Created attachment 1932390 [details] exim-localscan-c99.patch The build log contains these warnings: ../src/local_scan.c:39:28: warning: implicit declaration of function 'malloc' [-Wimplicit-function-declaration] 39 | final_msg = (char*)malloc( final_length*sizeof(char) ) ; | ^~~~~~ ../src/local_scan.c:17:1: note: include '<stdlib.h>' or provide a declaration of 'malloc' 16 | #include <dlfcn.h> +++ |+#include <stdlib.h> 17 | static int (*local_scan_fn)(int fd, uschar **return_text) = NULL; ../src/local_scan.c:39:28: warning: incompatible implicit declaration of built-in function 'malloc' [-Wbuiltin-declaration-mismatch] 39 | final_msg = (char*)malloc( final_length*sizeof(char) ) ; | ^~~~~~ ../src/local_scan.c:39:28: note: include '<stdlib.h>' or provide a declaration of 'malloc' ../src/local_scan.c:45:22: warning: pointer targets in assignment from 'char *' to 'uschar *' {aka 'unsigned char *'} differ in signedness [-Wpointer-sign] 45 | *return_text = final_msg ; | ^ So on 64-bit architectures, the upper 32 bits of malloc are discarded, and this code crashes if it ever executed (assuming Exim is built as PIE). Found while looking at C99-related build failures (which turn the implicit declaration warning into an error). Upstream Exim does not have this bug, it's caused by the DLOPEN_LOCAL_SCAN patch.
I should have added that I think this is harmless because it only happens after: base_msg=US"Local configuration error - local_scan() library failure\n"; So it's only relevant to wrong configurations.