package/exim/0007-Fix-CVE-2019-10149.patch - buildroot - Git at Google

 From d740d2111f189760593a303124ff6b9b1f83453d Mon Sep 17 00:00:00 2001
 From: Jeremy Harris <jgh146exb@wizmail.org>
 Date: Mon, 27 May 2019 21:57:31 +0100
 Subject: [PATCH] Fix CVE-2019-10149

 [Peter: drop documentation update, fix path]
 Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 ---
  src/deliver.c          | 22 ++++++++++++++--------
  1 files changed, 52 insertions(+), 8 deletions(-)
  create mode 100644 doc/doc-txt/cve-2019-10149

 diff --git a/src/deliver.c b/src/deliver.c
 index 59256ac2..45cc0723 100644
 --- a/src/deliver.c
 +++ b/src/deliver.c
 @@ -6227,17 +6227,23 @@ if (process_recipients != RECIP_IGNORE)
  	{
  	uschar * save_local =  deliver_localpart;
  	const uschar * save_domain = deliver_domain;
 +	uschar * addr = new->address, * errmsg = NULL;
 +	int start, end, dom;

 -	deliver_localpart = expand_string(
 -		      string_sprintf("${local_part:%s}", new->address));
 -	deliver_domain =    expand_string(
 -		      string_sprintf("${domain:%s}", new->address));
 +	if (!parse_extract_address(addr, &errmsg, &start, &end, &dom, TRUE))
 +	  log_write(0, LOG_MAIN|LOG_PANIC,
 +                "failed to parse address '%.100s': %s\n", addr, errmsg);
 +	else
 +	  {
 +	  deliver_localpart =
 +	    string_copyn(addr+start, dom ? (dom-1) - start : end - start);
 +	  deliver_domain = dom ? CUS string_copyn(addr+dom, end - dom) : CUS"";

 -	(void) event_raise(event_action,
 -		      US"msg:fail:internal", new->message);
 +	  event_raise(event_action, US"msg:fail:internal", new->message);

 -	deliver_localpart = save_local;
 -	deliver_domain =    save_domain;
 +	  deliver_localpart = save_local;
 +	  deliver_domain = save_domain;
 +	  }
  	}
  #endif
        }
 --
 2.11.0
	From d740d2111f189760593a303124ff6b9b1f83453d Mon Sep 17 00:00:00 2001
	From: Jeremy Harris <jgh146exb@wizmail.org>
	Date: Mon, 27 May 2019 21:57:31 +0100
	Subject: [PATCH] Fix CVE-2019-10149

	[Peter: drop documentation update, fix path]
	Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
	---
	src/deliver.c \| 22 ++++++++++++++--------
	1 files changed, 52 insertions(+), 8 deletions(-)
	create mode 100644 doc/doc-txt/cve-2019-10149

	diff --git a/src/deliver.c b/src/deliver.c
	index 59256ac2..45cc0723 100644
	--- a/src/deliver.c
	+++ b/src/deliver.c
	@@ -6227,17 +6227,23 @@ if (process_recipients != RECIP_IGNORE)
	{
	uschar * save_local = deliver_localpart;
	const uschar * save_domain = deliver_domain;
	+ uschar * addr = new->address, * errmsg = NULL;
	+ int start, end, dom;

	- deliver_localpart = expand_string(
	- string_sprintf("${local_part:%s}", new->address));
	- deliver_domain = expand_string(
	- string_sprintf("${domain:%s}", new->address));
	+ if (!parse_extract_address(addr, &errmsg, &start, &end, &dom, TRUE))
	+ log_write(0, LOG_MAIN\|LOG_PANIC,
	+ "failed to parse address '%.100s': %s\n", addr, errmsg);
	+ else
	+ {
	+ deliver_localpart =
	+ string_copyn(addr+start, dom ? (dom-1) - start : end - start);
	+ deliver_domain = dom ? CUS string_copyn(addr+dom, end - dom) : CUS"";

	- (void) event_raise(event_action,
	- US"msg:fail:internal", new->message);
	+ event_raise(event_action, US"msg:fail:internal", new->message);

	- deliver_localpart = save_local;
	- deliver_domain = save_domain;
	+ deliver_localpart = save_local;
	+ deliver_domain = save_domain;
	+ }
	}
	#endif
	}
	--
	2.11.0