Ubuntu
libmail-dmarc-perl package

  1. Bug #2023971
  2. Comment #26

Comment 26 for bug 2023971

Revision history for this message
Miriam EspaƱa Acebal (mirespace) wrote :

After Miha did the security review, he found that dmarc_receive was failing. It wasn't covered here as dmarc's binary scripts are not used by spamassassin, but I thought it was worth checking.

The steps to reproduce (thanks Miha!) were:

1) Create dmarc xml based on google's example

2) Convert to gzipped base64

$ cat dmarc_example.xml | gzip | base64 > dmarc_example.xml.gz.base64

3) Copy base64 into example email (test_email.eml) from https://datatracker.ietf.org/doc/html/rfc7489#appendix-B.5

4) Run dmarc_receive

$ dmarc_receive --file test_mail.eml &> out.txt

The bad output contains "Can't locate object method "getline" via package "From: <email address hidden> ..."

I caught the bug and amended it:

diff -Nru libmail-dmarc-perl-1.20230215/debian/patches/use-MIME-Entity-and-MIME-Parser-from-libmime-tools-p.patch libmail-dmarc-perl-1.20230215/debian/patches/use-MIME-Entity-and-MIME-Parser-from-libmime-tools-p.patch
--- libmail-dmarc-perl-1.20230215/debian/patches/use-MIME-Entity-and-MIME-Parser-from-libmime-tools-p.patch 2023-12-11 14:43:31.000000000 +0000
+++ libmail-dmarc-perl-1.20230215/debian/patches/use-MIME-Entity-and-MIME-Parser-from-libmime-tools-p.patch 2023-12-11 14:43:31.000000000 +0000
@@ -125,7 +125,7 @@
 - foreach my $part ( Email::MIME->new( $email->as_string )->parts ) {
 - my ($c_type) = split /;/, $part->content_type || '';
 + my $parser = MIME::Parser->new;
-+ foreach my $part ( $parser->parse( $email->as_string )->parts_DFS ) {
++ foreach my $part ( $parser->parse_data( $email->as_string )->parts_DFS ) {
 + next if defined(!$part->bodyhandle); # something to process
 + my ($c_type) = split /;/, $part->effective_type || '';
          next if $c_type eq 'text/plain';

dmarc building tests are passing [1] and also autopkgtests that cover the splitting:

autopkgtest [14:02:18]: test splitting-check: [-----------------------
autopkgtest [14:03:08]: test splitting-check: -----------------------]
autopkgtest [14:03:09]: test splitting-check: - - - - - - - - - - results - - - - - - - - - -
splitting-check PASS
autopkgtest [14:03:10]: @@@@@@@@@@@@@@@@@@@@ summary
splitting-check PASS

Spamassassin test for dmarc also passes:

root@NDmarc-spamassassin-tests:~/spamassassin# make test TEST_FILES="t/dmarc.t"
"/usr/bin/perl" build/mkrules --exit_on_no_src --src rulesrc --out rules --manifest MANIFEST --manifestskip MANIFEST.SKIP
mkrules: no rules updated
"/usr/bin/perl" build/preprocessor -Mvars -DVERSION="4.000000" -DPREFIX="/usr/local" -DDEF_RULES_DIR="/usr/local/share/spamassassin" -DLOCAL_RULES_DIR="/etc/mail/spamassassin" -DLOCAL_STATE_DIR="/var/lib/spamassassin" -DINSTALLSITELIB="/usr/local/share/perl/5.38.2" -DCONTACT_ADDRESS="the administrator of that system" -DRE2C_BIN="re2c" -Msharpbang -Mconditional -DPERL_BIN=""/usr/bin/perl"" -DPERL_WARN="" -DPERL_TAINT="" -m755 -isa-update.raw -osa-update
cp sa-update blib/script/sa-update
"/usr/bin/perl" -MExtUtils::MY -e 'MY->fixin(shift)' -- blib/script/sa-update
PERL_DL_NONLAZY=1 "/usr/bin/perl" "-MExtUtils::Command::MM" "-MTest::Harness" "-e" "undef *Test::Harness::Switches; test_harness(0, 'blib/lib', 'blib/arch')" t/dmarc.t
t/dmarc.t .. Apr 9 12:29:54.780 [9230] warn: deprecated method; size() is an alias of "UDPsize()" at ../blib/lib/Mail/SpamAssassin/DnsResolver.pm line 602.
t/dmarc.t .. 1/18 Apr 9 12:29:59.035 [9232] warn: deprecated method; size() is an alias of "UDPsize()" at ../blib/lib/Mail/SpamAssassin/DnsResolver.pm line 602.
t/dmarc.t .. 3/18 Apr 9 12:30:03.208 [9234] warn: deprecated method; size() is an alias of "UDPsize()" at ../blib/lib/Mail/SpamAssassin/DnsResolver.pm line 602.
t/dmarc.t .. 5/18 Apr 9 12:30:06.210 [9236] warn: deprecated method; size() is an alias of "UDPsize()" at ../blib/lib/Mail/SpamAssassin/DnsResolver.pm line 602.
t/dmarc.t .. 7/18 Apr 9 12:30:09.197 [9238] warn: deprecated method; size() is an alias of "UDPsize()" at ../blib/lib/Mail/SpamAssassin/DnsResolver.pm line 602.
t/dmarc.t .. 9/18 Apr 9 12:30:12.643 [9240] warn: deprecated method; size() is an alias of "UDPsize()" at ../blib/lib/Mail/SpamAssassin/DnsResolver.pm line 602.
t/dmarc.t .. 11/18 Apr 9 12:30:17.225 [9242] warn: deprecated method; size() is an alias of "UDPsize()" at ../blib/lib/Mail/SpamAssassin/DnsResolver.pm line 602.
t/dmarc.t .. 13/18 Apr 9 12:30:21.491 [9244] warn: deprecated method; size() is an alias of "UDPsize()" at ../blib/lib/Mail/SpamAssassin/DnsResolver.pm line 602.
t/dmarc.t .. 15/18 Apr 9 12:30:25.294 [9246] warn: deprecated method; size() is an alias of "UDPsize()" at ../blib/lib/Mail/SpamAssassin/DnsResolver.pm line 602.
t/dmarc.t .. ok
All tests successful.
Files=1, Tests=18, 34 wallclock secs ( 0.02 usr 0.00 sys + 12.72 cusr 1.55 csys = 14.29 CPU)
Result: PASS

I upload the fixed package at https://launchpad.net/~mirespace/+archive/ubuntu/libmail-dmarc-perl-suggested/ as I've been doing (fixed package is ~mirespace10)

[1] https://launchpadlibrarian.net/723909463/buildlog_ubuntu-noble-amd64.libmail-dmarc-perl_1.20230215-1ubuntu1~mirespace10_BUILDING.txt.gz