mail/qmail: Fixes CVE-2005-1513 to CVE-2005-1513, update TLS patch

mail/qmail-tls: Update TLS patch

See
https://www.qualys.com/2020/05/19/cve-2005-1513/remote-code-execution-qmail.txt
for details about the CVEs

- now builds with openssl 1.1.1e from the ports

PR:		244969, 245010
Submitted by:	erdgeist@erdgeist.org (maintainer)
Reported by:	klokanek@eldar.cz
MFH:		2020Q2
Security:	CVE-2005-1513, CVE-2005-1514, CVE-2005-1515

2 files changed, 21 insertions, 2 deletions

diff --git a/mail/qmail/files/patch-alloc.c b/mail/qmail/files/patch-alloc.c
new file mode 100644
index 000000000000..de741aa96bc5
--- /dev/null
+++ b/mail/qmail/files/patch-alloc.c
@@ -0,0 +1,19 @@
+diff -r -u a/alloc.c b/alloc.c
+--- alloc.c 1998-06-15 03:53:16.000000000 -0700
++++ alloc.c 2020-05-04 16:43:32.923310325 -0700
+@@ -1,3 +1,4 @@
++#include <limits.h>
+ #include "alloc.h"
+ #include "error.h"
+ extern char *malloc();
+@@ -15,6 +16,10 @@
+ unsigned int n;
+ {
+   char *x;
++  if (n >= (INT_MAX >> 3)) {
++    errno = error_nomem;
++    return 0;
++  }
+   n = ALIGNMENT + n - (n & (ALIGNMENT - 1)); /* XXX: could overflow */
+   if (n <= avail) { avail -= n; return space + avail; }
+   x = malloc(n);
diff --git a/mail/qmail/files/qmailsend.in b/mail/qmail/files/qmailsend.in
index 7a3342f43873..31f022aecf82 100644
--- a/mail/qmail/files/qmailsend.in
+++ b/mail/qmail/files/qmailsend.in
@@ -41,8 +41,8 @@ pidfile="/var/run/${name}.pid"
 
 qmailsend_start() {
   case ${qmailsend_delivery} in
-    maildir) command_args='./Maildir/';;
-    mailbox) command_args='./Mailbox';;
+    maildir) command_args=./Maildir/;;
+    mailbox) command_args=./Mailbox;;
     proc)    command_args='|preline procmail';;
     V7)      command_args='|preline -f /bin/mail -f "${SENDER:-MAILER-DAEMON}" -d "$USER"';;
     SVR4)    command_args='|preline -f /bin/mail -r "${SENDER:-MAILER-DAEMON}" -d "$USER"';;