[exim-dev] [Bug 1639] New: segfault in route_address

Top Page
Delete this message
Reply to this message
Author: admin
Date:  
To: exim-dev
Subject: [exim-dev] [Bug 1639] New: segfault in route_address
https://bugs.exim.org/show_bug.cgi?id=1639

            Bug ID: 1639
           Summary: segfault in route_address
           Product: Exim
           Version: 4.85
          Hardware: x86
                OS: Linux
            Status: NEW
          Severity: bug
          Priority: medium
         Component: Routing
          Assignee: nigel@???
          Reporter: arekm@???
                CC: exim-dev@???


I'm having a segfault for one message in queue where:

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff4ad11dd in ?? () from /lib64/libc.so.6
(gdb) bt
#0  0x00007ffff4ad11dd in ?? () from /lib64/libc.so.6
#1  0x00000000004835fd in route_address (addr=0x76fdc8, paddr_local=0x74add8
<addr_local>, paddr_remote=0x74ade8 <addr_remote>, addr_new=0x74ade0
<addr_new>,
    addr_succeed=0x74adf8 <addr_succeed>, verify=0) at route.c:1989
#2  0x0000000000434788 in deliver_message (id=0x7fffffffedf6
"1YQuRQ-0008GJ-QA", forced=1, give_up=0) at deliver.c:6158
#3  0x00000000004428db in main (argc=3, cargv=0x7fffffffeba8) at exim.c:4524
(gdb) frame 1
#1  0x00000000004835fd in route_address (addr=0x76fdc8, paddr_local=0x74add8
<addr_local>, paddr_remote=0x74ade8 <addr_remote>, addr_new=0x74ade0
<addr_new>,
    addr_succeed=0x74adf8 <addr_succeed>, verify=0) at route.c:1989
1989        ((Ustrstr(addr->message, "failed to expand") != NULL) ||
(Ustrstr(addr->message, "expansion of ") != NULL)) &&
(gdb) l
1984    /* Unset the address expansions, and return the final result. */
1985
1986    ROUTE_EXIT:
1987    if (yield == DEFER) {
1988      if (
1989        ((Ustrstr(addr->message, "failed to expand") != NULL) ||
(Ustrstr(addr->message, "expansion of ") != NULL)) &&
1990        (
1991          Ustrstr(addr->message, "mysql") != NULL ||
1992          Ustrstr(addr->message, "pgsql") != NULL ||
1993    #ifdef EXPERIMENTAL_REDIS
(gdb) print addr->message
$1 = (uschar *) 0x0
(gdb)


and I wonder how this is supposed to work if yield == DEFER and addr->message
is set to NULL?

1915
1916 addr->message = NULL;
1917 if (unseen && r->next != NULL)
1918   route_unseen(r->name, addr, paddr_local, paddr_remote, addr_new);
1919
1920 /* Unset the address expansions, and return the final result. */
1921
1922 ROUTE_EXIT:
1923 if (yield == DEFER) {
1924   if (
1925     ((Ustrstr(addr->message, "failed to expand") != NULL) ||
(Ustrstr(addr->message, "expansion of ") != NULL)) &&
1926     (
1927       Ustrstr(addr->message, "mysql") != NULL ||


--
You are receiving this mail because:
You are on the CC list for the bug.