diff options
author | Matthias Andree <matthias.andree@gmx.de> | 2006-01-19 02:16:36 +0000 |
---|---|---|
committer | Matthias Andree <matthias.andree@gmx.de> | 2006-01-19 02:16:36 +0000 |
commit | 22367a0d0236bfcc184bc686a9118ee0b6f7163c (patch) | |
tree | 551272f0dd8783ef68304a996eae2d31d113822b | |
parent | 3d3e4aae94e2ec4930cf74921e27a22e6f6be18f (diff) | |
download | fetchmail-22367a0d0236bfcc184bc686a9118ee0b6f7163c.tar.gz fetchmail-22367a0d0236bfcc184bc686a9118ee0b6f7163c.tar.bz2 fetchmail-22367a0d0236bfcc184bc686a9118ee0b6f7163c.zip |
Fix segfault or bus error after bouncing a message. This bug was
introduced into 6.3.0 when removing alloca(); it caused fetchmail to
free random memory. Reported by Nathaniel W. Turner, Debian Bug#348747.
svn path=/branches/BRANCH_6-3/; revision=4652
-rw-r--r-- | NEWS | 3 | ||||
-rw-r--r-- | sink.c | 9 |
2 files changed, 10 insertions, 2 deletions
@@ -60,6 +60,9 @@ fetchmail 6.3.2 (to be released): * Add missing --help text for "--sslcertck" option. Matthias Andree. * fetchmailconf.py: Accept --help and --version. Matthias Andree. * fetchmail --version now prints the copyright notice. Matthias Andree. +* Fix segfault or bus error after bouncing a message. This bug was introduced + into 6.3.0 when removing alloca(); it caused fetchmail to free random memory. + Reported by Nathaniel W. Turner, Debian Bug#348747. Fix: Matthias Andree. fetchmail 6.3.1 (released 2005-12-19): @@ -984,14 +984,19 @@ transient: #ifdef EXPLICIT_BOUNCE_ON_BAD_ADDRESS /* * This should not be necessary, because the SMTP listener itself - * should genrate a bounce for the bad address. + * should generate a bounce for the bad address. + * + * XXX FIXME 2006-01-19: is this comment true? I don't think + * it is, because the SMTP listener isn't required to accept bogus + * messages. There appears to be general SMTP<->MDA and + * responsibility confusion. */ if (*bad_addresses) send_bouncemail(ctl, msg, XMIT_RCPTBAD, "Some addresses were rejected by the MDA fetchmail forwards to.\r\n", *bad_addresses, from_responses); while (*bad_addresses) - free(from_responses[*--bad_addresses]); + free(from_responses[--*bad_addresses]); free(from_responses); #endif /* EXPLICIT_BOUNCE_ON_BAD_ADDRESS */ |