/branches/lenny/debian/changelog |
---|
6,8 → 6,10 |
from mechanisms with huge domainspecs. Workaround suggested by |
upstream. Limits the size of mechanisms and modifiers, but that |
shouldn't be a problem in practice. |
* 42_empty_sender.dpatch could previously cause segfaults by trying to |
write to a constant string. Fixed. |
-- Magnus Holmgren <holmgren@debian.org> Wed, 05 Nov 2008 10:34:13 +0100 |
-- Magnus Holmgren <holmgren@debian.org> Wed, 05 Nov 2008 10:37:20 +0100 |
libspf2 (1.2.5.dfsg-5+lenny1) testing-security; urgency=high |
/branches/lenny/debian/patches/42_empty_sender.dpatch |
---|
21,10 → 21,10 |
sr->env_from = strdup(from); |
- sr->env_from_lp = strdup(from); /* Too long, but simple */ |
- sr->env_from_lp[(cp - from)] = '\0'; |
+ *cp = '\0'; |
+ sr->env_from_lp = strdup(from); |
+ sr->env_from[cp - from] = '\0'; |
+ sr->env_from_lp = strdup(sr->env_from); |
sr->env_from_dp = strdup(cp + 1); |
+ *cp = '@'; |
+ sr->env_from[cp - from] = '@'; |
} |
else { |
+ if (cp == from) from++; /* "@domain.example" */ |