[pkg-fetchmail-maint] Bug#449179: fetchmail: smbutil.c:90: unicodeToString: Assertion `len+1 < sizeof buf' failed.

Stepan Golosunov stepan at golosunov.pp.ru
Sat Nov 3 21:16:26 UTC 2007 

Package: fetchmail
Version: 6.3.8-9
Severity: important
Tags: security

After upgrading from 6.3.6-1etch1 fetchmail crashes with

Nov  3 23:12:44 sghpc fetchmail[10383]: starting fetchmail 6.3.8 daemon 
Nov  3 23:12:44 sghpc fetchmail[10383]: Server certificate verification error: self signed certificate
Nov  3 23:12:44 sghpc fetchmail[10383]: Server certificate verification error: certificate has expired
Nov  3 23:12:45 sghpc fetchmail[10383]: Error exchanging credentials
Nov  3 23:12:45 sghpc fetchmail[10383]: could not decode BASE64 challenge
Nov  3 23:12:45 sghpc fetchmail[10383]: terminated with signal 6


sghpc% sudo env LC_ALL=C /etc/init.d/fetchmail debug-run
/etc/init.d/fetchmail: Initiating debug run of system-wide fetchmail service...
/etc/init.d/fetchmail: script will be run in debug mode, all output to forced to
/etc/init.d/fetchmail: stdout. This is not enough to debug failures that only
/etc/init.d/fetchmail: happen in daemon mode.
/etc/init.d/fetchmail: You might want to direct output to a file, and tail -f it.
/etc/init.d/fetchmail: Stopping the service...
* Pidfile not found! Is fetchmail running?
/etc/init.d/fetchmail: exit status of service stop was: 0
/etc/init.d/fetchmail: RUNUSER is fetchmail
/etc/init.d/fetchmail: OPTIONS would be  -f /etc/fetchmailrc --pidfile /var/run/fetchmail/fetchmail.pid -d 300 --syslog
/etc/init.d/fetchmail: Starting service in nodetach mode, hit ^C (SIGINT/intr) to finish run...
fetchmail: starting fetchmail 6.3.8 daemon 
fetchmail: 6.3.8 querying mail.hw.ru (protocol IMAP) at Sun Nov  4 00:53:07 2007: poll started
Trying to connect to 194.67.32.240/993...connected.
fetchmail: Issuer Organization: RBC Soft
fetchmail: Issuer CommonName: mail.hw.ru
fetchmail: Server CommonName: mail.hw.ru
fetchmail: mail.hw.ru key fingerprint: 3E:6F:46:74:6B:8A:71:AD:1B:53:8C:80:AD:F5:74:03
fetchmail: Server certificate verification error: self signed certificate
fetchmail: Server certificate verification error: certificate has expired
fetchmail: IMAP< * OK CommuniGate Pro IMAP Server 5.0.14 at mail.hw.ru ready
fetchmail: IMAP> A0001 CAPABILITY
fetchmail: IMAP< * CAPABILITY IMAP4 IMAP4REV1 ACL NAMESPACE UIDPLUS IDLE LITERAL+ QUOTA ID MULTIAPPEND LISTEXT CHILDREN BINARY LOGIN-REFERRALS UNSELECT STARTTLS AUTH=LOGIN AUTH=PLAIN AUTH=CRAM-MD5 AUTH=DIGEST-MD5 AUTH=GSSAPI AUTH=MSN AUTH=NTLM
fetchmail: IMAP< A0001 OK completed
fetchmail: Protocol identified as IMAP4 rev 1
fetchmail: Using service name [imap at mail.hw.ru]
fetchmail: IMAP> A0002 AUTHENTICATE GSSAPI
fetchmail: IMAP< + 
fetchmail: Sending credentials
fetchmail: Error exchanging credentials
fetchmail: IMAP< + 
fetchmail: IMAP> A0003 *
fetchmail: IMAP> A0004 AUTHENTICATE CRAM-MD5
fetchmail: IMAP< A0002 NO unknown GSSAPI method
fetchmail: could not decode BASE64 challenge
fetchmail: IMAP> A0005 *
fetchmail: IMAP> A0006 AUTHENTICATE NTLM
fetchmail: IMAP< + PDcxMjcuMTE5NDEyMzE5MUBtYWlsLmh3LnJ1Pg==
NTLM Request:
      Ident = NTLMSSP
      mType = 1
      Flags = 0000b207
       User = sghpc
     Domain = golosunov.pp.ru
fetchmail: IMAP> TlRMTVNTUAABAAAAB7IAAAUABQAgAAAADwAPACUAAABzZ2hwY2dvbG9zdW5vdi5wcC5ydQ==
fetchmail: IMAP< A0004 NO incorrect E-mail address
NTLM Challenge:
      Ident = M4
      mType = 5
fetchmail: smbutil.c:90: unicodeToString: Assertion `len+1 < sizeof buf' failed.
fetchmail: terminated with signal 6
fetchmail: Deleting fetchids file.
/etc/init.d/fetchmail: End of service run. Exit status was: 0


Adding " auth cram-md5" to fetchmailrc fixed the situation for me.

-- System Information:
Debian Release: lenny/sid
  APT prefers testing
  APT policy: (900, 'testing'), (800, 'stable')
Architecture: i386 (x86_64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.22-3-amd64
Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8)

Versions of packages fetchmail depends on:
ii  adduser               3.102              Add and remove users and groups
ii  debianutils           2.25.1             Miscellaneous utilities specific t
ii  libc6                 2.6.1-1+b1         GNU C Library: Shared libraries
ii  libcomerr2            1.40.2-1           common error description library
ii  libkrb53              1.6.dfsg.3~beta1-2 MIT Kerberos runtime libraries
ii  libssl0.9.8           0.9.8g-1           SSL shared libraries
ii  lsb-base              3.1-24             Linux Standard Base 3.1 init scrip

Versions of packages fetchmail recommends:
ii  ca-certificates               20070303   Common CA Certificates PEM files

-- debconf-show failed

More information about the pkg-fetchmail-maint mailing list