m_get_string(m, &buf) may set 'buf == NULL', which would lead
to strlen(NULL) in m_get_envelope.
I chose fatalx because that's what seems to be the common way to handle
errors in mproc but I don't know the code base to well.
Index: mproc.c
===================================================================
RCS file: /mount/openbsd/cvs/src/usr.sbin/smtpd/mproc.c,v
retrieving revision 1.35
diff -u -p -r1.35 mproc.c
--- mproc.c 3 Oct 2019 05:50:28 -0000 1.35
+++ mproc.c 16 Mar 2020 23:05:21 -0000
@@ -637,6 +637,8 @@ m_get_envelope(struct msg *m, struct env
m_get_evpid(m, &evpid);
m_get_string(m, &buf);
+ if (buf == NULL)
+ fatalx("empty envelope buffer");
if (!envelope_load_buffer(evp, buf, strlen(buf)))
fatalx("failed to retrieve envelope");
