Bug report on cyrus-common-2.4: sieved crashes with exit status 139

[Henrique de Moraes Holschuh]

On Thu, 27 Jun 2013, Alexandre Rebert wrote:
> We found a crash in sieved contained in the cyrus-common-2.4 package.  You
> are being contacted because your are listed as one of the maintainer of
> cyrus-common-2.4.

Thank you.

> We are planning to submit the bug to the Debian bug tracking system in two
> weeks. We wanted to give you a heads-up, so that you some time to assess the
> seriousness of the bug before it is publicly disclosed.

sieved is an unpriviledged network service.  It uses fds 0, 1 and 2 for
internal cyrus communication with the cyrus superserver.  It looks like
sending crap over one of these control channels can cause it to segfault.
This cannot happen on normal operation, as fds 0, 1 and 2 will be under
control of cyrmaster, the cyrus superserver (works like inetd on steroids).

So, at first glance, it looks like the security impact should be
minimal/nonexistent as there is no user-accessible or remote-accessible
vector to cause the crash.  It is obviously a bug to be fixed though,
probably by submitting a patch upstream.

PS: I did not try to reproduce the crash, I just looked at the crash.sh
script.

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh