[Dovecot] piegonhole seg fault with NULL user

Eray Aslan eray.aslan at caf.com.tr
Sun Aug 8 00:33:48 EEST 2010 

dovecot-2.0-piegonhole commit cac6acdc4d0e:

Crash when USER is NULL.  Backtrace is below.  Perhaps, we should check
for NULL and bail out early?

Eray


[...]
(gdb) cont
Continuing.

Program received signal SIGSEGV, Segmentation fault.
t_strcut (str=0x0, cutchar=64 '@') at strfuncs.c:277
277             for (p = str; *p != '\0'; p++) {
(gdb) bt full
#0  t_strcut (str=0x0, cutchar=64 '@') at strfuncs.c:277
        p = <value optimized out>
#1  0x4009c28b in get_var_expand_table (service=<value optimized out>,
input=<value optimized out>) at mail-storage-service.c:478
        static_tab = {{key = 117 'u', value = 0x0, long_key = 0x400f12ce
"user"}, {key = 110 'n', value = 0x0,
            long_key = 0x400f0966 "username"}, {key = 100 'd', value =
0x0, long_key = 0x400f096f "domain"}, {key = 115 's',
            value = 0x0, long_key = 0x400f129c "service"}, {key = 108
'l', value = 0x0, long_key = 0x400f0976 "lip"}, {
            key = 114 'r', value = 0x0, long_key = 0x400f097a "rip"},
{key = 112 'p', value = 0x0, long_key = 0x400f097e "pid"}, {
            key = 105 'i', value = 0x0, long_key = 0x400f8aec "uid"},
{key = 0 '\000', value = 0x0, long_key = 0x0}}
        tab = 0x85f737c
#2  0x4009c364 in user_expand_varstr (service=0x8603cf4, input=<value
optimized out>, str=0x8603e88 "0")
    at mail-storage-service.c:501
        ret = 0x85f71f0
        __FUNCTION__ = "user_expand_varstr"
#3  0x4009c8fc in mail_storage_service_next (ctx=0x8603470,
user=0x8603cf0, mail_user_r=0x8601e40) at mail-storage-service.c:835
        user_set = 0x8603d90
        home = <value optimized out>
        chroot = <value optimized out>
        error = <value optimized out>
        len = <value optimized out>
        temp_priv_drop = <value optimized out>
#4  0x4009dde4 in mail_storage_service_lookup_next (ctx=0x8603470,
input=0xbfb98524, user_r=0x8601e3c, mail_user_r=0x8601e40,
    error_r=0xbfb9855c) at mail-storage-service.c:925
        user = 0x8603cf0
        ret = <value optimized out>
#5  0x08055e35 in sieve_tool_init_finish (tool=0x8601e10) at
sieve-tool.c:210
        storage_service_flags = 144
        service_input = {module = 0x80586c7 "mail", service = 0x8601e58
"testsuite", username = 0x0, local_ip = {family = 0, u = {
              ip6 = {__in6_u = {__u6_addr8 = '\000' <repeats 15 times>,
__u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0,
                    0, 0, 0}}}, ip4 = {s_addr = 0}}}, remote_ip =
{family = 0, u = {ip6 = {__in6_u = {
                  __u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 =
{0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}},
              ip4 = {s_addr = 0}}}, userdb_fields = 0x0}
        username = <value optimized out>
        errstr = 0x4013d4cc "\205\300u%\203\304\020[^]\303\307D$\004"
#6  0x08054f5b in main (argc=2, argv=0x85ff1c0) at testsuite.c:147
        svinst = 0x4001da98
        scriptfile = 0x85f7058 "./tests/testsuite.svtest"
        dumpfile = 0x0
        tracefile = 0x0
        tr_config = {level = SIEVE_TRLVL_ACTIONS, flags = 0}
        sbin = <value optimized out>
        sieve_dir = <value optimized out>
        log_stdout = false
        ret = <value optimized out>
        c = <value optimized out>

More information about the dovecot mailing list