X-Git-Url: https://git.hcoop.net/hcoop/debian/exim4.git/blobdiff_plain/bc6af72d767f6b75eda7cf8d41c336ba6632d6da..552f2bc96ec0596a6de3dee206db8cf1254504a9:/debian/patches/83_qsa-2019-exim4.patch

diff --git a/debian/patches/83_qsa-2019-exim4.patch b/debian/patches/83_qsa-2019-exim4.patch
new file mode 100644
index 0000000..c840d5e
--- /dev/null
+++ b/debian/patches/83_qsa-2019-exim4.patch
@@ -0,0 +1,45 @@
+From d740d2111f189760593a303124ff6b9b1f83453d Mon Sep 17 00:00:00 2001
+From: Jeremy Harris <jgh146exb@wizmail.org>
+Date: Mon, 27 May 2019 21:57:31 +0100
+Subject: [PATCH] Fix CVE-2019-10149
+
+---
+diff --git a/src/deliver.c b/src/deliver.c
+index 59256ac2c..45cc0723f 100644
+--- a/src/deliver.c
++++ b/src/deliver.c
+@@ -6227,17 +6227,23 @@ if (process_recipients != RECIP_IGNORE)
+ 	{
+ 	uschar * save_local =  deliver_localpart;
+ 	const uschar * save_domain = deliver_domain;
++	uschar * addr = new->address, * errmsg = NULL;
++	int start, end, dom;
+ 
+-	deliver_localpart = expand_string(
+-		      string_sprintf("${local_part:%s}", new->address));
+-	deliver_domain =    expand_string(
+-		      string_sprintf("${domain:%s}", new->address));
++	if (!parse_extract_address(addr, &errmsg, &start, &end, &dom, TRUE))
++	  log_write(0, LOG_MAIN|LOG_PANIC,
++                "failed to parse address '%.100s': %s\n", addr, errmsg);
++	else
++	  {
++	  deliver_localpart =
++	    string_copyn(addr+start, dom ? (dom-1) - start : end - start);
++	  deliver_domain = dom ? CUS string_copyn(addr+dom, end - dom) : CUS"";
+ 
+-	(void) event_raise(event_action,
+-		      US"msg:fail:internal", new->message);
++	  event_raise(event_action, US"msg:fail:internal", new->message);
+ 
+-	deliver_localpart = save_local;
+-	deliver_domain =    save_domain;
++	  deliver_localpart = save_local;
++	  deliver_domain = save_domain;
++	  }
+ 	}
+ #endif
+       }
+-- 
+2.20.1
+