Date: Wed, 6 Oct 1999 07:43:13 +1000 From: Peter Jeremy <peter.jeremy@alcatel.com.au> To: Ruslan Ermilov <ru@ucb.crimea.ua> Cc: gnats-admin@FreeBSD.ORG, freebsd-bugs@FreeBSD.ORG Subject: Re: bin/14069: Buffer overflow in mail(1) Message-ID: <99Oct6.073949est.40331@border.alcanet.com.au> In-Reply-To: <19991005102521.A27498@relay.ucb.crimea.ua> References: <99Oct1.143612est.40354@border.alcanet.com.au> <19991001182849.A28871@relay.ucb.crimea.ua> <99Oct5.094616est.40329@border.alcanet.com.au> <19991005102521.A27498@relay.ucb.crimea.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
--ZwgA9U+XZDXt4+m+ Content-Type: text/plain; charset=us-ascii Hi Ruslan, On 1999-Oct-05 17:25:21 +1000, Ruslan Ermilov wrote: >On Tue, Oct 05, 1999 at 09:49:37AM +1000, Peter Jeremy wrote: >> On 1999-Oct-10 01:28:49 +1000, Ruslan Ermilov wrote: >> >Could you please gzip and send me your test mbox? >> >> See attached. (I was worried about the test being corrupted in >> transit, but the bug reporting rules discourage non-text attachments). >> >Can't reproduce, see attached. I've found that the test file I used does not trigger the problem when mail is compiled without `-O'. Increasing the number of `To:' addresses in the test file _does_ trigger the problem. I've enclosed a new test file. Let me know if this still doesn't work for you and I'll send you my binary and core. Note that David Rivers also pointed out that there's an off-by-1 bug in the alloca (since I forgot the terminating NUL). Peter -- Peter Jeremy (VK2PJ) peter.jeremy@alcatel.com.au Alcatel Australia Limited 41 Mandible St Phone: +61 2 9690 5019 ALEXANDRIA NSW 2015 Fax: +61 2 9690 5982 --ZwgA9U+XZDXt4+m+ Content-Type: application/x-gunzip Content-Disposition: attachment; filename="jeremyp.3.gz" Content-Transfer-Encoding: base64 H4sICKtu+jcAA2plcmVteXAuMwDlllmP28gRgJ9Xv6KxeRljM+WR7LFntI5B3Wc3+76CYKCD kqiLEkWdvz6UtN71Ghsk7yEFEVB9qq6vSXZ1M01WaOC982C98TrwyksvPHDPwFOEkzUS0QaV PqPiS7lYzD+o+Pr6WuBRtk/Xj3SQzcroiw898YB93/cC3/Ud3/bQ8k3wja85OYriQzQuo8l1 MF/3NV8FX/EXf/Zw8kfwB/Tg9z7zO/Cp3/qNh8Svwa/QP4sfXqH48gKlJyj+613hp+EZ+aVf +Dn42M/81MPER+DH6OEFXuHD+9v3O3SMsxlqCCwpisdIVCrFz6XXT4WfJkmKvsyjNFqdN4Ef +aEfgHPWGafBKQfSff316vz3q/DV++r6zfwJ/VJ8enpCDw0h81IeovUhWiab6PHmJRx3DBx1 oQuIw67veuC6Djru3Y9T0HYtB03XAFd3NVd1UHEXcGf0sJpMi985f7g6o1zZndzRHcDtXeZ2 DlK3Bbe5Kudnrvz5r5WfSy/P6E/GLnFrtwK3dAs3dxC7Gbjp/2z8g4WbuMiNwY3c0A0sWGNB 22u1ykqwwnLLLFAbgiUF9EBxvYn0M5QeP5TQ3z58/vSx+GPNX56K3Va75IznwlT7nxxuBRZb 6Nue7doO2LaFlv1auDl9U2rahq1bqNmqrdgL2LOFk0UPIa9RidLJ6KVU+vVoD3YPNrM7mwZ2 azc2sbC2K7DLdwX01/pPr+WPz3f978QfbuabdDwYr4JlMhosZ8kuy5Pk2nZh5zYGO7NTO7EQ 2THYEXqodOzH/MFUtSr6dr/yM//L/S6VPn98Lt2M7NAODBhtlJGBEYYbZoCaEAz5DyU+l0uf fiuxPsii8n+lmnn1ZWSw6Rvoma7pBKZtWqZpoGHqYGrooef6nQYSuCPb7wpiP5xHo6yMSJLF k3g0yOJ8OUgmaLLPX/4IZVG6itf3X0+/HQWZ5CNUzVvFXMzZnExwNAezN5CZnUnNFszGQGJu 2Nqs3szSLMzcxIGZmamZgInM2IwMDM0AtL5hSss3LQLNNdMUdKiJxhr6uge6ewN0R7+1dUs3 dSPQdV3TVdAVfdFnDSd9BH24U3v9lumdTvVWBxud6LWGlV7qhZ6DjjXM7qNN9eRNR3qsg5Ee 6oECJZVQXAFTFFR4r4ioN6z6qqeCruqotoKWaqqGqoOqKaiqG1RRlzd1Vid1DNRB7VUGaqdS tVWwUQmo9T3TSr0tVbBQcxUrmKmpmqgI1FjB6J5lqAZvUgrJJZMBlaEkErDsy57sguxIaMsb 1pJN2ZB1CTVZlRUZXORZnuQR5EHC/o5kcidTkFu5kUkg13IllxIWcg4yvsXlTE7lREIkx3Ik g6EcCMEFMEFB3LUFEVj0RU90QXREW7RE0BQNURc1EFUBFXGjLuIsTuIo4CD2IhPBTqRiKzYg EgHrO7ISS7EQMBdBLGZiKiYgIgHje3AkhgIGnDMeUB5ywjHwPocev0W7vMPbwFs8aPIGr/Ma 8CqHyj144Wd+An7kh4DvecZ3HFK+Bb65RXnC13zFl8AXfM7jgM/4lE84RHwMfHRHhnwAjFEW MsICzPqsx7rAOgza7D7PrMkarM5qDKqswi7sHLATO7IDgz3LgO1uFEvZlm2AJWzNVixYsgWb sxjYjMH0nmfCIjZmIzZkA6A0pIRi2qdBj3Zph7aBtig06f892aB1WqNVChV6ocGZnuiRHoDu KWR3YEdToFu6oUFC13RFl0AXFOb3YExndEphQiM6DuiIDukghJCEgO+Pcz/sQdgNg07YDlth E8JGCPV7qBZWQ6iEl/AcnsJjEB7CfZiFsAtTCLc3ItyESbiGcBUuw0U4D+NwFgbTcBJG4RjC UQjDe6YBIZhAn/RIlwQd0iYt0gTSIFAn95FIlVSAXMiZBCdyJAeyB5IR2N3DKdkS2JCErMmK BEuyIHMSA5kRmN6BCYkIjMmIDAMywLiPe4C7GDo471qb5fkxy5k2buEm4Aau46CGq7iCL4DP GE74hwUfR7vdYBo9xnmr+3LEB7zHGd7hFMMWb26dKsAJXuMV4CVe4DmGGM8AT78WcAc3Hg9R ust7QRkV4algH/EgXkZpvmxUKOLvP6DOOm8Y6yhD1wBq5R3rODijfJPTeSnUkjy4zh6z8ybv Y7Jh5Xvar3TyzldrV7hoyH/83BHh48vL8+tj8ec/8HSw3k2i9DFaj5JxvJ6W0edqRxYK8rvW dO2NqIyeilDMd5HXzWuhsdosk3MU5Z2t/HvrQop2ysj7b53sD2iwuiawN8j+Bt+vBZOkC1QZ j9N86nKmAqX3xSaCAp0l6wg1TnmZ1zlB5QJNdvGtnizOltd8v4/7w/Wath5tBmm2yh2/A/+E fE+L/SZKD/Eu30XkAreoy65HofBvXac/RuELAAA= --ZwgA9U+XZDXt4+m+-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?99Oct6.073949est.40331>