Date: Wed, 1 Nov 2006 11:00:52 GMT From: Christophe Thil<chris@thil.de> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/105001: libspf2 segfaults when verifying SPF Queries Message-ID: <200611011100.kA1B0qEQ041679@www.freebsd.org> Resent-Message-ID: <200611011110.kA1BAChQ084733@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 105001 >Category: ports >Synopsis: libspf2 segfaults when verifying SPF Queries >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Wed Nov 01 11:10:12 GMT 2006 >Closed-Date: >Last-Modified: >Originator: Christophe Thil >Release: 6.1-RELEASE >Organization: >Environment: FreeBSD galibier.thil.de 6.1-RELEASE-p10 FreeBSD 6.1-RELEASE-p10 #1: Wed Oct 18 23:33:34 CEST 2006 chris@galibier.thil.de:/usr/obj/usr/src/sys/GALIBIER amd64 >Description: When verifying SPF records, libspf2 segfaults if the verified sender is prohibited by spf records. This does not only affect spfquery, but other programs using libspf2 (like exim), too. Example: [chris@galibier ~]$ spfquery -ip=88.198.155.186 -sender=chris@thil.de works, because this IP address is a valid sender [chris@galibier ~]$ spfquery -debug=9 -ip=1.2.3.4 -sender=chris@thil.de crashed, because 1.2.3.4 is not a valid sender Running with debug gives the following information: [snip] spf_dns.c:62 Debug: DNS cache lookup: mail.thil.de A (1) spf_dns.c:62 Debug: DNS resolv lookup: mail.thil.de A (1) spf_dns_resolv.c:207 Debug: msg id: 41727 spf_dns_resolv.c:208 Debug: ns_f_qr quest/resp: 1 spf_dns_resolv.c:209 Debug: ns_f_opcode: 0 spf_dns_resolv.c:210 Debug: ns_f_aa auth ans: 1 spf_dns_resolv.c:211 Debug: ns_f_tc truncated: 0 spf_dns_resolv.c:212 Debug: ns_f_rd rec desire: 1 spf_dns_resolv.c:213 Debug: ns_f_ra rec avail: 1 spf_dns_resolv.c:214 Debug: ns_f_rcode: 0 spf_dns_resolv.c:226 Debug: Answer: 1 spf_dns_resolv.c:244 Debug: name: mail.thil.de type: 1 class: 1 ttl: 14400 rdlen: 4 spf_dns_resolv.c:258 Debug: A: 88.198.155.186 spf_dns.c:86 Debug: DNS resolv found: mail.thil.de A (1) TTL: 0 RR found: 1 herrno: 0 source: resolv spf_dns.c:86 Debug: DNS cache found: mail.thil.de A (1) TTL: 0 RR found: 1 herrno: 0 source: resolv spf_interpret.c:810 Debug: 0: found 1 A records for mail.thil.de (herrno: 0) spf_interpret.c:453 Debug: ip_match: 1.2.3.4 == 88.198.155.186 (/32 255.255.255.255): 0 Segmentation fault: 11 (core dumped) gdb gives: Program received signal SIGSEGV, Segmentation fault. [Switching to LWP 100092] 0x00000008009351e4 in memset () from /lib/libc.so.6 >How-To-Repeat: run spfquery -ip=1.2.3.4 -sender=chris@thil.de >Fix: >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200611011100.kA1B0qEQ041679>