-
Notifications
You must be signed in to change notification settings - Fork 55
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Segfault in opendmarc_arcseal_parse() #236
Comments
Other segaults: |
Did this crash happen with the patch from #183 applied? (The patch has been included in distros like Debian for a while.) I haven’t experienced crashes with the patch applied. If you do see crashes even with the patch, please say exactly what commit you are using and what patches you did apply, so that we know exactly what the line numbers in the stack trace refer to. |
Hi, same problem on my OpenDMARC on CentOS-7. Is there a patch for CentOS-7/EPEL available? Thank you! |
I can confirm the problem with opendmarc-daemon on CentOS 7. An update of the opendmarc package for CentOS-7/EPEL would help a lot. |
To be clear: I am not aware of any crashing bugs in current OpenDMARC 1.4.2, with the necessary patch linked above applied. The patch is included for example in current Debian or current Ubuntu. If the patch is not applied in CentOS 7/EPEL, report the issue to the maintainers of the package, not here. |
Hello. I have many of these crashes too. The patch adds NULL checks in opendmarc_arcseal_lookup(), but in my (and OP's) case, it's the opendmarc_arcseal_parse() which crashes. It's the same problem :
strsep() may set token_ptr NULL (In case no delimiter was found, the token is taken to be the entire string *stringp, and *stringp is made NULL), which triggers the Any mail from postfix mailing list trigger the crash, you can try, for example, this one
|
You are wrong @BastienDurel. First, there is no function opendmarc_arcseal_lookup() here. Second, the mentioned patch #183 is all about adding NULL checks precisely in opendmarc_arcseal_parse(). Did you apply the patch #183? |
You're right, I messed up my explanations. it's I run Debian 11 package, which has the patch. Here is the backtrace of the crash :
This is a the OpenDMARC/opendmarc/opendmarc-arcares.c Line 268 in 9cebf72
|
Open #242 |
I'm seeing a sudden crash of opendmarc as below.
Managed to catch it in a debugger.
I see a flurry of segfaults today, not sure if this is one of those or a new one.
The text was updated successfully, but these errors were encountered: