[tpop3d-discuss] signal 11?

Chris Lightfoot chris at ex-parrot.com
Wed, 18 Jul 2001 01:09:55 +0100 

On Tue, Jul 17, 2001 at 04:43:18PM -0700, Nancy Pettigrew (work) wrote:
> Why would the process get the SIGSEGV after returning an error back from the
> auth_mysql_new_user_pass function?
> I've seen it happen in a few different instances, this is the only log
> instance where some other error was reported prior to the signal 11:
> 
> Jul 17 21:49:36 mail1 tpop3d[30213]: auth_mysql_new_user_pass:
> mysql_store_result: Lost connection to MySQL server during query
> Jul 17 21:49:36 mail1 tpop3d[30213]: quit: signal 11

OK. It shouldn't crash in this instance (even if the
database connection has evaporated). I suspect this may be
because your code can goto fail; before x or y are
initialiased; the if (x) free(x); and so forth could then
cause a SEGV. My bad -- they should be initialised to NULL
in the declarations. (In the original code this couldn't
occur, because x and y were initialised prior to doing a
SELECT.)

> In other instances of the signal 11 logging, the auth_mysql_new_user_pass
> function didn't log any errors.  The server then hung up for a few minutes,
> not properly accepting connections, and then began accepting connections
> again.

Errm. Can you verify that it was the main server process
which crashed, and not a child process serving a client?

> I tweaked the auth_mysql_new_user_pass function to do an additional query
> for my setup, and I'm wondering if there's something I've missed that a
> subsequent process needs...basically, I've changed it to use different
> tables, and to do an additional query to translate domains for a domain
> aliasing situation on the system.  I've gone through it several times,
> perhaps I'm having a proofreading mental block, I don't know.  Any input
> would be greatly appreciated.

The only thing which springs to view is the char *x thing
as mentioned above. Beyond that:

> I'm using version 1.3.3.
> Here's my tweaked version of auth_mysql_new_user_pass:
> 
> /* auth_mysql_new_user_pass:
>  */
> char user_pass_query_template[] =
>     "SELECT distinct '/var/spool/mail', m.mail_location, m.user_password,
> 'mail' "
>       "FROM users m LEFT JOIN aliases AS a ON m.user_id = a.user_id "
>      "WHERE (a.address='%s@%s' OR m.primary_email = '%s@%s') AND DateDeleted
> IS NULL";
> 
> char domain_trans_query_template[] =
>     "SELECT new_domain "
>       "FROM domain_translate "
>      "WHERE domain = '%s'";

I am paranoid enough to believe the using MySQL to quote
all these things is a Good Idea. But technically what you
have is _probably_ fine, because the rules for email
addresses are fairly restrictive. But I wouldn't want to
guarantee that a user couldn't do

    USER foo';DELETE*FROM something;@bar

I don't think that this is possible-- but only because you
can't have a space in a user name.

    [remainder of code]

Sorry, too tired to look at this now.

-- 
Chris Lightfoot -- www.ex-parrot.com/~chris/
 ... putting uranium in people's mouths might possibly give them cancer and
 kill them. On the other hand, their teeth looked great.... The industry was
 given a federal exemption to continue using uranium. (Cecil Adams)