changeset 284:896b9393d3f0 stable-6-0-39

Fix segfault caused by freeing unallocated memory
author Carl Byington <carl@five-ten-sg.com>
date Tue, 31 Dec 2013 10:44:15 -0800
parents 7438f79afeb0
children 0bc4442e16c1
files ChangeLog NEWS configure.in dnsbl.spec.in src/dnsbl.cpp xml/dnsbl.in
diffstat 6 files changed, 45 insertions(+), 27 deletions(-) [+]
line wrap: on
line diff
--- a/ChangeLog	Tue Dec 24 08:22:01 2013 -0800
+++ b/ChangeLog	Tue Dec 31 10:44:15 2013 -0800
@@ -1,3 +1,6 @@
+6.39 2013-12-31
+    Fix segfault caused by freeing unallocated memory.
+
 6.38 2013-12-24
     Activate check for unique ip connection limits.
 
--- a/NEWS	Tue Dec 24 08:22:01 2013 -0800
+++ b/NEWS	Tue Dec 31 10:44:15 2013 -0800
@@ -1,3 +1,4 @@
+6.39 2013-12-31 Fix segfault caused by freeing unallocated memory.
 6.38 2013-12-24 Activate check for unique ip connection limits.
 6.37 2013-12-17 Add unique ip connection limits per authenticated id or email address.
 6.36 2013-09-09 Code cleanup, increase minimum hostname length for uribl checking.
--- a/configure.in	Tue Dec 24 08:22:01 2013 -0800
+++ b/configure.in	Tue Dec 31 10:44:15 2013 -0800
@@ -1,6 +1,6 @@
 
 AC_PREREQ(2.59)
-AC_INIT(dnsbl,6.38,carl@five-ten-sg.com)
+AC_INIT(dnsbl,6.39,carl@five-ten-sg.com)
 AC_CONFIG_SRCDIR([config.h.in])
 AC_CONFIG_HEADER([config.h])
 
--- a/dnsbl.spec.in	Tue Dec 24 08:22:01 2013 -0800
+++ b/dnsbl.spec.in	Tue Dec 31 10:44:15 2013 -0800
@@ -103,6 +103,9 @@
 
 
 %changelog
+* Tue Dec 31 2013 Carl Byington <carl@five-ten-sg.com> - 6.39-1
+- Fix segfault caused by freeing unallocated memory.
+
 * Tue Dec 24 2013 Carl Byington <carl@five-ten-sg.com> - 6.38-1
 - Activate check for unique ip connection limits.
 
--- a/src/dnsbl.cpp	Tue Dec 24 08:22:01 2013 -0800
+++ b/src/dnsbl.cpp	Tue Dec 31 10:44:15 2013 -0800
@@ -1176,24 +1176,6 @@
     priv.client_name   = smfi_getsymval(ctx, (char*)"_");
     if (!priv.helo)         priv.helo          = strdup("unknown");
     if (priv.authenticated) priv.authenticated = strdup(priv.authenticated);
-    {
-        const char *uid = (priv.authenticated) ? priv.authenticated : priv.mailaddr;
-        if (priv.authenticated || dc.default_context->is_unauthenticated_limited(priv.mailaddr)) {
-            int hourly, daily;
-            add_auth_address(uid, hourly, daily, priv.ip);
-            int h_limit = dc.default_context->find_address_limit(uid);
-            int d_limit = dc.default_context->get_daily_address_multiple() * h_limit;
-            if (debug_syslog > 1) {
-                char msg[maxlen];
-                snprintf(msg, sizeof(msg), "connect for %s (%d %d addresses, %d %d limits)", uid, hourly, daily, h_limit, d_limit);
-                my_syslog(&priv, msg);
-            }
-            if ((hourly > h_limit) || (daily > d_limit)){
-                smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", (char*)"unique connection ip address limit exceeded");
-                return SMFIS_REJECT;
-            }
-        }
-    }
     if (priv.client_name) {
         priv.client_name = strdup(priv.client_name);
         const char *p = strstr(priv.client_name, " [");
@@ -1221,6 +1203,22 @@
     if (dccifd_port) {
         priv.dccifd = new DccInterface(dccifd_port, &priv, priv.ip, priv.helo, priv.mailaddr);
     }
+    const char *uid = (priv.authenticated) ? priv.authenticated : priv.mailaddr;
+    if (priv.authenticated || dc.default_context->is_unauthenticated_limited(priv.mailaddr)) {
+        int hourly, daily;
+        add_auth_address(uid, hourly, daily, priv.ip);
+        int h_limit = dc.default_context->find_address_limit(uid);
+        int d_limit = dc.default_context->get_daily_address_multiple() * h_limit;
+        if (debug_syslog > 1) {
+            char msg[maxlen];
+            snprintf(msg, sizeof(msg), "connect for %s (%d %d addresses, %d %d limits)", uid, hourly, daily, h_limit, d_limit);
+            my_syslog(&priv, msg);
+        }
+        if ((hourly > h_limit) || (daily > d_limit)){
+            smfi_setreply(ctx, (char*)"550", (char*)"5.7.1", (char*)"unique connection ip address limit exceeded");
+            return SMFIS_REJECT;
+        }
+    }
     return SMFIS_CONTINUE;
 }
 
