Re: [vchkpw] qmailadmin buffer overflow

2012-09-19 Thread Tom Collins 
I'm offline, with limited Internet connectivity, so apologies if someone else 
has already responded. 

I think you need to recompile QmailAdmin and manually install the binary. The 
installation process strips debug information that would probably show up in 
this dump and help isolate the problem. 

-Tom
(Sent from my phone; forgive my brevity)

On Sep 18, 2012, at 5:45 PM, Bob Hutchinson hutchli...@midwales.com wrote:

 Not sure if this is the right place to post but I don't know where else.
 
 I am using qmailadmin in a standard shupp toaster, on a 64bit machine.
 qmailadmin-1.2.15
 
 I getting a WSOD after adding a new mailinglist. The mailinglist is made
 and all appears correct.
 
 Each line in the apache error log is prepended by something like this:
 [Tue Sep 18 14:54:30 2012] [error] [client 1.2.3.4]
 The referer is someting like this:
 http://myserver.net/cgi-bin/qmailadmin/com/addmailinglist?user=postmasterdom=adomain.co.uktime=1347976179
 replaced with xxx
 
 Here is the log snippet pruned for easier reading:
 
 *** buffer overflow detected ***: /usr/lib/cgi-bin/qmailadmin
 terminated, referer: xxx
 === Backtrace: =, referer: xxx
 /lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7f12e3f8e007],
 referer: xxx
 /lib/x86_64-linux-gnu/libc.so.6(+0x107f00)[0x7f12e3f8cf00], referer: xxx
 /lib/x86_64-linux-gnu/libc.so.6(+0x1075eb)[0x7f12e3f8c5eb], referer: xxx
 /lib/x86_64-linux-gnu/libc.so.6(__snprintf_chk+0x78)[0x7f12e3f8c4c8],
 referer: xxx
 /usr/lib/cgi-bin/qmailadmin[0x409534], referer: xxx
 /usr/lib/cgi-bin/qmailadmin[0x4107bc], referer: xxx
 /usr/lib/cgi-bin/qmailadmin[0x402fb5], referer: xxx
 /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed)[0x7f12e3ea676d],
 referer: xxx
 /usr/lib/cgi-bin/qmailadmin[0x403551], referer: xxx
 === Memory map: , referer: xxx
 0040-00431000 r-xp  ca:01 12699746
 /usr/lib/cgi-bin/qmailadmin, referer: xxx
 0063-00631000 r--p 0003 ca:01 12699746
 /usr/lib/cgi-bin/qmailadmin, referer: xxx
 00631000-00632000 rw-p 00031000 ca:01 12699746
 /usr/lib/cgi-bin/qmailadmin, referer: xxx
 00632000-0063d000 rw-p  00:00 0 , referer: xxx
 0078d000-007ae000 rw-p  00:00 0[heap],
 referer: xxx
 7f12e3c6f000-7f12e3c84000 r-xp  ca:01 10092763
 /lib/x86_64-linux-gnu/libgcc_s.so.1, referer: xxx
 7f12e3c84000-7f12e3e83000 ---p 00015000 ca:01 10092763
 /lib/x86_64-linux-gnu/libgcc_s.so.1, referer: xxx
 7f12e3e83000-7f12e3e84000 r--p 00014000 ca:01 10092763
 /lib/x86_64-linux-gnu/libgcc_s.so.1, referer: xxx
 7f12e3e84000-7f12e3e85000 rw-p 00015000 ca:01 10092763
 /lib/x86_64-linux-gnu/libgcc_s.so.1, referer: xxx
 7f12e3e85000-7f12e4038000 r-xp  ca:01 10092730
 /lib/x86_64-linux-gnu/libc-2.15.so, referer: xxx
 7f12e4038000-7f12e4237000 ---p 001b3000 ca:01 10092730
 /lib/x86_64-linux-gnu/libc-2.15.so, referer: xxx
 7f12e4237000-7f12e423b000 r--p 001b2000 ca:01 10092730
 /lib/x86_64-linux-gnu/libc-2.15.so, referer: xxx
 7f12e423b000-7f12e423d000 rw-p 001b6000 ca:01 10092730
 /lib/x86_64-linux-gnu/libc-2.15.so, referer: xxx
 7f12e423d000-7f12e4242000 rw-p  00:00 0 , referer: xxx
 7f12e4242000-7f12e424b000 r-xp  ca:01 10092783
 /lib/x86_64-linux-gnu/libcrypt-2.15.so, referer: xxx
 7f12e424b000-7f12e444b000 ---p 9000 ca:01 10092783
 /lib/x86_64-linux-gnu/libcrypt-2.15.so, referer: xxx
 7f12e444b000-7f12e444c000 r--p 9000 ca:01 10092783
 /lib/x86_64-linux-gnu/libcrypt-2.15.so, referer: xxx
 7f12e444c000-7f12e444d000 rw-p a000 ca:01 10092783
 /lib/x86_64-linux-gnu/libcrypt-2.15.so, referer: xxx
 7f12e444d000-7f12e447b000 rw-p  00:00 0 , referer: xxx
 7f12e447b000-7f12e449d000 r-xp  ca:01 10092751
 /lib/x86_64-linux-gnu/ld-2.15.so, referer: xxx
 7f12e4688000-7f12e468b000 rw-p  00:00 0 , referer: xxx
 7f12e4697000-7f12e469d000 rw-p  00:00 0 , referer: xxx
 7f12e469d000-7f12e469e000 r--p 00022000 ca:01 10092751
 /lib/x86_64-linux-gnu/ld-2.15.so, referer: xxx
 7f12e469e000-7f12e46a rw-p 00023000 ca:01 10092751
 /lib/x86_64-linux-gnu/ld-2.15.so, referer: xxx
 7fff3851d000-7fff3853e000 rw-p  00:00 0[stack],
 referer: xxx
 7fff385ff000-7fff3860 r-xp  00:00 0[vdso],
 referer: xxx
 ff60-ff601000 r-xp  00:00 0
 [vsyscall], referer: xxx
 
