[Pkg-dspam-misc] BUGREPORT: Weird user name comparison bug 3.6.8 ?
Flavien Lebarbe
flavien-dspam at lebarbe.net
Thu Jul 3 15:14:38 UTC 2008
Hi,
I'm using dspam 3.6.8-5etch1 from Debian etch on amd64. I just got
the same problem that was reported last year by Tim Small to the
dspam mailing-list but got no answer so far :
http://www.mail-archive.com/dspam-dev@lists.nuclearelephant.com/msg00086.html
This is a bug that has been fixed (two years ago) in version 1.71 of
agent_shared.c.
For the record (googlers love those), the problem in 1.70 is that
the AGENT_CTX ATX is initialised this way :
int initialize_atx(AGENT_CTX *ATX) {
[...]
char buf[1024];
[...]
getpwuid_r(getuid(), &ATX->pwbuf, buf, sizeof(buf), &ATX->p)
[...]
}
Then, in order to check the --user option, the code uses ATX->pw_name.
However, as shown previously, it points to a buffer on the stack.
Oops !
It does not seem to crash on i386 (luck! I'm using this code on a
production machine for a long time !) but I bumped on it on amd64
(Debian etch), as did the previous reporter.
In my case, I can afford removing the --user XXX option, so the
bug is not triggered. I'll do that. Other users might want to
upgrade. :o)
Flavien.
More information about the Pkg-dspam-misc
mailing list