Bug 1673293 - libopendmarc crashes on certain malformed records
Summary: libopendmarc crashes on certain malformed records
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: opendmarc
Version: epel7
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Adam Williamson
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-02-07 09:38 UTC by Tomasz Potęga
Modified: 2019-10-26 17:22 UTC (History)
3 users (show)

Fixed In Version: opendmarc-1.3.2-1.el7
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-10-19 16:52:37 UTC


Attachments (Terms of Use)
Patch fixing the issue (1.26 KB, patch)
2019-02-07 09:38 UTC, Tomasz Potęga
no flags Details | Diff
gdb session on a dumped core (1.98 KB, text/plain)
2019-02-07 09:39 UTC, Tomasz Potęga
no flags Details

Description Tomasz Potęga 2019-02-07 09:38:39 UTC
Created attachment 1527782 [details]
Patch fixing the issue

Description of problem:

Malformed DMARC record triggers a bug in libopendmarc, making application crash.

$ host -t txt _dmarc.bbsv2.net
_dmarc.bbsv2.net descriptive text "v=DMARC1\; p=reject\; rua=mailto:dmarc_agg@dmarc.250ok.net\; ruf=mailto:dmarc_fr@dmarc.250ok.net\; rf=afrfruf=mailto:dmarc_fr@dmarc.250ok.net\; fo=1\; pct=100\; rf=afrf"

No space before "ruf" tag makes the string longer than expected, returning NULL from a sanitizing function. A wrong operator is being used in the condition, causing a strlen() to be executed on the returned value.

There is a merge request pending upstream, but there seems to be no activity after a year's time:

https://sourceforge.net/p/opendmarc/code/merge-requests/7/

(I'm not the author of the MR or the sourceforge ticket, the patch attached is the result of debugging an in-house application).

Version-Release number of selected component (if applicable):
1.3.2.0.18.fc29

How reproducible:
Parsing a record causing the utility function to return NULL while processing some of the tags (see above).

Additional info:
Please see a gdb session attached, a patch is also included for reference.

Comment 1 Tomasz Potęga 2019-02-07 09:39:31 UTC
Created attachment 1527784 [details]
gdb session on a dumped core

Comment 2 Steve Siirila 2019-02-28 20:50:08 UTC
Note that the following command can be used to determine whether this bug has been fixed or not:

$ opendmarc-check bbsv2.net
Segmentation fault (core dumped)
$

Comment 3 Steve Siirila 2019-03-21 13:44:33 UTC
Can anyone provide an update on this patch?  We are unable to fully deploy opendmarc at all until this critical bug has been fixed and provided to RHEL6/7.

Comment 4 Fedora Update System 2019-10-04 19:08:42 UTC
FEDORA-EPEL-2019-5393542b88 has been submitted as an update to Fedora EPEL 6. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-5393542b88

Comment 5 Fedora Update System 2019-10-04 19:09:23 UTC
FEDORA-EPEL-2019-3bcbd2f338 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-3bcbd2f338

Comment 6 Fedora Update System 2019-10-04 19:10:19 UTC
FEDORA-2019-24b3f84f6e has been submitted as an update to Fedora 30. https://bodhi.fedoraproject.org/updates/FEDORA-2019-24b3f84f6e

Comment 7 Fedora Update System 2019-10-04 19:10:44 UTC
FEDORA-2019-6a2ca74e55 has been submitted as an update to Fedora 31. https://bodhi.fedoraproject.org/updates/FEDORA-2019-6a2ca74e55

Comment 8 Fedora Update System 2019-10-04 19:11:08 UTC
FEDORA-2019-e1f0417a24 has been submitted as an update to Fedora 29. https://bodhi.fedoraproject.org/updates/FEDORA-2019-e1f0417a24

Comment 9 Fedora Update System 2019-10-04 21:19:30 UTC
opendmarc-1.3.2-1.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-3bcbd2f338

Comment 10 Fedora Update System 2019-10-04 22:15:11 UTC
opendmarc-1.3.2-1.fc30 has been pushed to the Fedora 30 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-24b3f84f6e

Comment 11 Fedora Update System 2019-10-04 22:51:19 UTC
opendmarc-1.3.2-1.fc31 has been pushed to the Fedora 31 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-6a2ca74e55

Comment 12 Fedora Update System 2019-10-04 23:09:08 UTC
opendmarc-1.3.2-1.fc29 has been pushed to the Fedora 29 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-e1f0417a24

Comment 13 Fedora Update System 2019-10-05 01:24:18 UTC
opendmarc-1.3.2-1.el6 has been pushed to the Fedora EPEL 6 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-5393542b88

Comment 14 Fedora Update System 2019-10-12 01:29:27 UTC
opendmarc-1.3.2-1.fc29 has been pushed to the Fedora 29 stable repository. If problems still persist, please make note of it in this bug report.

Comment 15 Fedora Update System 2019-10-15 22:39:25 UTC
opendmarc-1.3.2-1.fc30 has been pushed to the Fedora 30 stable repository. If problems still persist, please make note of it in this bug report.

Comment 16 Steve Siirila 2019-10-16 21:16:44 UTC
Good news!  The test I mentioned earlier in this thread, in particular:

$ opendmarc-check bbsv2.net
Segmentation fault (core dumped)
$

does not cause a core dump after patching a RHEL 7 host with opendmarc-1.3.2-1.el7

As such, it is presumed that opendmarc will not crash for us once we put it into use on our production RHEL 7 MTA servers in the future and receive email from @bbsv2.net addresses.

Comment 17 Tomasz Potęga 2019-10-17 06:25:44 UTC
Yep, the update solves the problem for us, too. Thank you!

Comment 18 Adam Williamson 2019-10-17 15:39:47 UTC
That's great. The Fedora updates are now stable and the EPEL updates will go stable in two days (or sooner if they get +3 karma, but that's probably unlikely for a fairly niche package on EPEL).

Comment 19 Fedora Update System 2019-10-19 16:52:08 UTC
opendmarc-1.3.2-1.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.

Comment 20 Fedora Update System 2019-10-19 16:52:37 UTC
opendmarc-1.3.2-1.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.

Comment 21 Fedora Update System 2019-10-26 17:22:22 UTC
opendmarc-1.3.2-1.fc31 has been pushed to the Fedora 31 stable repository. If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.