debian/patches/81_buffer-overrun-in-spam-acl.diff

   1 From e252eb8c71ea3bddb32bf73bddc8b22cfde2bc3a Mon Sep 17 00:00:00 2001
   2 From: Jeremy Harris <jgh146exb@wizmail.org>
   3 Date: Thu, 27 Nov 2014 16:26:44 +0000
   4 Subject: [PATCH] Fix buffer overrun in spam= acl condition.  Bug 1552
   5
   6 ---
   7  src/spam.c | 3 ++-
   8  1 file changed, 2 insertions(+), 1 deletion(-)
   9
  10 diff --git a/src/spam.c b/src/spam.c
  11 index 7eb6fbf..76bf7d6 100644
  12 --- a/src/spam.c
  13 +++ b/src/spam.c
  14 @@ -129,7 +129,8 @@ spam(uschar **listptr)
  15          (spamd_address_container *)store_get(sizeof(spamd_address_container));
  16
  17        /* grok spamd address and port */
  18 -      if( sscanf(CS address, "%s %u", this_spamd->tcp_addr, &(this_spamd->tcp_port)) != 2 ) {
  19 +      if (sscanf(CS address, "%23s %u", this_spamd->tcp_addr, &(this_spamd->tcp_port)) != 2)
  20 +        {
  21          log_write(0, LOG_MAIN,
  22            "spam acl condition: warning - invalid spamd address: '%s'", address);
  23          continue;
  24 --
  25 2.1.3
  26