Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-1-6]: src/gnu/dist/sendmail/sendmail Pull up revision 1.8 (reques...
details: https://anonhg.NetBSD.org/src/rev/13a3d014b893
branches: netbsd-1-6
changeset: 530171:13a3d014b893
user: lukem <lukem%NetBSD.org@localhost>
date: Tue Mar 04 04:27:40 2003 +0000
description:
Pull up revision 1.8 (requested by atatat in ticket #1190):
Apply patch from sendmail.org to handle a new header overflow bug.
diffstat:
gnu/dist/sendmail/sendmail/headers.c | 212 +++++++++++++++++++++-------------
1 files changed, 129 insertions(+), 83 deletions(-)
diffs (truncated from 428 to 300 lines):
diff -r d4167bb24019 -r 13a3d014b893 gnu/dist/sendmail/sendmail/headers.c
--- a/gnu/dist/sendmail/sendmail/headers.c Tue Mar 04 04:27:28 2003 +0000
+++ b/gnu/dist/sendmail/sendmail/headers.c Tue Mar 04 04:27:40 2003 +0000
@@ -648,7 +648,8 @@
if (buf[0] != '\0')
{
if (bitset(H_FROM, h->h_flags))
- expand(crackaddr(buf), buf, sizeof buf, e);
+ expand(crackaddr(buf, e),
+ buf, sizeof buf, e);
h->h_value = newstr(buf);
h->h_flags &= ~H_DEFAULT;
}
@@ -971,7 +972,11 @@
** it and replaces it with "$g". The parse is totally ad hoc
** and isn't even guaranteed to leave something syntactically
** identical to what it started with. However, it does leave
-** something semantically identical.
+** something semantically identical if possible, else at least
+** syntactically correct.
+**
+** For example, it changes "Real Name <real%example.com@localhost> (Comment)"
+** to "Real Name <$g> (Comment)".
**
** This algorithm has been cleaned up to handle a wider range
** of cases -- notably quoted and backslash escaped strings.
@@ -980,6 +985,7 @@
**
** Parameters:
** addr -- the address to be cracked.
+** e -- the current envelope.
**
** Returns:
** a pointer to the new version.
@@ -992,28 +998,50 @@
** be copied if it is to be reused.
*/
+#define SM_HAVE_ROOM ((bp < buflim) && (buflim <= bufend))
+
+/*
+** Append a character to bp if we have room.
+** If not, punt and return $g.
+*/
+
+#define SM_APPEND_CHAR(c) \
+ do \
+ { \
+ if (SM_HAVE_ROOM) \
+ *bp++ = (c); \
+ else \
+ goto returng; \
+ } while (0)
+
+#if MAXNAME < 10
+ERROR MAXNAME must be at least 10
+#endif /* MAXNAME < 10 */
+
char *
-crackaddr(addr)
+crackaddr(addr, e)
register char *addr;
+ ENVELOPE *e;
{
register char *p;
register char c;
- int cmtlev;
- int realcmtlev;
- int anglelev, realanglelev;
- int copylev;
- int bracklev;
- bool qmode;
- bool realqmode;
- bool skipping;
- bool putgmac = FALSE;
- bool quoteit = FALSE;
- bool gotangle = FALSE;
- bool gotcolon = FALSE;
+ int cmtlev; /* comment level in input string */
+ int realcmtlev; /* comment level in output string */
+ int anglelev; /* angle level in input string */
+ int copylev; /* 0 == in address, >0 copying */
+ int bracklev; /* bracket level for IPv6 addr check */
+ bool addangle; /* put closing angle in output */
+ bool qmode; /* quoting in original string? */
+ bool realqmode; /* quoting in output string? */
+ bool putgmac = FALSE; /* already wrote $g */
+ bool quoteit = FALSE; /* need to quote next character */
+ bool gotangle = FALSE; /* found first '<' */
+ bool gotcolon = FALSE; /* found a ':' */
register char *bp;
char *buflim;
char *bufhead;
char *addrhead;
+ char *bufend;
static char buf[MAXNAME + 1];
if (tTd(33, 1))
@@ -1028,25 +1056,22 @@
** adjusted later if we find them.
*/
+ buflim = bufend = &buf[sizeof(buf) - 1];
bp = bufhead = buf;
- buflim = &buf[sizeof buf - 7];
p = addrhead = addr;
- copylev = anglelev = realanglelev = cmtlev = realcmtlev = 0;
+ copylev = anglelev = cmtlev = realcmtlev = 0;
bracklev = 0;
- qmode = realqmode = FALSE;
+ qmode = realqmode = addangle = FALSE;
while ((c = *p++) != '\0')
{
/*
- ** If the buffer is overful, go into a special "skipping"
- ** mode that tries to keep legal syntax but doesn't actually
- ** output things.
