A small but deadly bug in new QPopper2.5

[jcea () ARGO ES (Jesús Cea Avión)]

I've just installed qpopper 2.5, released last night
(ftp://ftp.qualcomm.com/eudora/servers/unix/popper/), after reading the
last bugtraq security postings and patch my good old qpopper 2.2. But it
has a bug which prevents the use of bulletins.

The first time an user reads its mailbox with new bulletins, the server
dies. The second time (inetd launchs it) it blocks since the flock was
not released.

Time to sleep again :-).


Patch included:


*** pop_bull.c.old      Tue Jun 30 15:48:34 1998
--- pop_bull.c  Tue Jun 30 15:51:54 1998
***************
*** 271,278 ****
         dbm_store(p->bull_db, name, bull_count, DBM_REPLACE);
         dbm_close(p->bull_db);
  #endif
-        p->bull_db = NULL;
         flock(dbm_dirfno(p->bull_db), LOCK_UN);
  #else
         /* Update the user's .popbull file. */
         popBull = fopen(popBullName, "w");
--- 271,278 ----
         dbm_store(p->bull_db, name, bull_count, DBM_REPLACE);
         dbm_close(p->bull_db);
  #endif
         flock(dbm_dirfno(p->bull_db), LOCK_UN);
+        p->bull_db = NULL;
  #else
         /* Update the user's .popbull file. */
         popBull = fopen(popBullName, "w");

--
Jesus Cea Avion                         _/_/      _/_/_/        _/_/_/
jcea () argo es http://www.argo.es/~jcea/ _/_/    _/_/  _/_/    _/_/  _/_/
                                      _/_/    _/_/          _/_/_/_/_/
PGP Key Available at KeyServ   _/_/  _/_/    _/_/          _/_/  _/_/
"Things are not so easy"      _/_/  _/_/    _/_/  _/_/    _/_/  _/_/
"My name is Dump, Core Dump"   _/_/_/        _/_/_/      _/_/  _/_/
"El amor es poner tu felicidad en la felicidad de otro" - Leibnitz