If I add another email to MAILTO without quotes then cron segfaults Reproducible: Always Steps to Reproduce: 1. crate crontab with MAILTO=root, xxxxx@gmail.com Actual Results: Jul 15 17:40:01 cgt-serv cron[16861]: (im) CMD (/home/im/git/sync-git-svn.sh) Jul 15 17:40:06 cgt-serv kernel: cron[16859]: segfault at 0 ip 00007f0844725b9b sp 00007fff600ef180 error 4 in libc-2.10.1.so[7f08446b9000+14f000] Jul 15 17:40:06 cgt-serv cron[16859]: (im) UNSAFE (root, xxxxx@gmail.com) All works fine when using MAILTO="root, xxxxx@gmail.com"
I'm sorry for mistake MAILTO="root, xxxxx@gmail.com" won't work works without spaces MAILTO=root,xxxxx@gmail.com
In addition to LOGNAME, HOME, and SHELL, cron(8) will look at MAILTO if it has any reason to send mail as a result of running commands in ``this'' crontab. If MAILTO is defined (and non-empty), mail is sent to the user so named. If MAILTO is defined but empty (MAILTO=""), no mail will be sent. Otherwise mail is sent to the owner of the crontab. This option is useful if you decide on /bin/mail instead of /usr/lib/sendmail as your mailer when you install cron -- /bin/mail doesn't do aliasing, and UUCP usually doesn't read its mail. I guess the solution to *your* problem is to set up an MTA that handles aliases for you - otherwise vixie-cron expects to send mail to a single user.
I'm using exim as MTA. As I wrote multiple emails/aliases in MAILTO works fine, but only when those specified without spaces. Otherwise vixie-cron crashing. I don't think that segfault is correct way to determine any syntax error in MAILTO.
Problem in do_command.c do_command.c: 438: if (mailto && safe_p(usernm, mailto)) { 439: char **env; 440: char mailcmd[MAX_COMMAND]; 441: char hostname[MAXHOSTNAMELEN]; 442: 443: gethostname(hostname, MAXHOSTNAMELEN); 444: if (strlens(MAILFMT, MAILARG, NULL) + 1 445: >= sizeof mailcmd) { 446: fprintf(stderr, "mailcmd too long\n"); 447: (void) _exit(ERROR_EXIT); 448: } 449: (void)sprintf(mailcmd, MAILFMT, MAILARG); 450: if (!(mail = cron_popen(mailcmd, "w", e->pwd))) { 451: perror(mailcmd); 452: (void) _exit(ERROR_EXIT); 453: } 454: fprintf(mail, "From: root (Cron Daemon)\n"); 455: fprintf(mail, "To: %s\n", mailto); 456: fprintf(mail, "Subject: Cron <%s@%s> %s\n", 457: usernm, first_word(hostname, "."), 458: e->cmd); 459:#ifdef MAIL_DATE 460: fprintf(mail, "Date: %s\n", 461: arpadate(&StartTime)); 462:#endif /*MAIL_DATE*/ 463: for (env = e->envp; *env; env++) 464: fprintf(mail, "X-Cron-Env: <%s>\n", 465: *env); 466: fprintf(mail, "\n"); 467: 468: /* this was the first char from the pipe 469: */ 470: putc(ch, mail); 471: } 472: 473: /* we have to read the input pipe no matter whether 474: * we mail or not, but obviously we only write to 475: * mail pipe if we ARE mailing. 476: */ 477: 478: while (EOF != (ch = getc(in))) { 479: bytes++; 480: if (mailto) 481: putc(ch, mail); 482: } segfault happens at line 481 because mail == NULL So when mailto is not NULL, but it not safe (tested by safe_p) then mail would still NULL.
Created attachment 239411 [details, diff] fix I think this patch can solve this problem
Wouldn't you also want it to stop logging the UNSAFE message in the first place? Could it help to add the space character to the safe_delim array?
(In reply to comment #6) > Wouldn't you also want it to stop logging the UNSAFE message in the first > place? Could it help to add the space character to the safe_delim array? > UNSAFE message is not critical, it only indicate what something wrong. I think for add space character to safe_delim array we need test it with various MTA.
Duplicate of bug 197625 (bug 247179 is also a duplicate).
*** This bug has been marked as a duplicate of bug 197625 ***
