[Postfix espanol] PATCH: smtpd command log memory exhaustion bug

Julio Cesar Pinto jc en ifx.com.co
Jue Nov 15 14:31:27 CET 2001 

En conclusion.

Que corrije el patch?

O sera mejor actualizar version?

Agradezco tus comentarios.


On Wed, 2001-11-14 at 23:04, Wietse Venema wrote:
> The Postfix SMTP server maintains a record of SMTP conversations
> for debugging purposes. Depending on local configuration details
> this record is mailed to the postmaster whenever an SMTP session
> terminates with errors.
> 
> During code maintenance, a stupid error was introduced due to which
> the SMTP session log could grow to an unreasonable size.   This
> stupid error made the Postfix SMTP server vulnerable to a memory
> exhaustion attack.
> 
> A similar stupid memory exhaustion vulnerability was found in the
> qmail SMTP server more than four years ago. This stupid error in
> qmail was never fixed.
> 
> The patch below applies to any Postfix release that was issued in
> the year 2001. Fully patched releases will be made available via
> the usual web sites listed in www.postfix.org.
> 
> Primary site:
> 
>     ftp://ftp.porcupine.org/mirrors/postfix-release/index.html
> 
> Releases:
> 
>     snapshot-20011114
> 
>     postfix-20010228-pl07
> 
> Happy Postfixing!
> 
> 	Wietse
> 
> diff -cr ../postfix-20010228-pl06/src/smtpd/smtpd.c ./src/smtpd/smtpd.c
> *** ../postfix-20010228-pl06/src/smtpd/smtpd.c	Tue May  1 12:43:22 2001
> --- ./src/smtpd/smtpd.c	Wed Nov 14 22:25:28 2001
> ***************
> *** 988,993 ****
> --- 988,1005 ----
>       state->where = SMTPD_AFTER_DOT;
>   
>       /*
> +      * Notify the postmaster if there were errors. This usually indicates a
> +      * client configuration problem, or that someone is trying nasty things.
> +      * Either is significant enough to bother the postmaster. XXX Can't
> +      * report problems when running in stand-alone mode: postmaster notices
> +      * require availability of the cleanup service.
> +      */
> +     if (state->history != 0 && state->client != VSTREAM_IN
> + 	&& (state->error_mask & state->notify_mask))
> + 	smtpd_chat_notify(state);
> +     smtpd_chat_reset(state);
> + 
> +     /*
>        * Cleanup. The client may send another MAIL command.
>        */
>       mail_reset(state);
> 
> -
> Para quitarte de la lista enviar la linea "unsubscribe postfix-espanol" en
> el cuerpo de un mensaje a majordomo en unicorn.ea4els.ampr.org
-- 

JULIO CESAR PINTO
Web Services
System Administrator
IFX NETWORKS COLOMBIA
www.ifx.com.co
Ph : 571 - 3256000
Fax: 571 - 3256025

-
Para quitarte de la lista enviar la linea "unsubscribe postfix-espanol" en
el cuerpo de un mensaje a majordomo en unicorn.ea4els.ampr.org

Más información sobre la lista de distribución Postfix-es