Hi,
Edgar (cc'ed) has kindly provided patches to fix a buffer error in mailaddr.c
for opensmtpd.
I've minimally tested it and am forwarding the patches.
Would like to be able to get them into 6.8 release as this is quite problematic
with lots of aliases.
Thanks,
Aisha
-------- Forwarded Message --------
Subject: Re: opensmtpd can't handle long lines in aliases table
Date: Thu, 6 Aug 2020 19:47:33 -0500
From: Edgar Pettijohn <ed...@pettijohn-web.com>
To: AIsha Tammy <openbsd.b...@aisha.cc>
Here are a few simple patches as discussed. These were written to apply
against current. However, they are pretty simple and may well apply to
others. With that in mind if you are using any filters they may not
work. My production system is still a couple version behind and the
current smtpd wouldn't work with some of my custom filters. So I had to
use a fairly basic temporary config for testing. I'm also including my
test <senders> table.
Steps involved: (untested off memory mostly, use doas as necessary)
cd /usr
cvs -d $CVSROOT checkout src
cp *.patch /usr/src/usr.sbin/smtpd
cd /usr/src/usr.sbin/smtpd
for file in `ls *.patch`
do
patch < $file
done
make
rcctl stop smtpd
#use the just built version at /usr/src/usr.sbin/smtpd/smtpd/smtpd
smtpd/smtpd -d -T expand
send a test email
if all goes well run it for an appropriat amount of time and make sure
there are not issues. If your satisfied send the patches to bugs@.
Enjoy,
Edgar
Index: mailaddr.c
===================================================================
RCS file: /cvs/src/usr.sbin/smtpd/mailaddr.c,v
retrieving revision 1.3
diff -u -p -u -r1.3 mailaddr.c
--- mailaddr.c 31 May 2018 21:06:12 -0000 1.3
+++ mailaddr.c 7 Aug 2020 00:14:24 -0000
@@ -77,15 +77,16 @@ mailaddr_line_split(char **line, char **
}
int
-mailaddr_line(struct maddrmap *maddrmap, const char *s)
+mailaddr_line(struct maddrmap *maddrmap, const char *s, size_t len)
{
struct maddrnode mn;
- char buffer[LINE_MAX];
- char *p, *subrcpt;
+ char *p, *subrcpt, *buffer;
int ret;
- memset(buffer, 0, sizeof buffer);
- if (strlcpy(buffer, s, sizeof buffer) >= sizeof buffer)
+ if ((buffer = calloc(len + 1, sizeof(char *))) == NULL)
+ return 0;
+
+ if (strlcpy(buffer, s, len + 1) >= len + 1)
return 0;
p = buffer;
@@ -93,11 +94,15 @@ mailaddr_line(struct maddrmap *maddrmap,
subrcpt = strip(subrcpt);
if (subrcpt[0] == '\0')
continue;
- if (!text_to_mailaddr(&mn.mailaddr, subrcpt))
+ if (!text_to_mailaddr(&mn.mailaddr, subrcpt)) {
+ free(buffer);
return 0;
+ }
log_debug("subrcpt: [%s]", subrcpt);
maddrmap_insert(maddrmap, &mn);
}
+
+ free(buffer);
if (ret >= 0)
return 1;
Index: smtpd.h
===================================================================
RCS file: /cvs/src/usr.sbin/smtpd/smtpd.h,v
retrieving revision 1.656
diff -u -p -u -r1.656 smtpd.h
--- smtpd.h 8 Apr 2020 07:30:44 -0000 1.656
+++ smtpd.h 7 Aug 2020 00:20:32 -0000
@@ -1438,7 +1438,7 @@ int makemap(int, int, char **);
/* mailaddr.c */
-int mailaddr_line(struct maddrmap *, const char *);
+int mailaddr_line(struct maddrmap *, const char *, size_t);
void maddrmap_init(struct maddrmap *);
void maddrmap_insert(struct maddrmap *, struct maddrnode *);
void maddrmap_free(struct maddrmap *);
Index: table.c
===================================================================
RCS file: /cvs/src/usr.sbin/smtpd/table.c,v
retrieving revision 1.48
diff -u -p -u -r1.48 table.c
--- table.c 10 Jan 2019 07:40:52 -0000 1.48
+++ table.c 7 Aug 2020 00:20:08 -0000
@@ -600,7 +600,7 @@ table_parse_lookup(enum table_service se
if (lk->maddrmap == NULL)
return (-1);
maddrmap_init(lk->maddrmap);
- if (!mailaddr_line(lk->maddrmap, line)) {
+ if (!mailaddr_line(lk->maddrmap, line, len)) {
maddrmap_free(lk->maddrmap);
return (-1);
}
