๐ Open-Xchange: null dereference in `sieve_address_do_validate` (or redundant null check)
๐ก Newskategorie: Sicherheitslรผcken
๐ Quelle: vulners.com
Function sieve_address_do_validate in file sieve-address.c does dereference error_r if ( address == NULL ) { *error_r = "null address"; return FALSE; } and then later checks for it being NULL : if ( error_r != NULL ) *error_r = str_c(ctx.error); So either, there is a first null check missing Or the later ones are redundant This function in called from sieve_address_validate Impact If it is a missing null check, the impact of a null pointer dereference is a crash of the application. It the null checks are redundant, there is no security impact. So I reported this here to be... ...