageID: xR2E0VPbNW482DQ/GI2KI2bbiU3JC4AO

iQA/AwUAOt7xaBAGkoZz8//aEQKH8wCfZ2ITvAeLyrlBDJrWRNnNfZOILRAAoIXM
2SfFMkHOD7H3jW9hjz4L2iyF
=qkjZ
-END PGP SIGNATURE-

Re: Qpopper 4 buffer overflow?

2001-04-17 Thread Gregory Hicks


One of my users just experienced this but the overflow occured at 540
(or 545 chars - depending on how TABS are handled...)

Regards,
Gregory Hicks
-
Gregory Hicks   | Principal Systems Engineer
Cadence Design Systems  | Direct:   408.576.3609
555 River Oaks Pkwy M/S 6B1 | Fax:  408.894.3479
San Jose, CA 95134

> From: Jason Brunette <[EMAIL PROTECTED]>
> Date: Tue, 17 Apr 2001 12:40:03 -0500
> 
> We haven't looked into this a great deal, but we've rolled back to Qpopper
> 3.1.2 due to this.
> 
> It appears that Qpopper 4 overflows when a line in a message body contains
> 515 characters or more in it.
> 
> We started seeing customers have trouble retrieving certain messages since
> upgrading to Qpopper 4.  Telnetting to Qpopper and retrieving the problem
> messages showed that qpopper returned the message, and "garbage" typical of
> a buffer overflow.

Re: Qpopper 4 buffer overflow?

Re: Qpopper 4 buffer overflow?

Re: Qpopper 4 buffer overflow?

Re: Qpopper 4 buffer overflow?

RE: Qpopper 4 buffer overflow?

Re: Qpopper 4 buffer overflow?

Re: Qpopper 4 buffer overflow?

Re: Qpopper 4 buffer overflow?

Re: Qpopper 4 buffer overflow?

9 matches

Site Navigation

Mail list logo

Footer information