localmaxartsize 0 bug in 2.4.2
rra at stanford.edu
Sun Dec 11 23:20:34 UTC 2005
Jeffrey T Eaton <jeaton at cmu.edu> writes:
> I discovered that if you set localmaxartsize to 0 (to accept unlimited
> size messages), and try to post a message with a very long single line,
> nnrpd incorrectly exits with "can't read: Invalid argument" and "timeout
> in post".
> This happens because at around line 122 in nnrpd.c,
> PERMaccessconf->localmaxartsize will be 0, so newsize will always be
> reset to 0, and line->allocated will be 0 at line 140.
> Then, at 164, line_doread() is called with a negative second argument,
> because line->allocated - (where - line->start) will be negative.
> (Probably -512, because the first line buffer is allocated to be
> NNTP_STRLEN bytes).
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the inn-bugs