pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/mail Bump PKGREVISION.
details: https://anonhg.NetBSD.org/pkgsrc/rev/42df73315e59
branches: trunk
changeset: 514590:42df73315e59
user: adrianp <adrianp%pkgsrc.org@localhost>
date: Wed Jun 14 18:53:53 2006 +0000
description:
Bump PKGREVISION.
A malformed MIME structure with many parts can cause sendmail to
crash while trying to send a mail due to a stack overflow,
e.g., if the stack size is limited (ulimit -s). This
happens because the recursion of the function mime8to7()
was not restricted. The function is called for MIME 8 to
7 bit conversion and also to enforce MaxMimeHeaderLength.
To work around this problem, recursive calls are limited to
a depth of MAXMIMENESTING (20); message content after this
limit is treated as opaque and is not checked further.
diffstat:
mail/sendmail/Makefile | 4 +-
mail/sendmail/distinfo | 6 +-
mail/sendmail/patches/patch-aj | 22 ++++++++
mail/sendmail/patches/patch-ak | 103 ++++++++++++++++++++++++++++++++++++++
mail/sendmail/patches/patch-al | 21 +++++++
mail/sendmail/patches/patch-am | 8 ++
mail/sendmail812/Makefile | 4 +-
mail/sendmail812/distinfo | 6 +-
mail/sendmail812/patches/patch-ah | 22 ++++++++
mail/sendmail812/patches/patch-ai | 103 ++++++++++++++++++++++++++++++++++++++
mail/sendmail812/patches/patch-aj | 21 +++++++
mail/sendmail812/patches/patch-ak | 8 ++
12 files changed, 322 insertions(+), 6 deletions(-)
diffs (truncated from 405 to 300 lines):
diff -r 3de9a9b70ea0 -r 42df73315e59 mail/sendmail/Makefile
--- a/mail/sendmail/Makefile Wed Jun 14 17:01:08 2006 +0000
+++ b/mail/sendmail/Makefile Wed Jun 14 18:53:53 2006 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.89 2006/06/07 14:48:28 joerg Exp $
+# $NetBSD: Makefile,v 1.90 2006/06/14 18:53:54 adrianp Exp $
.include "../../mail/sendmail/Makefile.common"
PKGNAME= sendmail-${DIST_VERS}
-PKGREVISION= 2
+PKGREVISION= 3
COMMENT= The well known Mail Transport Agent
CONFLICTS+= courier-mta-[0-9]* fastforward>=0.51nb2 postfix-[0-9]*
diff -r 3de9a9b70ea0 -r 42df73315e59 mail/sendmail/distinfo
--- a/mail/sendmail/distinfo Wed Jun 14 17:01:08 2006 +0000
+++ b/mail/sendmail/distinfo Wed Jun 14 18:53:53 2006 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.29 2006/06/07 14:48:28 joerg Exp $
+$NetBSD: distinfo,v 1.30 2006/06/14 18:53:54 adrianp Exp $
SHA1 (sendmail.8.13.6.tar.gz) = 6c35f4780bd9fc5f8982977ad699752e2ccb26d0
RMD160 (sendmail.8.13.6.tar.gz) = cbb0649b5dec8e4b4850c76ad4a132a15335df3b
@@ -12,3 +12,7 @@
SHA1 (patch-ag) = 672c3e8a0c897f2c721d45393d85d4ea819d55a6
SHA1 (patch-ah) = e6be09008b9230ffdd1560aaacbdbb2ee4fb8028
SHA1 (patch-ai) = 8ade5888074ad9a328f87d66836c04eacf7785d5
+SHA1 (patch-aj) = 5dbceffb6397e28beb0c9350398238877928ead8
+SHA1 (patch-ak) = 0688b603018fc58510174a012ca7d2425665a7cd
+SHA1 (patch-al) = 9527aa7046a6b4be63c12108b5e03d6b13009d2d
+SHA1 (patch-am) = 6a7e14410ddc619a08142b90bd15f55eb23d32b8
diff -r 3de9a9b70ea0 -r 42df73315e59 mail/sendmail/patches/patch-aj
