Open minfrin opened 1 year ago
Other segaults:
https://github.com/trusteddomainproject/OpenDMARC/issues/183
Did this crash happen with the patch from #183 applied? (The patch has been included in distros like Debian for a while.)
I haven’t experienced crashes with the patch applied. If you do see crashes even with the patch, please say exactly what commit you are using and what patches you did apply, so that we know exactly what the line numbers in the stack trace refer to.
Hi,
same problem on my OpenDMARC on CentOS-7. Is there a patch for CentOS-7/EPEL available?
Thank you! Klaus.
I can confirm the problem with opendmarc-daemon on CentOS 7. An update of the opendmarc package for CentOS-7/EPEL would help a lot.
To be clear: I am not aware of any crashing bugs in current OpenDMARC 1.4.2, with the necessary patch linked above applied. The patch is included for example in current Debian or current Ubuntu. If the patch is not applied in CentOS 7/EPEL, report the issue to the maintainers of the package, not here.
Hello. I have many of these crashes too. The patch adds NULL checks in opendmarc_arcseal_lookup(), but in my (and OP's) case, it's the opendmarc_arcseal_parse() which crashes.
It's the same problem :
tag_label = strsep(&token_ptr, "=");
tag_value = opendmarc_arcares_strip_whitespace(token_ptr);
strsep() may set token_ptr NULL (In case no delimiter was found, the token is taken to be the entire string stringp, and stringp is made NULL), which triggers the assert
in opendmarc_arcares_strip_whitespace()
Any mail from postfix mailing list trigger the crash, you can try, for example, this one
root@corrin:/tmp # opendmarc -f -c /tmp/opendmarc.conf
opendmarc: opendmarc-arcares.c:104: opendmarc_arcares_strip_whitespace: Assertion `string != NULL' failed.
Abandon (core dumped)
root@corrin:/ # milter-test-server -s unix:/tmp/opendmarc.sock -m /tmp/xhmo7mg8nvx.fsf@yw-1130.YW
You are wrong @BastienDurel. First, there is no function opendmarc_arcseal_lookup() here. Second, the mentioned patch #183 is all about adding NULL checks precisely in opendmarc_arcseal_parse(). Did you apply the patch #183?
You're right, I messed up my explanations. it's opendmarc_arcares_arc_parse
that misses NULL check (so not the OP's crash, do I need to open a new issue ?).
I run Debian 11 package, which has the patch.
Here is the backtrace of the crash :
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1 0x00007ff7740d4537 in __GI_abort () at abort.c:79
#2 0x00007ff7740d440f in __assert_fail_base (fmt=0x7ff77424b688 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=0x557ce52d31a7 "string != NULL", file=0x557ce52d316b "opendmarc-arcares.c", line=104, function=<optimized out>)
at assert.c:92
#3 0x00007ff7740e3662 in __GI___assert_fail (assertion=assertion@entry=0x557ce52d31a7 "string != NULL", file=file@entry=0x557ce52d316b "opendmarc-arcares.c", line=line@entry=104,
function=function@entry=0x557ce52d3260 <__PRETTY_FUNCTION__.2> "opendmarc_arcares_strip_whitespace") at assert.c:101
#4 0x0000557ce52cda44 in opendmarc_arcares_strip_whitespace (string=<optimized out>) at opendmarc-arcares.c:104
#5 opendmarc_arcares_arc_parse (hdr_arc=hdr_arc@entry=0x7ff771fc2ee5 "arc=none (Message is not ARC signed)", arc=arc@entry=0x7ff771fc29d0) at opendmarc-arcares.c:327
#6 0x0000557ce52c913f in mlfi_eom (ctx=0x557ce5a76bc0) at opendmarc.c:3734
#7 0x00007ff7742c55ec in mi_engine () from /usr/lib/x86_64-linux-gnu/libmilter.so.1.0.1
#8 0x00007ff7742c7f6e in ?? () from /usr/lib/x86_64-linux-gnu/libmilter.so.1.0.1
#9 0x00007ff77428dea7 in start_thread (arg=<optimized out>) at pthread_create.c:477
#10 0x00007ff7741ada2f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
This is a the strsep
that (I think) nullifies token_ptr https://github.com/trusteddomainproject/OpenDMARC/blob/9cebf724d601452d1a671ed5331551dbc18df83a/opendmarc/opendmarc-arcares.c#L268
Open #242
I'm seeing a sudden crash of opendmarc as below.
Managed to catch it in a debugger.
I see a flurry of segfaults today, not sure if this is one of those or a new one.