Menu
▾
▴
[fetchmail-users] patch 6.3.2.1 for fetchmail 6.3.2 fixes SEGFAULT with .netrc files
|
From: Matthias A. <mat...@gm...> - 2006-01-30 10:17:29
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Greetings, Craig Leres identified a new bug in fetchmail 6.3.2 (that now tries to erase the .netrc passwords before freeing its memory) that causes fetchmail to crash right after reading the .netrc file. Craig also provided a patch that I have accepted into the SVN repository that will appear in fetchmail 6.3.3. I am including the patch here (if your mailer is not GnuPG enabled, you need to manually edit all lines that start with "- -" so that they start with "-" - i. e. remove the first minus and blank character on those lines). I recommend to add this patch as an interim fix to all distribution packages and on all sites that wish to use .netrc files. The patch can also be downloaded: http://download.berlios.de/fetchmail/patch-6.3.2.1-fix-netrc-SIGSEGV.diff My GnuPG signature for the patch is available at: http://download.berlios.de/fetchmail/patch-6.3.2.1-fix-netrc-SIGSEGV.diff.asc Here is the patch: ....................................................................... Craig Leres identified a problem that makes fetchmail 6.3.2 (only this version) crash if the .netrc file does not contain a password for a particular account. This patch is mostly Craig Leres' work has been committed to the SVN repository and should be applied to fetchmail 6.3.2 on all sites that plan to use netrc files: Index: netrc.c =================================================================== - --- netrc.c (Revision 4683) +++ netrc.c (Revision 4684) @@ -314,8 +314,10 @@ free_netrc(netrc_entry *a) { while(a) { netrc_entry *n = a->next; - - memset(a->password, 0x55, strlen(a->password)); - - xfree(a->password); + if (a->password != NULL) { + memset(a->password, 0x55, strlen(a->password)); + free(a->password); + } xfree(a->login); xfree(a->host); xfree(a); Sorry for the inconvenience. -- Matthias Andree, 2006-01-30 ....................................................................... Regards, - -- Matthias Andree -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) iD8DBQFD3dmkvmGDOQUufZURAv1+AKDYf5zB++Dyj6buzKS0Fz6W9B70bQCglnYI F7gplc9LV+Ixh88mq0DSFNI= =4UM8 -----END PGP SIGNATURE----- |