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/mail/sendmail/patches/patch-aj Wed Jun 14 18:53:53 2006 +0000
@@ -0,0 +1,22 @@
+$NetBSD: patch-aj,v 1.3 2006/06/14 18:53:53 adrianp Exp $
+
+--- sendmail/deliver.c.orig 2006-03-02 01:37:39.000000000 +0000
++++ sendmail/deliver.c
+@@ -4623,7 +4623,7 @@ putbody(mci, e, separator)
+ /* now do the hard work */
+ boundaries[0] = NULL;
+ mci->mci_flags |= MCIF_INHEADER;
+- if (mime8to7(mci, e->e_header, e, boundaries, M87F_OUTER) ==
++ if (mime8to7(mci, e->e_header, e, boundaries, M87F_OUTER, 0) ==
+ SM_IO_EOF)
+ goto writeerr;
+ }
+@@ -4654,7 +4654,7 @@ putbody(mci, e, separator)
+ SuprErrs = true;
+
+ if (mime8to7(mci, e->e_header, e, boundaries,
+- M87F_OUTER|M87F_NO8TO7) == SM_IO_EOF)
++ M87F_OUTER|M87F_NO8TO7, 0) == SM_IO_EOF)
+ goto writeerr;
+
+ /* restore SuprErrs */
diff -r 3de9a9b70ea0 -r 42df73315e59 mail/sendmail/patches/patch-ak
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/mail/sendmail/patches/patch-ak Wed Jun 14 18:53:53 2006 +0000
@@ -0,0 +1,103 @@
+$NetBSD: patch-ak,v 1.3 2006/06/14 18:53:53 adrianp Exp $
+
+--- sendmail/mime.c.orig 2006-03-01 18:07:45.000000000 +0000
++++ sendmail/mime.c
+@@ -80,6 +80,7 @@ static bool MapNLtoCRLF;
+ ** boundaries -- the currently pending message boundaries.
+ ** NULL if we are processing the outer portion.
+ ** flags -- to tweak processing.
++** level -- recursion level.
+ **
+ ** Returns:
+ ** An indicator of what terminated the message part:
+@@ -96,12 +97,13 @@ struct args
+ };
+
+ int
+-mime8to7(mci, header, e, boundaries, flags)
++mime8to7(mci, header, e, boundaries, flags, level)
+ register MCI *mci;
+ HDR *header;
+ register ENVELOPE *e;
+ char **boundaries;
+ int flags;
++ int level;
+ {
+ register char *p;
+ int linelen;
+@@ -122,6 +124,18 @@ mime8to7(mci, header, e, boundaries, fla
+ char pvpbuf[MAXLINE];
+ extern unsigned char MimeTokenTab[256];
+
++ if (level > MAXMIMENESTING)
++ {
++ if (!bitset(EF_TOODEEP, e->e_flags))
++ {
++ if (tTd(43, 4))
++ sm_dprintf("mime8to7: too deep, level=%d\n",
++ level);
++ usrerr("mime8to7: recursion level %d exceeded",
++ level);
++ e->e_flags |= EF_DONT_MIME|EF_TOODEEP;
++ }
++ }
+ if (tTd(43, 1))
+ {
+ sm_dprintf("mime8to7: flags = %x, boundaries =", flags);
+@@ -242,7 +256,9 @@ mime8to7(mci, header, e, boundaries, fla
+ */
+
+ if (sm_strcasecmp(type, "multipart") == 0 &&
+- (!bitset(M87F_NO8BIT, flags) || bitset(M87F_NO8TO7, flags)))
++ (!bitset(M87F_NO8BIT, flags) || bitset(M87F_NO8TO7, flags)) &&
++ !bitset(EF_TOODEEP, e->e_flags)
++ )
+ {
+
+ if (sm_strcasecmp(subtype, "digest") == 0)
+@@ -286,10 +302,13 @@ mime8to7(mci, header, e, boundaries, fla
+ }
+ if (i >= MAXMIMENESTING)
+ {
+- usrerr("mime8to7: multipart nesting boundary too deep");
++ if (tTd(43, 4))
++ sm_dprintf("mime8to7: too deep, i=%d\n", i);
++ if (!bitset(EF_TOODEEP, e->e_flags))
++ usrerr("mime8to7: multipart nesting boundary too deep");
+
+ /* avoid bounce loops */
+- e->e_flags |= EF_DONT_MIME;
