From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from resqmta-po-11v.sys.comcast.net (resqmta-po-11v.sys.comcast.net [IPv6:2001:558:fe16:19:96:114:154:170]) by hurricane.the-brannons.com (Postfix) with ESMTPS id 29A6577D7F for ; Wed, 15 Oct 2014 12:20:25 -0700 (PDT) Received: from resomta-po-12v.sys.comcast.net ([96.114.154.236]) by resqmta-po-11v.sys.comcast.net with comcast id 3XKH1p00956HXL001XKtB6; Wed, 15 Oct 2014 19:19:53 +0000 Received: from eklhad ([IPv6:2601:4:5380:4ee:21e:4fff:fec2:a0f1]) by resomta-po-12v.sys.comcast.net with comcast id 3XKs1p00a5LMg2101XKt46; Wed, 15 Oct 2014 19:19:53 +0000 To: Edbrowse-dev@lists.the-brannons.com From: Karl Dahlke Reply-to: Karl Dahlke User-Agent: edbrowse/3.5.1 Date: Wed, 15 Oct 2014 15:17:50 -0400 Message-ID: <20140915151750.eklhad@comcast.net> Mime-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 7bit DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net; s=q20140121; t=1413400793; bh=kCqXKcWL8pfCdcnJTCNH9yPIRHeoqY5soE3f8bKFqTk=; h=Received:Received:To:From:Reply-to:Subject:Date:Message-ID: Mime-Version:Content-Type; b=RtZP6ssqZOxCeqFvMu3jW8H+LZlpouUPVLvNutwkqNLataUBsjdw3Y9qy3RHcK3z6 abMeU04m2V7mocdgmk6+E4gkkAfpQUPHe7v0DRbXVceygYsp6xg10EjF+4OXJwOED7 AYYDzdzxj3xstZXWZGtiCO53a7AcfFvc1P3VkOhJLmJiFzUj/CJ+fBAAiFx9Gta9j0 doPCesOEj9xnF6aiCWVROZA+Lqf9NXso3Bo+jhkLUC6+Az/RDZuGjRaIFZS+WR1hBN 9PbBarH0oONT+Boiwg0wOHS3AA8wq+0d/FkNbGCQG6TwE2SoV2jqqscDwOBAqL8s5f T63JEmVzITDsw== Subject: [Edbrowse-dev] Blacklist Bug X-BeenThere: edbrowse-dev@lists.the-brannons.com X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Edbrowse Development List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Oct 2014 19:20:25 -0000 I have been chasing down a bug for several weeks - weeks because it is very random and very rare. It caused my mail client to blow up the minute I made the pop3 connection. curl does the connecting, so I had to think it was doing it right. The bug was probably mine. I must have set the stage for failure somewhere during initialization. The problem is, it only failed one time in 200, statistically. So I had to fetch mail 200 times to see the error, on average. Sometimes more. I'm sure comcast would shut me down if I hammered on their server over and over again. They'd think I was a windows computer, possessed by a virus. So I used my own mail server installed on my machine. I could hit that hundreds of times to get the program to blow up once. It didn't blow up however if I skipped reading the .ebrc config file. readConfig() is a rather ugly and uncommented 500 line subroutine; perhaps it was corrupting the heap and then curl stepped on the landmine. I painfully read through that routine, twice, and could see nothing wrong. More tests and more tests. Finally I discovered the problem is in loadBlacklist(). That wasn't called if I didn't specify a blacklist file because I didn't read the config file. My blacklist file is empty, but no matter, I still try to parse it, and I didn't put a \0 on the end, so I suppose the computer just read on and on until it found a 0 in memory. This corrupted something, then curl did malloc or free or something and boom. I put the 0 on the end and then it works. I have pushed this change, with a very much abbreviated description of the problem. One line of code, there it is. But I have another question for you. I'd like to scrap the whole feature. It's pointless and I don't think anyone uses it. It made sense I suppose 15 years ago, when spam came from specific ip addresses, and you could block those addresses in a file. That worked for a year or two, then the spammers saw that I and others were blocking based on ip, and they set up dynamic ips. They just change hour to hour. Then spammers put mailbots in pcs, and now spam can come from anywhere, even your friend. Spam detection and redirection is, I think, something edbrowse shouldn't try to do, in any fashion or by any mechanism. gmail does it better, much better, no way should I reinvent that wheel, even if I could, which I can't. Leave it to the mail server, or third party like spam assassan. So I propose scrapping the feature altogether - gone. I'm glad we already cut version 3.5.1. I didn't want to do too much else until that was set. But now we can move on, and at a minimum I fixed the heap corruption bug, and I think it makes sense to remove the entire feature. Karl Dahlke