** Summary changed: - Segfaults on sender verify callout, in _gnutls_trust_list_get_issuer + Segfaults on verify callout, in _gnutls_trust_list_get_issuer
** Description changed: We are experiencing segfaults in exim since upgrading from impish (4.94.2-7ubuntu2 with libgnutls30 3.7.1-5ubuntu1) to jammy (4.95-4ubuntu2 with libgnutls30 3.7.3-4ubuntu1), in - _gnutls_trust_list_get_issuer, seemingly in the sender verify callout - during message submission. + _gnutls_trust_list_get_issuer, seemingly in the sender/recipient verify + callout during message submission. Typically the initial attempt to submit a message crashes an exim child thread, but the same message is accepted when the sender retries. gdb backtrace: Thread 2.1 "exim4" received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7fe2f844d080 (LWP 29278)] 0x00007fe2f8f3eb2b in _gnutls_trust_list_get_issuer (flags=<optimised out>, issuer=<optimised out>, cert=<optimised out>, list=<optimised out>) at x509/../../../lib/x509/verify-high.c:1026 1026 x509/../../../lib/x509/verify-high.c: No such file or directory. (gdb) bt #0 0x00007fe2f8f3eb2b in _gnutls_trust_list_get_issuer (flags=<optimised out>, issuer=<optimised out>, cert=<optimised out>, - list=<optimised out>) at x509/../../../lib/x509/verify-high.c:1026 + list=<optimised out>) at x509/../../../lib/x509/verify-high.c:1026 #1 gnutls_x509_trust_list_get_issuer (list=list@entry=0x55ef6bd9c260, cert=0x55ef6bd9be20, issuer=issuer@entry=0x7ffc82dba510, - flags=flags@entry=16) at x509/../../../lib/x509/verify-high.c:1129 + flags=flags@entry=16) at x509/../../../lib/x509/verify-high.c:1129 #2 0x00007fe2f8f3f679 in gnutls_x509_trust_list_verify_crt2 (list=0x55ef6bd9c260, cert_list=0x7ffc82dba5c0, - cert_list_size=<optimised out>, data=<optimised out>, elements=<optimised out>, flags=33554432, voutput=0x7ffc82dba888, func=0x0) - at x509/../../../lib/x509/verify-high.c:1522 + cert_list_size=<optimised out>, data=<optimised out>, elements=<optimised out>, flags=33554432, voutput=0x7ffc82dba888, func=0x0) + at x509/../../../lib/x509/verify-high.c:1522 #3 0x00007fe2f8ed7516 in _gnutls_x509_cert_verify_peers (status=0x7ffc82dba888, elements=0, data=0x0, session=0x55ef6c0c1150) - at ../../lib/cert-session.c:597 + at ../../lib/cert-session.c:597 #4 gnutls_certificate_verify_peers (session=0x55ef6c0c1150, data=data@entry=0x0, elements=elements@entry=0, - status=status@entry=0x7ffc82dba888) at ../../lib/cert-session.c:776 + status=status@entry=0x7ffc82dba888) at ../../lib/cert-session.c:776 #5 0x00007fe2f8ed8000 in gnutls_certificate_verify_peers2 (session=<optimised out>, status=status@entry=0x7ffc82dba888) - at ../../lib/cert-session.c:653 + at ../../lib/cert-session.c:653 #6 0x000055ef6b7698ef in verify_certificate (state=<optimised out>, errstr=0x7ffc82dbaa20) - at /build/exim4-sMcKLv/exim4-4.95/b-exim4-daemon-light/build-Linux-x86_64/tls-gnu.c:2519 + at /build/exim4-sMcKLv/exim4-4.95/b-exim4-daemon-light/build-Linux-x86_64/tls-gnu.c:2519 #7 0x000055ef6b7a5d7b in tls_client_start.constprop.0 (cctx=cctx@entry=0x55ef6be0e688, conn_args=conn_args@entry=0x55ef6bdfe5f8, - tlsp=0x55ef6b7f59c0 <tls_out>, errstr=errstr@entry=0x7ffc82dbaa20, cookie=<optimised out>) - at /build/exim4-sMcKLv/exim4-4.95/b-exim4-daemon-light/build-Linux-x86_64/tls-gnu.c:3593 + tlsp=0x55ef6b7f59c0 <tls_out>, errstr=errstr@entry=0x7ffc82dbaa20, cookie=<optimised out>) + at /build/exim4-sMcKLv/exim4-4.95/b-exim4-daemon-light/build-Linux-x86_64/tls-gnu.c:3593 #8 0x000055ef6b78b0ef in smtp_setup_conn (sx=0x55ef6bdfe5e8, suppress_tls=<optimised out>) at transports/smtp.c:2673 #9 0x000055ef6b776350 in do_callout (pm_mailfrom=<optimised out>, se_mailfrom=<optimised out>, options=<optimised out>, - callout_connect=<optimised out>, callout_overall=<optimised out>, callout=<optimised out>, tf=0x7ffc82dbbc10, - host_list=<optimised out>, addr=0x7ffc82dbbdd0) - at /build/exim4-sMcKLv/exim4-4.95/b-exim4-daemon-light/build-Linux-x86_64/verify.c:677 + callout_connect=<optimised out>, callout_overall=<optimised out>, callout=<optimised