dash.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* BUG in chkmail() - incorrect check for padvance() stop condition
@ 2023-04-03 12:39 Denys Vlasenko
  2023-04-03 12:43 ` Harald van Dijk
  0 siblings, 1 reply; 2+ messages in thread
From: Denys Vlasenko @ 2023-04-03 12:39 UTC (permalink / raw)
  To: dash

chkmail(void)
{
         ...
         for (mtp = mailtime; mtp < mailtime + MAXMBOXES; mtp++) {
                 int len;

                 len = padvance_magic(&mpath, nullstr, 2);
                 if (!len)  <================================== WRONG, should be "len < 0"
                         break;
                 p = stackblock();
                 if (*p == '\0')
                         continue;
                 for (q = p ; *q ; q++);
                 q[-1] = '\0';
		...

The bug is not noticed only because after MAXMBOXES iterations,
we exit the for() loop:

newfstatat(AT_FDCWD, "/var/spool/mail/user", 0x7ffd08acd420, 0) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/var/spool/mail/use", 0x7ffd08acd420, 0) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/var/spool/mail/us", 0x7ffd08acd420, 0) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/var/spool/mail/u", 0x7ffd08acd420, 0) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/var/spool/mail/", {st_mode=S_IFDIR|0775, st_size=4096, ...}, 0) = 0
newfstatat(AT_FDCWD, "/var/spool/mail", {st_mode=S_IFDIR|0775, st_size=4096, ...}, 0) = 0
newfstatat(AT_FDCWD, "/var/spool/mai", 0x7ffd08acd420, 0) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/var/spool/ma", 0x7ffd08acd420, 0) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/var/spool/m", 0x7ffd08acd420, 0) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/var/spool/", {st_mode=S_IFDIR|0755, st_size=4096, ...}, 0) = 0
write(2, "$ ", 2# )                       = 2
read(0, "", 1)

and no visible problem is seen.


^ permalink raw reply	[flat|nested] 2+ messages in thread
* Re: BUG in chkmail() - incorrect check for padvance() stop condition
  2023-04-03 12:39 BUG in chkmail() - incorrect check for padvance() stop condition Denys Vlasenko
@ 2023-04-03 12:43 ` Harald van Dijk
  0 siblings, 0 replies; 2+ messages in thread
From: Harald van Dijk @ 2023-04-03 12:43 UTC (permalink / raw)
  To: Denys Vlasenko, dash

On 03/04/2023 13:39, Denys Vlasenko wrote:
> chkmail(void)
> {
>          ...
>          for (mtp = mailtime; mtp < mailtime + MAXMBOXES; mtp++) {
>                  int len;
> 
>                  len = padvance_magic(&mpath, nullstr, 2);
>                  if (!len)  <================================== WRONG, 
> should be "len < 0"

You are correct. A patch for this has been submitted, 
<https://patchwork.kernel.org/project/dash/patch/20211002203732.6175-1-june@causal.agency/>, 
but is still pending.

Cheers,
Harald van Dijk

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-04-03 12:43 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-04-03 12:39 BUG in chkmail() - incorrect check for padvance() stop condition Denys Vlasenko
2023-04-03 12:43 ` Harald van Dijk

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).