--- a/xml/dnsbl.in	Tue Dec 24 08:22:01 2013 -0800
+++ b/xml/dnsbl.in	Tue Dec 31 10:44:15 2013 -0800
@@ -200,6 +200,13 @@
                 domain.
             </para>
             <para>
+                This milter can also impose hourly and daily limits on the number of
+                different ip addresses used for SMTP AUTH connections. If a single
+                user is connecting from too many different ip addresses, we presume that
+                their authentication credentials have been discovered, and block their
+                outgoing mail.
+            </para>
+            <para>
                 Consider the case of a message from A to B passing thru this milter.  If
                 that message is not blocked, then we might eventually see a reply
                 message from B to A. If the filtering context for A includes an
@@ -334,10 +341,14 @@
                 that are unable to reply.
             </para>
             <para>
-                If the client has authenticated with sendmail, the rate limits are
+                If the client has authenticated with sendmail, the recipient rate limits
+                and connection ip address limits are
                 checked.  If the authenticated user has not exceeded the hourly or daily rate
                 limits, then the mail is accepted, the filtering contexts are not used,
-                the dns lists are not checked, and the body content is not scanned.  If
+                the dns lists are not checked, and the body content is not scanned.  These
+                rate limits can also be applied to unauthenticated connections, in which case
+                the envelope from value is used as the authentication id for lookup purposes.
+                If
                 the client has not authenticated with sendmail, we follow these steps
                 for each recipient.
             </para>
@@ -457,7 +468,7 @@
                 If the content uribl DNSBL is defined, and any of those host names are
                 on that DNSBL, and the host name is not on the &lt;configurable&gt;
                 ignore list, the mail is rejected. There are three lists that are suitable
-                here, uribl, surbl, and dbl.
+                here, URIBL, SURBL, and DBL.
             </para>
             <para>
                 If any non-whitelisted recipient has a filtering context with a non-zero
@@ -597,7 +608,8 @@
             </para>
             <para>
                 Add white/unknown to config for smtp authenticated connections. Currently
-                any authenticated connection is fully whitelisted. This would allow normal
+                any authenticated connection is fully whitelisted. The only spam control
+                on those connections is rate limiting. This feature would allow content based
                 spam controls to be applied even to authenticated connections. Add
                 context/authenticated_dnsbl_list and context/content/authenticated.
             </para>
@@ -613,8 +625,9 @@
                 mail software.
             </para>
             <para>
-                Add trusted_spf list of domains for which we trust their spf data. Mail
-                from their listed ip addresses from their domain will be whitelisted.
+                Add spf to the white/black/unknown values in env_from blocks. This
+                results in whitelisting that envelope from value as long as the connection
+                is made from an ip address listed in the domain spf txt record.
             </para>
         </refsect1>
 
@@ -787,8 +800,8 @@
 
     // hourly recipient rate limit by smtp auth client id, or unauthenticated mail from address
     // hourly unique ip addresses  by smtp auth client id, or unauthenticated mail from address
-    // default hourly rate limit is 30
-    // daily rate limits are 4 times the hourly limit
+    // default hourly recipient rate limit is 30
+    // daily recipient rate limits are 4 times the hourly limit
     // default hourly unique ip addresses is 5
     // daily unique ip addresses are 4 times the hourly limit
     rate_limit 30 4 5 4 { // default