Wietse Venema: > Tim D?sterhus: > > Yes, I understand that if I'm pretending to be Dovecot that I should > > talk like Dovecot or at least follow the protocol as documented in > > Dovecot's Wiki. The protocol error in my implementation is already fixed. > > > > It's just that Postfix never ever crashed on me before and I believe > > that it should never crash, even when facing protocol errors in talking > > to an "internal" service. Therefore I reported this issue with what I > > consider as much information as possible to make it easy enough for you > > to fix. > > > > I take the patch at the bottom of your email as "this patch is included > > in the next release" and thus consider this case closed. > > The code was contributed and not subjected to detailed verification. > It needs more work; during cursory examination I found that smtpd(8) > will abort after a safety check fails, when the "Dovecot" server > replies OK without sending username info back to the Dovecot client. > I'm traveling at the moment and do not have time for a detailed > analysis.
Updated patch follows. I would appreciate it if someone could verify that this reports no errors with a real Dovecot server. Wietse 20190825 Bugfix (introduced: 20051222): the Dovecot client could segfault (null pointer read) or cause an SMTP server assertion to fail when talking to a fake Dovecot server. It now logs a proper error instead. File: xsasl/xsasl_dovecot_server.c. *** ./src/xsasl/xsasl_dovecot_server.c- 2016-01-24 01:50:54.000000000 +0100 --- ./src/xsasl/xsasl_dovecot_server.c 2019-08-25 19:11:02.808234389 +0200 *************** *** 584,593 **** --- 584,603 ---- if (xsasl_dovecot_parse_reply(server, &line) == 0) { /* authentication successful */ xsasl_dovecot_parse_reply_args(server, line, reply, 1); + if (server->username == 0) { + msg_warn("missing Dovecot server %s username field", cmd); + vstring_strcpy(reply, "Authentication backend error"); + return XSASL_AUTH_FAIL; + } return XSASL_AUTH_DONE; } } else if (strcmp(cmd, "CONT") == 0) { if (xsasl_dovecot_parse_reply(server, &line) == 0) { + if (line == 0) { + msg_warn("missing Dovecot server %s reply field", cmd); + vstring_strcpy(reply, "Authentication backend error"); + return XSASL_AUTH_FAIL; + } vstring_strcpy(reply, line); return XSASL_AUTH_MORE; }