[Postfix espanol] PATCH: smtpd command log memory exhaustion bug

Wietse Venema wietse en porcupine.org
Jue Nov 15 05:04:35 CET 2001 

The Postfix SMTP server maintains a record of SMTP conversations
for debugging purposes. Depending on local configuration details
this record is mailed to the postmaster whenever an SMTP session
terminates with errors.

During code maintenance, a stupid error was introduced due to which
the SMTP session log could grow to an unreasonable size.   This
stupid error made the Postfix SMTP server vulnerable to a memory
exhaustion attack.

A similar stupid memory exhaustion vulnerability was found in the
qmail SMTP server more than four years ago. This stupid error in
qmail was never fixed.

The patch below applies to any Postfix release that was issued in
the year 2001. Fully patched releases will be made available via
the usual web sites listed in www.postfix.org.

Primary site:

    ftp://ftp.porcupine.org/mirrors/postfix-release/index.html

Releases:

    snapshot-20011114

    postfix-20010228-pl07

Happy Postfixing!

	Wietse

diff -cr ../postfix-20010228-pl06/src/smtpd/smtpd.c ./src/smtpd/smtpd.c
*** ../postfix-20010228-pl06/src/smtpd/smtpd.c	Tue May  1 12:43:22 2001
--- ./src/smtpd/smtpd.c	Wed Nov 14 22:25:28 2001
***************
*** 988,993 ****
--- 988,1005 ----
      state->where = SMTPD_AFTER_DOT;
  
      /*
+      * Notify the postmaster if there were errors. This usually indicates a
+      * client configuration problem, or that someone is trying nasty things.
+      * Either is significant enough to bother the postmaster. XXX Can't
+      * report problems when running in stand-alone mode: postmaster notices
+      * require availability of the cleanup service.
+      */
+     if (state->history != 0 && state->client != VSTREAM_IN
+ 	&& (state->error_mask & state->notify_mask))
+ 	smtpd_chat_notify(state);
+     smtpd_chat_reset(state);
+ 
+     /*
       * Cleanup. The client may send another MAIL command.
       */
      mail_reset(state);

-
Para quitarte de la lista enviar la linea "unsubscribe postfix-espanol" en
el cuerpo de un mensaje a majordomo en unicorn.ea4els.ampr.org

Más información sobre la lista de distribución Postfix-es