Fix variable initialisation in smtp transport. Bug 2996

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index d29ba6f6507ccde01753047c361bed4f5dc8d79d..09b4d3a60f3326863c6a2479fc68ca85419c2fe8 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -125,6 +125,14 @@ JH/26 For a ${readsocket } in TLS mode, send a TLS Close Alert before the TCP
 JH/27 Fix ${srs_encode ..}.  Previously it would give a bad result for one day
       every 1024 days.
 
 JH/27 Fix ${srs_encode ..}.  Previously it would give a bad result for one day
       every 1024 days.
 

+JH/28 Bug 2996: Fix a crash in the smtp transport.  When finding that the
+      message being considered for delivery was already being handled by
+      another process, and having an SMTP connection already open, the function
+      to close it tried to use an uninitialized variable.  This would afftect
+      high-volume sites more, especially when running mailing-list-style loads.
+      Pollution of logs was the major effect, as the other process delivered
+      the message.  Found and partly investigated by Graeme Fowler.
+

 
 Exim version 4.96
 -----------------
 
 Exim version 4.96
 -----------------

diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c
index c5951832bd851d3404a68c22144e2d1795090087..c72028ce92efbada32296ed0ea8f5c10b63f77a5 100644 (file)
--- a/src/src/transports/smtp.c
+++ b/src/src/transports/smtp.c
@@ -4973,7 +4973,7 @@ smtp_transport_closedown(transport_instance *tblock)
 {
 smtp_transport_options_block * ob = SOB tblock->options_block;
 client_conn_ctx cctx;
 {
 smtp_transport_options_block * ob = SOB tblock->options_block;
 client_conn_ctx cctx;

-smtp_context sx;
+smtp_context sx = {0};

 uschar buffer[256];
 uschar inbuffer[4096];
 uschar outbuffer[16];
 uschar buffer[256];
 uschar inbuffer[4096];
 uschar outbuffer[16];