[exim-dev] [Bug 926] clamd 0.95 deprecates "STREAM" command

Top Page
Delete this message
Reply to this message
Author: Phil Pennock
Date:  
To: exim-dev
Subject: [exim-dev] [Bug 926] clamd 0.95 deprecates "STREAM" command
------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=926




--- Comment #9 from Phil Pennock <exim-dev@???> 2009-12-14 11:24:38 ---
Created an attachment (id=363)
--> (http://bugs.exim.org/attachment.cgi?id=363)
fix opendir() success assumption in mbox_unspool()

Because the -bmalware option exposes a new way in, someone other than root/exim
with admin privileges can use -C to change config options and cause a drop in
privs, at which point mbox_unspool() segfaults because of a previously pretty
safe assumption that opendir() would succeed.

This patch is relative to CVS and is taken from a diff with attachment 361
already in place; I stripped out the stuff already in 361, but the patch line
numbers are a bit off and might need increased fuzz to apply (or just apply
manually, it's simple).

Note that non-admin users can't trigger this because -bmalware was added as an
option only available to admin users (because it could prod at content inside
the spool).


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email