Skip to content

Security tests#20

Open
sayrer wants to merge 4 commits into
vdukhovni:masterfrom
sayrer:security-tests
Open

Security tests#20
sayrer wants to merge 4 commits into
vdukhovni:masterfrom
sayrer:security-tests

Conversation

@sayrer

@sayrer sayrer commented Apr 7, 2026

Copy link
Copy Markdown

No description provided.

sayrer and others added 4 commits April 6, 2026 17:56
Two reproducers for memory safety issues found during audit:

- master_sig_test.c: Demonstrates heap corruption when a signal
  handler calls non-async-safe functions (msg_info/msg_fatal) during
  malloc. Reproduces the master_sigdeath() bug in master_sig.c.
  Run with DYLD_INSERT_LIBRARIES=/usr/lib/libgmalloc.dylib for
  reliable detection (~21% crash rate).

- recipient_list_test.c: Demonstrates integer overflow in
  recipient_list_add() when avail exceeds INT_MAX/2. The expression
  avail * 2 overflows, producing a bogus allocation size. Crashes
  deterministically.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
vbuf_print() dereferences NULL when a %s format argument is NULL,
causing SIGSEGV. Standard printf prints "(null)" for NULL %s args;
Postfix's vbuf_print does VBUF_STRCAT(bp, s) without checking.

This crashes in production when error-handling code in
mail_params_init() calls msg_fatal() with var_config_dir as a %s
argument before var_config_dir is initialized. Found by running
the existing mail_addr_find test under AddressSanitizer.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
tls_cert_fprint() passes the return value of i2d_X509() directly
to mymalloc() without checking for errors. i2d_X509() returns -1
(OpenSSL 1.x) or 0 (OpenSSL 3.x) on error. Both values cause
mymalloc() to panic (len < 1), crashing the smtpd process.

This is remotely triggerable: a client presents a malformed TLS
certificate during STARTTLS, smtpd calls tls_cert_fprint() at
tls_server.c:1053 to fingerprint the peer cert, i2d_X509 fails,
and smtpd crashes. The same pattern exists in tls_pkey_fprint()
and in tls_dane.c:1144.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
When a MITM replaces the server's "220 Ready to start TLS" response
with "454 TLS not available", the SMTP client falls back to plaintext
(at security level "may"). The AUTH feature from the pre-STARTTLS
EHLO persists, causing the client to send SASL credentials (AUTH
PLAIN/LOGIN) in cleartext — directly to the attacker.

The fix strips SMTP_FEATURE_AUTH and cleans up the SASL mechanism
list after the server rejects STARTTLS. This prevents credential
transmission over a connection that was supposed to be encrypted.

The HAVE_SASL_CREDENTIALS check in PLAINTEXT_FALLBACK_OK_AFTER_
STARTTLS_FAILURE does not protect this path because that macro
only governs the TLS handshake failure retry (RETRY_AS_PLAINTEXT).
The 454 path never triggers a retry — it continues on the same
plaintext connection.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant