changeset 190:004b855c6c1f

fix null pointer dereference from missing HELO command
author carl
date Sat, 10 Nov 2007 10:52:50 -0800
parents e10f5951b905
children 2a67d31099c3
files ChangeLog configure.in src/dnsbl.cpp src/dnsbl.h
diffstat 4 files changed, 14 insertions(+), 8 deletions(-) [+]
line wrap: on
line diff
--- a/ChangeLog	Sat Nov 10 10:41:04 2007 -0800
+++ b/ChangeLog	Sat Nov 10 10:52:50 2007 -0800
@@ -2,7 +2,7 @@
 
 6.13 2007-11-10
     HELO command is optional, and if missing caused a null pointer
-    dereference.
+    dereference. Use smfi_progress in libmilter if it is available.
 
 6.12 2007-10-13
     SMTP rejections take precedence over greylisting.
--- a/configure.in	Sat Nov 10 10:41:04 2007 -0800
+++ b/configure.in	Sat Nov 10 10:52:50 2007 -0800
@@ -46,12 +46,12 @@
 ACX_PTHREAD
 
 # See if we have progress callback
-#AC_CHECK_LIB([milter],
-#             [smfi_progress],
-#             [AC_DEFINE(_FFR_SMFI_PROGRESS, 1, Define to 1 to enable progress callback)],
-#             [AC_DEFINE(_FFR_SMFI_PROGRESS, 0, Define to 1 to enable progress callback)],
-#    	     [-lpthread]
-#             )
+AC_CHECK_LIB([milter],
+             [smfi_progress],
+             [AC_DEFINE(_FFR_SMFI_PROGRESS, 1, Define to 1 to enable progress callback)],
+             [AC_DEFINE(_FFR_SMFI_PROGRESS, 0, Define to 1 to enable progress callback)],
+    	     [-lpthread]
+             )
 
 AC_CONFIG_FILES([Makefile
                  dnsbl.rc
--- a/src/dnsbl.cpp	Sat Nov 10 10:41:04 2007 -0800
+++ b/src/dnsbl.cpp	Sat Nov 10 10:52:50 2007 -0800
@@ -244,6 +244,8 @@
 		pc->reference_count++;
 	pthread_mutex_unlock(&config_mutex);
 	get_fd();
+    ctx                 = NULL;
+    eom                 = false;
 	ip					= 0;
 	helo				= NULL;
 	mailaddr			= NULL;
@@ -289,6 +291,8 @@
 	if (assassin) delete assassin;
 	if (dccifd)   delete dccifd;
 	if (!final) {
+        ctx                 = NULL;
+        eom                 = false;
 		mailaddr			= NULL;
 		queueid 			= NULL;
 		authenticated		= NULL;
@@ -568,7 +572,7 @@
 int dns_interface(mlfiPriv &priv, char *question, bool maybe_ip, ns_map *nameservers) {
     // tell sendmail we are still working
     #if _FFR_SMFI_PROGRESS
-        smfi_progress(priv.ctx);
+        if (priv.eom) smfi_progress(priv.ctx);
     #endif
 
 	// this part can be done without locking the resolver mutex. Each
@@ -1186,6 +1190,7 @@
 	int 	  ip;
 	status	  st;
 	// process end of message
+    priv.eom = true;
 	if (priv.authenticated || priv.only_whites) rc = SMFIS_CONTINUE;
 	else {
 		// assert env_to not empty, it contains the
--- a/src/dnsbl.h	Sat Nov 10 10:41:04 2007 -0800
+++ b/src/dnsbl.h	Sat Nov 10 10:52:50 2007 -0800
@@ -26,6 +26,7 @@
 {
     // callback specific data
     SMFICTX *ctx;                           // updated everytime we fetch this priv pointer from the ctx
+    bool    eom;                            // are we in eom function, so progress function can be called?
 	// connection specific data
 	CONFIG	*pc;							// global filtering configuration
 	int 	fd; 							// to talk to dns resolver process