Mercurial > dnsbl
comparison src/dnsbl.cpp @ 286:9bd5388bf469 stable-6-0-40
Fix possible segfault in mlfi_connect, hostaddr might be null
| author | Carl Byington <carl@five-ten-sg.com> |
|---|---|
| date | Wed, 05 Feb 2014 07:54:38 -0800 |
| parents | 896b9393d3f0 |
| children | bb69fdc3acaa |
comparison
equal
deleted
inserted
replaced
| 285:0bc4442e16c1 | 286:9bd5388bf469 |
|---|---|
| 1147 // | 1147 // |
| 1148 sfsistat mlfi_connect(SMFICTX *ctx, char *hostname, _SOCK_ADDR *hostaddr) | 1148 sfsistat mlfi_connect(SMFICTX *ctx, char *hostname, _SOCK_ADDR *hostaddr) |
| 1149 { | 1149 { |
| 1150 // allocate some private memory | 1150 // allocate some private memory |
| 1151 mlfiPriv *priv = new mlfiPriv; | 1151 mlfiPriv *priv = new mlfiPriv; |
| 1152 if (hostaddr->sa_family == AF_INET) { | 1152 if (hostaddr && (hostaddr->sa_family == AF_INET)) { |
| 1153 priv->ip = ((struct sockaddr_in *)hostaddr)->sin_addr.s_addr; | 1153 priv->ip = ((struct sockaddr_in *)hostaddr)->sin_addr.s_addr; |
| 1154 } | 1154 } |
| 1155 // save the private data | 1155 // save the private data |
| 1156 smfi_setpriv(ctx, (void*)priv); | 1156 smfi_setpriv(ctx, (void*)priv); |
| 1157 | 1157 |
| 1232 bool self = (strcmp(loto, priv.mailaddr) == 0); | 1232 bool self = (strcmp(loto, priv.mailaddr) == 0); |
| 1233 | 1233 |
| 1234 // some version of sendmail allowed rcpt to:<> and passed it thru to the milters | 1234 // some version of sendmail allowed rcpt to:<> and passed it thru to the milters |
| 1235 if (strcmp(loto, "<>") == 0) { | 1235 if (strcmp(loto, "<>") == 0) { |
| 1236 smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", (char*)"bogus recipient"); | 1236 smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", (char*)"bogus recipient"); |
| 1237 free((void*)loto); // cppcheck static analysis found memory leak | |
| 1237 return SMFIS_REJECT; | 1238 return SMFIS_REJECT; |
| 1238 } | 1239 } |
| 1239 // priv.mailaddr sending original message to loto | 1240 // priv.mailaddr sending original message to loto |
| 1240 CONTEXT &con = *(dc.find_context(loto)->find_context(priv.mailaddr)); | 1241 CONTEXT &con = *(dc.find_context(loto)->find_context(priv.mailaddr)); |
| 1241 VERIFYP ver = con.find_verify(loto); | 1242 VERIFYP ver = con.find_verify(loto); |