+ ** Try to keep legal syntax using spare buffer space
+ ** (maintained by buflim).
*/
- skipping = bp >= buflim;
-
- if (copylev > 0 && !skipping)
- *bp++ = c;
+ if (copylev > 0)
+ SM_APPEND_CHAR(c);
/* check for backslash escapes */
if (c == '\\')
@@ -1061,8 +1086,8 @@
p--;
goto putg;
}
- if (copylev > 0 && !skipping)
- *bp++ = c;
+ if (copylev > 0)
+ SM_APPEND_CHAR(c);
goto putg;
}
@@ -1070,8 +1095,14 @@
if (c == '"' && cmtlev <= 0)
{
qmode = !qmode;
- if (copylev > 0 && !skipping)
+ if (copylev > 0 && SM_HAVE_ROOM)
+ {
+ if (realqmode)
+ buflim--;
+ else
+ buflim++;
realqmode = !realqmode;
+ }
continue;
}
if (qmode)
@@ -1083,15 +1114,15 @@
cmtlev++;
/* allow space for closing paren */
- if (!skipping)
+ if (SM_HAVE_ROOM)
{
buflim--;
realcmtlev++;
if (copylev++ <= 0)
{
if (bp != bufhead)
- *bp++ = ' ';
- *bp++ = c;
+ SM_APPEND_CHAR(' ');
+ SM_APPEND_CHAR(c);
}
}
}
@@ -1101,7 +1132,7 @@
{
cmtlev--;
copylev--;
- if (!skipping)
+ if (SM_HAVE_ROOM)
{
realcmtlev--;
buflim++;
@@ -1112,7 +1143,7 @@
else if (c == ')')
{
/* syntax error: unmatched ) */
- if (copylev > 0 && !skipping)
+ if (copylev > 0 && SM_HAVE_ROOM)
bp--;
}
@@ -1130,7 +1161,7 @@
/*
** Check for DECnet phase IV ``::'' (host::user)
- ** or ** DECnet phase V ``:.'' syntaxes. The latter
+ ** or DECnet phase V ``:.'' syntaxes. The latter
** covers ``user@DEC:.tay.myhost'' and
** ``DEC:.tay.myhost::user'' syntaxes (bletch).
*/
@@ -1139,10 +1170,10 @@
{
if (cmtlev <= 0 && !qmode)
quoteit = TRUE;
- if (copylev > 0 && !skipping)
+ if (copylev > 0)
{
- *bp++ = c;
- *bp++ = *p;
+ SM_APPEND_CHAR(c);
+ SM_APPEND_CHAR(*p);
}
p++;
goto putg;
@@ -1153,41 +1184,43 @@
bp = bufhead;
if (quoteit)
{
- *bp++ = '"';
+ SM_APPEND_CHAR('"');
/* back up over the ':' and any spaces */
--p;
- while (isascii(*--p) && isspace(*p))
+ while (p > addr &&
+ isascii(*--p) && isspace(*p))
continue;
p++;
}
for (q = addrhead; q < p; )
{
c = *q++;
- if (bp < buflim)
+ if (quoteit && c == '"')
{
- if (quoteit && c == '"')
- *bp++ = '\\';
- *bp++ = c;
+ SM_APPEND_CHAR('\\');
+ SM_APPEND_CHAR(c);
}
+ else
+ SM_APPEND_CHAR(c);
}
if (quoteit)
{
if (bp == &bufhead[1])
bp--;
else
- *bp++ = '"';
+ SM_APPEND_CHAR('"');
while ((c = *p++) != ':')
- {
- if (bp < buflim)
- *bp++ = c;
- }
- *bp++ = c;
+ SM_APPEND_CHAR(c);
+ SM_APPEND_CHAR(c);
}
/* any trailing white space is part of group: */
- while (isascii(*p) && isspace(*p) && bp < buflim)
- *bp++ = *p++;
+ while (isascii(*p) && isspace(*p))
+ {
+ SM_APPEND_CHAR(*p);
+ p++;
+ }
copylev = 0;
putgmac = quoteit = FALSE;
bufhead = bp;
@@ -1196,10 +1229,7 @@
}
if (c == ';' && copylev <= 0 && !ColonOkInAddr)
- {
- if (bp < buflim)
- *bp++ = c;
- }
+ SM_APPEND_CHAR(c);
/* check for characters that may have to be quoted */
if (strchr(MustQuoteChars, c) != NULL)
@@ -1227,42 +1257,45 @@
/* oops -- have to change our mind */
anglelev = 1;
- if (!skipping)
- realanglelev = 1;
+ if (SM_HAVE_ROOM)
+ {
+ if (!addangle)
+ buflim--;
+ addangle = TRUE;
+ }
Home |
Main Index |
Thread Index |
Old Index