INN 1.5.2pre1 Software Action Items
1.5.2pre1 was a short-lived pre-release by Dave Barr. It was never released, as Dave Barr recommended switching to 1.7 instead.
NOTE: THIS DEFECT LIST IS NOT ACTIVELY MAINTAINED. The other defect lists are updated as new information on defects is available.
See Also
Defect lists for INN versions 1.5.1 and later
For an overview comparison of 1.5.1, 1.5.1sec2, 1.5.2pre1, 1.6b3, and 1.5.1corr, see inn1.5.1corr/1.7
Each item is tagged with a severity. See About Severity tags for Software Action Items
for a description.
Critical: Certain newgroup control messages can crash INN.
Applies to: innd/cc.c
OS: all
Fixed in stock 1.5.1: No. The patch for 1.5.1corr should work fine.
Fixed in stock 1.5.1sec2: Yes (although 1.5.1sec2 has other vulnerabilities)
Fixed in stock inn1.5.1corr: No. A fix is described in my message to the Usenet RKT subscribers: 19971010: Recent newgroup denial of service attack
Fixed in stock 1.6b3: Yes, although active.times will get a slightly invalid entry.
Fixed in stock 1.7: Yes
Critical: INN corrupts the active file if ctlinnd rmgroup/ctlinnd newgroup when throttled.
See INN FAQ 6.3
Applies to:??? Not identified.
OS: all
Fixed in stock 1.5.1: No.
Fixed in stock 1.5.1sec2: No.
Fixed in stock 1.5.2pre1: No
Fixed in stock inn1.5.1corr/1.7: No
Fixed in stock 1.6b3: No
Problem has not been identified. No fix is known.
Critical: Make sure newsfeeds has exactly one ME entry. (innd needs this
to run correctly, or may crash when reloading various files.)
Applies to:innd/newsfeeds.c
Fixed in stock 1.5.1: No
Fixed in stock 1.5.1sec2: No
Fixed in stock 1.5.2pre1: No
Fixed in stock inn1.5.1corr/1.7: Yes.
Fixed in stock 1.6b3: No
Patch for 1.5.1: Not known.
Patch for 1.6b3: Not known.
Defect: INN internal buffer copy of backlogged channel fails, leading to crashes
Defect: NNTP Connection can hang. (cp->State must be set before the call to NCwritereply)
applies to: innd/nc.c::NCquit near line 774
This bug is introduced in 1.5.2pre1, it does not appear in other versions.
Defect: cp->State must be set before the call to NCwritereply.
applies to: innd/nc.c: near code which calls RCauthorized, near line 456, 462
This bug is introduced in 1.5.2pre1, it does not appear in other versions.
Defect: cp->State must be set before the call to NCwritereply.
applies to: innd/nc.c::NCwaitfor() near line 555 code which calls NCinprogress,
This bug is introduced in 1.5.2pre1, it does not appear in other versions.
Defect: cp->State must be set before the call to NCwritereply.
applies to: innd/nc.c::NCihave() near line 604 code which calls NCinprogress,
This bug is introduced in 1.5.2pre1, it does not appear in other versions.
Defect: cp->State must be set before the call to NCwritereply.
applies to: innd/nc.c::NCxbatch() near line 667
This bug is introduced in 1.5.2pre1, it does not appear in other versions.
Defect: cp->State must be set before the call to NCwritereply.
applies to: innd/nc.c::NCxreplic near line 843
This bug is introduced in 1.5.2pre1, it does not appear in other versions.
Defect: cp->State must be set before the call to NCwritereply.
applies to: innd/nc.c::NCproc() near line 952 (BAD_COMMAND_COUNT) handling
This bug is introduced in 1.5.2pre1, it does not appear in other versions.
Defect: cp->State must be set before the call to NCwritereply.
applies to: innd/nc.c::NCproc() near line 1002 (BAD_COMMAND_COUNT) handling
This bug is introduced in 1.5.2pre1, it does not appear in other versions.
Defect: , calls NCwritereply() instead of WCHANappend(). Couldn't this call result in putting the channel to sleep before it is ready?
applies to: innd/nc.c::NChelp()
This bug is introduced in 1.5.2pre1, it does not appear in other versions.
Defect: Prevent the use of function call DDend() within DISPOSE(), in case your DISPOSE macro was something fancier than a single function call.
