Re: Not a test
By: apam to Accession on Sat Jan 20 2024 06:36 pm

On 1/19/2024 8:21 PM, Aon -> Al -> All wrote:

Hello all,

Testing Jamnntpd on 64bit Linux. The From field is still wonky.

Seems everything else works, except "Aon -> Al -> All" is also what appears in my From field now in Thunderbird.

I only see "%s -> %s" at two locations in nntpserv.c. So I have no idea where that's coming from. ;(

One thing I noticed when I was using some stuff that did something similar (Crashmail2 when I was working on Magicka) Is who ever wrote it made some assumptions about how the C library copied strings, which turned out not to be true anymore.

The specific bug I think (and it was a long time ago) was something along the lines of

strcpy(subject, &subject[4])

It's illegal for the source and destination strings (arguments to strcpy) to overlap.

It was to do with stripping the (Re: from the start of messages), it expected strcpy to copy one character at a time sequentially.

The fix I used was to just:

char *subj_copy = strdup(&subject[4]);

strcpy(subject, subj_copy);

free(subj_copy)

I don't know it it will help you with JamNNTP but, I wouldn't be suprised if they used some "clever" tricks like that.

Or use memmove() instead (where the source and destination may overlap).
--
digital man (rob)

Sling Blade quote #16:
Karl Childers (to Doyle, re: lawn mower blade): I aim to kill you with it. Mmm. Norco, CA WX: 56.6øF, 82.0% humidity, 9 mph SW wind, 0.05 inches rain/24hrs
--- SBBSecho 3.20-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (21:1/183)

Re: Not a test
By: Accession to apam on Sat Jan 20 2024 06:25 am

There seems to be a lot of lines in Jamnntpd's code that looks similar to this. My first search for "strcpy" came up with:

strcpy(addr,&originbuf[d+1]);

Use of strcpy() in general is considered unsafe. But that's not the same issue that apam posted about (overlapping source and destination string). The example use of strcpy() above may be fine or may not, depending on the size of the 'addr' buffer and the length string at originbuf + d + 1.
--
digital man (rob)

Steven Wright quote #6:
A conscience is what hurts when all your other parts feel so good.
Norco, CA WX: 56.6øF, 82.0% humidity, 9 mph SW wind, 0.05 inches rain/24hrs
--- SBBSecho 3.20-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (21:1/183)

On Sat, 2 Mar 2024 19:41:02 -0800, Digital Man -> Accession wrote:

Use of strcpy() in general is considered unsafe. But that's not the same issue that apam posted about (overlapping source and destination
string). The example use of strcpy() above may be fine or may not, depending on the size of the 'addr' buffer and the length string at originbuf + d + 1.

I believe we have changed those to memmove() like you stated in your
previous post.

Carlos has a fork available on github for Jamnntpd off the original
master branch, and I will be working on one for Smapinntpd in the near
future. Both of them will include all of these changes, as well as some
others.

Regards,
Nick

... "Take my advice, I don't use it anyway."
--- Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:115.0) Gecko/20100101 Thunderb
* Origin: _thePharcyde distribution system (Wisconsin) (21:1/200)