Ubuntu
pfqueue package

pqueue corrupts long lines in message

Bug #1518301 reported by Marius Gedminas
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
pfqueue (Ubuntu)
New
Undecided
Unassigned

Bug Description

I have an email message like this:

    $ sudo postcat /var/spool/postfix/deferred/5/5BC2442B22
    ...
    *** MESSAGE CONTENTS /var/spool/postfix/deferred/5/5BC2442B22 ***
    Received: from vagrant-ubuntu-precise-64 (localhost [127.0.0.1])
     by vagrant-ubuntu-precise-64 (Postfix) with ESMTP id 5BC2442B22
     for <email address hidden>; Fri, 20 Nov 2015 12:24:14 +0000 (UTC)
    From: <email address hidden>
    To: <email address hidden>
    Message-ID: <834926492.1.1448022254386.JavaMail.logicaldoc@vagrant-ubuntu-precise-64>
    Subject: LogicalDOC - Request for password reset
    MIME-Version: 1.0
    Content-Type: multipart/mixed;
     boundary="----=_Part_0_887517735.1448022254335"
    Date: Fri, 20 Nov 2015 12:24:14 +0000 (UTC)

    ------=_Part_0_887517735.1448022254335
    Content-Type: text/html; charset=us-ascii
    Content-Transfer-Encoding: 7bit

    LogicalDOC - Request for password reset <br/> Click here: <a href="http://localhost:8081/pswrecovery? ticketId=932c9c87a6773d2053b6259cdac945e9b48429&userId=1">http://localhost:8081/pswrecovery? ticketId=932c9c87a6773d2053b6259cdac945e9b48429&userId=1</a>
    ------=_Part_0_887517735.1448022254335--
    *** HEADER EXTRACTED /var/spool/postfix/deferred/5/5BC2442B22 ***
    *** MESSAGE FILE END /var/spool/postfix/deferred/5/5BC2442B22 ***

and this is what you will see:

    $ sudo pfqueue
    ...
      │ From: <email address hidden> │
      │ To: <email address hidden> │
      │ Message-ID: <834926492.1.1448022254386.JavaMail.logicaldoc@vagrant-ubuntu-precisSubject: LogicalDOC - Request for password reset │
      │ Subject: LogicalDOC - Request for password reset │
      │ MIME-Version: 1.0 │
      │ Content-Type: multipart/mixed; │
      │ boundary="----=_Part_0_887517735.1448022254335" │
      │ Date: Fri, 20 Nov 2015 12:24:14 +0000 (UTC) │
      │ │
      │ ------=_Part_0_887517735.1448022254335 │
      │ Content-Type: text/html; charset=us-ascii │
      │ Content-Transfer-Encoding: 7bit │
      │ │
      │ LogicalDOC - Request for password reset <br/> Click here: <a href="http://localh------=_Part_0_887517735.1448022254335--773d2053b6259cdac945e9
      │ ------=_Part_0_887517735.1448022254335--773d2053b6259cdac945e9 │
      │ *** HEADER EXTRACTED deferred/5/5BC2442B22 *** │
      │ *** MESSAGE FILE END deferred/5/5BC2442B22 *** │

Note how the Message-ID header is truncated and has its end overwritten by the Subject header? This smells of a buffer overflow to me.

ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: pfqueue 0.5.6-8
ProcVersionSignature: Ubuntu 3.2.0-94.134-virtual 3.2.72
Uname: Linux 3.2.0-94-virtual x86_64
ApportVersion: 2.0.1-0ubuntu17.13
Architecture: amd64
Date: Fri Nov 20 12:25:00 2015
MarkForUpload: True
ProcEnviron:
 LC_CTYPE=lt_LT.UTF-8
 TERM=xterm-256color
 PATH=(custom, no user)
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: pfqueue
UpgradeStatus: No upgrade log present (probably fresh install)

Revision history for this message
Marius Gedminas (mgedmin) wrote :
Revision history for this message
Mantas Kriaučiūnas (mantas) wrote :

@mgedmin does pqueue still corrupt long lines in message ?

Revision history for this message
Marius Gedminas (mgedmin) wrote :

I haven't needed to use pfqueue during the last several years so I cannot say..

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.