Applies to:frontends/inews.c
Fixed in stock 1.5.1: No
Fixed in stock 1.5.1sec2: No
Fixed in stock 1.5.2pre1: No
Fixed in stock inn1.5.1corr/1.7: Yes.
Fixed in stock 1.6b3: Yes.
Patch for 1.5.1: Not known.
Defect: Prevent the use of function call DDend() within DISPOSE(), in case your DISPOSE macro was something fancier than a single function call.
Applies to:nnrpd/post.c
Fixed in stock 1.5.1: No
Fixed in stock 1.5.1sec2: No
Fixed in stock 1.5.2pre1: No
Fixed in stock inn1.5.1corr/1.7: Yes.
Fixed in stock 1.6b3: Yes.
Patch for 1.5.1: Not known.
Defect: Some year 2038 fixes
Applies to:expire/makehistory.c near line 380
Fixed in stock 1.5.1: No
Fixed in stock 1.5.1sec2: No
Fixed in stock 1.5.2pre1: No
Fixed in stock inn1.5.1corr/1.7: Yes.
Fixed in stock 1.6b3: Yes.
Patch for 1.5.1: Not known.
Defect: Some year 2038 fixes
Applies to:expire/expire.c near line 46 and 799
Fixed in stock 1.5.1: No
Fixed in stock 1.5.1sec2: No
Fixed in stock 1.5.2pre1: No
Fixed in stock inn1.5.1corr/1.7: Yes.
Fixed in stock 1.6b3: Yes.
Patch for 1.5.1: Not known.
Defect: if a header is duplicated, the first one should be used to generate overview data.
Applies to:expire/expireover.c
Fixed in stock 1.5.1: No
Fixed in stock 1.5.1sec2: No
Fixed in stock 1.5.2pre1: No
Fixed in stock inn1.5.1corr/1.7: Yes.
Fixed in stock 1.6b3: Yes.
Patch for 1.5.1: Not known.
Defect: nnrpd crashes with long lines in corrupt overview files
Applies to nnrpd/article.c
Fixed in stock 1.5.1: No
Fixed in stock 1.5.1: No
Fixed in stock 1.5.1sec2: No
Fixed in stock 1.5.2pre1: No
Fixed in stock inn1.5.1corr: No (recent fix)
Fixed in stock 1.6b3: No (recent fix)
Fixed in stock 1.7: Yes
Patch for 1.5.1: Edward Marshall emarshal@xnet.com 29Aug1997
Defect: innd connection can hang when processing the HEAD command
Applies to innd/nc.c
Fixed in stock 1.5.1: Yes
Fixed in stock 1.5.1sec2: Yes
Fixed in stock 1.5.2pre1: No. See the patch
Fixed in stock inn1.5.1corr/1.7: No. See the patch
Fixed in stock 1.6b3: No. See the patch
Discovered/Reported: Yoshiro YONEYA <yone@pi.ntts.co.jp>
Patch for 1.5.1corr/1.7 and 1.5.2: nc971031.msg
Defect: Channel feeds (such as the one to overchan) sometimes backlog due to not being written often enough.
Defect: Clear IP_OPTIONS, including source routing on the socket.
Applies to:innd/rc.c. Near line 246+added function.
Fixed in stock 1.5.1: No
Fixed in stock 1.5.1sec2: No
Fixed in stock 1.5.2pre1: No
Fixed in stock inn1.5.1corr/1.7: Yes.
Fixed in stock 1.6b3: Yes.
Patch for 1.5.1: Not known.
Defect: year 2038 fix.
Applies to:innd/his.c: Two places near line 258
Fixed in stock 1.5.1: No
Fixed in stock 1.5.1sec2: No
Fixed in stock 1.5.2pre1: No
Fixed in stock inn1.5.1corr/1.7: Yes.
Fixed in stock 1.6b3: Yes.
Patch for 1.5.1: Not known.
Defect: compile time. Inclusion of <unistd.h>, <errno.h>
Applies to:innd/inndstart.c
Fixed in stock 1.5.1: No
Fixed in stock 1.5.1sec2: No
Fixed in stock 1.5.2pre1: No
Fixed in stock inn1.5.1corr/1.7: Yes.
Fixed in stock 1.6b3: Yes.
Patch for 1.5.1: Not known.
Defect: Compile-time, O/S dependent. Fixes ENOTSOCK and ENOTTY compile time tests after SetNonBlocking() fails.
