From e9d60648abb9bbceff89882a5309cb9532e702e9 Mon Sep 17 00:00:00 2001 From: Stephan Bosch Date: Thu, 25 Apr 2019 09:51:32 +0200 Subject: [PATCH 3/3] lib-smtp: smtp-server-cmd-auth - Fix AUTH response error handling so that it stops reading more input. Otherwise, it may try to read more data from the stream as the next AUTH response, which causes an assert crash in the command parser later on. Even when the parser finds no input from the stream, it will advance its state towards AUTH response parsing, which is a problem when the next command is subsequently being parsed. Panic was: Panic: file smtp-command-parser.c: line 438 (smtp_command_parse_next): assertion failed: (!parser->auth_response || parser->state.state == SMTP_COMMAND_PARSE_STATE_INIT || parser->state.state == SMTP_COMMAND_PARSE_STATE_ERROR) --- src/lib-smtp/smtp-server-cmd-auth.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/lib-smtp/smtp-server-cmd-auth.c b/src/lib-smtp/smtp-server-cmd-auth.c index 24cb55ade..0d8062caa 100644 --- a/src/lib-smtp/smtp-server-cmd-auth.c +++ b/src/lib-smtp/smtp-server-cmd-auth.c @@ -99,6 +99,7 @@ static void cmd_auth_input(struct smtp_server_cmd_ctx *cmd) smtp_server_connection_debug(conn, "Client sent invalid AUTH response: %s", error); + smtp_server_command_input_lock(cmd); switch (error_code) { case SMTP_COMMAND_PARSE_ERROR_BROKEN_COMMAND: conn->input_broken = TRUE; -- 2.11.0