rpms / dovecot

Clone
Source Code
GIT

Blame SOURCES/dovecot-2.3.10-CVE_2020_10957p1.patch

c4 c5 c5-plus c6 c6-plus c7 c7-aarch64 c7-alt c7-beta c7-ppc64le c8 c8-beta c8s c9 c9-beta
  1.   1d3134d320b24d6e3bc04ffce595f8a5eeaa4604
  2.   SOURCES
  3.   dovecot-2.3.10-CVE_2020_10957p1.patch
Blob History Raw
311a5d 
From 606724bd528b92347dce580d3ab48fc1e3c2f4d7 Mon Sep 17 00:00:00 2001
311a5d 
From: Stephan Bosch <stephan.bosch@open-xchange.com>
311a5d 
Date: Tue, 24 Mar 2020 20:57:03 +0100
311a5d 
Subject: [PATCH] lib-smtp: smtp-syntax - Do not allow NULL return parameters
311a5d 
 for smtp_string_parse().
311a5d
311a5d 
---
311a5d 
 src/lib-smtp/smtp-server-cmd-noop.c | 8 ++++++--
311a5d 
 src/lib-smtp/smtp-syntax.c          | 9 +++++----
311a5d 
 2 files changed, 11 insertions(+), 6 deletions(-)
311a5d
311a5d 
diff --git a/src/lib-smtp/smtp-server-cmd-noop.c b/src/lib-smtp/smtp-server-cmd-noop.c
311a5d 
index 4986f800c8..550d709eab 100644
311a5d 
--- a/src/lib-smtp/smtp-server-cmd-noop.c
311a5d 
+++ b/src/lib-smtp/smtp-server-cmd-noop.c
311a5d 
@@ -13,11 +13,15 @@ void smtp_server_cmd_noop(struct smtp_server_cmd_ctx *cmd,
311a5d 
 	struct smtp_server_connection *conn = cmd->conn;
311a5d 
 	struct smtp_server_command *command = cmd->cmd;
311a5d 
 	const struct smtp_server_callbacks *callbacks = conn->callbacks;
311a5d 
+	const char *param, *error;
311a5d 
 	int ret;
311a5d
311a5d 
 	/* "NOOP" [ SP String ] CRLF */
311a5d 
-	if (*params != '\0' && smtp_string_parse(params, NULL, NULL) < 0) {
311a5d 
-		smtp_server_reply(cmd, 501, "5.5.4", "Invalid parameters");
311a5d 
+	ret = smtp_string_parse(params, &param, &error);
311a5d 
+	if (ret < 0) {
311a5d 
+		smtp_server_reply(cmd, 501, "5.5.4",
311a5d 
+				  "Invalid string parameter: %s",
311a5d 
+				  error);
311a5d 
 		return;
311a5d 
 	}
311a5d
311a5d 
diff --git a/src/lib-smtp/smtp-syntax.c b/src/lib-smtp/smtp-syntax.c
311a5d 
index 5d22445f72..6826682af1 100644
311a5d 
--- a/src/lib-smtp/smtp-syntax.c
311a5d 
+++ b/src/lib-smtp/smtp-syntax.c
311a5d 
@@ -17,7 +17,9 @@ int smtp_string_parse(const char *string,
311a5d 
 	const char **value_r, const char **error_r)
311a5d 
 {
311a5d 
 	struct smtp_parser parser;
311a5d 
-	int ret;
311a5d 
+
311a5d 
+	*value_r = NULL;
311a5d 
+	*error_r = NULL;
311a5d
311a5d 
 	if (string == NULL || *string == '\0') {
311a5d 
 		*value_r = "";
311a5d 
@@ -26,9 +28,8 @@ int smtp_string_parse(const char *string,
311a5d
311a5d 
 	smtp_parser_init(&parser, pool_datastack_create(), string);
311a5d
311a5d 
-	if ((ret=smtp_parser_parse_string(&parser, value_r)) < 0) {
311a5d 
-		if (error_r != NULL)
311a5d 
-			*error_r = parser.error;
311a5d 
+	if (smtp_parser_parse_string(&parser, value_r) < 0) {
311a5d 
+		*error_r = parser.error;
311a5d 
 		return -1;
311a5d 
 	}
311a5d 
 	if (parser.cur < parser.end) {

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation