diff options
| author | Andreas Metzler <ametzler@downhill.at.eu.org> | 2013-08-08 19:49:04 +0200 |
|---|---|---|
| committer | Andreas Metzler <ametzler@downhill.at.eu.org> | 2013-08-08 19:49:04 +0200 |
| commit | 8e536119db88cc8455ae473416f497ebc4733754 (patch) | |
| tree | 6852c3f86194ae0e334402310207e57f9e304836 | |
| parent | 0e3f3873017d2a92202cb1319c253ec8c0a3dad8 (diff) | |
| download | exim4-8e536119db88cc8455ae473416f497ebc4733754.tar.gz | |
Add 87_localinjected_mimeacl.diff from upstream
87_localinjected_mimeacl.diff from upstream GIT. When injecting a message
locally in non-SMTP mode, and with MIME ACLs configured, if the ACL
rejected the message, Exim would try to `fprintf(NULL, "%s",
the_message)`. This fixes that.
| -rw-r--r-- | debian/changelog | 4 | ||||
| -rw-r--r-- | debian/patches/87_localinjected_mimeacl.diff | 32 | ||||
| -rw-r--r-- | debian/patches/series | 1 |
3 files changed, 37 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index 42f2941..dac2fe7 100644 --- a/debian/changelog +++ b/debian/changelog @@ -19,6 +19,10 @@ exim4 (4.80-8) UNRELEASED; urgency=low * Remove obsolete conffile /etc/cron.monthly/exim4-base which was only shipped in 4.69-3. Closes: #689334 * Update exim_db.8, syncing against spec.txt from exim 4.80. + * 87_localinjected_mimeacl.diff from upstream GIT. When injecting a message + locally in non-SMTP mode, and with MIME ACLs configured, if the ACL + rejected the message, Exim would try to `fprintf(NULL, "%s", + the_message)`. This fixes that. -- Andreas Metzler <ametzler@debian.org> Wed, 02 Jan 2013 19:47:00 +0100 diff --git a/debian/patches/87_localinjected_mimeacl.diff b/debian/patches/87_localinjected_mimeacl.diff new file mode 100644 index 0000000..7de61b3 --- /dev/null +++ b/debian/patches/87_localinjected_mimeacl.diff @@ -0,0 +1,32 @@ +From f4c1088bb7af23e4b613672230868056d46239a5 Mon Sep 17 00:00:00 2001 +From: Phil Pennock <pdp@exim.org> +Date: Wed, 31 Jul 2013 18:50:04 -0400 +Subject: [PATCH] Fix segfault in stdio with non-SMTP MIME ACL. + +When injecting a message locally in non-SMTP mode, and with MIME ACLs +configured, if the ACL rejected the message, Exim would try to +`fprintf(NULL, "%s", the_message)`. This fixes that. + +Most ACLs are plumbed in SMTP-only and looking through the others in +receive.c, they all appear to be safely guarded, so it was just this one +that slipped through. + +Crash report and assistance tracking down the root cause from Warren +Baker. + + +--- exim4-4.80.orig/src/receive.c ++++ exim4-4.80/src/receive.c +@@ -1184,9 +1184,10 @@ else if (rc != OK) + #ifdef EXPERIMENTAL_DCC + dcc_ok = 0; + #endif +- if (smtp_handle_acl_fail(ACL_WHERE_MIME, rc, user_msg, log_msg) != 0) ++ if (smtp_input && smtp_handle_acl_fail(ACL_WHERE_MIME, rc, user_msg, log_msg) != 0) { + *smtp_yield_ptr = FALSE; /* No more messsages after dropped connection */ +- *smtp_reply_ptr = US""; /* Indicate reply already sent */ ++ *smtp_reply_ptr = US""; /* Indicate reply already sent */ ++ } + message_id[0] = 0; /* Indicate no message accepted */ + return FALSE; /* Cause skip to end of receive function */ + } diff --git a/debian/patches/series b/debian/patches/series index 66ed355..8617c1b 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -16,3 +16,4 @@ 84_CVE-2012-5671.patch 85_server_set_id_SPA.diff 86_Dovecot-robustness.diff +87_localinjected_mimeacl.diff |