Fix a possible denial of service vulnerability.

After this patch, the action of piping mails out won't stop, even if all of your mails were failed to deliver. Nullmailer itself will keep throwing mails to smart relay as long as there're incoming mails, no matter how broken the recipients of the previous mails. Still leave this port in FORBIDDEN state until I address PR ports/45152 Obtained from: http://www.debian.org/security/2002/dsa-198 Noted by: Volker Stolz <stolz@i2.informatik.rwth-aachen.de>
author: Clive Lin <clive@FreeBSD.org> 2002-11-24 10:46:58 +0000
committer: Clive Lin <clive@FreeBSD.org> 2002-11-24 10:46:58 +0000
commit: e4e7c4c253a88e9d83888d0e39dd651630fae01b (patch)
tree: d8d181cf4d28b49d687d6db9d435447a369e700e /mail/nullmailer/files/patch-smtp.cc
parent: New port: textproc/whitespace.el (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/mail/nullmailer/files/patch-smtp.cc b/mail/nullmailer/files/patch-smtp.cc
new file mode 100644
index 000000000000..55a0cfbf883f
--- /dev/null
+++ b/mail/nullmailer/files/patch-smtp.cc
@@ -0,0 +1,14 @@
+--- protocols/smtp.cc
++++ protocols/smtp.cc
+@@ -120,9 +120,8 @@
+   docmd("DATA", 300);
+   mystring tmp;
+   while(msg->getline(tmp)) {
+-    if((tmp[0] == '.' && tmp[1] == 0 && !(out << ".")) ||
+-       !(out << tmp << "\r\n"))
+-      exit(ERR_MSG_WRITE);
++    if(tmp[0] == '.' && !(out << ".")) exit(ERR_MSG_WRITE);
++    if(!(out << tmp << "\r\n")) exit(ERR_MSG_WRITE);
+   }
+   docmd(".", 200);
+ }
author	Clive Lin <clive@FreeBSD.org>	2002-11-24 10:46:58 +0000
committer	Clive Lin <clive@FreeBSD.org>	2002-11-24 10:46:58 +0000
commit	e4e7c4c253a88e9d83888d0e39dd651630fae01b (patch)
tree	d8d181cf4d28b49d687d6db9d435447a369e700e /mail/nullmailer/files/patch-smtp.cc
parent	New port: textproc/whitespace.el (diff)