MARBLE@MAPVXA.CFM.OHIO-STATE.EDU (Duane Marble) (02/21/90)
Each month SOFTWARE ENGINEERING NOTES (ACM Special Interest Group on Software Engineering) contains a section entitled "Risks to the Public in Computers and Related Systems". The current (Jan) issue contains not one but two "Risks of Mail" -- here is the first one: Several computers in the Earth Science department at Stanford were brought to their knees 13 Dec 89 by an interesting combination of bugs. For some reason the Stanford Chinese Student Association mailing list started bouncing mail infinitely between two Stanford machines. At each iteration the 30K of mail was rebroadcast anew to everyone on the list ... This was the first bug. I don't know why it happened. This bug alone would have been bad, but not catastrophic. The problem was that after each successive bounce the return address got longer and longer ... Once the reply address got up to about the length shown in this example (omitted here), they started to overflow a fixed-length buffer in all Berkeley-derived mails. This caused the affected mail processes to go crazy. First of all they sent an error message back to the sending machine (causing it to send the viral mail AGAIN 30 minutes later). Worse, the mangled mail processes continued to run forever until somebody kills them. One such process on a lightly-used Earth Science machine accumulated 9500 minutes of CPU before anyone figured out why the machine had been so slow for the preceeding week! [The author of this report goes on to describe the death of the dept. network under this stress - could not even log on to kill the process!] The second report also relates a "mail loop" problem which was less general. A message to a list server generated an automatic reply which generated an automatic reply ... Over 140 messages were passed back and forth before someone figured out how to cut the string! Duane Marble The Ohio State University