Fix CVE-2017-1000369: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000369 https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt Patch adapted from upstream source repository: https://git.exim.org/exim.git/commit/65e061b76867a9ea7aeeb535341b790b90ae6c21 From 65e061b76867a9ea7aeeb535341b790b90ae6c21 Mon Sep 17 00:00:00 2001 From: "Heiko Schlittermann (HS12-RIPE)" Date: Wed, 31 May 2017 23:08:56 +0200 Subject: [PATCH] Cleanup (prevent repeated use of -p/-oMr to avoid mem leak) --- doc/doc-docbook/spec.xfpt | 3 ++- src/src/exim.c | 19 +++++++++++++++++-- 2 files changed, 19 insertions(+), 3 deletions(-) diff --git a/src/src/exim.c b/src/src/exim.c index 67583e58..88e11977 100644 --- a/src/exim.c +++ b/src/exim.c @@ -3106,7 +3106,14 @@ for (i = 1; i < argc; i++) /* -oMr: Received protocol */ - else if (Ustrcmp(argrest, "Mr") == 0) received_protocol = argv[++i]; + else if (Ustrcmp(argrest, "Mr") == 0) + + if (received_protocol) + { + fprintf(stderr, "received_protocol is set already\n"); + exit(EXIT_FAILURE); + } + else received_protocol = argv[++i]; /* -oMs: Set sender host name */ @@ -3202,7 +3209,15 @@ for (i = 1; i < argc; i++) if (*argrest != 0) { - uschar *hn = Ustrchr(argrest, ':'); + uschar *hn; + + if (received_protocol) + { + fprintf(stderr, "received_protocol is set already\n"); + exit(EXIT_FAILURE); + } + + hn = Ustrchr(argrest, ':'); if (hn == NULL) { received_protocol = argrest; -- 2.13.1