 
 -- 
 -
 Bob Hutchinson
 Midwales dot com
 -
 
 
 


!DSPAM:5059a45e34211364084616!

Re: [vchkpw] qmailadmin buffer overflow

2012-09-19 Thread Bob Hutchinson 
On 19/09/12 11:52, Tom Collins wrote:
 I'm offline, with limited Internet connectivity, so apologies if someone else 
 has already responded. 
 
 I think you need to recompile QmailAdmin and manually install the binary. The 
 installation process strips debug information that would probably show up in 
 this dump and help isolate the problem. 

OK, I will look into doing this at a quiet time.
I notice that there is a binary in the source tree which is much larger
and which says it's unstripped, I might just try that one first.


 
 -Tom
 (Sent from my phone; forgive my brevity)
 
 On Sep 18, 2012, at 5:45 PM, Bob Hutchinson hutchli...@midwales.com wrote:
 
 Not sure if this is the right place to post but I don't know where else.

 I am using qmailadmin in a standard shupp toaster, on a 64bit machine.
 qmailadmin-1.2.15

 I getting a WSOD after adding a new mailinglist. The mailinglist is made
 and all appears correct.

 Each line in the apache error log is prepended by something like this:
 [Tue Sep 18 14:54:30 2012] [error] [client 1.2.3.4]
 The referer is someting like this:
 http://myserver.net/cgi-bin/qmailadmin/com/addmailinglist?user=postmasterdom=adomain.co.uktime=1347976179
 replaced with xxx

 Here is the log snippet pruned for easier reading:

 *** buffer overflow detected ***: /usr/lib/cgi-bin/qmailadmin
 terminated, referer: xxx
 === Backtrace: =, referer: xxx
 /lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7f12e3f8e007],
 referer: xxx
 /lib/x86_64-linux-gnu/libc.so.6(+0x107f00)[0x7f12e3f8cf00], referer: xxx
 /lib/x86_64-linux-gnu/libc.so.6(+0x1075eb)[0x7f12e3f8c5eb], referer: xxx
 /lib/x86_64-linux-gnu/libc.so.6(__snprintf_chk+0x78)[0x7f12e3f8c4c8],
 referer: xxx
 /usr/lib/cgi-bin/qmailadmin[0x409534], referer: xxx
 /usr/lib/cgi-bin/qmailadmin[0x4107bc], referer: xxx
 /usr/lib/cgi-bin/qmailadmin[0x402fb5], referer: xxx
 /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed)[0x7f12e3ea676d],
 referer: xxx
 /usr/lib/cgi-bin/qmailadmin[0x403551], referer: xxx
 === Memory map: , referer: xxx
 0040-00431000 r-xp  ca:01 12699746
 /usr/lib/cgi-bin/qmailadmin, referer: xxx
 0063-00631000 r--p 0003 ca:01 12699746
 /usr/lib/cgi-bin/qmailadmin, referer: xxx
 00631000-00632000 rw-p 00031000 ca:01 12699746
 /usr/lib/cgi-bin/qmailadmin, referer: xxx
 00632000-0063d000 rw-p  00:00 0 , referer: xxx
 0078d000-007ae000 rw-p  00:00 0[heap],
 referer: xxx
 7f12e3c6f000-7f12e3c84000 r-xp  ca:01 10092763
 /lib/x86_64-linux-gnu/libgcc_s.so.1, referer: xxx
 7f12e3c84000-7f12e3e83000 ---p 00015000 ca:01 10092763
 /lib/x86_64-linux-gnu/libgcc_s.so.1, referer: xxx
 7f12e3e83000-7f12e3e84000 r--p 00014000 ca:01 10092763
 /lib/x86_64-linux-gnu/libgcc_s.so.1, referer: xxx
 7f12e3e84000-7f12e3e85000 rw-p 00015000 ca:01 10092763
 /lib/x86_64-linux-gnu/libgcc_s.so.1, referer: xxx
 7f12e3e85000-7f12e4038000 r-xp  ca:01 10092730
 /lib/x86_64-linux-gnu/libc-2.15.so, referer: xxx
 7f12e4038000-7f12e4237000 ---p 001b3000 ca:01 10092730
 /lib/x86_64-linux-gnu/libc-2.15.so, referer: xxx
 7f12e4237000-7f12e423b000 r--p 001b2000 ca:01 10092730
 /lib/x86_64-linux-gnu/libc-2.15.so, referer: xxx
 7f12e423b000-7f12e423d000 rw-p 001b6000 ca:01 10092730
 /lib/x86_64-linux-gnu/libc-2.15.so, referer: xxx
 7f12e423d000-7f12e4242000 rw-p  00:00 0 , referer: xxx
 7f12e4242000-7f12e424b000 r-xp  ca:01 10092783
 /lib/x86_64-linux-gnu/libcrypt-2.15.so, referer: xxx
 7f12e424b000-7f12e444b000 ---p 9000 ca:01 10092783
 /lib/x86_64-linux-gnu/libcrypt-2.15.so, referer: xxx
 7f12e444b000-7f12e444c000 r--p 9000 ca:01 10092783
 /lib/x86_64-linux-gnu/libcrypt-2.15.so, referer: xxx
 7f12e444c000-7f12e444d000 rw-p a000 ca:01 10092783
 /lib/x86_64-linux-gnu/libcrypt-2.15.so, referer: xxx
 7f12e444d000-7f12e447b000 rw-p  00:00 0 , referer: xxx
 7f12e447b000-7f12e449d000 r-xp  ca:01 10092751
 /lib/x86_64-linux-gnu/ld-2.15.so, referer: xxx
 7f12e4688000-7f12e468b000 rw-p  00:00 0 , referer: xxx
 7f12e4697000-7f12e469d000 rw-p  00:00 0 , referer: xxx
 7f12e469d000-7f12e469e000 r--p 00022000 ca:01 10092751
 /lib/x86_64-linux-gnu/ld-2.15.so, referer: xxx
 7f12e469e000-7f12e46a rw-p 00023000 ca:01 10092751
 /lib/x86_64-linux-gnu/ld-2.15.so, referer: xxx
 7fff3851d000-7fff3853e000 rw-p  00:00 0[stack],
 referer: xxx
 7fff385ff000-7fff3860 r-xp  00:00 0[vdso],
 referer: xxx
 ff60-ff601000 r-xp  00:00 0
 [vsyscall], referer: xxx


 -- 
 -
 Bob Hutchinson
 Midwales dot com
 -



 
 
 
 
 
 


-- 
-
Bob Hutchinson
Midwales dot com
-

!DSPAM:5059ca2a34211204981993!