out>, tf=0x7ffc82dbbc10, + host_list=<optimised out>, addr=0x7ffc82dbbdd0) + at /build/exim4-sMcKLv/exim4-4.95/b-exim4-daemon-light/build-Linux-x86_64/verify.c:677 #10 verify_address (vaddr=<optimised out>, fp=<optimised out>, options=<optimised out>, callout=<optimised out>, - callout_overall=<optimised out>, callout_connect=<optimised out>, se_mailfrom=<optimised out>, pm_mailfrom=<optimised out>, - routed=<optimised out>) at /build/exim4-sMcKLv/exim4-4.95/b-exim4-daemon-light/build-Linux-x86_64/verify.c:1947 + callout_overall=<optimised out>, callout_connect=<optimised out>, se_mailfrom=<optimised out>, pm_mailfrom=<optimised out>, + routed=<optimised out>) at /build/exim4-sMcKLv/exim4-4.95/b-exim4-daemon-light/build-Linux-x86_64/verify.c:1947 #11 0x000055ef6b6f1660 in acl_verify (where=where@entry=0, addr=addr@entry=0x7ffc82dbc5e0, - arg=0x55ef6babc2b8 "recipient/defer_ok/callout=30s,defer_ok,use_postmaster", user_msgptr=user_msgptr@entry=0x7ffc82dbca50, - log_msgptr=log_msgptr@entry=0x7ffc82dbca58, basic_errno=basic_errno@entry=0x7ffc82dbc38c) - at /build/exim4-sMcKLv/exim4-4.95/b-exim4-daemon-light/build-Linux-x86_64/acl.c:2168 + arg=0x55ef6babc2b8 "recipient/defer_ok/callout=30s,defer_ok,use_postmaster", user_msgptr=user_msgptr@entry=0x7ffc82dbca50, + log_msgptr=log_msgptr@entry=0x7ffc82dbca58, basic_errno=basic_errno@entry=0x7ffc82dbc38c) + at /build/exim4-sMcKLv/exim4-4.95/b-exim4-daemon-light/build-Linux-x86_64/acl.c:2168 #12 0x000055ef6b6f479e in acl_check_condition (level=<optimised out>, basic_errno=0x7ffc82dbc38c, log_msgptr=<optimised out>, - user_msgptr=<optimised out>, epp=<synthetic pointer>, addr=<optimised out>, where=<optimised out>, cb=0x55ef6babc298, - verb=<optimised out>) at /build/exim4-sMcKLv/exim4-4.95/b-exim4-daemon-light/build-Linux-x86_64/acl.c:3838 + user_msgptr=<optimised out>, epp=<synthetic pointer>, addr=<optimised out>, where=<optimised out>, cb=0x55ef6babc298, + verb=<optimised out>) at /build/exim4-sMcKLv/exim4-4.95/b-exim4-daemon-light/build-Linux-x86_64/acl.c:3838 #13 acl_check_internal (where=where@entry=0, addr=addr@entry=0x7ffc82dbc5e0, s=s@entry=0x55ef6bab9990 "acl_check_rcpt", - user_msgptr=user_msgptr@entry=0x7ffc82dbca50, log_msgptr=log_msgptr@entry=0x7ffc82dbca58) - at /build/exim4-sMcKLv/exim4-4.95/b-exim4-daemon-light/build-Linux-x86_64/acl.c:4225 + user_msgptr=user_msgptr@entry=0x7ffc82dbca50, log_msgptr=log_msgptr@entry=0x7ffc82dbca58) + at /build/exim4-sMcKLv/exim4-4.95/b-exim4-daemon-light/build-Linux-x86_64/acl.c:4225 #14 0x000055ef6b6f7b9e in acl_check (where=0, recipient=<optimised out>, s=0x55ef6bab9990 "acl_check_rcpt", - user_msgptr=0x7ffc82dbca50, log_msgptr=0x7ffc82dbca58) - at /build/exim4-sMcKLv/exim4-4.95/b-exim4-daemon-light/build-Linux-x86_64/acl.c:4539 + user_msgptr=0x7ffc82dbca50, log_msgptr=0x7ffc82dbca58) + at /build/exim4-sMcKLv/exim4-4.95/b-exim4-daemon-light/build-Linux-x86_64/acl.c:4539 #15 0x000055ef6b75c2fd in smtp_setup_msg () at /build/exim4-sMcKLv/exim4-4.95/b-exim4-daemon-light/build-Linux-x86_64/smtp_in.c:5283 #16 0x000055ef6b6e5cda in handle_smtp_call (accepted=0x7ffc82dbceb0, accept_socket=<optimised out>, - listen_socket_count=<optimised out>, listen_sockets=<optimised out>) - at /build/exim4-sMcKLv/exim4-4.95/b-exim4-daemon-light/build-Linux-x86_64/daemon.c:551 + listen_socket_count=<optimised out>, listen_sockets=<optimised out>) + at /build/exim4-sMcKLv/exim4-4.95/b-exim4-daemon-light/build-Linux-x86_64/daemon.c:551 #17 daemon_go () at /build/exim4-sMcKLv/exim4-4.95/b-exim4-daemon-light/build-Linux-x86_64/daemon.c:2594 #18 main (argc=<optimised out>, cargv=<optimised out>) - at /build/exim4-sMcKLv/exim4-4.95/b-exim4-daemon-light/build-Linux-x86_64/exim.c:4947 + at /build/exim4-sMcKLv/exim4-4.95/b-exim4-daemon-light/build-Linux-x86_64/exim.c:4947 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1974214 Title: Segfaults on verify callout, in _gnutls_trust_list_get_issuer To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/exim4/+bug/1974214/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
