Dear Bill Shupp, I am attaching a patch to correct 2 bugs that I found while testing the qmail-toaster-0.9.1.patch.
Those bugs affect the files open_rw.c and spfquery.c BUG 1: The 'qmail-toaster-0.9.1.patch' patches the file 'open_rw.c' with the line '{ return open(fn,O_RDWR | O_CREAT); }'. This causes leaked memory to be read off the stack and interpreted as a file mode, which is asking for trouble. According to 'man 2 open': "mode specifies the permissions to use in case a new file is created. This argument must be supplied when O_CREAT is specified in flags;" Trying to compile 'open_rw.c' with gcc version >= 4.3.2, gives the error: ./compile open_rw.c In function ‘open’, inlined from ‘open_rw’ at open_rw.c:6: /usr/include/bits/fcntl2.h:51: error: call to ‘__open_missing_mode’ declared with attribute error: open with O_CREAT in second argument needs 3 arguments make: *** [open_rw.o] Error 1 BUG 2: Trying to compile spfquery.c, with gcc version >= 4.3.2, will give 2 errors. One related with the function main (which should the forced to int) and the other related with the string function strdup (which should be forced to char); Best regards, M. # --- cut here --- --- qmail-toaster-0.9.1.patch 2008-12-05 19:49:05.000000000 +0000 +++ qmail-toaster-0.9.1-1.patch 2008-12-05 01:47:53.000000000 +0000 @@ -6144,7 +6144,7 @@ +#include "open.h" + +int open_rw(fn) char *fn; -+{ return open(fn,O_RDWR | O_CREAT); } ++{ return open(fn,O_RDWR | O_CREAT, 0644); } diff -urN ../../netqmail-1.05-orig/netqmail-1.05/OTHERS.spamthrottle ./OTHERS.spamthrottle --- ../../netqmail-1.05-orig/netqmail-1.05/OTHERS.spamthrottle 1969-12-31 18:00:00.000000000 -0600 +++ ./OTHERS.spamthrottle 2007-04-17 17:54:12.649752784 -0500 @@ -11987,13 +11987,14 @@ diff -urN ../../netqmail-1.05-orig/netqmail-1.05/spfquery.c ./spfquery.c --- ../../netqmail-1.05-orig/netqmail-1.05/spfquery.c 1969-12-31 18:00:00.000000000 -0600 +++ ./spfquery.c 2007-04-17 17:54:12.686747160 -0500 -@@ -0,0 +1,84 @@ +@@ -0,0 +1,85 @@ +#include "substdio.h" +#include "subfd.h" +#include "stralloc.h" +#include "alloc.h" +#include "spf.h" +#include "exit.h" ++#include <string.h> + +void die(e,s) int e; char *s; { substdio_putsflush(subfderr,s); _exit(e); } +void die_usage() { die(100,"fatal: invalid usage\nusage: spfquery <sender-ip> <sender-helo/ehlo> <envelope-from> [<local rules>] [<best guess rules>]\n"); } @@ -12008,7 +12009,7 @@ +stralloc spfguess = {0}; +stralloc spfexp = {0}; + -+void main(argc,argv) ++int main(argc,argv) +int argc; +char **argv; +{ @@ -12017,7 +12018,7 @@ + + if (argc < 4) die_usage(); + -+ remoteip = (char *)strdup(argv[1]); ++ remoteip = (char *)strdup((const char *)argv[1]); + local = "localhost"; + + if (!stralloc_copys(&helohost, argv[2])) die_nomem(); # --- cut here ---