Control: tag -1 confirmed
Axel Beckert <a...@debian.org> writes:
> Package: nullmailer
> Version: 1:2.2+10~g7ed88a0-5
> Severity: important
> Control: found -1 1:2.2-3
>
> Dear David,
>
> I managed to reproducibly crash nullmailer-smtpd with a "general
> protection fault" by calling the following command:
>
> swaks -t a...@debian.org --pipe 'sendmail -bs'
>
> This call produces the following output first:
I can duplicate this. I made a few (unsuccessful) attempts at localize
the error.
Attempt #1
If I run /usr/lib/sendmail -bs directly (or nullmailer-smtpd, which
amounts to the same thing, I think), and give exactly the same input, it
exits cleanly when I type QUIT. I also tried your swaks command on a
host where sendmail is postfix, and I see end of the transaction
-> .
<- 250 2.0.0 Ok: queued as 5EC225FB72
-> QUIT
<- 221 2.0.0 Bye
=== Connection closed with child process.
Attempt #2
swaks -t brem...@debian.org --pipe 'gdb -batch -ex run -ex bt --args
/usr/lib/sendmail -bs'
This actually runs without segfaulting, which made me think it might be
a memory error.
Attempt #3
swaks -t brem...@debian.org --pipe 'valgrind /usr/lib/sendmail -bs'
This also runs without errors, so I'm out of ideas for the moment.