Applies to:innd/chan.c
Fixed in stock 1.5.1: No
Fixed in stock 1.5.1sec2: No
Fixed in stock 1.5.2pre1: No
Fixed in stock inn1.5.1corr/1.7: Yes.
Fixed in stock 1.6b3: Yes.
Patch for 1.5.1: Not known.
Defect: Handling of case when header line starts with ': ', Not sure if this is a security issue.
Applies to:innd/art.c:Line 693.
Fixed in stock 1.5.1: No
Fixed in stock 1.5.1sec2: No
Fixed in stock 1.5.2pre1: No
Fixed in stock inn1.5.1corr/1.7: Yes.
Fixed in stock 1.6b3: Yes.
Patch for 1.5.1: Not known.
Defect: Year 2000 fix.
Applies to:nnrpd/misc.c in function NNTPtoGMT()
160DF, only in 1.6, should be in 1.5.1corr
Fixed in stock 1.5.1: No
Fixed in stock 1.5.1sec2: No
Fixed in stock 1.5.2pre1: No
Fixed in stock inn1.5.1corr/1.7: Yes.
Fixed in stock 1.6b3: Yes.
Patch for 1.5.1: Not known.
Defect: expireover -a does not handle multi-line headers correctly
Applies to:expire/expireover.c
Fixed in stock 1.5.1: No
Fixed in stock 1.5.1sec2: No
Fixed in stock 1.5.2pre1: No
Fixed in stock inn1.5.1corr/1.7: Yes.
Fixed in stock 1.6b3: Yes.
Patch for 1.5.1: Not known.
Defect: Casts to ensure long.
Applies to: backends/actsync.c near line 3391
Fixed in stock 1.5.1: No
Fixed in stock 1.5.1sec2: No
Fixed in stock 1.5.2pre1: No
Fixed in stock inn1.5.1corr/1.7: Yes.
Fixed in stock 1.6b3: Yes.
Patch for 1.5.1: Not known.
Annoyance: skip lines containing only spaces and tabs as comments.
Applies to:innd/newsfeeds.c: Near line 97:
Fixed in stock 1.5.1: No
Fixed in stock 1.5.1sec2: No
Fixed in stock 1.5.2pre1: No
Fixed in stock inn1.5.1corr/1.7: Yes.
Fixed in stock 1.6b3: Yes.
Patch for 1.5.1: Not known.
Annoyance: Don't append the same path twice
Applies to:innd/art.c: Line 565,
Fixed in stock 1.5.1: No
Fixed in stock 1.5.1sec2: No
Fixed in stock 1.5.2pre1: No
Fixed in stock inn1.5.1corr/1.7: Yes.
Fixed in stock 1.6b3: Yes.
Patch for 1.5.1: Not known.
Annoyance: printf needs %% to print a single %
Applies to: backends/actsync.c near line 969.
Fixed in stock 1.5.1: No
Fixed in stock 1.5.1sec2: No
Fixed in stock 1.5.2pre1: No
Fixed in stock inn1.5.1corr/1.7: Yes.
Fixed in stock 1.6b3: Yes.
Patch for 1.5.1: Not known.
Annoyance: No usage error when number of args was 3
Applies to:backends/sendxbatches.sh
Fixed in stock 1.5.1: No
Fixed in stock 1.5.1sec2: No
Fixed in stock 1.5.2pre1: No
Fixed in stock inn1.5.1corr/1.7: Yes.
Fixed in stock 1.6b3: Yes.
Patch for 1.5.1: Not known.
Improvement: Support for ftp of active file.
Applies to:backends/actsyncd.sh
Fixed in stock 1.5.1: No
Fixed in stock 1.5.1sec2: No
Fixed in stock 1.5.2pre1: No, this is a feature change.
Fixed in stock inn1.5.1corr/1.7: No, this is a feature change. 1.5.1corr exists to correct existing problems and defects in 1.5.1.
Fixed in stock 1.6b3: Yes.
Patch for 1.5.1: Not known.
Improvement: smarter handling of creating symlinks when directory had not already existed...
Applies to: backends/crosspost.c near Line 149, 171
Fixed in stock 1.5.1: No
Fixed in stock 1.5.1sec2: No
Fixed in stock 1.5.2pre1: No
Fixed in stock inn1.5.1corr/1.7: Yes.
Fixed in stock 1.6b3: Yes.
