From 31c02defdc5118834e801d4fe8f11c1d9b5ebadf Mon Sep 17 00:00:00 2001
From: Jeremy Harris <jgh@wizmail.org>
Date: Fri, 16 Dec 2016 20:36:39 +0000
Subject: [PATCH 1/3] Fix DKIM information leakage

Cherry picked from exim-4_87 .. exim-4_87_1
---
 doc/doc-txt/ChangeLog                   |  7 +++
 doc/doc-txt/cve-2016-9663               | 86 +++++++++++++++++++++++++++++++++
 src/src/dkim.c                          |  1 +
 src/src/transports/smtp.c               |  4 +-
 test/confs/4510                         | 71 +++++++++++++++++++++++++++
 test/log/4510                           | 20 ++++++++
 test/mail/4510.store                    | 58 ++++++++++++++++++++++
 test/runtest                            |  8 +++
 test/scripts/4510-DKIM-Bounces/4510     | 15 ++++++
 test/scripts/4510-DKIM-Bounces/REQUIRES |  2 +
 10 files changed, 271 insertions(+), 1 deletion(-)
 create mode 100644 doc/doc-txt/cve-2016-9663
 create mode 100644 test/confs/4510
 create mode 100644 test/log/4510
 create mode 100644 test/mail/4510.store
 create mode 100644 test/scripts/4510-DKIM-Bounces/4510
 create mode 100644 test/scripts/4510-DKIM-Bounces/REQUIRES

diff --git a/src/dkim.c b/src/dkim.c
index 3e71545..8e93566 100644
--- a/src/dkim.c
+++ b/src/dkim.c
@@ -519,6 +519,7 @@ dkim_exim_sign(int dkim_fd, uschar *dkim_private_key,
                           (char *)dkim_signing_selector,
                           (char *)dkim_private_key_expanded
                          );
+    dkim_private_key_expanded[0] = '\0';
 
     pdkim_set_debug_stream(ctx,debug_file);
 
diff --git a/src/transports/smtp.c b/src/transports/smtp.c
index a952413..cc8f025 100644
--- a/src/transports/smtp.c
+++ b/src/transports/smtp.c
@@ -293,6 +293,7 @@ static uschar *rf_names[] = { US"NEVER", US"SUCCESS", US"FAILURE", US"DELAY" };
 static uschar *smtp_command;   /* Points to last cmd for error messages */
 static uschar *mail_command;   /* Points to MAIL cmd for error messages */
 static BOOL    update_waiting; /* TRUE to update the "wait" database */
+static uschar *data_command = US"";	/* Points to DATA cmd for error messages */
 
 
 /*************************************************
@@ -2244,6 +2245,7 @@ if (ok || (smtp_use_pipelining && !mua_wrapper))
     case -1: goto END_OFF;               /* Timeout on RCPT */
     default: goto RESPONSE_FAILED;       /* I/O error, or any MAIL/DATA error */
     }
+  data_command = string_copy(big_buffer);  /* Save for later error message */
   }
 
 /* Save the first address of the next batch. */
@@ -2418,7 +2420,7 @@ if (!ok) ok = TRUE; else
 #else
 	    "LMTP error after %s: %s",
 #endif
-            big_buffer, string_printing(buffer));
+            data_command, string_printing(buffer));
           setflag(addr, af_pass_message);   /* Allow message to go to user */
           if (buffer[0] == '5')
             addr->transport_return = FAIL;