HEADS UP: critical locking bug in bogofilter 0.13.7.4...0.14.2

[Matthias Andree]

On Tue, 05 Aug 2003, Matthias Andree wrote:

> All users of bogofilter versions 0.13.7.4 to 0.14.2 are advised to apply
> the patch below and recompile and reinstall bogofilter (A "no previous
> prototype" warning can safely be ignored, it's harmless.), or to upgrade
> to a newer bogofilter-current version (no such release is available at
> the time I'm writing this).

It turns out the patch I posted was incomplete. Keep the patch installed
and use this one on top of it.

Index: src/datastore_db.c
===================================================================
RCS file: /cvsroot/bogofilter/bogofilter/src/datastore_db.c,v
retrieving revision 1.36
retrieving revision 1.37
diff -u -r1.36 -r1.37
--- src/datastore_db.c	5 Aug 2003 00:26:02 -0000	1.36
+++ src/datastore_db.c	5 Aug 2003 01:00:25 -0000	1.37
@@ -1,4 +1,4 @@
-/* $Id: datastore_db.c,v 1.36 2003/08/05 00:26:02 m-a Exp $ */
+/* $Id: datastore_db.c,v 1.37 2003/08/05 01:00:25 m-a Exp $ */
 
 /*****************************************************************************
 
@@ -237,6 +237,7 @@
 		db_close(handle, false);
 		return NULL;		/* handle already freed, ok to return */
 	    }
+
 	    if (db_lock(handle->fd[i], F_SETLK,
 			(short int)(open_mode == DB_READ ? F_RDLCK : F_WRLCK)))
 	    {
@@ -249,16 +250,16 @@
 		if (e != EAGAIN && e != EACCES) return NULL;
 		/* do not goto open_err here, db_close frees the handle! */
 	    } else {
-		break;
+		idx = COUNTOF(retryflags);
 	    }
-	}
-    }
+	} /* for i over handle */
+    } /* for idx over retryflags */
 
     if (handle) {
 	unsigned int i;
 	handle->locked = true;
 	for (i = 0; i < handle->count; i += 1) {
-	    if (handle->fd[i] < 0) 
+	    if (handle->fd[i] < 0)
 		handle->locked=false;
 	}
 	return (void *)handle;