[packages/procmail] - release 20, crashfix patch from fedora
adamg
adamg at pld-linux.org
Sun Nov 10 11:24:46 CET 2019
commit 49ca8d2f5b948462ec79c7c64a130cf101a29532
Author: Adam Gołębiowski <adamg at pld-linux.org>
Date: Sun Nov 10 11:24:40 2019 +0100
- release 20, crashfix patch from fedora
procmail-3.22-crash-fix.patch | 58 +++++++++++++++++++++++++++++++++++++++++++
procmail.spec | 4 ++-
2 files changed, 61 insertions(+), 1 deletion(-)
---
diff --git a/procmail.spec b/procmail.spec
index 704d116..9819ffd 100644
--- a/procmail.spec
+++ b/procmail.spec
@@ -11,7 +11,7 @@ Summary(zh_CN.UTF-8): [服务器]分发mail到用户的守护进程
Summary(zh_TW.UTF-8): [祀務器]分蛛mail到用戶的佐鰾園評
Name: procmail
Version: 3.22
-Release: 19
+Release: 20
License: GPL v2+ or Artistic
Group: Applications/Mail
Source0: http://www.procmail.org/%{name}-%{version}.tar.gz
@@ -30,6 +30,7 @@ Patch6: procmail-3.22-CVE-2014-3618.patch
Patch7: procmail-3.22-ipv6.patch
Patch8: procmail-3.22-truncate.patch
Patch9: procmail-3.22-CVE-2017-16844.patch
+Patch10: procmail-3.22-crash-fix.patch
URL: http://www.procmail.org/
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
@@ -104,6 +105,7 @@ listesi yazılımının temelini oluşturur.
%patch7 -p1
%patch8 -p1
%patch9 -p1
+%patch10 -p1
%build
echo "" | %{__make} \
diff --git a/procmail-3.22-crash-fix.patch b/procmail-3.22-crash-fix.patch
new file mode 100644
index 0000000..8563ea3
--- /dev/null
+++ b/procmail-3.22-crash-fix.patch
@@ -0,0 +1,58 @@
+diff --git a/src/cstdio.c b/src/cstdio.c
+index 7b6fe6d..0a0bd5b 100644
+--- a/src/cstdio.c
++++ b/src/cstdio.c
+@@ -144,7 +144,7 @@ int getbl(p,end)char*p,*end; /* my gets */
+ { case '\n':case EOF:*q='\0';
+ return overflow?-1:p!=q; /* did we read anything at all? */
+ }
+- if(q==end) /* check here so that a trailing backslash won't be lost */
++ if(q>=end) /* check here so that a trailing backslash won't be lost */
+ q=p,overflow=1;
+ *q++=i;
+ }
+@@ -199,7 +199,7 @@ int getlline(target,end)char*target,*end;
+ if(*(target=strchr(target,'\0')-1)=='\\')
+ { if(chp2!=target) /* non-empty line? */
+ target++; /* then preserve the backslash */
+- if(target>end-2) /* space enough for getbl? */
++ if(target>=end-2) /* space enough for getbl? */
+ target=end-linebuf,overflow=1; /* toss what we have */
+ continue;
+ }
+diff --git a/src/formail.c b/src/formail.c
+index 1f5c9dd..49b9967 100644
+--- a/src/formail.c
++++ b/src/formail.c
+@@ -219,7 +219,8 @@ static char*getsender(namep,fldp,headreply)char*namep;struct field*fldp;
+ if(i>=0&&(i!=maxindex(sest)||fldp==rdheader)) /* found anything? */
+ { char*saddr;char*tmp; /* determine the weight */
+ nowm=areply&&headreply?headreply==1?sest[i].wrepl:sest[i].wrrepl:i;chp+=j;
+- tmp=malloc(j=fldp->Tot_len-j);tmemmove(tmp,chp,j);(chp=tmp)[j-1]='\0';
++ tmp=malloc((j=fldp->Tot_len-j) + 1);tmemmove(tmp,chp,j);(chp=tmp)[j-1]='\0';
++ chp[j]='\0';
+ if(sest[i].head==From_)
+ { char*pastad;
+ if(strchr(saddr=chp,'\n')) /* multiple From_ lines */
+@@ -364,7 +365,7 @@ static PROGID;
+
+ int main(lastm,argv)int lastm;const char*const argv[];
+ { int i,split=0,force=0,bogus=1,every=0,headreply=0,digest=0,nowait=0,keepb=0,
+- minfields=(char*)progid-(char*)progid,conctenate=0,babyl=0,babylstart,
++ minfields=(char*)progid-(char*)progid,conctenate=0,babyl=0,babylstart=0,
+ berkeley=0,forgetclen;
+ long maxlen,ctlength;FILE*idcache=0;pid_t thepid;
+ size_t j,lnl,escaplen;char*chp,*namep,*escap=ESCAP;
+diff --git a/src/formisc.c b/src/formisc.c
+index c48df52..5c2869d 100644
+--- a/src/formisc.c
++++ b/src/formisc.c
+@@ -66,7 +66,7 @@ inc: start++;
+ retz: *target='\0';
+ ret: return start;
+ }
+- if(*start=='\\')
++ if(*start=='\\' && *(start + 1))
+ *target++='\\',start++;
+ hitspc=2;
+ goto normal; /* normal word */
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/procmail.git/commitdiff/49ca8d2f5b948462ec79c7c64a130cf101a29532
More information about the pld-cvs-commit
mailing list