Bug#857344: exim4-daemon-heavy: segfault in DKIM verification

nijel michal at cihar.com
Fri Mar 10 09:13:39 UTC 2017 

Package: exim4-daemon-heavy
Version: 4.88-5
Severity: important

Dear Maintainer,

When upgrading system to stretch, I've noticed occasional segfaults of
exim.

Backtrace:

#0  __memcmp_sse2 () at ../sysdeps/x86_64/multiarch/../memcmp.S:57
#1  0x000055ff73dfcccb in pdkim_finish_bodyhash (ctx=0x55ff74306ce0, ctx=0x55ff74306ce0) at pdkim.c:814
#2  pdkim_feed_finish (ctx=0x55ff74306ce0, return_signatures=return_signatures at entry=0x55ff7404c108 <dkim_signatures>) at pdkim.c:1392
#3  0x000055ff73d80079 in dkim_exim_verify_finish () at dkim.c:147
#4  0x000055ff73da10f4 in receive_msg (extract_recip=extract_recip at entry=0) at receive.c:3272
#5  0x000055ff73d5c210 in handle_smtp_call (accepted=0x7ffd6864a650, accept_socket=<optimized out>, listen_socket_count=<optimized out>, 
    listen_sockets=0x55ff742f5740) at daemon.c:509
#6  daemon_go () at daemon.c:2040
#7  0x000055ff73d51363 in main (argc=3, cargv=0x7ffd6868ad98) at exim.c:4808

The DKIM signature in the received mail seems to be (if I didn't mess 
up something with gdb):

"DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=am-nis.com;\n\ts=s512; l=18869; x=1489743197; h=From:To:Subject:Content-Type:\n\tDate:Message-ID; b=EUtdmveJf3sgSeaGgvvseKpfKtxEXTUfVsh8vTriUI/9y\n\tIpwbJXpFa+nSkKMPrQvD80B76wI7YLx+MYSoPusuw==\n"

I'll try with 4.89 from unstable to see if that helps (though obviously I'm not
able to reproduce this reliably).

-- 
	Michal Čihař | https://cihar.com/ | https://weblate.org/

-- Package-specific info:
Exim version 4.88 #1 built 19-Jan-2017 18:18:15
Copyright (c) University of Cambridge, 1995 - 2016
(c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 - 2016
Berkeley DB: Berkeley DB 5.3.28: (September  9, 2013)
Support for: crypteq iconv() IPv6 PAM Perl Expand_dlfunc GnuTLS move_frozen_messages Content_Scanning DKIM DNSSEC Event OCSP PRDR SOCKS TCP_Fast_Open
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch ldap ldapdn ldapm mysql nis nis0 passwd pgsql sqlite
Authenticators: cram_md5 cyrus_sasl dovecot plaintext spa tls
Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
Fixed never_users: 0
Configure owner: 0:0
Size of off_t: 8
Configuration file is /var/lib/exim4/config.autogenerated
# /etc/exim4/update-exim4.conf.conf
#
# Edit this file and /etc/mailname by hand and execute update-exim4.conf
# yourself or use 'dpkg-reconfigure exim4-config'
#
# Please note that this is _not_ a dpkg-conffile and that automatic changes
# to this file might happen. The code handling this will honor your local
# changes, so this is usually fine, but will break local schemes that mess
# around with multiple versions of the file.
#
# update-exim4.conf uses this file to determine variable values to generate
# exim configuration macros for the configuration file.
#
# Most settings found in here do have corresponding questions in the
# Debconf configuration, but not all of them.
#
# This is a Debian specific file

dc_eximconfig_configtype='internet'
dc_other_hostnames='cihar.com'
dc_local_interfaces=''
dc_readhost=''
dc_relay_domains=''
dc_minimaldns='false'
dc_relay_nets='192.168.3.0/24;2001:1528:136:dead:beef::/80'
dc_smarthost=''
CFILEMODE='644'
dc_use_split_config='true'
dc_hide_mailname=''
dc_mailname_in_oh='true'
dc_localdelivery='maildir_home'
mailname:mail.cihar.com

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-2-amd64 (SMP w/3 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages exim4-daemon-heavy depends on:
ii  debconf [debconf-2.0]  1.5.60
ii  exim4-base             4.88-5
ii  libc6                  2.24-9
ii  libdb5.3               5.3.28-12+b1
ii  libgnutls30            3.5.8-3
ii  libldap-2.4-2          2.4.44+dfsg-3
ii  libmariadbclient18     10.1.21-5+b1
ii  libpam0g               1.1.8-3.5
ii  libpcre3               2:8.39-2.1
ii  libperl5.24            5.24.1-1
ii  libpq5                 9.6.2-1
ii  libsasl2-2             2.1.27~101-g0780600+dfsg-2
ii  libsqlite3-0           3.16.2-3

exim4-daemon-heavy recommends no packages.

exim4-daemon-heavy suggests no packages.

-- debconf information:
  exim4-daemon-heavy/drec:

More information about the Pkg-exim4-maintainers mailing list