Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Fri, 27 Jan 2006 10:23:09 +0300
From: Solar Designer <solar@...nwall.com>
To: bug@...cmail.org
Cc: xvendor@...ts.openwall.com
Subject: Re: procmail mailbox truncation bug

Hi,

A while ago I wrote about a procmail bug resulting in mailbox
corruptions and provided a patch.  Well, Dr. Werner Fink of SuSE has
discovered a bug in my patch (and Sebastian Krahmer brought it to my
attention).  I had overlooked the fact that the "lasttell" variable is
also used from comsat.c, so my patch broke comsat/biff functionality.

There's now an updated patch which does not alter the value of
"lasttell", available at this same CVSweb URL:

http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/procmail/

It's revision 1.2 of procmail-3.22-owl-truncate.diff.

With apologies for the bug,

Alexander

On Sun, Nov 06, 2005 at 02:25:38PM +0300, Solar Designer wrote:
> There's a really nasty bug in procmail, both 3.15.2 and 3.22 are affected.
> 
> The bug is basically that procmail, when running into a disk quota or a
> full partition, would truncate the mailbox file back to its prior size
> _after_ releasing the lock.  This has resulted in numerous mailbox
> corruptions on a mail server I co-administer and a week ago I managed to
> reproduce this on purpose (with several instances of procmail being the
> only software accessing the mailbox).  After my fix, I am no longer
> able to reproduce this and there have been no further mailbox corruptions
> during this week, so the fix appears to work.
> 
> The patch can be found in our CVSweb:
> 
> http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/procmail/
> 
> It's procmail-3.22-owl-truncate.diff
> 
> No, it's not dirty, it just follows procmail's original coding style.
> No added gotos, sorry.
> 
> The official fix might need to be slightly different to not rely on
> ftruncate().
> 
> -- 
> Alexander Peslyak <solar at openwall.com>
> GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
> http://www.openwall.com - bringing security into open computing environments

Powered by blists - more mailing lists

Please check out the xvendor mailing list charter.