[7114] in bugtraq
A small but deadly bug in new QPopper2.5
daemon@ATHENA.MIT.EDU (=?iso-8859-1?Q?Jes=FAs?= Cea =?iso)
Tue Jun 30 13:21:43 1998
Date: Tue, 30 Jun 1998 16:21:18 +0000
Reply-To: =?iso-8859-1?Q?Jes=FAs?= Cea =?iso-8859-1?Q?Avi=F3n?= <jcea@ARGO.ES>
From: =?iso-8859-1?Q?Jes=FAs?= Cea =?iso-8859-1?Q?Avi=F3n?= <jcea@ARGO.ES>
X-To: qpopper@qualcomm.com, hacking@argo.es, rsanz@argo.es,
Lista proveedores QMD <proveedores_qmd@syntax-error.org>,
Lista de Proveedores Internet <proveedores@listserv.rediris.es>
To: BUGTRAQ@NETSPACE.ORG
I've just installed qpopper 2.5, released last night
(ftp://ftp.qualcomm.com/eudora/servers/unix/popper/), after reading the
last bugtraq security postings and patch my good old qpopper 2.2. But it
has a bug which prevents the use of bulletins.
The first time an user reads its mailbox with new bulletins, the server
dies. The second time (inetd launchs it) it blocks since the flock was
not released.
Time to sleep again :-).
Patch included:
*** pop_bull.c.old Tue Jun 30 15:48:34 1998
--- pop_bull.c Tue Jun 30 15:51:54 1998
***************
*** 271,278 ****
dbm_store(p->bull_db, name, bull_count, DBM_REPLACE);
dbm_close(p->bull_db);
#endif
- p->bull_db = NULL;
flock(dbm_dirfno(p->bull_db), LOCK_UN);
#else
/* Update the user's .popbull file. */
popBull = fopen(popBullName, "w");
--- 271,278 ----
dbm_store(p->bull_db, name, bull_count, DBM_REPLACE);
dbm_close(p->bull_db);
#endif
flock(dbm_dirfno(p->bull_db), LOCK_UN);
+ p->bull_db = NULL;
#else
/* Update the user's .popbull file. */
popBull = fopen(popBullName, "w");
--
Jesus Cea Avion _/_/ _/_/_/ _/_/_/
jcea@argo.es http://www.argo.es/~jcea/ _/_/ _/_/ _/_/ _/_/ _/_/
_/_/ _/_/ _/_/_/_/_/
PGP Key Available at KeyServ _/_/ _/_/ _/_/ _/_/ _/_/
"Things are not so easy" _/_/ _/_/ _/_/ _/_/ _/_/ _/_/
"My name is Dump, Core Dump" _/_/_/ _/_/_/ _/_/ _/_/
"El amor es poner tu felicidad en la felicidad de otro" - Leibnitz
