From owner-freebsd-ports-bugs@FreeBSD.ORG  Fri Mar  9 20:59:39 2007
Return-Path: <owner-freebsd-ports-bugs@FreeBSD.ORG>
X-Original-To: freebsd-ports-bugs@freebsd.org
Delivered-To: freebsd-ports-bugs@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 5DC3E16A406
	for <freebsd-ports-bugs@freebsd.org>;
	Fri,  9 Mar 2007 20:59:39 +0000 (UTC)
	(envelope-from vandaali@deviate.fi)
Received: from deviate.fi (deviate.fi [213.157.66.10])
	by mx1.freebsd.org (Postfix) with ESMTP id E787813C4A5
	for <freebsd-ports-bugs@freebsd.org>;
	Fri,  9 Mar 2007 20:59:38 +0000 (UTC)
	(envelope-from vandaali@deviate.fi)
Received: by deviate.fi (Postfix, from userid 545)
	id A526A5F5D5; Fri,  9 Mar 2007 22:31:16 +0200 (EET)
Received: from localhost (localhost [127.0.0.1])
	by deviate.fi (Postfix) with ESMTP id 9061B5F5D4
	for <freebsd-ports-bugs@freebsd.org>;
	Fri,  9 Mar 2007 22:31:16 +0200 (EET)
Date: Fri, 9 Mar 2007 22:31:16 +0200 (EET)
From: vandaali@deviate.fi
To: freebsd-ports-bugs@freebsd.org
Message-ID: <Pine.LNX.4.64.0703092230420.5895@deviate.fi>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Subject: mail/smtprc segfault
X-BeenThere: freebsd-ports-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Ports bug reports <freebsd-ports-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports-bugs>
List-Post: <mailto:freebsd-ports-bugs@freebsd.org>
List-Help: <mailto:freebsd-ports-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Mar 2007 20:59:39 -0000

I.	Incroduction.

Smtprc is an open source software which checks for open relays.

II.	Problem.

  Smtprc has an option which we can find documentation for, but it is not 
implemented.
Let's see:
-------------------------------------------------------------------------------
# ./smtprc -h
...
...
-i [ip list file]
                 Use this option to specify a list of ip addresses or
 		hostnames to scan
...
...

# ./smtprc -i foobar




         ----------------------------
         |    SMTP Relay Checker    |
         |      Spencer Hardy       |
         |   diceman@dircon.co.uk   |
         |          2.0.3           |
         ----------------------------



Segmentation fault (core dumped)
#
-------------------------------------------------------------------------------
As we can see it segfaults, let's see:
-------------------------------------------------------------------------------
# gdb ./smtprc smtprc.core
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you 
are
welcome to change it and/or distribute copies of it under certain 
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for 
details.
This GDB was configured as "i386-marcel-freebsd"...
Core was generated by `smtprc'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /usr/lib/libpthread.so.2...done.
Loaded symbols for /usr/lib/libpthread.so.2
Reading symbols from /lib/libc.so.6...done.
Loaded symbols for /lib/libc.so.6
Reading symbols from /libexec/ld-elf.so.1...done.
Loaded symbols for /libexec/ld-elf.so.1
#0  0x2814e762 in strchr () from /lib/libc.so.6
[New LWP 100226]
(gdb) bt
#0  0x2814e762 in strchr () from /lib/libc.so.6
#1  0x08049f47 in get_ip_range (iprange=0x0) at parse_config_files.c:63
#2  0x08049d14 in main (argc=3, argv=0xbfbfe874) at smtprc.c:62
(gdb) print o.ip_range
$1 = 0x0
-------------------------------------------------------------------------------

An here we have:

-------------------------------------------------------------------------------
# cat parse_args.c
/*cut*/
while((c = getopt(argc, argv, 
"ab:c:de:f:g:hi:j:k:l:m:no:p:qr:s:tu:vw:x:y:"))!=-1) {
/*cut*/

                         case 'i':       //specify an ip list
                                 f.ip_list = TRUE;
                                 o.ip_list=s_malloc((strlen(optarg)+1) * 
sizeof(char));
                                 strncpy(o.ip_list, optarg, 
strlen(optarg)); //wtf?;-)ip list file?:)
                                 o.ip_list[strlen(optarg)] = '\0';
/*cut*/


# cat smtprc.c
/*cut*/
parse_args(argc, argv);             //parses the command line args
/*cut*/
  get_ip_range(o.ip_range);
/*cut*/


# cat options.h
/*cut*/
struct options {
/*cut*/
char *ip_list;                          //ip list file
/*cut*/
-------------------------------------------------------------------------------
There is an option which has to be used by default, ip_range. This var is 
used without checking if it was initialized. In docs we can find that we 
should use ip_range XOR ip_list.
Becouse of that, we have segfault. ip_list option is not even implemented, 
what we saw earlier.

-------------------------------------------------------------------------------
# ./smtprc -h
...
...
-s [ip address range]
                 You can use this option to specify
                 the ip address range (or single host) to scan for
                 open relay's. Must be in the format 127.0.*.1-200
...
...
-------------------------------------------------------------------------------

Let's get deeper:

-------------------------------------------------------------------------------
# cat parse_args.c
/*cut*/
while((c = getopt(argc, argv, 
"ab:c:de:f:g:hi:j:k:l:m:no:p:qr:s:tu:vw:x:y:"))!=-1) {
/*cut*/
                         case 's': //IP RANGE TO SCAN
                                 f.ip_range = TRUE;
                                 o.ip_range=s_malloc((strlen(optarg)+1) * 
sizeof(char));
                                 strncpy(o.ip_range, optarg, 
strlen(optarg));
                                 o.ip_range[strlen(optarg)] = '\0';
                                 break;
/*cut*/


# cat options.c
void validate_options(void) {
/*cut*/
         if(f.ip_range && f.ip_list) {
                 fatal("You cannont supply both an ip list and ip 
range\n");
         }
/*cut*/
-------------------------------------------------------------------------------
As we can see, we can't use at the same time options ip_range && ip_list. 
The easiest way to avoid segfault is that easy patch, but better solution 
will be to implement such funcionality wchich is described in man.

--- CUT ---

--- smtprc.orig.c	Sat Feb 24 14:53:53 2007
+++ smtprc.c	Tue Feb  6 22:27:28 2007
@@ -59,7 +59,7 @@
  		parse_aconfig(); 
//parse auto config file
  	}
  	validate_options();                 //validate options
-        get_ip_range(o.ip_range);
+	get_ip_range( (o.ip_range) ? o.ip_range : o.ip_list); 
//parse the ip range and save into memory
  	parse_config(o.config_file);        //parse the checks config file
  	get_domain();                       //parse the email address
  	get_email_file(o.email_template);   //parse the template file

--- CUT ---

Best regards, Lukasz Jaroszewski (vandaali) && Adam Zabrocki (pi3 / 
pi3ki31ny).