Bug#430508: spfquery segfault

Mon, 25 Jun 2007 07:30:22 -0700 

Package: spfquery
Version: 1.2.5.dfsg-2
Severity: normal
Tags: patch

Hi!

spfquery segfaults when passing it a -guess argument:

  $ spfquery -ip 1.2.3.4 -sender [EMAIL PROTECTED] -helo foo -guess blah

This is caused by spf_response_2mx being a null pointer in
APPEND_RESULT(SPF_response_result(spf_response_2mx));

I *think* that usage of this variable is all wrong in this routine, since
we're checking for fallback spf record not 2nd rcpt mx.  See attached patch
for a proposed fix.

-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-4-amd64
Locale: LANG=ca_AD.UTF-8, LC_CTYPE=ca_AD.UTF-8 (charmap=UTF-8)

Versions of packages spfquery depends on:
ii  libc6                       2.3.6.ds1-13 GNU C Library: Shared libraries
ii  libspf2-2                   1.2.5.dfsg-2 library for validating mail sender

spfquery recommends no packages.

-- no debconf information

diff -ur libspf2-1.2.5.dfsg.old/src/spfquery/spfquery.c libspf2-1.2.5.dfsg/src/spfquery/spfquery.c
--- libspf2-1.2.5.dfsg.old/src/spfquery/spfquery.c	2005-02-22 03:36:55.000000000 +0100
+++ libspf2-1.2.5.dfsg/src/spfquery/spfquery.c	2007-06-24 13:17:34.000000000 +0200
@@ -341,6 +341,7 @@
 	SPF_request_t	*spf_request = NULL;
 	SPF_response_t	*spf_response = NULL;
 	SPF_response_t	*spf_response_2mx = NULL;
+	SPF_response_t	*spf_response_fallback = NULL;
 	SPF_errcode_t	 err;
 
 	char			*opt_file = NULL;
@@ -670,20 +671,20 @@
 		/* We now have an option to call SPF_request_query_fallback */
 		if (opts->fallback) {
 			err = SPF_request_query_fallback(spf_request,
-							&spf_response, opts->fallback);
+							&spf_response_fallback, opts->fallback);
 			if (opts->debug)
-				response_print("fallback query", spf_response_2mx);
+				response_print("fallback query", spf_response_fallback);
 			if (err) {
 				response_print_errors("Failed to query best-guess",
-								spf_response, err);
+								spf_response_fallback, err);
 				CONTINUE_ERROR;
 			}
 
 			/* append the result */
-			APPEND_RESULT(SPF_response_result(spf_response_2mx));
+			APPEND_RESULT(SPF_response_result(spf_response_fallback));
 
 			spf_response = SPF_response_combine(spf_response,
-							spf_response_2mx);
+							spf_response_fallback);
 		}
 
 		printf( "%s\n%s\n%s\n%s\n",

Reply via email to