mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-30 05:38:06 +00:00
Code Issues Releases Wiki Activity

postfix-3.5.10

Browse Source
This commit is contained in:
Wietse Venema 2021-04-11 00:00:00 -05:00 committed by Viktor Dukhovni
parent 0dc6e48004
commit d65ef14f1d
6 changed files with 38 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
postfix/HISTORY
View File

@ -24905,3 +24905,24 @@ Apologies for any names omitted.
causing unnecessary dnssec_probe activity. The default is now causing unnecessary dnssec_probe activity. The default is now
"dane" when smtp_tls_security_level is "dane", otherwise it is "dane" when smtp_tls_security_level is "dane", otherwise it is
"may". File: global/mail_params.h. "may". File: global/mail_params.h.
20210411
Missing null pointer checks (introduced: Postfix 3.4) after
an internal I/O error during the smtp(8) to tlsproxy(8)
handshake. Found by Coverity, reported by Jaroslav Skarvada.
Based on fix by Viktor Dukhovni. File: tls/tls_proxy_client_scan.c.
Null pointer bug (introduced: Postfix 3.0) and memory leak
(introduced: Postfix 3.4) after an inline: table syntax
error in main.cf or master.cf. Found by Coverity, reported
by Jaroslav Skarvada. Based on fix by Viktor Dukhovni. File:
util/dict_inline.c.
Incomplete null pointer check (introduced: Postfix 2.10)
after truncated HaProxy version 1 handshake message. Found
by Coverity, reported by Jaroslav Skarvada. Fix by Viktor
Dukhovni. File: global/haproxy_srvr.c.
Missing null pointer check (introduced: Postfix alpha) after
null argv[0] value. File: global/mail_task.c.

2
postfix/src/global/haproxy_srvr.c
View File

@ -201,6 +201,8 @@ static int haproxy_srvr_parse_proto(const char *str, int *addr_family)
if (msg_verbose) if (msg_verbose)
msg_info("haproxy_srvr_parse: proto=%s", STR_OR_NULL(str)); msg_info("haproxy_srvr_parse: proto=%s", STR_OR_NULL(str));
if (str == 0)
return (-1);
#ifdef AF_INET6 #ifdef AF_INET6
if (strcasecmp(str, "TCP6") == 0) { if (strcasecmp(str, "TCP6") == 0) {
if (strchr((char *) proto_info->sa_family_list, AF_INET6) != 0) { if (strchr((char *) proto_info->sa_family_list, AF_INET6) != 0) {

6
postfix/src/global/mail_task.c
View File

@ -17,8 +17,8 @@
/* /*
/* The result is overwritten with each call. /* The result is overwritten with each call.
/* /*
/* A null argv0 argument requests that the current /* A null argv0 argument requests that the current result is
/* result is returned. /* returned, or "unknown" when no current result exists.
/* LICENSE /* LICENSE
/* .ad /* .ad
/* .fi /* .fi
@ -59,6 +59,8 @@ const char *mail_task(const char *argv0)
const char *slash; const char *slash;
const char *tag; const char *tag;
if (argv0 == 0 && canon_name == 0)
argv0 = "unknown";
if (argv0) { if (argv0) {
if (canon_name == 0) if (canon_name == 0)
canon_name = vstring_alloc(10); canon_name = vstring_alloc(10);

4
postfix/src/global/mail_version.h
View File

@ -20,8 +20,8 @@
* Patches change both the patchlevel and the release date. Snapshots have no * Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only. * patchlevel; they change the release date only.
*/ */
#define MAIL_RELEASE_DATE "20210117" #define MAIL_RELEASE_DATE "20210411"
#define MAIL_VERSION_NUMBER "3.5.9" #define MAIL_VERSION_NUMBER "3.5.10"
#ifdef SNAPSHOT #ifdef SNAPSHOT
#define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE #define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE

9
postfix/src/tls/tls_proxy_client_scan.c
View File

@ -430,7 +430,8 @@ static int tls_proxy_client_certs_scan(ATTR_SCAN_MASTER_FN scan_fn,
if (buf) if (buf)
vstring_free(buf); vstring_free(buf);
if (ret != 1) { if (ret != 1) {
tls_proxy_client_certs_free(head); if (head)
tls_proxy_client_certs_free(head);
head = 0; head = 0;
} }
*(TLS_CERTS **) ptr = head; *(TLS_CERTS **) ptr = head;
@ -489,7 +490,8 @@ static int tls_proxy_client_pkeys_scan(ATTR_SCAN_MASTER_FN scan_fn,
if (buf) if (buf)
vstring_free(buf); vstring_free(buf);
if (ret != 1) { if (ret != 1) {
tls_proxy_client_pkeys_free(head); if (head)
tls_proxy_client_pkeys_free(head);
head = 0; head = 0;
} }
*(TLS_PKEYS **) ptr = head; *(TLS_PKEYS **) ptr = head;
@ -538,7 +540,8 @@ static int tls_proxy_client_tlsa_scan(ATTR_SCAN_MASTER_FN scan_fn,
ret = (ret == 3 ? 1 : -1); ret = (ret == 3 ? 1 : -1);
} }
if (ret != 1) { if (ret != 1) {
tls_proxy_client_tlsa_free(head); if (head)
tls_proxy_client_tlsa_free(head);
head = 0; head = 0;
} }
*(TLS_TLSA **) ptr = head; *(TLS_TLSA **) ptr = head;

6
postfix/src/util/dict_inline.c
View File

@ -113,9 +113,9 @@ DICT *dict_inline_open(const char *name, int open_flags, int dict_flags)
dict = dict_open3(DICT_TYPE_HT, name, open_flags, dict_flags); dict = dict_open3(DICT_TYPE_HT, name, open_flags, dict_flags);
dict_type_override(dict, DICT_TYPE_INLINE); dict_type_override(dict, DICT_TYPE_INLINE);
while ((nameval = mystrtokq(&cp, CHARS_COMMA_SP, CHARS_BRACE)) != 0) { while ((nameval = mystrtokq(&cp, CHARS_COMMA_SP, CHARS_BRACE)) != 0) {
if ((nameval[0] != CHARS_BRACE[0] if (nameval[0] == CHARS_BRACE[0])
|| (err = free_me = extpar(&nameval, CHARS_BRACE, EXTPAR_FLAG_STRIP)) == 0) err = free_me = extpar(&nameval, CHARS_BRACE, EXTPAR_FLAG_STRIP);
&& (err = split_qnameval(nameval, &vname, &value)) != 0) if (err != 0 || (err = split_qnameval(nameval, &vname, &value)) != 0)
break; break;
if ((dict->flags & DICT_FLAG_SRC_RHS_IS_FILE) != 0) { if ((dict->flags & DICT_FLAG_SRC_RHS_IS_FILE) != 0) {