Szerző: Mike Tubby Dátum: Címzett: exim-users Tárgy: Re: [exim] exim segfault on CSA check
Jeremy,
Does the use of a CNAME in this case violate an RFC? If so couldn't the
hardening detect it and log an error?
The miscreant hosts can then be rounded up and shot! lol
Mike
On 14/03/2019 12:09, Jeremy Harris via Exim-users wrote: > On 14/03/2019 11:35, Jeremy Harris via Exim-users wrote:
>> Also - is there any hope of getting a coredump?
> Cancel that request; I managed to duplicate the crash.
>
> Yes, we never thought that someone would cname their
> SRV record to a non-SRV-format name, and there was
> no hardening in the code. Also, td3x.com has no
> SRV record... so the lookup is going to fail anyway
> even if we decide to permit non-srv-format names
> as targets of CNAMES of SRV lookups. I'm not sure
> we care enough.
>
> I'll add the hardening.