[Dovecot] SEGV with Dovecot v1.0.0 Deliver and cmusieve v1.0.1 and vacation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hello,
I have a small Sieve script that tries to use vacation that segfaults. The script is the one from http://wiki.dovecot.org/LDA/Sieve.
When I change the email address (I changed the local part into "skai"), hence, vacation is skipped, the mail is delivered without any problem.
==== script start require ["fileinto", "vacation"]; # Move spam to spam folder if exists "X-Spam-Flag" { fileinto "spam"; # Stop here so that we do not reply on spams stop; } vacation # Reply at most once a day to a same sender :days 1 :subject "Out of office reply" # List of allowed recipient addresses from auto reply should be sent. :addresses ["ska@ux-2s11-9.inf.fh-bonn-rhein-sieg.de"] "I'm out of office, please contact Joan Doe instead. Best regards John Doe"; ========== END
========== Out of sieved .dovecot.sievec
Sievecode version 3 4: IF (ends at 13)exists{11}X-Spam-Flag
13:JUMP 20 19: FILEINTO {4}spam 19: STOP 20: VACATION {39}ska@ux-2s11-9.inf.fh-bonn-rhein-sieg.de 40 SUBJ({19}Out of office reply) 60 MESG({73}I'm out of office, please contact Joan Doe instead. Best regards John Doe) DAYS(1) MIME(0) full len is: 62 ========== END
gdb output: Core was generated by `/usr/local/dovecot/libexec/dovecot/deliver'. Program terminated with signal 11, Segmentation fault. #0 0xb7eef3a3 in strlen () from /lib/tls/i686/cmov/libc.so.6 (gdb) bt full #0 0xb7eef3a3 in strlen () from /lib/tls/i686/cmov/libc.so.6 No symbol table info available. #1 0xb7e2bcf3 in sieve_execute_bytecode (bc=0x80e3eb0, interp=0x80e3de8, script_context=0xbfb57800, message_context=0xbfb577c4) at script.c:398 hash = "\000\000\000\000¸Z0F\000\000\000\000¸Z0F" actions = (action_list_t *) 0x80e3850 notify_list = (notify_list_t *) 0x80e3830 actions_string = "Action(s) taken:\n", '\0' <repeats 4078 times> errmsg = 0x0 imapflags = {flag = 0x0, nflags = 0} #2 0xb7e1eb2c in cmu_sieve_run (storage=0x80d0a20, mail=0x80e03c8, script_path=0x80cbc48 "/home/ska/.dovecot.sieve", username=0x80cb030 "ska", mailbox=0x80bae92 "INBOX") at sieve-cmu.c:573 fd = <value optimized out> interp = (sieve_interp_t *) 0x80e3de8 bytecode = (sieve_bytecode_t *) 0x80e3eb0 sdata = {username = 0x80cb030 "ska", storage = 0x80d0a20, errors = 0x0} mdata = {mail = 0x80e03c8, mailbox = 0x80bae92 "INBOX", id = 0x80e4860 "<200704260754.l3Q7sWdu002894@ux-2s11-9.inf.fh-bonn-rhein-sieg.de>", return_path = 0x0, authuser = 0x80cb030 "ska", temp = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}} compiled_path = 0x80cbc68 "/home/ska/.dovecot.sievec" path = 0xb7fb0ff4 "<Í\022" ret = <value optimized out> #3 0xb7e1da72 in cmusieve_deliver_mail (storage=0x80d0a20, mail=0x80e03c8, username=0x80cb030 "ska", mailbox=0x80bae92 "INBOX") at cmusieve-plugin.c:72 script_path = 0x80cbc48 "/home/ska/.dovecot.sieve" #4 0x08057536 in main (argc=Cannot access memory at address 0x0 ) at deliver.c:679 tab = (struct var_expand_table *) 0x80cb068 config_path = 0x80bb79c "/usr/local/dovecot/etc/dovecot.conf" envelope_sender = 0x80bae98 "MAILER-DAEMON" mailbox = 0x80bae92 "INBOX" auth_socket = <value optimized out> home = <value optimized out> destination = 0x80cb030 "ska" user = 0x80cb030 "ska" mail_env = <value optimized out> flags = 1025 lock_method = MAIL_STORAGE_LOCK_FCNTL storage = (struct mail_storage *) 0x80d0a20 mbox_storage = (struct mail_storage *) 0x80d2d48 box = (struct mailbox *) 0x80dcc88 input = (struct istream *) 0x80d4044 t = (struct mailbox_transaction_context *) 0x80de2a0 mail = (struct mail *) 0x80e03c8 process_euid = 30000 i = 63 ret = <value optimized out> (gdb)
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBRjBdji9SORjhbDpvAQICoggAnzLxTlL8mDonntaDvwr/4JN6eWPIAm7o XP6hSw9JlbTsPY55keQMZpN/UNB/FXojcqI6lD4f/2dJqCEHmeB40NQZEMUN+f60 6+BHkE6vb2sMnXa09eQWg2d5zVKp6bHdSsbtzmWIsYX0stUFMncFTJVQgatHstDm DaSGMf6V2SwiPst/0tUbeTMqYhud9LU2YLhU3+T9AuTmcSGztohnJPGnqC1GLP+N m+KLbLF6B7ZMQ2RX+M+arzz8EQRHZ2622aqiLKoT+rVZ8LkLPzp4Whd9HK1MqMld KSjJuZBKgKuJr61SGqPboPOip635DgJH7g2BKgGnOHWvJf6E7U+Q9A== =1M3a -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Thu, 26 Apr 2007, Steffen Kaiser wrote:
Hello,
after digging in the CMU Sieve lib sources, I found where the problem stems from.
Somehow (I don't know why) in dovecot-sieve-1.0.1/src/libsieve/script.c:671
/* first, let's figure out if we should respond to this */
ret = makehash(hash, a->u.vac.send.addr,
a->u.vac.send.msg);
u.vac.send.addr is NULL.
Although, in dovecot-sieve-1.0.1/src/libsieve/bc_eval.c:256 I get the impression that this error handled by silently skipping vacation, if no return-path is available. It didn't happened for me. BTW: I want to have those replys ;-)
The reason is that by default sendmail does not pass forth Return-Path to the MDA and Dovecot deliver does not use the -f option for this reason.
The attached patch changes this by leting deliver_get_return_address() return any information available:
str = mail_get_first_header(mail, "Return-Path");
if(!str)
str = envelope_sender != DEFAULT_ENVELOPE_SENDER
? envelope_sender /* -f option */
: mail_get_first_header(mail, "From"); /* That's not the
most correct one, but alas */
The problem still exists, if neither of the three information is available, but, well ... .
Now, vacation is working.
Bye,
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBRmAmqC9SORjhbDpvAQKR9gf/W3rEkHaJwAfyMU4aMFyHy7i9W/zQQhQE s9fNfnyk+SDUbjkeDn+XmBSItVZf4PCY0DrdINzSiN6HVCBvekyWDyYN4dag9PB5 SGY1GEriApZYWloZXt6BMDjxHVu0mw74Zq1OhlwURHIWxUF2Fw2ryxEIIfgrsOgg pOC97nItWkN2zG7xFPDymZZ+n4q2CPV5U4Qslwp/XawDShk9v4j7oZPf9jbwZdjB w1n3t0t9VTanX16hpT27u7sdyO7Z5U3a1SovLGYmAK1nCk1ApfTNSLdtEErS+qQu BdVluHsL1AWUs8966UajBHBiHN1Nqq5KctNbYvOXM97WiqceVm/8gA== =JhgQ -----END PGP SIGNATURE-----
Steffen Kaiser wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Thu, 26 Apr 2007, Steffen Kaiser wrote:
Hello,
after digging in the CMU Sieve lib sources, I found where the problem stems from.
Somehow (I don't know why) in dovecot-sieve-1.0.1/src/libsieve/script.c:671
/* first, let's figure out if we should respond to this */ ret = makehash(hash, a->u.vac.send.addr, a->u.vac.send.msg);
u.vac.send.addr is NULL.
Although, in dovecot-sieve-1.0.1/src/libsieve/bc_eval.c:256 I get the impression that this error handled by silently skipping vacation, if no return-path is available. It didn't happened for me. BTW: I want to have those replys ;-)
The reason is that by default sendmail does not pass forth Return-Path to the MDA and Dovecot deliver does not use the -f option for this reason.
The attached patch changes this by leting deliver_get_return_address() return any information available:
str = mail_get_first_header(mail, "Return-Path"); if(!str) str = envelope_sender != DEFAULT_ENVELOPE_SENDER ? envelope_sender /* -f option */ : mail_get_first_header(mail, "From"); /* That's not the most correct one, but alas */
oh no. never ever send to the From header address. if your mail system doesn't provide the necessary informations, fix it or do whatever you want, but please don't add yet another broken outscatter system...
this is clear in RFC 3834:
<excerpt source=rfc3834>
If the response is to be generated after delivery, and there is no Return-Path field in the subject message, there is an implementation or configuration error in the SMTP server that delivered the message or gatewayed the message outside of SMTP. A Personal or Group responder SHOULD NOT deliver a response to any address other than that in the Return-Path field, even if the Return-Path field is missing. It is better to fix the problem with the mail delivery system than to rely on heuristics to guess the appropriate destination of the response. Such heuristics have been known to cause problems in the past. </excerpt>
In case you read the following sections, note that vacation is not a service responder.
The problem still exists, if neither of the three information is available, but, well ... .
If you don't have the necessary informations, don't send a vacation. stay on the safe side.
Now, vacation is working.
maybe for you, probably not for the masses of backscatter victims...
On Fri, 2007-06-01 at 16:01 +0200, Steffen Kaiser wrote:
Somehow (I don't know why) in dovecot-sieve-1.0.1/src/libsieve/script.c:671
/* first, let's figure out if we should respond to this */ ret = makehash(hash, a->u.vac.send.addr, a->u.vac.send.msg);
u.vac.send.addr is NULL.
How about this: http://hg.dovecot.org/dovecot-sieve-1.0/rev/c41e5970e2dc
participants (3)
-
mouss
-
Steffen Kaiser
-
Timo Sirainen