Date: Sun, 6 Nov 2005 14:25:38 +0300 From: Solar Designer <solar@...nwall.com> To: bug@...cmail.org Cc: xvendor@...ts.openwall.com Subject: procmail mailbox truncation bug Hi, There's a really nasty bug in procmail, both 3.15.2 and 3.22 are affected. The bug is basically that procmail, when running into a disk quota or a full partition, would truncate the mailbox file back to its prior size _after_ releasing the lock. This has resulted in numerous mailbox corruptions on a mail server I co-administer and a week ago I managed to reproduce this on purpose (with several instances of procmail being the only software accessing the mailbox). After my fix, I am no longer able to reproduce this and there have been no further mailbox corruptions during this week, so the fix appears to work. The patch can be found in our CVSweb: http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/procmail/ It's procmail-3.22-owl-truncate.diff No, it's not dirty, it just follows procmail's original coding style. No added gotos, sorry. The official fix might need to be slightly different to not rely on ftruncate(). -- Alexander Peslyak <solar at openwall.com> GPG key ID: B35D3598 fp: 6429 0D7E F130 C13E C929 6447 73C3 A290 B35D 3598 http://www.openwall.com - bringing security into open computing environments
Powered by blists - more mailing lists
Please check out the xvendor mailing list charter.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