Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 288161 - mail-filter/spamassassin-3.2.5 *** buffer overflow detected *** when options inet6 is set in resolv.conf
Summary: mail-filter/spamassassin-3.2.5 *** buffer overflow detected *** when options ...
Status: RESOLVED NEEDINFO
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: x86 Linux
: High normal (vote)
Assignee: Gentoo Perl team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks: 301125
  Show dependency tree
 
Reported: 2009-10-08 08:31 UTC by Marcin Mirosław
Modified: 2010-05-22 15:39 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
spamassassin log (sa,17.18 KB, text/plain)
2009-10-08 08:36 UTC, Marcin Mirosław 		Details
emerge --info (emerge.inf,3.80 KB, text/plain)
2009-10-08 08:38 UTC, Marcin Mirosław 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Marcin Mirosław 2009-10-08 08:31:47 UTC 
When options inet6 is set in /etc/resolv.conf i'm getting buffer overflow while invoking spammassasin -r:
# spamassassin -r <q1MvnXH-101060
*** buffer overflow detected ***: /usr/bin/perl terminated
======= Backtrace: =========                              
/lib/libc.so.6(__fortify_fail+0x50)[0xa593afc0]           
[...]
Complete log is in attachment.

Spamassasin is compiled with ipv6 support:
mail-filter/spamassassin-3.2.5  USE="berkdb ipv6 postgres sqlite ssl tools -doc -ldap -mysql -qmail"

Reproducible: Always

Steps to Reproduce:
1.echo "options inet6" >> /etc/resolv.conf
2.spamassassin -r <some_mail
3.
Comment 1 Marcin Mirosław 2009-10-08 08:36:44 UTC 
Created attachment 206416 [details]
spamassassin log
Comment 2 Marcin Mirosław 2009-10-08 08:38:28 UTC 
Created attachment 206418 [details]
emerge --info
Comment 3 Marcin Mirosław 2009-10-08 14:26:19 UTC 
This problem is old.. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405694
Comment 4 David Abbott (RETIRED) gentoo-dev 2009-10-22 07:18:44 UTC 
What version of dev-perl/IO-Socket-INET6 do you have installed?
Comment 5 Marcin Mirosław 2009-10-22 07:23:29 UTC 
I've installed dev-perl/IO-Socket-INET6-2.51 .
Comment 6 Marcin Mirosław 2010-01-15 20:23:07 UTC 
Now, i can't reproduce error. I don't know wich upgrade solved problem. Now i've got: glibc-2.10.1-r1 , spamassassin-3.2.5-r2 , IO-Socket-INET6-2.51 . So i'm closing this bug. (Is resolution "fixed" correct one? Problem dissappears without founding a reason.)
Comment 7 Jeremy Olexa (darkside) (RETIRED) archtester gentoo-dev Security 2010-01-15 20:34:37 UTC 
(In reply to comment #6)
> Now, i can't reproduce error. I don't know wich upgrade solved problem. Now
> i've got: glibc-2.10.1-r1 , spamassassin-3.2.5-r2 , IO-Socket-INET6-2.51 . So
> i'm closing this bug. (Is resolution "fixed" correct one? Problem dissappears
> without founding a reason.)
> 

Thanks for providing further feedback. Technically, "WORKSFORME" would be the resolution, but it really doesn't matter, imo. :)
Comment 8 Marcin Mirosław 2010-01-16 16:55:17 UTC 
I'm sorry, but i have to reopen bug :(
Yesterday i've added "options inet6" to resolv.conf, today i've found few messages in syslog:
2010-01-16T11:44:42.355423+01:00 localhost *** buffer overflow detected ***: perl - terminated
2010-01-16T11:44:42.355503+01:00 localhost perl: buffer overflow attack in function <unknown> - terminated
2010-01-16T11:44:42.355525+01:00 localhost Report to http://bugs.gentoo.org/

I still don't know what special case must happend to trigger this error. Problem doesn't appear on every mail (which is sended from exim to spamd through tcp connection). I'll try to found how to reproduce this error. IMHO this bug isn't so important to block STABLREQ.
Comment 9 Marcin Mirosław 2010-01-16 22:38:04 UTC 
Segfault appears when mail shoud be reported to SpamCop (no matter if SA is invoked as "spamassassin -r" or it is done by spamd process). I suppose the problem is in function reporting spam to SpamCop.
Comment 10 David Abbott (RETIRED) gentoo-dev 2010-05-22 14:16:45 UTC 
Marcin, can we close the bug so STABLEREQ bug 301125 can proceed?
Comment 11 Marcin Mirosław 2010-05-22 15:39:35 UTC 
As i said at #8 , go ahead.