Marcus Rueckert
048e707927
- exim-CVE-2017-1000369.patch: Fixed memory leaks that could be exploited to "stack crash" local privilege escalation (bsc#1044692) - Require user(mail) group(mail) to meet new users handling in TW. - Prerequire permissions (fixes rpmlint). CVE-2016-9963-31c02defdc5118834e801d4fe8f11c1d9b5ebadf.patch OBS-URL: https://build.opensuse.org/request/show/504846 OBS-URL: https://build.opensuse.org/package/show/server:mail/exim?expand=0&rev=184
44 lines
1.2 KiB
Diff
44 lines
1.2 KiB
Diff
commit 65e061b76867a9ea7aeeb535341b790b90ae6c21
|
|
Author: Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de>
|
|
Date: Wed May 31 23:08:56 2017 +0200
|
|
|
|
Cleanup (prevent repeated use of -p/-oMr to avoid mem leak)
|
|
|
|
diff --git a/src/exim.c b/src/src/exim.c
|
|
index 67583e58..88e11977 100644
|
|
--- a/src/exim.c
|
|
+++ b/src/exim.c
|
|
@@ -3106,7 +3106,14 @@ for (i = 1; i < argc; i++)
|
|
|
|
/* -oMr: Received protocol */
|
|
|
|
- else if (Ustrcmp(argrest, "Mr") == 0) received_protocol = argv[++i];
|
|
+ else if (Ustrcmp(argrest, "Mr") == 0)
|
|
+
|
|
+ if (received_protocol)
|
|
+ {
|
|
+ fprintf(stderr, "received_protocol is set already\n");
|
|
+ exit(EXIT_FAILURE);
|
|
+ }
|
|
+ else received_protocol = argv[++i];
|
|
|
|
/* -oMs: Set sender host name */
|
|
|
|
@@ -3202,7 +3209,15 @@ for (i = 1; i < argc; i++)
|
|
|
|
if (*argrest != 0)
|
|
{
|
|
- uschar *hn = Ustrchr(argrest, ':');
|
|
+ uschar *hn;
|
|
+
|
|
+ if (received_protocol)
|
|
+ {
|
|
+ fprintf(stderr, "received_protocol is set already\n");
|
|
+ exit(EXIT_FAILURE);
|
|
+ }
|
|
+
|
|
+ hn = Ustrchr(argrest, ':');
|
|
if (hn == NULL)
|
|
{
|
|
received_protocol = argrest;
|