[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sun, 6 Nov 2005 14:25:38 +0300
From: Solar Designer <solar@...nwall.com>
To: bug@...cmail.org
Cc: xvendor@...ts.openwall.com
Subject: procmail mailbox truncation bug
Hi,
There's a really nasty bug in procmail, both 3.15.2 and 3.22 are affected.
The bug is basically that procmail, when running into a disk quota or a
full partition, would truncate the mailbox file back to its prior size
_after_ releasing the lock. This has resulted in numerous mailbox
corruptions on a mail server I co-administer and a week ago I managed to
reproduce this on purpose (with several instances of procmail being the
only software accessing the mailbox). After my fix, I am no longer
able to reproduce this and there have been no further mailbox corruptions
during this week, so the fix appears to work.
The patch can be found in our CVSweb:
http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/procmail/
It's procmail-3.22-owl-truncate.diff
No, it's not dirty, it just follows procmail's original coding style.
No added gotos, sorry.
The official fix might need to be slightly different to not rely on
ftruncate().
--
Alexander Peslyak <solar at openwall.com>
GPG key ID: B35D3598 fp: 6429 0D7E F130 C13E C929 6447 73C3 A290 B35D 3598
http://www.openwall.com - bringing security into open computing environments
Powered by blists - more mailing lists
Please check out the
xvendor mailing list charter.
