localmaxartsize 0 bug in 2.4.2
Jeffrey T Eaton
jeaton at cmu.edu
Thu Nov 17 21:05:37 UTC 2005
I discovered that if you set localmaxartsize to 0 (to accept unlimited
size messages), and try to post a message with a very long single line,
nnrpd incorrectly exits with "can't read: Invalid argument" and
"timeout in post".
This happens because at around line 122 in nnrpd.c,
PERMaccessconf->localmaxartsize will be 0, so newsize will always be
reset to 0, and line->allocated will be 0 at line 140.
Then, at 164, line_doread() is called with a negative second argument,
because line->allocated - (where - line->start) will be negative.
(Probably -512, because the first line buffer is allocated to be
NNTP_STRLEN bytes).
I worked around it by setting localmaxartsize to be very large for
now, but this should be fixed, or nnrpd should report an error if
localmaxartsize is <= NNTP_STRLEN.
-jeaton
--
Jeffrey T. Eaton esp jeaton at cmu.edu
Research Systems Programmer Carnegie-Mellon University
More information about the inn-bugs
mailing list