From fef173c8e298b7627379f03e3bba4f2cdae748c1 Mon Sep 17 00:00:00 2001
From: Scott Kitterman <scott@kitterman.com>
Date: Wed, 11 Jan 2012 19:41:59 -0500
Subject: [PATCH]  * Initialize variables alternately as <UNKNOWN> when passing
 to syslog to avoid uninitialized values.  * Temporarily set VERBOSE = 1 for
 development and testing.

---
 CHANGES                  |  1 +
 postfix-policyd-spf-perl | 39 ++++++++++++++++++++++++---------------
 2 files changed, 25 insertions(+), 15 deletions(-)

diff --git a/CHANGES b/CHANGES
index 4577a69..8e72c42 100644
--- a/CHANGES
+++ b/CHANGES
@@ -6,6 +6,7 @@
 
 --- 2.008 UNRELEASED
   * Fix incorrect version string
+  * Ensure all variables are initialized prior to being passed to syslog
 
 --- 2.007 (2008-07-25 22:24 -0400)
   * Update documentation and examples, see Debian bugs 492420 and 492421 for
diff --git a/postfix-policyd-spf-perl b/postfix-policyd-spf-perl
index e77ec60..85bf971 100755
--- a/postfix-policyd-spf-perl
+++ b/postfix-policyd-spf-perl
@@ -61,7 +61,7 @@ my @HANDLERS = (
     }
 );
 
-my $VERBOSE = 0;
+my $VERBOSE = 1;
 
 my $DEFAULT_RESPONSE = 'DUNNO';
 
@@ -137,7 +137,7 @@ while (<STDIN>) {
     
     if ($VERBOSE) {
         for (sort keys %attr) {
-            syslog(debug => "Attribute: %s=%s", $_, $attr{$_});
+            syslog(debug => "Attribute: %s=%s", $_ || '<UNKNOWN>', $attr{$_} || '<UNKNOWN>');
         }
     }
     
@@ -153,18 +153,18 @@ while (<STDIN>) {
         my $response = $handler_code->(attr => \%attr, cache => $cache);
         
         if ($VERBOSE) {
-            syslog(debug => "handler %s: %s", $handler_name, $response);
+            syslog(debug => "handler %s: %s", $handler_name || '<UNKNOWN>', $response || '<UNKNOWN>');
         }
         
         # Pick whatever response is not 'DUNNO'
         if ($response and $response !~ /^DUNNO/i) {
-            syslog(info => "handler %s: is decisive.", $handler_name);
+            syslog(info => "handler %s: is decisive.", $handler_name || '<UNKNOWN>');
             $action = $response;
             last;
         }
     }
     
-    syslog(info => "%s: Policy action=%s", $attr{queue_id}, $action);
+    syslog(info => "%s: Policy action=%s", $attr{queue_id} || '<UNKNOWN>', $action || '<UNKNOWN>');
     
     STDOUT->print("action=$action\n\n");
     %attr = ();
@@ -234,7 +234,9 @@ sub sender_policy_framework {
             $errmsg = $errmsg->text if UNIVERSAL::isa($@, 'Mail::SPF::Exception');
             syslog(
                 info => "%s:HELO check failed - Mail::SPF->new(%s, %s, %s) failed: %s",
-                $attr->{queue_id}, $attr->{client_address}, $attr->{sender}, $attr->{helo_name}, $errmsg
+                $attr->{queue_id} || '<UNKNOWN>', $attr->{client_address} || '<UNKNOWN>',
+                $attr->{sender} || '<UNKNOWN>', $attr->{helo_name} || '<UNKNOWN>',
+                $errmsg || '<UNKNOWN>'
             );
             return;
         }
@@ -251,8 +253,9 @@ sub sender_policy_framework {
     if ($VERBOSE) {
         syslog(
             info => "%s: SPF %s: HELO/EHLO: %s, IP Address: %s, Recipient: %s",
-            $attr->{queue_id}, $helo_result, $attr->{helo_name}, $attr->{client_address},
-            $attr->{recipient}
+            $attr->{queue_id}  || '<UNKNOWN>', $helo_result  || '<UNKNOWN>',
+            $attr->{helo_name} || '<UNKNOWN>', $attr->{client_address} || '<UNKNOWN>',
+            $attr->{recipient} || '<UNKNOWN>'
         );
     };
     
@@ -261,21 +264,24 @@ sub sender_policy_framework {
     if ($helo_result->is_code('fail')) {
         syslog(
             info => "%s: SPF %s: HELO/EHLO: %s",
-            $attr->{queue_id}, $helo_result, $attr->{helo_name}
+            $attr->{queue_id} || '<UNKNOWN>', $helo_result || '<UNKNOWN>',
+            $attr->{helo_name} || '<UNKNOWN>'
         );
         return "550 $helo_authority_exp";
     }
     elsif ($helo_result->is_code('temperror')) {
         syslog(
             info => "%s: SPF %s: HELO/EHLO: %s",
-            $attr->{queue_id}, $helo_result, $attr->{helo_name}
+            $attr->{queue_id} || '<UNKNOWN>', $helo_result || '<UNKNOWN>',
+            $attr->{helo_name} || '<UNKNOWN>'
         );
         return "DEFER_IF_PERMIT SPF-Result=$helo_local_exp";
     }
     elsif ($attr->{sender} eq '') {
         syslog(
             info => "%s: SPF %s: HELO/EHLO (Null Sender): %s",
-            $attr->{queue_id}, $helo_result, $attr->{helo_name}
+            $attr->{queue_id} || '<UNKNOWN>', $helo_result || '<UNKNOWN>',
+            $attr->{helo_name} || '<UNKNOWN>'
         );
         return "PREPEND $helo_spf_header"
             unless $cache->{added_spf_header}++;
@@ -306,7 +312,8 @@ sub sender_policy_framework {
             $errmsg = $errmsg->text if UNIVERSAL::isa($@, 'Mail::SPF::Exception');
             syslog(
                 info => "%s: Mail From (sender) check failed - Mail::SPF->new(%s, %s, %s) failed: %s",
-                $attr->{queue_id}, $attr->{client_address}, $attr->{sender}, $attr->{helo_name}, $errmsg
+                $attr->{queue_id} || '<UNKNOWN>', $attr->{client_address} || '<UNKNOWN>',
+                $attr->{sender} || '<UNKNOWN>', $attr->{helo_name} || '<UNKNOWN>', $errmsg || '<UNKNOWN>'
             );
             return;
         } 
@@ -323,15 +330,17 @@ sub sender_policy_framework {
     if ($VERBOSE) {
         syslog(
             info => "%s: SPF %s: Envelope-from: %s, IP Address: %s, Recipient: %s",
-            $attr->{queue_id}, $mfrom_result, $attr->{sender}, $attr->{client_address},
-            $attr->{recipient}
+            $attr->{queue_id} || '<UNKNOWN>', $mfrom_result || '<UNKNOWN>',
+            $attr->{sender} || '<UNKNOWN>', $attr->{client_address} || '<UNKNOWN>',
+            $attr->{recipient} || '<UNKNOWN>'
         );
     };
     
     # Same approach as HELO....
     syslog(
         info => "%s: SPF %s: Envelope-from: %s",
-        $attr->{queue_id}, $mfrom_result, $attr->{sender}
+        $attr->{queue_id} || '<UNKNOWN>', $mfrom_result || '<UNKNOWN>',
+        $attr->{sender} || '<UNKNOWN>'
     );
     if ($mfrom_result->is_code('fail')) {
         return "550 $mfrom_authority_exp";