Crashes in lmtpproxyd, and a patch

[Giles Malet]

Looking further, I found core files on the mupdate master, from mupdate, 
and suspect these are correlated with the downstream crashes.

In this case the crash is here:

#0  0x00000036ed647e2c in vfprintf () from /lib64/libc.so.6
#1  0x00000036ed6e4f10 in __vsyslog_chk () from /lib64/libc.so.6
#2  0x00000036ed6e5140 in syslog () from /lib64/libc.so.6
#3  0x000000000040d703 in mupdate_connect (server=0xe45e70 
"mupdate-internal",
     port=0x0, handle=0x7ff4e88a5dc8, cbs=0x7ff4e0001d10)
     at mupdate-client.c:133
#4  0x000000000040d437 in mupdate_client_start (rock=0x0)
     at mupdate-slave.c:309
#5  0x00000036eda07a51 in start_thread () from /lib64/libpthread.so.0
#6  0x00000036ed6e89ad in clone () from /lib64/libc.so.6

Line 133 in mupdate-client.c matches this:

    h->conn = backend_connect(NULL, server, &mupdate_protocol,
                               "", cbs, &status);

Again, conn is null at this point (see below). I suspect these crashes 
cause those in lmtpd.

I'm not sure what else to offer here ... a patch not to dereference conn 
if it's null?


(gdb) print *h
$2 = {conn = 0x0, tagn = 0, tag = {s = 0x0, len = 0, alloc = 0, flags = 0},
   cmd = {s = 0x0, len = 0, alloc = 0, flags = 0}, arg1 = {s = 0x0, len 
= 0,
     alloc = 0, flags = 0}, arg2 = {s = 0x0, len = 0, alloc = 0, flags = 
0},
   arg3 = {s = 0x0, len = 0, alloc = 0, flags = 0},
   mailbox_buf = '\000' <repeats 1023 times>,
   server_buf = '\000' <repeats 1023 times>, acl_buf = 0x0, acl_buf_len 
= 0,
   mailboxdata_buf = {mailbox = 0x0, server = 0x0, acl = 0x0, t = ACTIVE},
   saslcompleted = 0}

Thanks,
g