Bugtraq mailing list archives
Re: QPOPPER problem....
From: jmh () MAIL MSEN COM (Jeff Haas)
Date: Sat, 27 Jun 1998 16:16:05 -0400
On Sat, Jun 27, 1998 at 09:35:54AM -0700, Jason Ackley wrote:
Stock BSDi 3.0(3.1) all the latest patches(M310-034) DOES core dump , but does not print out the 'ERR', so BSDi people may want to keep that in mind..
I also tested with 2.4, and 2.41beta1, applying patches now and will see what it does..
2.41beta works perfectly fine for 2.1 and 3.1 of BSD/OS after patching. However, one of the patches mentioned here on the list was not correct. Additionally, we incorporated the change to drop_copy. If anyone wants a pre-compiled binary for 2.1 and 3.1, feel free to drop me a line. We have applied the following: *** qpopper2.41beta1/pop_msg.c Wed Nov 19 16:20:38 1997 --- qpopper2.41beta1.new/pop_msg.c Sat Jun 27 15:27:50 1998 *************** *** 63,69 **** /* Append the message (formatted, if necessary) */ if (format) #ifdef HAVE_VPRINTF ! vsprintf(mp,format,ap); #else # ifdef PYRAMID (void)sprintf(mp,format, arg1, arg2, arg3, arg4, arg5, arg6); --- 63,69 ---- /* Append the message (formatted, if necessary) */ if (format) #ifdef HAVE_VPRINTF ! vsnprintf(mp,sizeof(message) - (mp-message)- 3, format,ap); #else # ifdef PYRAMID (void)sprintf(mp,format, arg1, arg2, arg3, arg4, arg5, arg6); *** qpopper2.41beta1/pop_log.c Wed Nov 19 16:20:38 1997 --- qpopper2.41beta1.new/pop_log.c Sat Jun 27 14:07:19 1998 *************** *** 47,53 **** #endif #ifdef HAVE_VPRINTF ! vsprintf(msgbuf,format,ap); #else # ifdef PYRAMID (void)sprintf(msgbuf,format, arg1, arg2, arg3, arg4, arg5, arg6); --- 47,53 ---- #endif #ifdef HAVE_VPRINTF ! vsnprintf(msgbuf,sizeof(msgbuf),format,ap); #else # ifdef PYRAMID (void)sprintf(msgbuf,format, arg1, arg2, arg3, arg4, arg5, arg6); *** qpopper2.41beta1/pop_dropcopy.c Wed Nov 19 16:20:38 1997 --- qpopper2.41beta1.new/pop_dropcopy.c Sat Jun 27 14:11:47 1998 *************** *** 456,461 **** --- 456,462 ---- uidl_found--; /*roll over as though it hasn't seen anything*/ continue; } + if (strlen(cp) >= 128) cp[127] = 0; mp->uidl_str = (char *)strdup(cp); mp->length += nchar + 1; p->drop_size += nchar + 1;
Jason Ackley
P.S. Does anyone have any tricks for debugging this type of code when launched in a daemon situation? The core dumps are not useful since the stack is smashed and I don't know how to recover any valid stack frames. -- Jeffrey Haas -+- jmh () msen com -+- http://www.msen.com/~jmh /\/\sen, Inc. "Michigan's Best Run Internet Service Provider."
Current thread:
- Users can view script source from Win WebServers, (continued)
- Users can view script source from Win WebServers Aleph One (Jun 27)
- Re: QPOPPER problem.... ONE crude patch... Tom Brown (Jun 27)
- Re: QPOPPER problem.... ONE crude patch... Daniel Ryde (Jun 27)
- Re: QPOPPER problem.... ONE crude patch... Marco S Hyman (Jun 27)
- Re: QPOPPER problem.... Jason Ackley (Jun 27)
- Re: QPOPPER problem.... Bruno Lopes F. Cabral (Jun 27)
- patch: qpopper (plugs another hole too) Miquel van Smoorenburg (Jun 27)
- Re: QPOPPER problem.... Marco S Hyman (Jun 27)
- Re: QPOPPER problem.... Bruno Lopes F. Cabral (Jun 27)
- More patch ideas for qpopper Aaron D. Gifford (Jun 27)
- Re: QPOPPER problem.... Jeff Haas (Jun 27)
- Re: QPOPPER problem.... ONE crude patch... Daniel Ryde (Jun 27)
- Re: QPOPPER problem.... ONE crude patch... Yiorgos Adamopoulos (Jun 27)
- Re: QPOPPER problem.... ONE crude patch... Juan Diego Bolanhos Ramirez (Jun 27)
- Re: QPOPPER problem.... ONE crude patch... Bryan (Jun 27)
- NetBSD Security Advisory 1998-004: at(1) vulnerabilities. security-alert () NETBSD ORG (Jun 27)
- Re: !!! FLASH TRAFFIC !!! QPOPPER REMOTE ROOT EXPLOIT Miquel van Smoorenburg (Jun 27)