[Pkg-dspam-commits] [SCM] Debian packages for the DSPAM anti-spam filter branch, master, updated. debian/3.10.2+dfsg-3-21-g21f312e
Thomas Preud'homme
robotux at celest.fr
Sat Apr 6 11:28:04 UTC 2013
The following commit has been merged in the master branch:
commit 0816005f2b9a27363d7575111319d4f41f936ec5
Author: Thomas Preud'homme <robotux at celest.fr>
Date: Fri Feb 22 11:38:19 2013 +0100
Fix safely recipient corruption.
Fix safely (overflow wise) the recipient corruption that occurs when
releasing a message from quarantine.
diff --git a/debian/changelog b/debian/changelog
index b0c1e3b..be06286 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+dspam (3.10.1+dfsg-9) testing-proposed-updates; urgency=low
+
+ * Add a new version of the patch fixing recipient corruption when releasing
+ a message from quarantine (Closes: #698136).
+
+ -- Thomas Preud'homme <robotux at debian.org> Thu, 28 Feb 2013 21:33:50 +0100
+
dspam (3.10.1+dfsg-8) testing-proposed-updates; urgency=low
* Stop shipping ucf template as a conffile: this avoid unnecessary prompt
diff --git a/debian/patches/009_fix_recipient_corruption_when_releasing_message_from_quarantine.diff b/debian/patches/009_fix_recipient_corruption_when_releasing_message_from_quarantine.diff
new file mode 100644
index 0000000..0a29ef6
--- /dev/null
+++ b/debian/patches/009_fix_recipient_corruption_when_releasing_message_from_quarantine.diff
@@ -0,0 +1,55 @@
+Description: Fix recipient corruption when releasing a message from quarantine
+
+When releasing mail from quarantine, dspam corrupts the FROM part in the
+SMTP/LMTP handshake.
+
+Author: Allan Ievers <aimail-dspam_users at rearden.com>
+Origin: vendor
+Bug-Debian: http://bugs.debian.org/698136
+Forwarded: stevan at bajic.ch
+Last-Update: 2013-02-28
+
+diff --git a/src/dspam.c b/src/dspam.c
+index 26266c9..68e1165 100644
+--- a/src/dspam.c
++++ b/src/dspam.c
+@@ -498,8 +498,9 @@ process_message (
+ ATX->train_pristine = 1;
+ }
+
+- /* Change also the mail recipient */
+- ATX->recipient = CTX->username;
++ /* Change also the mail recipient. ATX->recipient either points to
++ * recipient[] or mailbox[] in process_users, hence the size of 256 */
++ strlcpy(ATX->recipient, CTX->username, 256);
+
+ }
+ }
+@@ -1621,6 +1622,7 @@ int process_users(AGENT_CTX *ATX, buffer *message) {
+ char filename[MAX_FILENAME_LENGTH];
+ int optin, optout;
+ char *username = NULL;
++ char recipient[256];
+
+ /* If ServerParameters specifies a --user, there will only be one
+ * instance on the stack, but possible multiple recipients. So we
+@@ -1659,7 +1661,7 @@ int process_users(AGENT_CTX *ATX, buffer *message) {
+ username = node_nt->ptr;
+
+ if (node_rcpt) {
+- ATX->recipient = node_rcpt->ptr;
++ strlcpy(recipient, node_rcpt->ptr, sizeof(recipient));
+ node_rcpt = c_nt_next (ATX->recipients, &c_rcpt);
+ } else {
+
+@@ -1667,8 +1669,9 @@ int process_users(AGENT_CTX *ATX, buffer *message) {
+ if (have_rcpts)
+ break;
+
+- ATX->recipient = node_nt->ptr;
++ strlcpy(recipient, node_nt->ptr, sizeof(recipient));
+ }
++ ATX->recipient = recipient;
+
+ /* If support for "+detail" is enabled, save full mailbox name for
+ delivery and strip detail for processing */
diff --git a/debian/patches/series b/debian/patches/series
index 075369b..6d6b1c6 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -6,3 +6,4 @@
006_default-daemon-port.diff
007_ctime.pl.diff
008_fix_exim_integration_doc.diff
+009_fix_recipient_corruption_when_releasing_message_from_quarantine.diff
--
Debian packages for the DSPAM anti-spam filter
More information about the Pkg-dspam-commits
mailing list