Mailing List Archive

John Jetmore wrote:
> This morning I tried to type something like this on a 3.36 installation:
>
> mailq -DSPOOL=/path/to/alt/spool
>
> and I accidently typed this:
>
> mailq -D=/path/to/alt/spool
>
> exim ran away, consuming memory and cycles for about 5 minutes before I
> killed it (I had switched to another window). I realize this is a typo
> and exim isn't required to behave nicely since I screwed up, but I felt
> either I don't understand what's going on or there's a problem.
>
> I also know 3.36 is old, but I thought the same problem might exist in 4.

Happens with exim 4.05 too, and the worst thing, it happens even as
non-root.

ciao

John Jetmore wrote:
> This morning I tried to type something like this on a 3.36 installation:
>
> mailq -DSPOOL=/path/to/alt/spool
>
> and I accidently typed this:
>
> mailq -D=/path/to/alt/spool
>
> exim ran away, consuming memory and cycles for about 5 minutes before I
> killed it (I had switched to another window). I realize this is a typo
> and exim isn't required to behave nicely since I screwed up, but I felt
> either I don't understand what's going on or there's a problem.
>
> I also know 3.36 is old, but I thought the same problem might exist in 4.

This should fix the problem for 4.05, at least i think so, it adds a
syntax-check,
so the macro-definition MUST start with a alphanumeric-character.


root@masta /usr/src/exim-4.05/src# diff -u exim.c.org exim.c
--- exim.c.org Tue Jul 16 13:52:47 2002
+++ exim.c Tue Jul 16 13:53:34 2002
@@ -1186,7 +1186,7 @@
uschar name[24];
uschar *s = argrest;

- if (*s == 0)
+ if (*s == 0 || !isalnum(*s))
{
if(++i < argc) s = argv[i]; else
{ badarg = TRUE; break; }

On Tue, 16 Jul 2002, John Jetmore wrote:

> I also know 3.36 is old, but I thought the same problem might exist in 4.

It does. I've fixed it for 4.10. Thank you.

--
Philip Hazel University of Cambridge Computing Service,
ph10@cus.cam.ac.uk Cambridge, England. Phone: +44 1223 334714.

On Tue, 16 Jul 2002, Nico Erfurth wrote:

> This should fix the problem for 4.05, at least i think so, it adds a
> syntax-check,
> so the macro-definition MUST start with a alphanumeric-character.

No, that isn't the right fix, I'm afraid. It would cause Exim to take
the next argument as the data for -D when -D was not followed by an
alphanumeric character. This is the right fix (also includes a minor
formatting typo):


*** 1197,1206 ****
s++;
}
name[ptr] = 0;
while (isspace(*s)) s++;
if (*s == 0)
{
! if(++i < argc) s = argv[i]; else
{ badarg = TRUE; break; }
}
if (*s++ != '=') { badarg = TRUE; break; }
--- 1197,1207 ----
s++;
}
name[ptr] = 0;
+ if (ptr == 0) { badarg = TRUE; break; }
while (isspace(*s)) s++;
if (*s == 0)
{
! if (++i < argc) s = argv[i]; else
{ badarg = TRUE; break; }
}
if (*s++ != '=') { badarg = TRUE; break; }



--
Philip Hazel University of Cambridge Computing Service,
ph10@cus.cam.ac.uk Cambridge, England. Phone: +44 1223 334714.

Philip Hazel wrote:
> On Tue, 16 Jul 2002, Nico Erfurth wrote:
>
>
>>This should fix the problem for 4.05, at least i think so, it adds a
>>syntax-check,
>>so the macro-definition MUST start with a alphanumeric-character.
>
>
> No, that isn't the right fix, I'm afraid. It would cause Exim to take
> the next argument as the data for -D when -D was not followed by an
> alphanumeric character. This is the right fix (also includes a minor
> formatting typo):

Ok, next time i should have a closer look ;))

ciao