diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-06 00:47:27 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-06 00:47:27 +0000 |
commit | d5eb37dd4a5a433c40c3c1e7ead424add62663f8 (patch) | |
tree | 6a18289cb463d11227d1fa4c990548e50a09d917 /debian/patches/78_01-string.c-do-not-interpret-before-0-CVE-2019-15846.patch | |
parent | Adding upstream version 4.92. (diff) | |
download | exim4-d5eb37dd4a5a433c40c3c1e7ead424add62663f8.tar.xz exim4-d5eb37dd4a5a433c40c3c1e7ead424add62663f8.zip |
Adding debian version 4.92-8+deb10u6.debian/4.92-8+deb10u6debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/patches/78_01-string.c-do-not-interpret-before-0-CVE-2019-15846.patch')
-rw-r--r-- | debian/patches/78_01-string.c-do-not-interpret-before-0-CVE-2019-15846.patch | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/debian/patches/78_01-string.c-do-not-interpret-before-0-CVE-2019-15846.patch b/debian/patches/78_01-string.c-do-not-interpret-before-0-CVE-2019-15846.patch new file mode 100644 index 0000000..38ba939 --- /dev/null +++ b/debian/patches/78_01-string.c-do-not-interpret-before-0-CVE-2019-15846.patch @@ -0,0 +1,50 @@ +From 2600301ba6dbac5c9d640c87007a07ee6dcea1f4 Mon Sep 17 00:00:00 2001 +From: "Heiko Schlittermann (HS12-RIPE)" <hs@schlittermann.de> +Date: Mon, 19 Aug 2019 14:45:48 +0200 +Subject: [PATCH] string.c: do not interpret '\\' before '\0' (CVE-2019-15846) + + +--- a/doc/ChangeLog ++++ b/doc/ChangeLog +@@ -4,6 +4,11 @@ This document describes *changes* to pre + affect Exim's operation, with an unchanged configuration file. For new + options, and new features, see the NewStuff file next to this ChangeLog. + ++Exim version 4.92.2 ++------------------- ++ ++HS/01 Handle trailing backslash gracefully. (CVE-2019-15846) ++ + + Since version 4.92 + ------------------ +--- a/src/string.c ++++ b/src/string.c +@@ -224,6 +224,8 @@ interpreted in strings. + Arguments: + pp points a pointer to the initiating "\" in the string; + the pointer gets updated to point to the final character ++ If the backslash is the last character in the string, it ++ is not interpreted. + Returns: the value of the character escape + */ + +@@ -236,6 +238,7 @@ const uschar *hex_digits= CUS"0123456789 + int ch; + const uschar *p = *pp; + ch = *(++p); ++if (ch == '\0') return **pp; + if (isdigit(ch) && ch != '8' && ch != '9') + { + ch -= '0'; +@@ -1210,8 +1213,8 @@ memcpy(g->s + p, s, count); + g->ptr = p + count; + return g; + } +- +- ++ ++ + gstring * + string_cat(gstring *string, const uschar *s) + { |