segfault in ctl_cyrusdb/cyr_expire/lmtpd

Dmitry Katsubo dmitry.katsubo at gmail.com
Wed Nov 28 15:41:50 EST 2012 

In there anybody in the maillist, who can further assist me with this
issue? Please help to recover.

On 13.11.2012 19:00, Dmitry Katsubo wrote:
> Thanks for help. Indeed the problem is rooted in how mailboxes.db is
> handled. The problem which I was trying to tackle here
> 
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=604468
> 
> was that partition name was ending with a tab, while the code expected
> the space. Here does the dump of header of my mailboxes.db:
> 
>> 00000000  a1 02 8b 0d 73 6b 69 70  6c 69 73 74 20 66 69 6c  |....skiplist fil|
>> 00000010  65 00 00 00 00 00 00 01  00 00 00 02 00 00 00 14  |e...............|
>> 00000020  00 00 00 07 00 00 00 46  00 00 15 f0 50 a1 8d b0  |.......F....P...|
>> 00000030  00 00 01 01 00 00 00 00  00 00 00 00 00 00 00 90  |................|
>> 00000040  00 00 00 90 00 00 01 14  00 00 01 14 00 00 01 14  |................|
>> 00000050  00 00 06 6c 00 00 06 6c  00 00 00 00 00 00 00 00  |...l...l........|
>> 00000060  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
>> *
>> 00000080  00 00 00 00 00 00 00 00  00 00 00 00 ff ff ff ff  |................|
>> 00000090  00 00 00 01 00 00 00 0b  75 73 65 72 2e 64 6d 69  |........user.dmi|
>> 000000a0  74 72 79 00 00 00 00 1b  30 20 64 65 66 61 75 6c  |try.....0 defaul|
>> 000000b0  74 09 64 6d 69 74 72 79  09 6c 72 73 77 69 70 63  |t.dmitry.lrswipc|
>> 000000c0  64 61 09 00 00 00 00 d0  00 00 01 14 ff ff ff ff  |da..............|
>> 000000d0  00 00 00 01 00 00 00 14  75 73 65 72 2e 64 6d 69  |........user.dmi|
>> 000000e0  74 72 79 2e 41 72 63 68  69 76 65 73 00 00 00 1b  |try.Archives....|
>> 000000f0  30 20 64 65 66 61 75 6c  74 09 64 6d 69 74 72 79  |0 default.dmitry|
>> 00000100  09 6c 72 73 77 69 70 63  64 61 09 00 00 00 01 14  |.lrswipcda......|
>> 00000110  ff ff ff ff 00 00 00 01  00 00 00 19 75 73 65 72  |............user|
>> 00000120  2e 64 6d 69 74 72 79 2e  41 72 63 68 69 76 65 73  |.dmitry.Archives|
>> 00000130  2e 32 30 31 30 00 00 00  00 00 00 1b 30 20 64 65  |.2010.......0 de|
>> 00000140  66 61 75 6c 74 20 64 6d  69 74 72 79 09 6c 72 73  |fault dmitry.lrs|
>> 00000150  77 69 70 63 64 61 09 00  00 00 01 70 00 00 01 70  |wipcda.....p...p|
>> 00000160  00 00 02 98 00 00 06 6c  00 00 06 6c ff ff ff ff  |.......l...l....|
> ...
> 
> If you tell me, how correctly should I export and import back
> mailboxes.db (perhaps with db_dump / db_load). Perhaps I was trapped by
> this issue:
> 
>> http://www.mail-archive.com/cyrus-devel@lists.andrew.cmu.edu/msg00305.html
> 
> as I would have dumped/restored the mailbox one day.
> 
> BTW ctl_mboxlist aborts now in my environment:
> 
> # ctl_mboxlist -d
> Aborted
> 
>> That said, it shouldn't be crashing in 2.4.16!
> 
> Well, there is a check for data length:
> 
>   while (*p != ' ' && (p - data) < datalen) {
>     *q++ = *p++;
>   }
> 
> but still the pointer goes far beyond the expected point, perhaps
> causing the trouble in another place.


-- 
With best regards,
Dmitry

More information about the Info-cyrus mailing list