[Bug 65952] segfaults on amd64 systems

Herbert Straub Fri, 13 Oct 2006 09:25:50 -0700

Public bug reported:

Binary package hint: libspf2-2


Package: libspf2-2
Version: 1.2.5-3

The milter-greylist (linked with libspf2) segfaults every time on amd64 cpus. 
The
attached gdb shows:
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 1124096352 (LWP 5648)]
0x00002aaaab19d2a0 in memset () from /lib/libc.so.6

(gdb) bt
#0  0x00002aaaab19d2a0 in memset () from /lib/libc.so.6
#1  0x00002aaaaabcc5c2 in SPF_record_expand_data () from /usr/lib/libspf2.so.2
#2  0x00002aaaaabcccb7 in SPF_record_expand_data () from /usr/lib/libspf2.so.2
#3  0x00002aaaaabcceb6 in SPF_request_get_exp () from /usr/lib/libspf2.so.2
#4  0x00002aaaaabcdd6f in SPF_i_done () from /usr/lib/libspf2.so.2
#5  0x00002aaaaabcedf6 in SPF_record_interpret () from /usr/lib/libspf2.so.2
#6  0x00002aaaaabd1525 in SPF_request_is_loopback () from /usr/lib/libspf2.so.2
#7  0x00002aaaaabd15cf in SPF_request_query_mailfrom () from 
/usr/lib/libspf2.so.2
#8  0x000000000040cb75 in ?? ()
#9  0x0000000000403208 in ?? ()
#10 0x00002aaaab02273d in st_sender (g=0x43005140) at engine.c:853
#11 0x00002aaaab021bbe in mi_engine (ctx=0x547f30) at engine.c:355
#12 0x00002aaaab023b1f in mi_handle_session (ctx=0x547f30) at handler.c:45
#13 0x00002aaaab0228d9 in mi_thread_handle_wrapper (arg=0x549e40) at 
listener.c:566
#14 0x00002aaaaaf0d0fa in start_thread () from /lib/libpthread.so.0
#15 0x00002aaaab1f2ce2 in clone () from /lib/libc.so.6
#16 0x0000000000000000 in ?? ()
(gdb)

Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Installed/Config-files/Unpacked/Failed-config/Half-installed
|/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad)
||/ Name           Version        Description
+++-==============-==============-============================================
ii  libspf2-2      1.2.5-3        Sender Policy Framework library, written in

Carsten Koch-Mauthe found the same error and debugged the situation, see the 
mailinglist
article:

http://permalink.gmane.org/gmane.mail.spam.spf.devel/709

I created a patch, based on this analyses, but also change len from int
to size_t:

--- src/libspf2/spf_interpret.c.orig    2006-10-13 16:47:29.000000000 +0200
+++ src/libspf2/spf_interpret.c 2006-10-13 16:48:16.000000000 +0200
@@ -49,8 +49,8 @@
        SPF_record_t    *spf_record;
        SPF_errcode_t    err;
        char                    *buf;
-       int                              buflen;
-       int                              len;
+       size_t                   buflen;
+       size_t                   len;

        SPF_ASSERT_NOTNULL(spf_response);
        spf_request = spf_response->spf_request;

With this patch, the milter-greylist doesn't segfaults. I also report
this situation to the libspf2 developer mailinglist and to Debian
Bug#392793.

Regards
Herbert Straub

** Affects: libspf2 (Ubuntu)
     Importance: Undecided
         Status: Unconfirmed

-- 
segfaults on amd64 systems
https://launchpad.net/bugs/65952

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 65952] segfaults on amd64 systems

Reply via email to