Segfault when using doveadm batch -A : kick
Apollon Oikonomopoulos
apoikos at debian.org
Fri Dec 7 21:34:48 EET 2018
On 21:33 Fri 07 Dec , Apollon Oikonomopoulos wrote:
> Hi,
>
> Apparently the "kick" doveadm_cmd_ver2 struct lacks a .mail_cmd member
> pointing to an appropriate allocation function, causing a NULL pointer
> dereference when used via `doveadm batch`.
>
> (gdb) bt
> #0 0x0000000000000000 in ?? ()
> #1 0x0000555555585882 in doveadm_mail_cmd_init (cmd=cmd at entry=0x7fffffffe680, set=0x5555555f2440) at doveadm-mail.c:596
> #2 0x0000555555586f68 in cmd_batch_add (argv=<optimized out>, argc=<optimized out>, batchctx=0x555555606538) at doveadm-mail-batch.c:78
> #3 cmd_batch_preinit () at doveadm-mail-batch.c:126
> #4 0x00005555555854ce in doveadm_mail_cmd_exec () at doveadm-mail.c:632
> #5 0x0000555555585e66 in doveadm_mail_cmd (argv=<optimized out>, argc=4, cmd=0x555555602a00) at doveadm-mail.c:748
> #6 doveadm_mail_try_run () at doveadm-mail.c:821
> #7 0x0000555555575e7f in main () at doveadm.c:404
> #8 0x00007ffff74acb17 in __libc_start_main (main=0x555555575990 <main>, argc=5, argv=0x7fffffffea18, init=<optimized out>, fini=<optimized out>,
> rtld_fini=<optimized out>, stack_end=0x7fffffffea08) at ../csu/libc-start.c:310
> #9 0x0000555555575fca in _start () at doveadm-mail.c:1127
>
> (gdb) p *cmd
> $5 = {alloc = 0x0, name = 0x5555555bdd0c "kick", usage_args = 0x5555555be738 "[-a <anvil socket path>] <user mask>[|]<ip/bits>"}
>
Forgot to add, this seems to affect both, 2.2 and 2.3 series.
More information about the dovecot
mailing list