exim3: attempt to patch CVE-2018-6789

I'm not an exim user, so this might not work, but the file hasn't changed very much between exim4 and exim3. PKGREVISION++
author: maya <maya@pkgsrc.org> 2018-03-08 15:14:54 +0000
committer: maya <maya@pkgsrc.org> 2018-03-08 15:14:54 +0000
commit: c5d66199db38bc8056d7759e59a5a6b94b7caea0 (patch)
tree: 96de139e0a787c81366409374f50bc3bbe52e65e /mail/exim3/patches
parent: 9f2f3d47e72ed2886ae0ce0e1f877bf0740953ad (diff)
download: pkgsrc-c5d66199db38bc8056d7759e59a5a6b94b7caea0.tar.gz
1 files changed, 22 insertions, 0 deletions
diff --git a/mail/exim3/patches/patch-src_auths_b64decode.c b/mail/exim3/patches/patch-src_auths_b64decode.c
new file mode 100644
index 00000000000..a31a2263401
--- /dev/null
+++ b/mail/exim3/patches/patch-src_auths_b64decode.c
@@ -0,0 +1,22 @@
+$NetBSD: patch-src_auths_b64decode.c,v 1.1 2018/03/08 15:14:54 maya Exp $
+
+CVE-2018-6789 off by one
+From https://github.com/Exim/exim/commit/062990cc1b2f9e5d82a413b53c8f0569075de700
+
+--- src/auths/b64decode.c.orig	2002-04-04 12:56:16.000000000 +0000
++++ src/auths/b64decode.c
+@@ -43,9 +43,12 @@ int
+ auth_b64decode(char *code, char **ptr)
+ {
+ register int x, y;
+-char *result = store_get(3*((int)strlen(code)/4) + 1);
++char *result;
+ 
+-*ptr = result;
++{
++  int l = strlen(code);
++  *ptr = result = store_get(1 + l/4 * 3 + l%4);
++}
+ 
+ /* Each cycle of the loop handles a quantum of 4 input bytes. For the last
+ quantum this may decode to 1, 2, or 3 output bytes. */
author	maya <maya@pkgsrc.org>	2018-03-08 15:14:54 +0000
committer	maya <maya@pkgsrc.org>	2018-03-08 15:14:54 +0000
commit	c5d66199db38bc8056d7759e59a5a6b94b7caea0 (patch)
tree	96de139e0a787c81366409374f50bc3bbe52e65e /mail/exim3/patches
parent	9f2f3d47e72ed2886ae0ce0e1f877bf0740953ad (diff)
download	pkgsrc-c5d66199db38bc8056d7759e59a5a6b94b7caea0.tar.gz