Bug 2259382 - Exim 4.97.1 : can't receive emails > 5 MB due to pcre2 bug
Summary: Exim 4.97.1 : can't receive emails > 5 MB due to pcre2 bug
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: exim
Version: 40
Hardware: Unspecified
OS: All
unspecified
urgent
Target Milestone: ---
Assignee: David Woodhouse
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2024-01-21 00:57 UTC by customercare
Modified: 2024-03-23 00:28 UTC (History)
4 users (show)

Fixed In Version: exim-4.97.1-5.fc41 exim-4.97.1-5.fc39 exim-4.97.1-5.fc38 exim-4.97.1-5.fc40
Clone Of:
Environment:
Last Closed: 2024-03-04 09:29:51 UTC
Type: Bug
Embargoed:


Attachments (Terms of Use)

Description customercare 2024-01-21 00:57:10 UTC
###REGRESSION### -> worked in 4.96.x

Bugtracker ( Bugzilla does not accept it for some bizzare reason )

https://bugs.exim.org/show_bug.cgi?id=3047

Description of problem:

exim 4.97.1 introduced a new bug on all fedora/redhat production systems upgrading from 4.96 to 4.97. 

According to exim devs, pcre2 miscalculates something to -16 and tries to alloc it. 

2024-01-21 00:36:09 1rRKsd-00000006BkG-0P8F bad internal_store_malloc request (2147483632 bytes) from function_store_get 66 

Sounds like a 32 bit unsigned int issue to me, as pcre2 does not detect that it calculated a -16.

Note:

do not switch the component to pcre2, but pls add the maintainers from pcre packages to this bug. Exim is broken on production systems, but we need to fix exim now, and can't wait for pcre2 to debug this.

@Pcre2 maintainers: 

pls provide a bug to the pcre2 bugtracker for this issue, they need to check, why they try to alloc 2 GB of memory, when they should not alloc memory at all due to negatives sizes. If the Exim devs are correct, this is a major bug in the lib. 


Version-Release number of selected component (if applicable):

4.97.0+

How reproducible:

100% reliable

Steps to Reproduce:

Send yourself a message with > 5 MB , i.e. 5 images from your phone.

Comment 1 customercare 2024-01-21 01:00:55 UTC
Additional note:

AFAIK the bug needs a config that utilizes pcre functionality i.e. regexp , which is very common, but may not be part of the default config shipped with exim. The most used regexp will the 0-day prevention rule from 2020 to filter out the "run{}" root-exploit.

Comment 2 Aoife Moloney 2024-02-15 23:10:58 UTC
This bug appears to have been reported against 'rawhide' during the Fedora Linux 40 development cycle.
Changing version to 40.

Comment 3 Fedora Update System 2024-03-04 09:23:35 UTC
FEDORA-2024-c4c5481a1c (exim-4.97.1-5.fc41) has been submitted as an update to Fedora 41.
https://bodhi.fedoraproject.org/updates/FEDORA-2024-c4c5481a1c

Comment 4 Fedora Update System 2024-03-04 09:29:51 UTC
FEDORA-2024-c4c5481a1c (exim-4.97.1-5.fc41) has been pushed to the Fedora 41 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 5 customercare 2024-03-04 13:57:48 UTC
Ähm.. yes. As you did not release a version for F38/39 , the issue still persists there. 

The bugreport was opened against Rawhide, as all version where affected.

Comment 6 David Woodhouse 2024-03-04 17:05:52 UTC
Indeed, the f39/f40 versions are built; not yet tested locally and pushed as an update. I'll do f38 too.

Comment 7 customercare 2024-03-04 17:41:10 UTC
thx

Comment 8 Fedora Update System 2024-03-05 12:54:58 UTC
FEDORA-2024-0f5e4879fd (exim-4.97.1-5.fc40) has been submitted as an update to Fedora 40.
https://bodhi.fedoraproject.org/updates/FEDORA-2024-0f5e4879fd

Comment 9 Fedora Update System 2024-03-05 12:55:19 UTC
FEDORA-2024-050c0b0b44 (exim-4.97.1-5.fc39) has been submitted as an update to Fedora 39.
https://bodhi.fedoraproject.org/updates/FEDORA-2024-050c0b0b44

Comment 10 Fedora Update System 2024-03-05 12:55:54 UTC
FEDORA-2024-f3fb15da40 (exim-4.97.1-5.fc38) has been submitted as an update to Fedora 38.
https://bodhi.fedoraproject.org/updates/FEDORA-2024-f3fb15da40

Comment 11 customercare 2024-03-05 13:38:06 UTC
While Updateing:

  Ausgeführtes Scriptlet: exim-clamav-4.97.1-5.fc38.x86_64                                                                                                                                                                                                                  2/6 
/bin/chown: warning: '.' should be ':': „exim.exim“


And after the server restart, a message from January war delivered.. that's strange.. in a positive way :D

it's a 20 MB mail, which had hit the the 2 MB limit issue in 4.97.1-1 and is now deliverable.

OP SUCCESS! :D

Comment 12 David Woodhouse 2024-03-05 15:05:54 UTC
> /bin/chown: warning: '.' should be ':': „exim.exim“

Fixed that one in rawhide but unless it's actually causing a problem, there's probably no need to backport it until/unless there's another bugfix update for earlier releases?

Thanks for testing.

Comment 13 customercare 2024-03-05 15:14:37 UTC
I agree on, that it's not urgent, in special for f38. 

AFAIK it's planned to change the behavior of chown in the medium future. Waiting too long, will create unnecessary issues in the future ;)

In the end, it's just a simple replace in the specfiles. Not worth waiting in a queue for years.

Comment 14 Fedora Update System 2024-03-06 01:41:25 UTC
FEDORA-2024-050c0b0b44 has been pushed to the Fedora 39 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2024-050c0b0b44`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2024-050c0b0b44

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 15 Fedora Update System 2024-03-06 02:11:18 UTC
FEDORA-2024-0f5e4879fd has been pushed to the Fedora 40 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2024-0f5e4879fd`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2024-0f5e4879fd

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 16 Fedora Update System 2024-03-06 02:34:55 UTC
FEDORA-2024-f3fb15da40 has been pushed to the Fedora 38 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2024-f3fb15da40`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2024-f3fb15da40

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 17 Fedora Update System 2024-03-14 01:07:39 UTC
FEDORA-2024-050c0b0b44 (exim-4.97.1-5.fc39) has been pushed to the Fedora 39 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 18 Fedora Update System 2024-03-14 01:39:14 UTC
FEDORA-2024-f3fb15da40 (exim-4.97.1-5.fc38) has been pushed to the Fedora 38 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 19 Fedora Update System 2024-03-23 00:28:43 UTC
FEDORA-2024-0f5e4879fd (exim-4.97.1-5.fc40) has been pushed to the Fedora 40 stable repository.
If problem still persists, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.