++ e->e_flags |= EF_DONT_MIME|EF_TOODEEP;
+ }
+ else
+ {
+@@ -333,7 +352,8 @@ mime8to7(mci, header, e, boundaries, fla
+ goto writeerr;
+ if (tTd(43, 101))
+ putline("+++after putheader", mci);
+- bt = mime8to7(mci, hdr, e, boundaries, flags);
++ bt = mime8to7(mci, hdr, e, boundaries, flags,
++ level + 1);
+ if (bt == SM_IO_EOF)
+ goto writeerr;
+ }
+@@ -374,7 +394,8 @@ mime8to7(mci, header, e, boundaries, fla
+
+ if (sm_strcasecmp(type, "message") == 0)
+ {
+- if (!wordinclass(subtype, 's'))
++ if (!wordinclass(subtype, 's') ||
++ bitset(EF_TOODEEP, e->e_flags))
+ {
+ flags |= M87F_NO8BIT;
+ }
+@@ -397,7 +418,8 @@ mime8to7(mci, header, e, boundaries, fla
+ !bitset(M87F_NO8TO7, flags) &&
+ !putline("MIME-Version: 1.0", mci))
+ goto writeerr;
+- bt = mime8to7(mci, hdr, e, boundaries, flags);
++ bt = mime8to7(mci, hdr, e, boundaries, flags,
++ level + 1);
+ mci->mci_flags &= ~MCIF_INMIME;
+ return bt;
+ }
diff -r 3de9a9b70ea0 -r 42df73315e59 mail/sendmail/patches/patch-al
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/mail/sendmail/patches/patch-al Wed Jun 14 18:53:53 2006 +0000
@@ -0,0 +1,21 @@
+$NetBSD: patch-al,v 1.3 2006/06/14 18:53:53 adrianp Exp $
+
+--- sendmail/sendmail.h.orig 2006-02-27 17:49:09.000000000 +0000
++++ sendmail/sendmail.h
+@@ -942,6 +942,7 @@ struct envelope
+ #define EF_TOOBIG 0x02000000L /* message is too big */
+ #define EF_SPLIT 0x04000000L /* envelope has been split */
+ #define EF_UNSAFE 0x08000000L /* unsafe: read from untrusted source */
++#define EF_TOODEEP 0x10000000L /* message is nested too deep */
+
+ #define DLVR_NOTIFY 0x01
+ #define DLVR_RETURN 0x02
+@@ -1655,7 +1656,7 @@ EXTERN unsigned long PrivacyFlags; /* pr
+
+ /* functions */
+ extern bool mime7to8 __P((MCI *, HDR *, ENVELOPE *));
+-extern int mime8to7 __P((MCI *, HDR *, ENVELOPE *, char **, int));
++extern int mime8to7 __P((MCI *, HDR *, ENVELOPE *, char **, int, int));
+
+ /*
+ ** Flags passed to returntosender.
diff -r 3de9a9b70ea0 -r 42df73315e59 mail/sendmail/patches/patch-am
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/mail/sendmail/patches/patch-am Wed Jun 14 18:53:53 2006 +0000
@@ -0,0 +1,8 @@
+$NetBSD: patch-am,v 1.1 2006/06/14 18:53:53 adrianp Exp $
+
+--- sendmail/version.c.orig 2006-03-08 19:21:21.000000000 +0000
++++ sendmail/version.c
+@@ -17,2 +17,2 @@ SM_RCSID("@(#)$Id: version.c,v 8.160 200
+
+-char Version[] = "8.13.6";
++char Version[] = "8.13.6.20060614";
diff -r 3de9a9b70ea0 -r 42df73315e59 mail/sendmail812/Makefile
--- a/mail/sendmail812/Makefile Wed Jun 14 17:01:08 2006 +0000
+++ b/mail/sendmail812/Makefile Wed Jun 14 18:53:53 2006 +0000
@@ -1,10 +1,10 @@
-# $NetBSD: Makefile,v 1.11 2006/06/06 21:55:49 adrianp Exp $
+# $NetBSD: Makefile,v 1.12 2006/06/14 18:57:34 adrianp Exp $
.include "options.mk"
.include "../../mail/sendmail812/Makefile.common"
PKGNAME= sendmail-${DIST_VERS}
-PKGREVISION= 2
+PKGREVISION= 3
COMMENT= The well known Mail Transport Agent
HAS_SIG= yes
diff -r 3de9a9b70ea0 -r 42df73315e59 mail/sendmail812/distinfo
