On Wed, Jun 17, 2026 at 06:45:30PM -0400, Wietse Venema via Postfix-users wrote:
> * Root cause for bug 1:
>
> A missing 'break' statement after the code that converts
> a TLSA record to string.
FWIW, bug 2 is a result of changes in the Postfix DANE code. In
Postfix 3.6 I updated the DANE implementation to leverage the DANE
API in OpenSSL (evolved from the original code in Postfix).
Sadly, I neglected to take into account that the Postfix
mymalloc() requires all allocations to be at least one byte long.
However, the missing break in bug 1 was a result of new code
following the DANE TLSA code, rather than in the TLSA code itself:
postfix-3.1-20150523:
case T_TLSA:
... TLSA body ...
break;
postfix-3.1-20150710:
case T_TLSA:
... TLSA body ...
+ /*
+ * Commentary
+ * ...
+ */
+ case T_SOA:
+ ... SOA body ...
break;
Mistakes happen. Fortunately Postfix is designed to both minimise
mistakes and to be robust in the presence of the few mistakes that
inevitably happen. Postfix keeps working even when a particular
delivery agent process segfaults or aborts because an assertion
failed.
--
Viktor. 🇺🇦 Слава Україні!
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
