diff options
| author |   Jason A. Donenfeld <zx2c4@gentoo.org> | 2020-02-25 10:01:47 +0800 |
|---|---|---|
| committer | Jason A. Donenfeld <zx2c4@gentoo.org> | 2020-02-25 10:02:51 +0800 |
| commit | bdcfa74624ec6f20fb94661457a3ba5fe70e56c3 (patch) | |
| tree | 41295969a0a1f658343c6a9722edc3efe71e8508 /mail-mta/opensmtpd/files | |
| parent | dev-python/pyjwt: keyword 1.7.1-r1 on ~ppc64 (diff) | |
| download | gentoo-bdcfa74624ec6f20fb94661457a3ba5fe70e56c3.tar.gz gentoo-bdcfa74624ec6f20fb94661457a3ba5fe70e56c3.tar.bz2 gentoo-bdcfa74624ec6f20fb94661457a3ba5fe70e56c3.zip | |
mail-mta/opensmtpd: apply security fixes
Package-Manager: Portage-2.3.88, Repoman-2.3.20
Signed-off-by: Jason A. Donenfeld <zx2c4@gentoo.org>
Diffstat (limited to 'mail-mta/opensmtpd/files')
| -rw-r--r-- | mail-mta/opensmtpd/files/opensmtpd-6.0.3_p1-security-fixes.patch | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/mail-mta/opensmtpd/files/opensmtpd-6.0.3_p1-security-fixes.patch b/mail-mta/opensmtpd/files/opensmtpd-6.0.3_p1-security-fixes.patch index 58f3ed8c38b1..b22f3af1fbe4 100644 --- a/mail-mta/opensmtpd/files/opensmtpd-6.0.3_p1-security-fixes.patch +++ b/mail-mta/opensmtpd/files/opensmtpd-6.0.3_p1-security-fixes.patch @@ -89,3 +89,35 @@ diff -ru OpenSMTPD-opensmtpd-6.0.3/smtpd/smtp_session.c OpenSMTPD-opensmtpd-6.0. return (1); } +diff -ru opensmtpd-6.0.3p1/smtpd/mta_session.c opensmtpd-6.0.3p1-modified/smtpd/mta_session.c +--- opensmtpd-6.0.3p1/smtpd/mta_session.c 2018-01-10 21:06:40.000000000 +0800 ++++ opensmtpd-6.0.3p1-modified/smtpd/mta_session.c 2020-02-25 09:57:04.624147227 +0800 +@@ -1214,7 +1214,7 @@ + if (cont) { + if (s->replybuf[0] == '\0') + (void)strlcat(s->replybuf, line, sizeof s->replybuf); +- else { ++ else if (len > 4) { + line = line + 4; + if (isdigit((int)*line) && *(line + 1) == '.' && + isdigit((int)*line+2) && *(line + 3) == '.' && +@@ -1229,7 +1229,9 @@ + /* last line of a reply, check if we're on a continuation to parse out status and ESC. + * if we overflow reply buffer or are not on continuation, log entire last line. + */ +- if (s->replybuf[0] != '\0') { ++ if (s->replybuf[0] == '\0') ++ (void)strlcat(s->replybuf, line, sizeof s->replybuf); ++ else if (len > 4) { + p = line + 4; + if (isdigit((int)*p) && *(p + 1) == '.' && + isdigit((int)*p+2) && *(p + 3) == '.' && +@@ -1238,8 +1240,6 @@ + if (strlcat(s->replybuf, p, sizeof s->replybuf) >= sizeof s->replybuf) + (void)strlcpy(s->replybuf, line, sizeof s->replybuf); + } +- else +- (void)strlcpy(s->replybuf, line, sizeof s->replybuf); + + if (s->state == MTA_QUIT) { + log_info("%016"PRIx64" mta event=closed reason=quit messages=%zu", |