[dovecot/core] b56977: lib-auth: Fix memory leak in auth_client_request_a...
GitHub
noreply at github.com
Wed Feb 28 23:26:44 EET 2018
Branch: refs/heads/release-2.3.0
Home: https://github.com/dovecot/core
Commit: b569776009d29e099e2508f47ecca924267f0b01
https://github.com/dovecot/core/commit/b569776009d29e099e2508f47ecca924267f0b01
Author: Timo Sirainen <timo.sirainen at dovecot.fi>
Date: 2018-01-30 (Tue, 30 Jan 2018)
Changed paths:
M src/lib-auth/auth-client-request.c
Log Message:
-----------
lib-auth: Fix memory leak in auth_client_request_abort()
This caused memory leaks when authentication was aborted. For example
with IMAP:
a AUTHENTICATE PLAIN
*
Broken by 9137c55411aa39d41c1e705ddc34d5bd26c65021
Commit: b20c2a5406727c861d0082f93038e581be70c003
https://github.com/dovecot/core/commit/b20c2a5406727c861d0082f93038e581be70c003
Author: Aki Tuomi <aki.tuomi at dovecot.fi>
Date: 2018-01-30 (Tue, 30 Jan 2018)
Changed paths:
M src/lib-auth/auth-client-request.c
M src/lib-auth/auth-server-connection.c
M src/lib-auth/auth-server-connection.h
Log Message:
-----------
lib-auth: Remove request after abort
Otherwise the request will still stay in hash table
and get dereferenced when all requests are aborted
causing an attempt to access free'd memory.
Found by Apollon Oikonomopoulos <apoikos at debian.org>
Broken in 1a29ed2f96da1be22fa5a4d96c7583aa81b8b060
Commit: 3213a028151e8dd48a688107b90df7bfbf73946d
https://github.com/dovecot/core/commit/3213a028151e8dd48a688107b90df7bfbf73946d
Author: Timo Sirainen <timo.sirainen at dovecot.fi>
Date: 2018-02-20 (Tue, 20 Feb 2018)
Changed paths:
M src/lib-mail/rfc822-parser.c
Log Message:
-----------
lib-mail: rfc822-parser - Add asserts to make sure parser state is correct
Commit: ccde1a8704eeea3a4ac7cd4803f52c4f89050be0
https://github.com/dovecot/core/commit/ccde1a8704eeea3a4ac7cd4803f52c4f89050be0
Author: Timo Sirainen <timo.sirainen at dovecot.fi>
Date: 2018-02-20 (Tue, 20 Feb 2018)
Changed paths:
M src/lib-mail/test-message-address.c
Log Message:
-----------
lib-mail: test-message-address - Add TEST_MESSAGE_ADDRESS_FLAG_SKIP_LIST flag
This commit just adds the flag and sets it to 0 for all existing tests.
Commit: 35eb25cdadfb64294d645bcb2305d63386ac594b
https://github.com/dovecot/core/commit/35eb25cdadfb64294d645bcb2305d63386ac594b
Author: Timo Sirainen <timo.sirainen at dovecot.fi>
Date: 2018-02-20 (Tue, 20 Feb 2018)
Changed paths:
M src/lib-mail/message-address.c
M src/lib-mail/test-message-address.c
Log Message:
-----------
lib-mail: Fix out-of-bounds read when parsing an invalid email address
The included unit test doesn't fail, but running it with valgrind shows
"Invalid read of size 1" error.
Broken in d6737a17a27402e7a262f7ba8a2ed588d576f23c
Discovered by Aleksandar Nikolic of Cisco Talos
Commit: a4e981cd2ad9445af24118d33c9613da60a5dd4c
https://github.com/dovecot/core/commit/a4e981cd2ad9445af24118d33c9613da60a5dd4c
Author: Timo Sirainen <timo.sirainen at dovecot.fi>
Date: 2018-02-20 (Tue, 20 Feb 2018)
Changed paths:
M src/lib-mail/message-address.c
M src/lib-mail/message-date.c
M src/lib-mail/message-part-data.c
M src/lib-mail/rfc2231-parser.c
M src/lib-mail/rfc822-parser.c
Log Message:
-----------
lib-mail: Make sure parsers don't accidentally go much beyond end pointer
Commit: 5f1a823f02e131933763a61d6e502f382c1c632f
https://github.com/dovecot/core/commit/5f1a823f02e131933763a61d6e502f382c1c632f
Author: Timo Sirainen <timo.sirainen at dovecot.fi>
Date: 2018-02-20 (Tue, 20 Feb 2018)
Changed paths:
M src/lib-mail/rfc822-parser.h
Log Message:
-----------
lib-mail: Add rfc822_parser_deinit()
It's not a strict requirement to call this, but it assert-crashes if the
state isn't valid.
Commit: aa2c38f334950b03098179fce6ea5d6ccb5dbfe6
https://github.com/dovecot/core/commit/aa2c38f334950b03098179fce6ea5d6ccb5dbfe6
Author: Timo Sirainen <timo.sirainen at dovecot.fi>
Date: 2018-02-20 (Tue, 20 Feb 2018)
Changed paths:
M src/lib-mail/message-address.c
M src/lib-mail/message-id.c
M src/lib-mail/message-parser.c
Log Message:
-----------
lib-mail: Refactor code to make the next commit smaller
Commit: 9bc65e82997ad813867a821eb8f9df7840242464
https://github.com/dovecot/core/commit/9bc65e82997ad813867a821eb8f9df7840242464
Author: Timo Sirainen <timo.sirainen at dovecot.fi>
Date: 2018-02-20 (Tue, 20 Feb 2018)
Changed paths:
M src/lib-mail/istream-attachment-extractor.c
M src/lib-mail/message-address.c
M src/lib-mail/message-date.c
M src/lib-mail/message-decoder.c
M src/lib-mail/message-id.c
M src/lib-mail/message-parser.c
M src/lib-mail/message-part-data.c
M src/lib-mail/message-search.c
M src/lib-mail/test-rfc2231-parser.c
M src/lib-mail/test-rfc822-parser.c
M src/plugins/fts/fts-build-mail.c
M src/plugins/fts/fts-parser-script.c
Log Message:
-----------
global: Call rfc822_parser_deinit() wherever possible
Commit: 811daa0c603a3adb2afd90780164640f5a0ba0bd
https://github.com/dovecot/core/commit/811daa0c603a3adb2afd90780164640f5a0ba0bd
Author: Timo Sirainen <timo.sirainen at dovecot.fi>
Date: 2018-02-20 (Tue, 20 Feb 2018)
Changed paths:
M src/login-common/client-common.c
Log Message:
-----------
*-login: Fix clients linked list corruption with SSL connections
This could have resulted in infinite loops or some of the clients being
skipped for some operations.
Commit: 014ac0202abb604acb30416949569688c52e692f
https://github.com/dovecot/core/commit/014ac0202abb604acb30416949569688c52e692f
Author: Aki Tuomi <aki.tuomi at dovecot.fi>
Date: 2018-02-21 (Wed, 21 Feb 2018)
Changed paths:
M src/config/config-filter.c
M src/config/config-filter.h
Log Message:
-----------
config: Add config_filter_get_all
Returns all filters
Commit: d89bdb7f3ae650fbdd5ea7f8f76cb257be37ea48
https://github.com/dovecot/core/commit/d89bdb7f3ae650fbdd5ea7f8f76cb257be37ea48
Author: Aki Tuomi <aki.tuomi at dovecot.fi>
Date: 2018-02-21 (Wed, 21 Feb 2018)
Changed paths:
M src/config/config-connection.c
Log Message:
-----------
config: Add command to request all filters
Commit: 3be6c1a14442ba0a63efa839218b89a6fe83494a
https://github.com/dovecot/core/commit/3be6c1a14442ba0a63efa839218b89a6fe83494a
Author: Aki Tuomi <aki.tuomi at dovecot.fi>
Date: 2018-02-21 (Wed, 21 Feb 2018)
Changed paths:
M src/lib-master/Makefile.am
M src/lib-master/master-service-settings-cache.c
M src/lib-master/master-service-settings-cache.h
M src/lib-master/master-service-settings.c
M src/lib-master/master-service-settings.h
M src/lib-master/test-master-service-settings-cache.c
Log Message:
-----------
lib-master: Support validating config filters against requests
Validation will sanitize the input request and drop any fields
that have no filter in config. E.g. if you have a local block
with name, and nothing else, then lip/rip will be dropped
from the request.
Commit: 8960d1c252a96ccfc120b08648ad3b7a0aa748c4
https://github.com/dovecot/core/commit/8960d1c252a96ccfc120b08648ad3b7a0aa748c4
Author: Aki Tuomi <aki.tuomi at dovecot.fi>
Date: 2018-02-21 (Wed, 21 Feb 2018)
Changed paths:
M src/login-common/login-settings.c
Log Message:
-----------
login-common: Enable config filtering by local name
Prevents servername misuse.
Commit: cd6517b17307e0100798fd76fb36f1e8505a43bc
https://github.com/dovecot/core/commit/cd6517b17307e0100798fd76fb36f1e8505a43bc
Author: Aki Tuomi <aki.tuomi at dovecot.fi>
Date: 2018-02-21 (Wed, 21 Feb 2018)
Changed paths:
M src/Makefile.am
Log Message:
-----------
lib-dns: Move before lib-master
Commit: 5666456eb7d989bf26604dfac84d72797fd2d92d
https://github.com/dovecot/core/commit/5666456eb7d989bf26604dfac84d72797fd2d92d
Author: Aki Tuomi <aki.tuomi at dovecot.fi>
Date: 2018-02-26 (Mon, 26 Feb 2018)
Changed paths:
M src/lib-master/master-service-settings-cache.c
Log Message:
-----------
lib-master: Check local_name only if both filter and input have it
Broken in cedc777a1acf830af4cf0b6e9b0f343c81e20adc
Commit: ee0c09c23dd85f3a40d74f3d12b0cfcaa45eef31
https://github.com/dovecot/core/commit/ee0c09c23dd85f3a40d74f3d12b0cfcaa45eef31
Author: Aki Tuomi <aki.tuomi at dovecot.fi>
Date: 2018-02-26 (Mon, 26 Feb 2018)
Changed paths:
M src/lib-master/master-service-settings-cache.c
Log Message:
-----------
lib-master: Fix dns_match_wildcard result value check
It returns 0, not TRUE.
Commit: ffd8a299483ea518fcd47a7de7ae639a2c1a5eae
https://github.com/dovecot/core/commit/ffd8a299483ea518fcd47a7de7ae639a2c1a5eae
Author: Timo Sirainen <timo.sirainen at dovecot.fi>
Date: 2018-02-28 (Wed, 28 Feb 2018)
Changed paths:
M NEWS
M configure.ac
Log Message:
-----------
Released v2.3.0.1.
Compare: https://github.com/dovecot/core/compare/c8b89eb99689...ffd8a299483e
More information about the dovecot-cvs
mailing list