X-Git-Url: https://git.hcoop.net/hcoop/debian/exim4.git/blobdiff_plain/7375d27e3d0ff85d8836e30742725b1e8e923ddc..50afd7598c8781f66e103d8421d69aed0d69f884:/debian/patches/81_Chunking-do-not-treat-the-first-lonely-dot-special.-.patch diff --git a/debian/patches/81_Chunking-do-not-treat-the-first-lonely-dot-special.-.patch b/debian/patches/81_Chunking-do-not-treat-the-first-lonely-dot-special.-.patch deleted file mode 100644 index 62bfdce..0000000 --- a/debian/patches/81_Chunking-do-not-treat-the-first-lonely-dot-special.-.patch +++ /dev/null @@ -1,60 +0,0 @@ -From: "Heiko Schlittermann (HS12-RIPE)" -Date: Mon, 27 Nov 2017 22:42:33 +0100 -Subject: Chunking: do not treat the first lonely dot special. CVE-2017-16944, - Bug 2201 -Origin: https://git.exim.org/exim.git/commit/4804c62909a62a3ac12ec4777ebd48c541028965 -Bug: https://bugs.exim.org/show_bug.cgi?id=2201 -Bug-Debian: https://bugs.debian.org/882671 -Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-16944 - -(cherry picked from commit 178ecb70987f024f0e775d87c2f8b2cf587dd542) - -Change log update - -(cherry picked from commit b488395f4d99d44a950073a64b35ec8729102782) - ---- -diff --git a/src/receive.c b/src/receive.c -index 20672dbe..2812ea2c 100644 ---- a/src/receive.c -+++ b/src/receive.c -@@ -1827,7 +1827,7 @@ for (;;) - prevent further reading), and break out of the loop, having freed the - empty header, and set next = NULL to indicate no data line. */ - -- if (ptr == 0 && ch == '.' && (smtp_input || dot_ends)) -+ if (ptr == 0 && ch == '.' && dot_ends) - { - ch = (receive_getc)(GETC_BUFFER_UNLIMITED); - if (ch == '\r') -diff --git a/src/smtp_in.c b/src/smtp_in.c -index 1b45f84d..02075404 100644 ---- a/src/smtp_in.c -+++ b/src/smtp_in.c -@@ -4955,16 +4955,23 @@ while (done <= 0) - DEBUG(D_receive) debug_printf("chunking state %d, %d bytes\n", - (int)chunking_state, chunking_data_left); - -+ /* push the current receive_* function on the "stack", and -+ replace them by bdat_getc(), which in turn will use the lwr_receive_* -+ functions to do the dirty work. */ - lwr_receive_getc = receive_getc; - lwr_receive_ungetc = receive_ungetc; -+ - receive_getc = bdat_getc; - receive_ungetc = bdat_ungetc; - -+ dot_ends = FALSE; -+ - goto DATA_BDAT; - } - - case DATA_CMD: - HAD(SCH_DATA); -+ dot_ends = TRUE; - - DATA_BDAT: /* Common code for DATA and BDAT */ - if (!discarded && recipients_count <= 0) --- -2.15.0 -