MARBLE@MAPVXA.CFM.OHIO-STATE.EDU (Duane Marble) (02/21/90)
Each month SOFTWARE ENGINEERING NOTES (ACM Special Interest Group on
Software Engineering) contains a section entitled "Risks to the Public
in Computers and Related Systems". The current (Jan) issue contains not
one but two "Risks of Mail" -- here is the first one:
Several computers in the Earth Science department at Stanford were
brought to their knees 13 Dec 89 by an interesting combination of bugs.
For some reason the Stanford Chinese Student Association mailing list
started bouncing mail infinitely between two Stanford machines. At each
iteration the 30K of mail was rebroadcast anew to everyone on the list
... This was the first bug. I don't know why it happened. This bug alone
would have been bad, but not catastrophic.
The problem was that after each successive bounce the return address
got longer and longer ... Once the reply address got up to about the
length shown in this example (omitted here), they started to overflow a
fixed-length buffer in all Berkeley-derived mails. This caused the affected
mail processes to go crazy. First of all they sent an error message back
to the sending machine (causing it to send the viral mail AGAIN 30
minutes later). Worse, the mangled mail processes continued to run forever
until somebody kills them. One such process on a lightly-used Earth Science
machine accumulated 9500 minutes of CPU before anyone figured out why the
machine had been so slow for the preceeding week!
[The author of this report goes on to describe the death of the dept.
network under this stress - could not even log on to kill the process!]
The second report also relates a "mail loop" problem which was less
general. A message to a list server generated an automatic reply which
generated an automatic reply ... Over 140 messages were passed back and
forth before someone figured out how to cut the string!
Duane Marble
The Ohio State University