search for: p_strndup

Found this today multiple times for the same user: Aug 16 16:59:38 postamt dovecot: IMAP(username): file strfuncs.c: line 165 (p_strndup): assertion failed: (max_chars != (size_t)-1) Aug 16 16:59:38 postamt dovecot: IMAP(username): Raw backtrace: imap [0x80c6d53] -> imap(i_fatal+0) [0x80c6795] -> imap(p_strndup+0x38) [0x80d8316] -> imap(t_strndup+0x22) [0x80d86d7] -> imap(cmd_create+0xb5) [0x8059a39] -> imap [0x805eb0...

...md64 ext3 outlook 2003 & 2007, just retrieving mails. mails have been migrated via imapsync 2 days before to this server. dovecot is imap-server and LDA. has been seen with two different users, following syslog entries: Jan 7 18:27:01 siege dovecot: IMAP(userA): file strfuncs.c: line 165 (p_strndup): assertion failed: (max_chars != (size_t)-1) Jan 7 18:27:01 siege dovecot: IMAP(userA): Raw backtrace: imap [0x46372e] -> imap [0x46349c] -> imap(t_strndup+0) [0x470cf0] -> imap(cmd_create+0xd1) [0x4142c1] -> imap [0x4178f7] -> imap [0x417989] -> imap(_client_input+0x6d) [0x4...

...ailures.c:653 status = 0 #5 0xb76de1d6 in i_panic (format=format at entry=0xb7757344 "file %s: line %d (%s): assertion failed: (%s)") at failures.c:264 ctx = {type = LOG_TYPE_PANIC, exit_status = 0, timestamp = 0x0} args = 0xbfb12304 "" #6 0xb7751886 in p_strndup (pool=0xb7796544 <static_unsafe_data_stack_pool>, str=str at entry=0x0, max_chars=max_chars at entry=4294967295) at strfuncs.c:74 mem = <optimized out> len = <optimized out> __FUNCTION__ = "p_strndup" #7 0xb7751d7f in t_strndup (str=0x0, max_char...

I did Dovecot profiling on huge e-mail system, and p_strdup was very high on list. I do minor change: p_strdup: /* for (len = 0; (str)[len] != '\0'; ) len++; len++; */ len = strlen(str) + 1; p_strndup: /* len = 0; while (len < max_chars && ((const char *) str)[len] != '\0') len++; */ len = strnlen(str, max_chars); And after changes strdup drop down on the profile list. This is output from oprofile: samples % symbol name 28000 10.9764 p_strdup 8507 3.3...

...ission on all created directories then tried to login to client and getting the follwoing error in log file .. Sep 09 13:02:47 imap-login: Info: Login: user=<piyush>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=3505, secured Sep 09 13:02:48 imap(piyush): Panic: file strfuncs.c: line 72 (p_strndup): assertion failed: (max_chars != (size_t)-1) Sep 09 13:02:48 imap(piyush): Error: Raw backtrace: /usr/local/dovecot/lib/dovecot/libdovecot.so.0 [0x9fefd9e1] -> /usr/local/dovecot/lib/dovecot/libdovecot.so.0 [0x9fefda5f] -> /usr/local/dovecot/lib/dovecot/libdovecot.so.0(i_error+0) [0x9fefdd18...

...*auth_request, + const unsigned char *data, size_t data_size, + mech_callback_t *callback) +{ + struct auth_client_request_reply reply; + static const char prompt2[] = "Password:"; + + auth_request->callback = callback; + + if (!auth_request->user) { + auth_request->user = p_strndup(auth_request->pool, data, data_size); + + if (!mech_is_valid_username(auth_request->user)) { + if (verbose) { + i_info("login(%s): invalid username", + get_log_prefix(auth_request)); + } + mech_auth_finish(auth_request, NULL, 0, FALSE); + return TRUE; + } + +...

...exactly 4 bytes long. Dovecot objects to this, but in RFC 4422 this is explicitly allowed, and means the authz identity is identical to the authn identity. I believe the attached patches (for the 1.2 and 2.1 branches) fix the problem, though I'm not entirely sure if the difference between the p_strndup in mech_gssapi_unwrap and the t_strndup in get_display_name is important. Ben -------------- next part -------------- A non-text attachment was scrubbed... Name: dovecot12-sasl-gssapi.patch Type: text/x-diff Size: 2859 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attach...

...ile (*tmp && !isspace(*tmp) && (tmp < end)) + tmp++; + + if (tmp == end) { + if (verbose) + i_info("apop(%s): mailformed response", get_log_prefix(auth_request)); + mech_auth_finish(auth_request, NULL, 0, FALSE); + return TRUE; + } + tmp++; + + auth->username = p_strndup(auth->pool, username, tmp - username - 1); + if (!mech_is_valid_username(auth->username)) { + if (verbose) + i_info("apop(%s): invalid username", get_log_prefix(auth_request)); + mech_auth_finish(auth_request, NULL, 0, FALSE); + return TRUE; + } + + auth_request->user = p_st...

...scram_auth_request *request) +static const char *get_scram_server_first(struct scram_auth_request *request, + int iter, const char *salt) { unsigned char snonce[SCRAM_SERVER_NONCE_LEN+1]; string_t *str; @@ -84,12 +63,9 @@ snonce[sizeof(snonce)-1] = '\0'; request->snonce = p_strndup(request->pool, snonce, sizeof(snonce)); - random_fill(request->salt, sizeof(request->salt)); - - str = t_str_new(MAX_BASE64_ENCODED_SIZE(sizeof(request->salt))); - str_printfa(str, "r=%s%s,s=", request->cnonce, request->snonce); - base64_encode(request->salt, sizeof...

...turn 0; + + len = *p++; + if (p + len > end) + return 0; + + *buffer = p_malloc(pool, len); + memcpy(*buffer, p, len); + + *data += 1 + len; + + return len; +} + +static char * +rpa_parse_username(pool_t pool, const char *username) +{ + const char *p = strrchr(username, '@'); + + return p_strndup(pool, username, p - username); +} + +static int +rpa_parse_token3(struct rpa_auth_request *auth, const void *data, + size_t data_size, char **error) +{ + struct auth_request *auth_request = (struct auth_request *) auth; + const unsigned char *end = ((unsigned char *) data) + data_size; + const un...

...+ } + + semi_count = 0; + + if (isspace(c)) { + if (!lws_start) lws_start = r; + continue; + } + + lws_start = NULL; + } while ((c = *++r)); + + do_init_pgcs(pgdb, c ? r + 1 : r, ofs + 1); + + if (lws_start) r = lws_start; + else if (c) r -= 2; + + init_pgc(pgdb->pgcs + ofs, pgdb, p_strndup(pgdb->pool, s, r - s)); +} + +static inline void init_pgcs(struct multi_pgsql_db *pgdb, char const *connect_string) +{ + do_init_pgcs(pgdb, connect_string, 0); +} + +static void add_ready_pgc(struct multi_pgsql_db *pgdb, struct multi_pgsql_pgc *pgc) +{ + struct multi_pgsql_query *qry; + + if (!p...