Hi, in src/usr.sbin/smtpd/mta_session.c 1.124 two bugs are introduced: - getsockname/getpeername are passed a struct sockaddr, too small to hold an IPv6 address. - sa_len is uninitialized.
Detected thanks to -fstack-protector on Void Linux, which killed it immediately after connecting to the MTA. This patch fixes both issues: --- a/smtpd/mta_session.c +++ b/smtpd/mta_session.c @@ -1811,21 +1811,25 @@ mta_filter_end(struct mta_session *s) static void mta_connected(struct mta_session *s) { - struct sockaddr sa_src; - struct sockaddr sa_dest; + struct sockaddr_storage sa_src; + struct sockaddr_storage sa_dest; int sa_len; log_info("%016"PRIx64" mta connected", s->id); - if (getsockname(io_fileno(s->io), &sa_src, &sa_len) == -1) + sa_len = sizeof sa_src; + if (getsockname(io_fileno(s->io), + (struct sockaddr *)&sa_src, &sa_len) == -1) bzero(&sa_src, sizeof sa_src); - if (getpeername(io_fileno(s->io), &sa_dest, &sa_len) == -1) + sa_len = sizeof sa_dest; + if (getpeername(io_fileno(s->io), + (struct sockaddr *)&sa_dest, &sa_len) == -1) bzero(&sa_dest, sizeof sa_dest); mta_report_link_connect(s, s->route->dst->ptrname, 1, - (struct sockaddr_storage *)&sa_src, - (struct sockaddr_storage *)&sa_dest); + &sa_src, + &sa_dest); } static void Cheers, -- Leah Neukirchen <l...@vuxu.org> https://leahneukirchen.org/