[Pkg-dspam-commits] [SCM] Debian packages for the DSPAM anti-spam filter branch, master, updated. debian/3.10.2+dfsg-3-21-g21f312e
Thomas Preud'homme
robotux at celest.fr
Sat Apr 6 11:28:06 UTC 2013
The following commit has been merged in the master branch:
commit f6ed3a21ce10e609842354e21ec5567cc6d9efd2
Author: Thomas Preud'homme <robotux at celest.fr>
Date: Fri Feb 22 11:38:19 2013 +0100
Fix safely recipient corruption.
Fix safely (overflow wise) the recipient corruption that occurs when
releasing a message from quarantine.
diff --git a/debian/changelog b/debian/changelog
index 64d55e9..ece431b 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+dspam (3.10.2+dfsg-7) unstable; urgency=low
+
+ * Add a new version of the patch fixing recipient corruption when releasing
+ a message from quarantine (Closes: #698136).
+
+ -- Thomas Preud'homme <robotux at debian.org> Fri, 22 Feb 2013 11:28:17 +0100
+
dspam (3.10.2+dfsg-6) unstable; urgency=low
* Drop patch fixing recipient corruption when releasing a message from
diff --git a/debian/patches/009_fix_recipient_corruption_when_releasing_message_from_quarantine.diff b/debian/patches/009_fix_recipient_corruption_when_releasing_message_from_quarantine.diff
new file mode 100644
index 0000000..0fdcc86
--- /dev/null
+++ b/debian/patches/009_fix_recipient_corruption_when_releasing_message_from_quarantine.diff
@@ -0,0 +1,53 @@
+Description: Fix recipient corruption when releasing a message from quarantine
+
+When releasing mail from quarantine, dspam corrupts the FROM part in the
+SMTP/LMTP handshake.
+
+Author: Allan Ievers <aimail-dspam_users at rearden.com>
+Origin: vendor
+Bug-Debian: http://bugs.debian.org/698136
+Forwarded: no
+Last-Update: 2013-01-14
+
+--- a/src/dspam.c
++++ b/src/dspam.c
+@@ -499,8 +499,9 @@ process_message (
+ ATX->train_pristine = 1;
+ }
+
+- /* Change also the mail recipient */
+- ATX->recipient = CTX->username;
++ /* Change also the mail recipient. ATX->recipient either points to
++ * recipient[] or mailbox[] in process_users, hence the size of 256 */
++ strlcpy(ATX->recipient, CTX->username, 256);
+
+ }
+ }
+@@ -1634,6 +1635,7 @@ int process_users(AGENT_CTX *ATX, buffer *message) {
+ char filename[MAX_FILENAME_LENGTH];
+ int optin, optout;
+ char *username = NULL;
++ char recipient[256];
+
+ /* If ServerParameters specifies a --user, there will only be one
+ * instance on the stack, but possible multiple recipients. So we
+@@ -1672,7 +1674,7 @@ int process_users(AGENT_CTX *ATX, buffer *message) {
+ username = node_nt->ptr;
+
+ if (node_rcpt) {
+- ATX->recipient = node_rcpt->ptr;
++ strlcpy(recipient, node_rcpt->ptr, sizeof(recipient));
+ node_rcpt = c_nt_next (ATX->recipients, &c_rcpt);
+ } else {
+
+@@ -1680,8 +1682,9 @@ int process_users(AGENT_CTX *ATX, buffer *message) {
+ if (have_rcpts)
+ break;
+
+- ATX->recipient = node_nt->ptr;
++ strlcpy(recipient, node_nt->ptr, sizeof(recipient));
+ }
++ ATX->recipient = recipient;
+
+ /* If support for "+detail" is enabled, save full mailbox name for
+ delivery and strip detail for processing */
diff --git a/debian/patches/series b/debian/patches/series
index 771de47..4ed04b3 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -5,3 +5,4 @@
006_default-daemon-port.diff
007_process_quarantine_if_spanish.diff
008_fix_exim_integration_doc.diff
+009_fix_recipient_corruption_when_releasing_message_from_quarantine.diff
--
Debian packages for the DSPAM anti-spam filter
More information about the Pkg-dspam-commits
mailing list