rpms / dovecot

Clone
Source Code
GIT

Blame SOURCES/dovecot-2.2.36-cve2019_11500_part2of4.patch

c4 c5 c5-plus c6 c6-plus c7 c7-aarch64 c7-alt c7-beta c7-ppc64le c8 c8-beta c8s c9 c9-beta
  1.   af53bcf12eea2acc6132e28ed3d2433d7f68f506
  2.   SOURCES
  3.   dovecot-2.2.36-cve2019_11500_part2of4.patch
Blob History Raw
af53bc 
From a56b0636b1bf9c7677c6fca9681f48752af700a1 Mon Sep 17 00:00:00 2001
af53bc 
From: Timo Sirainen <timo.sirainen@open-xchange.com>
af53bc 
Date: Fri, 17 May 2019 10:33:53 +0300
af53bc 
Subject: [PATCH 2/2] lib-imap: Make sure str_unescape() won't be writing past
af53bc 
 allocated memory
af53bc
af53bc 
The previous commit should already prevent this, but this makes sure it
af53bc 
can't become broken in the future either. It makes the performance a tiny
af53bc 
bit worse, but that's not practically noticeable.
af53bc 
---
af53bc 
 src/lib-imap/imap-parser.c | 6 ++----
af53bc 
 1 file changed, 2 insertions(+), 4 deletions(-)
af53bc
af53bc 
diff --git a/src/lib-imap/imap-parser.c b/src/lib-imap/imap-parser.c
af53bc 
index f41668d7a..7f58d99e2 100644
af53bc 
--- a/src/lib-imap/imap-parser.c
af53bc 
+++ b/src/lib-imap/imap-parser.c
af53bc 
@@ -267,10 +267,8 @@ static void imap_parser_save_arg(struct imap_parser *parser,
af53bc
af53bc 
 		/* remove the escapes */
af53bc 
 		if (parser->str_first_escape >= 0 &&
af53bc 
-		    (parser->flags & IMAP_PARSE_FLAG_NO_UNESCAPE) == 0) {
af53bc 
-			/* -1 because we skipped the '"' prefix */
af53bc 
-			(void)str_unescape(str + parser->str_first_escape-1);
af53bc 
-		}
af53bc 
+		    (parser->flags & IMAP_PARSE_FLAG_NO_UNESCAPE) == 0)
af53bc 
+			(void)str_unescape(str);
af53bc 
 		arg->_data.str = str;
af53bc 
 		arg->str_len = strlen(str);
af53bc 
 		break;
af53bc 
--
af53bc 
2.11.0
af53bc

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation