[exim-dev] Negative GIDs in spool header files

Top Page
Delete this message
Reply to this message
Author: Bob Johannessen
Date:  
To: exim-dev
Subject: [exim-dev] Negative GIDs in spool header files
From ChangeLog-4.50:
80. If a message was submitted locally by a user whose login name
    contained one or more spaces (ugh!), the spool file that Exim
    wrote was not re-readable. It caused a spool format error. I
    have fixed the spool reading code. A related problem was that
    the "from" clause in the Received: line became illegal because
    of the space(s). It is now covered by ${quote_local_part.


That change rendered the code that reads the "username UID GID"
line of the spool header file unable to cope with negative GIDs.

While you may not expect to see many negative GIDs, the default
configuration of Apache runs the daemon with the UID of nobody and
a GID of -1, so in effect this causes messages submitted from CGI
type environments to fail with a (very non-descriptive) "Format
error in spool file ..." message to the log.

I've attached a patch with my proposed fix. It also allows for
negative UIDs. I've never seen this happend, but I think this is
a "better safe then sorry" kind of situation.


    Bob



--- spool_in.c-orig     2005-04-01 23:56:20.000000000 +0000
+++ spool_in.c  2005-04-02 00:07:07.000000000 +0000
@@ -329,12 +329,12 @@
 while (p > big_buffer && isspace(p[-1])) p--;
 *p = 0;
 if (!isdigit(p[-1])) goto SPOOL_FORMAT_ERROR;
-while (p > big_buffer && isdigit(p[-1])) p--;
+while (p > big_buffer && (isdigit(p[-1]) || '-' == p[-1])) p--;
 gid = Uatoi(p);
 if (p <= big_buffer || *(--p) != ' ') goto SPOOL_FORMAT_ERROR;
 *p = 0;
 if (!isdigit(p[-1])) goto SPOOL_FORMAT_ERROR;
-while (p > big_buffer && isdigit(p[-1])) p--;
+while (p > big_buffer && (isdigit(p[-1]) || '-' == p[-1])) p--;
 uid = Uatoi(p);
 if (p <= big_buffer || *(--p) != ' ') goto SPOOL_FORMAT_ERROR;
 *p = 0;