Sendmail bug back?

Claus Assmann dragonfly-bugs at esmtp.org
Tue Mar 4 07:35:10 PST 2008


On Tue, Mar 04, 2008, Dave Hayes wrote:
> I have sendmail randomly coredumping on signal 11 on my freshly upgraded
> dragonfly 1.12 box. It looks like the bug Matt fixed, so I spent some

It would have been nice to contact sendmail.org to tell them about it...
Anyway, a patch is attached.
--- sendmail-8.14.2/sendmail/srvrsmtp.c	Mon Oct  1 09:22:14 2007
+++ sendmail-8.14.3.Alpha2/sendmail/srvrsmtp.c	Thu Feb 21 14:33:04 2008
@@ -465,6 +465,8 @@
 #define CLEAR_STATE(cmd)					\
 do								\
 {								\
+	SM_RPOOL_T *orpool;					\
+								\
 	/* abort milter filters */				\
 	MILTER_ABORT(e);					\
 								\
@@ -487,8 +489,9 @@
 	smtp.sm_gotmail = false;				\
 	SuprErrs = true;					\
 	dropenvelope(e, true, false);				\
-	sm_rpool_free(e->e_rpool);				\
+	orpool = e->e_rpool;					\
 	e = newenvelope(e, CurEnv, sm_rpool_new_x(NULL));	\
+	sm_rpool_free(orpool);					\
 	CurEnv = e;						\
 	e->e_features = features;				\
 								\
@@ -3285,6 +3324,7 @@
 	char *oldid;
 	unsigned int features;
 	char buf[32];
+	SM_RPOOL_T *orpool;
 
 	SmtpPhase = "server DATA";
 	if (!smtp->sm_gotmail)
@@ -3775,18 +3815,12 @@
 				dropenvelope(ee, true, false);
 		}
 	}
-	sm_rpool_free(e->e_rpool);
 
-	/*
-	**  At this point, e == &MainEnvelope, but if we did splitting,
-	**  then CurEnv may point to an envelope structure that was just
-	**  freed with the rpool.  So reset CurEnv *before* calling
-	**  newenvelope.
-	*/
-
 	CurEnv = e;
 	features = e->e_features;
+	orpool = e->e_rpool;
 	newenvelope(e, e, sm_rpool_new_x(NULL));
+	sm_rpool_free(orpool);
 	e->e_flags = BlankEnvelope.e_flags;
 	e->e_features = features;
 




More information about the Bugs mailing list