--- a/mail/sendmail812/distinfo Wed Jun 14 17:01:08 2006 +0000
+++ b/mail/sendmail812/distinfo Wed Jun 14 18:53:53 2006 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.4 2006/03/22 21:19:06 tv Exp $
+$NetBSD: distinfo,v 1.5 2006/06/14 18:57:34 adrianp Exp $
SHA1 (sendmail.8.12.11.tar.gz) = ce1ba0e50740c548f8555f1a905d8514e6637f95
RMD160 (sendmail.8.12.11.tar.gz) = a80ceccbe3425ea01ce6cb89f2226f83b3562b64
@@ -13,3 +13,7 @@
SHA1 (patch-ae) = ae06caa125fe4d4fc85123dc0a5d0016cd099ebd
SHA1 (patch-af) = d26481845328adad6d46fdf797785ec2ad003e28
SHA1 (patch-ag) = 4e84e709338eecc0dc14a6df42d8071fee1938a3
+SHA1 (patch-ah) = b876e92147bce47fee5f77106c2a1b281fac743f
+SHA1 (patch-ai) = d17bc0a551fa5efd59f4822ca59049e166e59d86
+SHA1 (patch-aj) = 6901b3efacf02ba5f71fbfb6056b1eced9d4c037
+SHA1 (patch-ak) = 2668680ec507ce4b59acae1a985e3af105c51816
diff -r 3de9a9b70ea0 -r 42df73315e59 mail/sendmail812/patches/patch-ah
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/mail/sendmail812/patches/patch-ah Wed Jun 14 18:53:53 2006 +0000
@@ -0,0 +1,22 @@
+$NetBSD: patch-ah,v 1.1 2006/06/14 18:57:34 adrianp Exp $
+
+--- sendmail/deliver.c.orig 2006-06-13 21:35:58.000000000 +0100
++++ sendmail/deliver.c
+@@ -4566,7 +4566,7 @@ putbody(mci, e, separator)
+ /* now do the hard work */
+ boundaries[0] = NULL;
+ mci->mci_flags |= MCIF_INHEADER;
+- if (mime8to7(mci, e->e_header, e, boundaries, M87F_OUTER) ==
++ if (mime8to7(mci, e->e_header, e, boundaries, M87F_OUTER, 0) ==
+ SM_IO_EOF)
+ goto writeerr;
+ }
+@@ -4597,7 +4597,7 @@ putbody(mci, e, separator)
+ SuprErrs = true;
+
+ if (mime8to7(mci, e->e_header, e, boundaries,
+- M87F_OUTER|M87F_NO8TO7) == SM_IO_EOF)
++ M87F_OUTER|M87F_NO8TO7, 0) == SM_IO_EOF)
+ goto writeerr;
+
+ /* restore SuprErrs */
diff -r 3de9a9b70ea0 -r 42df73315e59 mail/sendmail812/patches/patch-ai
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/mail/sendmail812/patches/patch-ai Wed Jun 14 18:53:53 2006 +0000
@@ -0,0 +1,103 @@
+$NetBSD: patch-ai,v 1.1 2006/06/14 18:57:34 adrianp Exp $
+
+--- sendmail/mime.c.orig 2006-06-13 21:35:58.000000000 +0100
++++ sendmail/mime.c
+@@ -80,6 +80,7 @@ static bool MapNLtoCRLF;
+ ** boundaries -- the currently pending message boundaries.
+ ** NULL if we are processing the outer portion.
+ ** flags -- to tweak processing.
++** level -- recursion level.
+ **
+ ** Returns:
+ ** An indicator of what terminated the message part:
+@@ -96,12 +97,13 @@ struct args
+ };
+
+ int
+-mime8to7(mci, header, e, boundaries, flags)
++mime8to7(mci, header, e, boundaries, flags, level)
+ register MCI *mci;
+ HDR *header;
+ register ENVELOPE *e;
+ char **boundaries;
+ int flags;
++ int level;
+ {
+ register char *p;
+ int linelen;
+@@ -122,6 +124,18 @@ mime8to7(mci, header, e, boundaries, fla
+ char pvpbuf[MAXLINE];
+ extern unsigned char MimeTokenTab[256];
+
++ if (level > MAXMIMENESTING)
++ {
++ if (!bitset(EF_TOODEEP, e->e_flags))
++ {
Home |
Main Index |
Thread Index |
Old Index