[jackhill/guix/guix.git] / gnu / packages / patches / procmail-CVE-2014-3618.patch

Fixes CVE-2014-3618 (heap overflow in formisc.c allowing denial of
service and potential remote execution of arbitrary code).
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3618

Source:
http://seclists.org/oss-sec/2014/q3/495

Adopted by Debian as patch '27':
https://sources.debian.net/src/procmail/3.22-25/debian/patches/27/

--- a/src/formisc.c
+++ b/src/formisc.c
@@ -84,12 +84,11 @@
 	case '"':*target++=delim='"';start++;
       }
      ;{ int i;
-	do
+	while(*start)
 	   if((i= *target++= *start++)==delim)	 /* corresponding delimiter? */
 	      break;
 	   else if(i=='\\'&&*start)		    /* skip quoted character */
 	      *target++= *start++;
-	while(*start);						/* anything? */
       }
      hitspc=2;
    }
Commit	Line	Data
1d982d78 LF	1	Fixes CVE-2014-3618 (heap overflow in formisc.c allowing denial of
	2	service and potential remote execution of arbitrary code).
	3	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3618
	4
	5	Source:
	6	http://seclists.org/oss-sec/2014/q3/495
	7
	8	Adopted by Debian as patch '27':
	9	https://sources.debian.net/src/procmail/3.22-25/debian/patches/27/
	10
	11	--- a/src/formisc.c
	12	+++ b/src/formisc.c
	13	@@ -84,12 +84,11 @@
	14	case '"':*target++=delim='"';start++;
	15	}
	16	;{ int i;
	17	- do
	18	+ while(*start)
	19	if((i= target++= start++)==delim) /* corresponding delimiter? */
	20	break;
	21	else if(i=='\\'&&start) / skip quoted character */
	22	target++= start++;
	23	- while(start); / anything? */
	24	}
	25	hitspc=2;
	26	}