Patch for 1.5.1: Not known.
Improvement: lowmark feature addition to ctlinnd and expire, from inn-workers message of 1 July 1997 Craig Leres.
Applies to:expire/expireover.c
Fixed in stock 1.5.1: No
Fixed in stock 1.5.1sec2: No
Fixed in stock 1.5.2pre1: No, this is a feature change
Fixed in stock inn1.5.1corr/1.7: No, this is a feature change. 1.5.1corr exists to correct existing problems and defects in 1.5.1.
Fixed in stock 1.6b3: Yes.
Patch for 1.5.1: see the message. Not known if available on-line.
Improvement: Path exclusion checking only if not already found to be a duplicate.
Applies to:innd/art.c: Line 1771.
Fixed in stock 1.5.1: No
Fixed in stock 1.5.1sec2: No
Fixed in stock 1.5.2pre1: No
Fixed in stock inn1.5.1corr/1.7: Yes.
Fixed in stock 1.6b3: Yes.
Patch for 1.5.1: Not known.
Maintenance: removal of bogus width field to %ld printf argument. not needed and doesn't do any good anyway.
Applies to: backends/actsync.c near Lines 3433, 3449
Fixed in stock 1.5.1: No
Fixed in stock 1.5.1sec2: No
Fixed in stock 1.5.2pre1: No
Fixed in stock inn1.5.1corr/1.7: Yes.
Fixed in stock 1.6b3: Yes.
Patch for 1.5.1: Not known.
Maintenance: Two changes to static declarations of functions...
Applies to:expire/expireover.c
Fixed in stock 1.5.1: No
Fixed in stock 1.5.1sec2: No
Fixed in stock 1.5.2pre1: No
Fixed in stock inn1.5.1corr/1.7: Yes.
Fixed in stock 1.6b3: Yes.
Patch for 1.5.1: Not known.
Maintenance: Comment changes inserted when string buffer patches were done.
These changes can lead to incompatibility with third party patches. (Tagged in the Unified Sources as INN160CC)
Applies to: innd/* (12 occurrences)
Applies to: nnrpd/* (18 occurrences)
Applies to: lib/* (10 occurrences)
Changed in stock 1.5.1: Not needed
Changed in stock 1.5.1sec2: Yes
Changed in stock 1.5.2pre1: Yes
Changed in stock inn1.5.1corr/1.7: No. Not needed.
Changed in stock 1.6b3: Yes
Maintenance: String buffer handling changes which operate on internal data. The changes do not actually "fix" the problem, instead the data is truncated without warning or error, trading what is usually a detectable error due to overly long configuration settings, to a truncation problem which can be much harder to find. (Tagged in the Unified Sources as INN160SL)
Applies to: innd/* (111 occurrences)
Applies to: nnrpd/* (39 occurrences)
Applies to: lib/* (26 occurrences)
Changed in stock 1.5.1: Not needed
Changed in stock 1.5.1sec2: Yes
Changed in stock 1.5.2pre1: Yes
Changed in stock inn1.5.1corr/1.7: No. Not needed.
Changed in stock 1.6b3: Yes
Maintenance: String buffer handling changes which were not necessary for correctness. These changes can lead to incompatibility with third party patches These require snprintf(), and arguably make the code easier to maintain. (Tagged in the Unified Sources as INN160BS)
Applies to: innd/* (56 occurrences)
Applies to: nnrpd/* (24 occurrences)
Applies to: lib/* (3 occurrences)
Changed in stock 1.5.1: Not needed
Changed in stock 1.5.1sec2: Yes
Changed in stock 1.5.2pre1: Yes
Changed in stock inn1.5.1corr/1.7: No. Not needed.
Changed in stock 1.6b3: Yes
Maintenance: ARTmakeoverview does not initialize the .Size member of a BUFFER. This is a benign bug, but this does violate BUFFset handling assumptions.
innd/art.c
OS: all
Fixed in stock 1.5.1: No.
Fixed in stock 1.5.1sec2: No.
Fixed in stock 1.5.2pre1: No
Fixed in stock inn1.5.1corr/1.7: No. Later defect.
Fixed in stock 1.6b3: No
RKT Rapid-Links:[Search] [RKT Tips] Path: / Usenet RKT / For Providers / INN Patches / 0048.htm
You can find a summary and links related to this topic
as part of the Mib Software Usenet RKT.