From 9984ae5cb0ea0d61df1612b06952a61323c083d9 Mon Sep 17 00:00:00 2001

From: Florian Weimer <fweimer@redhat.com>

Date: Mon, 17 Nov 2014 11:13:38 +0100

Subject: [PATCH 1/4] outof: Introduce expandaddr flag

Document that address expansion is disabled unless the expandaddr

binary option is set.

This has been assigned CVE-2014-7844 for BSD mailx, but it is not

a vulnerability in Heirloom mailx because this feature was documented.

---

 mailx.1 | 14 ++++++++++++++

 names.c |  3 +++

 2 files changed, 17 insertions(+)

diff --git a/mailx.1 b/mailx.1

index 70a7859..22a171b 100644

--- a/mailx.1

+++ b/mailx.1

@@ -656,6 +656,14 @@ but any reply returned to the machine

 will have the system wide alias expanded

 as all mail goes through sendmail.

 .SS "Recipient address specifications"

+If the

+.I expandaddr

+option is not set (the default), recipient addresses must be names of

+local mailboxes or Internet mail addresses.

+.PP

+If the

+.I expandaddr

+option is set, the following rules apply:

 When an address is used to name a recipient

 (in any of To, Cc, or Bcc),

 names of local mail folders

@@ -2391,6 +2399,12 @@ and exits immediately.

 If this option is set,

 \fImailx\fR starts even with an empty mailbox.

 .TP

+.B expandaddr

+Causes

+.I mailx

+to expand message recipient addresses, as explained in the section,

+Recipient address specifications.

+.TP

 .B flipr

 Exchanges the

 .I Respond

diff --git a/names.c b/names.c

index 66e976b..c69560f 100644

--- a/names.c

+++ b/names.c

@@ -268,6 +268,9 @@ outof(struct name *names, FILE *fo, struct header *hp)

 	FILE *fout, *fin;

 	int ispipe;

+	if (value("expandaddr") == NULL)

+		return names;

+

 	top = names;

 	np = names;

 	time(&now;;

-- 

1.9.3