On 9 Jul 2019, at 3.02, Joseph Tam via dovecot <dovecot@dovecot.org> wrote:
Issue 3) dovecot/doveconf segfaults on startup
It crashes here while processing dovecot.conf, as does "doveconf"
(settings-parser.c:1519 in setting_copy()) *dest_size = *src_size;
This is correct code.
It appears *src_size is not an 8-byte address aligned (0x5597c). It inherits this value from the calling routine as the sum of "set" (8-byte aligned) + "def->offset"=20 => misaligned address.
(settings-parser.c:1597 in settings_dup_full()) src = CONST_PTR_OFFSET(set, def->offset); (gdb) p set $2 = (const void *) 0x55968 (gdb) p *def $3 = {type = SET_SIZE, key = 0x2d548 "submission_max_mail_size", offset = 20, list_info = 0x0}
This is unexpected. But I don't see how it's a Dovecot bug. It seems as if your compiler doesn't do padding correctly and then crashes because it didn't do it correctly. I guess you're compiling this as 32bit? Is size_t 32bit or 64bit?
Can you try with the below small test program if it prints the same 20?
#include <stdio.h> #include <stdbool.h> #include <stddef.h>
#define in_port_t unsigned short
struct submission_settings { bool verbose_proctitle; const char *rawlog_dir;
const char *hostname;
const char *login_greeting;
const char *login_trusted_networks;
/* submission: */
size_t submission_max_mail_size;
unsigned int submission_max_recipients;
const char *submission_client_workarounds;
const char *submission_logout_format;
/* submission backend: */
const char *submission_backend_capabilities;
/* submission relay: */
const char *submission_relay_host;
in_port_t submission_relay_port;
bool submission_relay_trusted;
const char *submission_relay_user;
const char *submission_relay_master_user;
const char *submission_relay_password;
const char *submission_relay_ssl;
bool submission_relay_ssl_verify;
const char *submission_relay_rawlog_dir;
unsigned int submission_relay_max_idle_time;
unsigned int submission_relay_connect_timeout;
unsigned int submission_relay_command_timeout;
/* imap urlauth: */
const char *imap_urlauth_host;
in_port_t imap_urlauth_port;
int parsed_workarounds;
};
int main(void) { struct submission_settings set;
printf("offset = %ld\n", offsetof(struct submission_settings, submission_max_mail_size));
printf("size = %ld\n", sizeof(set.submission_max_mail_size));
return 0;
}