pool/opendkim
SHA256
17
0
Fork 1
Code Issues Pull Requests Activity
Files
factory
opendkim/rev-ares-deletion.patch
Ferdinand Thiessen 53a4f0f660 - Added rev-ares-deletion.patch 
- Added ares-missing-space.patch
- Added ftbfs-gcc-14-1075339.patch from debian
  Fixes building with GCC14+
- Added opendkim-2.10.3-incompatible-pointer-types.patch from gentoo

OBS-URL: https://build.opensuse.org/package/show/server:mail/opendkim?expand=0&rev=31
2024-11-13 03:34:27 +00:00

34 lines
807 B
Diff
Raw Permalink Blame History

Description: Delete Authentication-Results headers in reverse (CVE-2022-48521)
Author: David Bürgin <dbuergin@gluet.ch>
Bug: https://github.com/trusteddomainproject/OpenDKIM/pull/189
--- a/opendkim/opendkim.c
+++ b/opendkim/opendkim.c
@@ -13651,9 +13651,16 @@
return SMFIS_TEMPFAIL;
}
- c = 0;
+ c = 1;
+
for (hdr = dfc->mctx_hqhead; hdr != NULL; hdr = hdr->hdr_next)
{
+ if (strcasecmp(hdr->hdr_hdr, AUTHRESULTSHDR) == 0)
+ c++;
+ }
+
+ for (hdr = dfc->mctx_hqtail; hdr != NULL; hdr = hdr->hdr_prev)
+ {
memset(ares, '\0', sizeof(struct authres));
if (strcasecmp(hdr->hdr_hdr, AUTHRESULTSHDR) == 0)
@@ -13664,7 +13671,7 @@
char *slash;
/* remember index */
- c++;
+ c--;
/* parse the header */
arstat = ares_parse((u_char *) hdr->hdr_val,
Reference in New Issue View Git Blame Copy Permalink