From owner-freebsd-ports Mon Sep 4 23:30:15 2000 Delivered-To: freebsd-ports@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id D48D937B440 for ; Mon, 4 Sep 2000 23:30:02 -0700 (PDT) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id XAA47651; Mon, 4 Sep 2000 23:30:02 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from scoliosis.toadshow.com.au (scoliosis.toadshow.com.au [203.55.174.154]) by hub.freebsd.org (Postfix) with ESMTP id 44EA537B423 for ; Mon, 4 Sep 2000 23:27:41 -0700 (PDT) Received: (from troy@localhost) by scoliosis.toadshow.com.au (8.11.0/8.11.0) id e856VmZ07941; Tue, 5 Sep 2000 16:31:48 +1000 (EST) (envelope-from troy) Message-Id: <200009050631.e856VmZ07941@scoliosis.toadshow.com.au> Date: Tue, 5 Sep 2000 16:31:48 +1000 (EST) From: Troy Bell Reply-To: troy@asiaonline.net To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.2 Subject: ports/21055: popper3 dumps core Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 21055 >Category: ports >Synopsis: popper3 dumps core >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Sep 04 23:30:02 PDT 2000 >Closed-Date: >Last-Modified: >Originator: Troy Bell >Release: FreeBSD 4.1-STABLE i386 >Organization: Asia Online Brisbane >Environment: qpopper version 3.0.2 >Description: This server handles mail for a MAC network. All MAC email clients, such as netscape mail, eudora, etc. work fine with qpopper, but when using Microsoft Outlook Express for the MAC to check mail from the server, it "doesn't work". Qpopper dumps core, and terminates the current session (if any) with the user: Sep 5 15:51:59 scoliosis /kernel: pid 3573 (popper3), uid 0: exited on signal 11 (core dumped) Sep 5 15:56:12 scoliosis /kernel: pid 3586 (popper3), uid 0: exited on signal 11 (core dumped) GDB backtrace: Core was generated by `popper3'. Program terminated with signal 11, Segmentation fault. Reading symbols from /usr/lib/libmd.so.2...done. Reading symbols from /usr/lib/libutil.so.3...done. Reading symbols from /usr/lib/libcrypt.so.2...done. Reading symbols from /usr/lib/libc.so.4...done. Reading symbols from /usr/libexec/ld-elf.so.1...done. #0 0x80565b8 in Qvsnprintf (s=0xbfbfe5eb "", n=1016, format=0x8058700 " not available (user %s): %s (%s)", ap=0xbfbfe9b4 "ðö¿¿äÂ\005\bðö¿¿sf\005\b\001") at snprintf.c:230 230 if ( width != -1 && width > strlen(sval) ) { (gdb) bt #0 0x80565b8 in Qvsnprintf (s=0xbfbfe5eb "", n=1016, format=0x8058700 " not available (user %s): %s (%s)", ap=0xbfbfe9b4 "ðö¿¿äÂ\005\bðö¿¿sf\005\b\001") at snprintf.c:230 #1 0x804c4ba in pop_msg (p=0xbfbff6f0, stat=POP_FAILURE, fn=0x0, ln=0, format=0x8058700 " not available (user %s): %s (%s)") at pop_msg.c:102 #2 0x8050844 in pop_apop (p=0xbfbff6f0) at pop_apop.c:182 #3 0x804ed9d in main (argc=1, argv=0xbfbffcf0) at popper.c:225 #4 0x8049a75 in _start () -- This happens every time the user checks mail (was noticable when the user had her mail client set to check email every 5 minutes). These MACs are connecting to this mailserver via a linux box that does masquerading (so it's not a "direct" connection as such). The linux box is running kernel 2.2.16. >How-To-Repeat: POP your mail using MS Outlook Express for MAC. >Fix: No known workaround from our end. Hoping you can provide one, as UID 0 and snprintf() doesn't sound nice together :) (let's hope it's not exploitable, if it is indeed a problem). >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message