localmaxartsize 0 bug in 2.4.2

Russ Allbery rra at stanford.edu
Sun Dec 11 23:20:34 UTC 2005

Jeffrey T Eaton <jeaton at cmu.edu> writes:

> I discovered that if you set localmaxartsize to 0 (to accept unlimited
> size messages), and try to post a message with a very long single line,
> nnrpd incorrectly exits with "can't read: Invalid argument" and "timeout
> in post".

> This happens because at around line 122 in nnrpd.c,
> PERMaccessconf->localmaxartsize will be 0, so newsize will always be
> reset to 0, and line->allocated will be 0 at line 140.

> Then, at 164, line_doread() is called with a negative second argument,
> because line->allocated - (where - line->start) will be negative.
> (Probably -512, because the first line buffer is allocated to be
> NNTP_STRLEN bytes).

Thanks, fixed.

Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>

More information about the inn-bugs mailing list