I've just spent a couple hours cutting pieces out of my scripts to
isolate the defect down to a single line of code. Just copy the
following script to a file, and process any message with it to see the
problem.
My diagnosis: the $ALL_FRIENDS variable is actually 1,964 characters
(which does not exceed the default LINEBUF). However, when this long
variable is appended onto a conditional line that makes it exceed the
LINEBUF, there are many failures. The buffer overflow goes undetected
because it occurs on a conditional line, as opposed to an assignment.
Here's the script that demonstrates:
MAILDIR=./
DEFAULT=$MAILDIR/default_box
LOGFILE=$MAILDIR/procmail.log
VERBOSE=1
FROM_="(From${SPC}|(Old-|X-)?(Resent-)?\
(From|Reply-To|Sender):)(.*\<)?"
# All email addresses are masked for privacy reasons,
# but the script still demonstrates the failure.
AOL_FRIENDS=(\
xxxxxxxxxxxxx|\
xxxxx92|\
xxxxxxxxx|\
xxxxxxxxxx|\
xxxxxxxx|\
xxxxxxx|\
xxxxxxxxx)@xxx\.xxx
CSUN_FRIENDS=(\
xxxx.xxxxxx|\
xxxxxxx|\
xxx41504|\
xxxxxx|\
xxxxx174|\
xxxxxx64|\
xxxxx024|\
xxxxx384|\
xxxxx387|\
xxxxx094|\
xxxxx567|\
xxxxx089|\
xxxxx001|\
xxxxx172|\
xxx.xxxxxx|\
xxx48158|\
xxx56004|\
xxxxxxx.xx|\
xxx17530|\
xxx12314|\
xxx34529|\
xxx43094|\
xxx)@[x-x0-9.-]*xxxx\.xxx
HOTMAIL_FRIENDS=(\
xxxxxx|\
xxx6xxxx|\
xxxxxxxxx|\
xxxxxxxx|\
xxxxx_xxxxxxxx|\
xxxxxxxxx74|\
xxxxxxxxx)@xxxxxxx\.xxx
JPL_FRIENDS=(\
xxxx.x.xxxxx|\
xxx|\
xxxxxxx.xxxxx|\
xxx|\
xxxxx.xxxxxxxx|\
xxxxx)@[x-x0-9.-]*xxx.xxxx.xxx
OTHER_FRIENDS=(\
((x|x)xxxxx|xxxxx)@xxxxxxx.xxxxxxxx.xx.xx|\
(xx333|xx105|xx103|xx842)@xxxx.xxx|\
(xxxxxx|xxxx2)@[x-x0-9.-]*xxx.xxx|\
(xxxxxxxx|xxxxxxxx)@[x-x0-9.-]*xxxx-xxxxx.xxx|\
(xxxxxxxxxxxxxxxx|xxxxxxxxx8|xxxx_x_xxxxxxx|xxxxxxxxxxx1)@xxxxx.xxx|\
(xxxx|xxxxxxx|xxxxx|xxxxx|xxxxxxx)@xxx1.xxx|\
(xxxx.xxxxxx|xxxx.xxxxxxxxxx)@xxx.xxx|\
(xxxxxx|xxxxxxxx|xxxxxxxxxxxxx)@xxxxxxxxx.xxx|\
(xxxxxxxx.xxxx.x|xxxxxxx.xxxxxxx|xxxxxxxxx|xxxxxxxx)@[x-x0-9.-]*xxx.xxx|\
(xxxxxxx|xxxxxxxx)@xxxxxxxx.xxx|\
(xxxxxx00|xxxxxx)@[x-x0-9.-]*xxxx.xxx|\
(xxxxxxxx|xxxxx3)@xxxx.xxx|\
GxxxxWxxxx|\
xxxxxxxxx(_dot_)xxxxxxxx(_at_)xxx(_dot_)xx|\
xxxxxxx(_at_)xxxxxxx(_dot_)xxx|\
xxxxxxxx@([x-x0-9.-]*xxxx.xxx|xxxxxx.xxx)|\
xxxxx(_dot_)xxxxxxxx(_at_)xxxxxxxxxxx(_dot_)xxx|\
xxx139(_at_)xxx(_dot_)xxx|\
xxxxx(_at_)xxxxxx(_dot_)xxx|\
xxxxx(_dot_)xxxxxxx(_at_)xxxxxxxxx(_dot_)xxx|\
xxxxxxxx(_at_)xxxxxxxxx(_dot_)xxx|\
xxxxxxx(_at_)xxx(_dot_)xxxxx(_dot_)xxx|\
xxxxx(_at_)[x-x0-9(_dot_)-]*xx(_dot_)xxx|\
xxxx(_dot_)x(_dot_)xxxxx-1(_at_)[x-x0-9(_dot_)-]*xxx(_dot_)xxx|\
xxxxxxxxxx23(_at_)xxxxxxxxx(_dot_)xxx|\
xxxxxxxx(_at_)xxx(_dot_)xxx|\
xxxxx(_at_)xxxxxx(_dot_)xxx|\
xxxxxxx@(xxx1.xxx|[x-x0-9.-]*xxxx.xxx)|\
xxxx77(_at_)xxxxxxxxxx(_dot_)xxx|\
xxxxx1(_at_)xxx(_dot_)xxx|\
xxxxxxxxxx(_at_)xxxx(_dot_)x12(_dot_)xx(_dot_)xx|\
xxxx(_at_)xxxxxxxxx(_dot_)xxx|\
xxxxxxx(_at_)[x-x0-9(_dot_)-]*xxxxxx(_dot_)xxx|\
(xxxxxxxx|xxxxxxxx)@xxx.xxx|\
xxx(_dot_)x(_at_)xxxxxxxx(_dot_)xxx|\
xxxxxxx(_at_)xxxxxxx(_dot_)xxx|\
xxxx(_at_)xxxxxxxxxxxx(_dot_)xxx|\
xxxx_xxxxxxxx(_at_)xxxxxxxxxxx(_dot_)xxx|\
xxxxxxxxxx(_at_)xxxxxxxxx(_dot_)xxx|\
xxxx(_at_)xxx(_dot_)xxxxx(_dot_)xx|\
xxxxxxxxxxxx(_at_)xxxxx(_dot_)xxx|\
xxxxxxx(_at_)xxxxxxx(_dot_)xxx|\
xxxxxx(_at_)[x-x0-9(_dot_)-]*xxx(_dot_)xxx|\
xxxxxxx(_at_)xxxxxxxxxxxx(_dot_)xxx|\
xxx[x-x0-9(_dot_)-]*(_at_)xxx(_dot_)xxx|\
xxx(_at_)[x-x0-9(_dot_)-]*xxxxxxxxx(_dot_)xxx|\
xxxxxx_7@(xxxxxxxxx.xxx|[x-x0-9.-]*xxx.xxx)|\
xxxxxxxx(_at_)xxxxxxx(_dot_)xxx|\
xxxxx(_at_)xxxxxxxxxx(_dot_)xxx|\
xxxxxxx(_at_)[x-x0-9(_dot_)-]*xxxxxxx(_dot_)xxx)
# Increasing the line buffer works around the defect.
# If this line remains commented out, procmail fails
# to catch the error on the conditional, and corrupts
# the payload.
#
# LINEBUF=2100
ALL_FRIENDS=(\
$AOL_FRIENDS|\
$HOTMAIL_FRIENDS|\
$CSUN_FRIENDS|\
$JPL_FRIENDS|\
$OTHER_FRIENDS)
:0 :
*$ !(^TO_|^${FROM_})$ALL_FRIENDS
no_friend_of_mine
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail