catch unparsable addresses

Now spost don't coredump if an address can't be parsed

diff --git a/h/addrsbr.h b/h/addrsbr.h
index 93b1735..639333e 100644 (file)
--- a/h/addrsbr.h
+++ b/h/addrsbr.h
@@ -11,6 +11,7 @@
 #define BADHOST      2
 
 #include <stddef.h>
+#include <unistd.h>
 
 struct mailname {
        struct mailname *m_next;
@@ -36,4 +37,4 @@ int ismymbox(struct mailname *);
 char *getname(char *);
 char *adrformat(struct mailname *);
 struct mailname *getm(char *, char *, int, int, char *);
-size_t getmboxes(char *, struct mailname **);
+ssize_t getmboxes(char *, struct mailname **);

diff --git a/sbr/addrsbr.c b/sbr/addrsbr.c
index 201e816..96fa72f 100644 (file)
--- a/sbr/addrsbr.c
+++ b/sbr/addrsbr.c
@@ -410,17 +410,21 @@ local_test: ;
  * number of parsed addresses. element is set to
  * the last parsed addresse.
  */
-size_t
+ssize_t
 getmboxes(char *line, struct mailname **element)
 {
-       struct mailname *mp, *next;
+       struct mailname *mp, *next, *first;
        char *cp;
        size_t i = 0;
 
-       next = (*element)->m_next;
+       first = *element;
+       next = first->m_next;
 
        while ((cp = getname(line))) {
                mp = getm(cp, NULL, 0, AD_HOST, NULL);
+               if (mp == NULL) {
+                       goto error;
+               }
                (*element)->m_next = mp;
                *element = mp;
                i++;
@@ -428,4 +432,12 @@ getmboxes(char *line, struct mailname **element)
 
        (*element)->m_next = next;
        return i;
+error:
+       while (first->m_next != NULL && first->m_next != next) {
+               mp = first->m_next;
+               first->m_next = mp->m_next;
+               free(mp);
+       }
+       first->m_next = next;
+       return -1;
 }

diff --git a/uip/spost.c b/uip/spost.c
index d682318..780b5f4 100644 (file)
--- a/uip/spost.c
+++ b/uip/spost.c
@@ -357,7 +357,8 @@ putfmt(char *name, char *str, FILE *out)
        int i;
        struct headers *hdr;
        struct mailname addr_start, *addr_end;
-       size_t addrc;
+       size_t addrc = 0;
+       ssize_t ret;
 
        addr_end = &addr_start;
        addr_end->m_next = NULL;
@@ -411,7 +412,11 @@ putfmt(char *name, char *str, FILE *out)
                return;
        }
 
-       addrc = getmboxes(str, &addr_end);
+       if ((ret = getmboxes(str, &addr_end)) < 0) {
+               adios(EX_DATAERR, NULL, "can't parse address: %s", str);
+       }
+
+       addrc += ret;
 
        if (aliasflg) {
                addrc += do_aliasing(&addr_start, &addr_end);
@@ -426,7 +431,6 @@ putfmt(char *name, char *str, FILE *out)
        if (hdr->set & MFRM) {
                struct mailname *mp = NULL;
                struct mailname *my = NULL;
-               unsigned int fromcnt = 0;
 
                /* needed because the address parser holds global state */
                ismymbox(NULL);
@@ -438,10 +442,9 @@ putfmt(char *name, char *str, FILE *out)
                                        my = mp;
                                }
                        }
-                       fromcnt++;
                }
 
-               if (fromcnt > 1) {
+               if (addrc > 1) {
                        sender = my;
                }
        }
@@ -680,6 +683,7 @@ do_aliasing(struct mailname *start, struct mailname **end)
        struct mailname *prev, *cur;
        char *cp;
        size_t i = 0;
+       ssize_t e;
 
        prev = start;
        cur = prev->m_next;
@@ -689,7 +693,10 @@ do_aliasing(struct mailname *start, struct mailname **end)
                        cp = akvalue(cur->m_mbox);
                        if (strcmp(cp, cur->m_mbox) != 0) {
                                prev->m_next = cur->m_next;
-                               i += getmboxes(cp, &prev);
+                               if ((e = getmboxes(cp, &prev)) < 0) {
+                                       goto error;
+                               }
+                               i += e;
                                i -= 1;
                                mnfree(cur);
                        } else {
@@ -702,4 +709,7 @@ do_aliasing(struct mailname *start, struct mailname **end)
        }
        *end = prev;
        return i;
+error:
+       adios(EX_CONFIG, NULL, "can't parse alias %s: %s", cur->m_mbox, cp);
+       return 0; /* not reached */
 }