From owner-freebsd-ports-bugs@FreeBSD.ORG Thu Sep 25 06:40:42 2003 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8BBD116A4BF for ; Thu, 25 Sep 2003 06:40:42 -0700 (PDT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0ED0344047 for ; Thu, 25 Sep 2003 06:40:21 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.9/8.12.9) with ESMTP id h8PDeKFY003225 for ; Thu, 25 Sep 2003 06:40:20 -0700 (PDT) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.9/8.12.9/Submit) id h8PDeK65003224; Thu, 25 Sep 2003 06:40:20 -0700 (PDT) (envelope-from gnats) Resent-Date: Thu, 25 Sep 2003 06:40:20 -0700 (PDT) Resent-Message-Id: <200309251340.h8PDeK65003224@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Matthew Seaman Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 69E0F16A4B3; Thu, 25 Sep 2003 06:36:11 -0700 (PDT) Received: from smtp.infracaninophile.co.uk (smtp.infracaninophile.co.uk [81.2.69.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4251A43FF9; Thu, 25 Sep 2003 06:36:06 -0700 (PDT) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [127.0.0.1]) h8PDZVWT006737 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 25 Sep 2003 14:36:01 +0100 (BST) (envelope-from matthew@happy-idiot-talk.infracaninophile.co.uk) Received: (from matthew@localhost)id h8PDZVuo006736; Thu, 25 Sep 2003 14:35:31 +0100 (BST) (envelope-from matthew) Message-Id: <200309251335.h8PDZVuo006736@happy-idiot-talk.infracaninophile.co.uk> Date: Thu, 25 Sep 2003 14:35:31 +0100 (BST) From: Matthew Seaman To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 cc: DougB@FreeBSD.org cc: leeym@FreeBSD.org Subject: ports/57210: mail/razor-agents -- Latest version of SpamAssassin tickles taint mode bug X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Matthew Seaman List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Sep 2003 13:40:42 -0000 >Number: 57210 >Category: ports >Synopsis: mail/razor-agents -- Latest version of SpamAssassin tickles taint mode bug >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Sep 25 06:40:20 PDT 2003 >Closed-Date: >Last-Modified: >Originator: Matthew Seaman >Release: FreeBSD 4.9-PRERELEASE i386 >Organization: Infracaninophile >Environment: System: FreeBSD happy-idiot-talk.infracaninophile.co.uk 4.9-PRERELEASE FreeBSD 4.9-PRERELEASE #31: Thu Sep 25 11:19:11 BST 2003 root@happy-idiot-talk.infracaninophile.co.uk:/usr/obj/usr/src/sys/HAPPY-IDIOT-TALK i386 >Description: The recent update of the mail/p5-Mail-SpamAssassin port resulted in numerous log file entries like the following: Sep 25 14:18:44 happy-idiot-talk spamd[6385]: razor2 check skipped: Insecure dependency in connect while running setuid at /usr/local/lib/perl5/5.8.0/mach/IO/Socket.pm line 114, line 64. This appears to be same as bug #2439 in the SpamAssassin bugzilla: http://bugzilla.spamassassin.org/show_bug.cgi?id=2439 Their analysis is that the latest Spamassassin is exposing some unsafe taint-mode behaviour in the Razor2 code: http://article.gmane.org/gmane.mail.spam.spamassassin.general/29666 >How-To-Repeat: Run SpamAssassin spamd/spamc programs with the Razor checks enabled. >Fix: The patches given in the gmane.org article are effective at curing the problem. I applied them directly to the installed Razor2 perl code, so paths aren't correct for putting the below directly into ports. --- razor.patch begins here --- --- Client/Config.pm~ 2002-11-25 19:13:59.000000000 +0100 +++ Client/Config.pm 2002-11-11 19:29:17.000000000 +0100 @@ -373,6 +373,7 @@ next unless /=/; my ($attribute, $value) = split /\=/, $_, 2; $attribute =~ s/^\s+//; $attribute =~ s/\s+$//; + $value = $1 if $value =~ /^(.*)$/; # untaint! $conf->{$attribute} = $self->parse_value($value); } $total++; --- Client/Core.pm~ 2002-11-25 19:07:38.000000000 +0100 +++ Client/Core.pm 2002-11-25 18:55:35.000000000 +0100 @@ -216,8 +216,10 @@ foreach $rr ($query->answer) { my $pushed = 0; if ($rr->type eq "A") { - push @list, $rr->address; - $pushed = 1; + if ($rr->address =~ m/^(\d+\.\d+\.\d+\.\d+)$/) { + push @list, $1; + $pushed = 1; + } } elsif ($rr->type eq "CNAME") { if ($rr->cname eq 'list.terminator') { pop @list if $pushed; --- razor.patch ends here --- >Release-Note: >Audit-Trail: >Unformatted: