Fixes CVE-2014-3618 (heap overflow in formisc.c allowing denial of
service and potential remote execution of arbitrary code).
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3618

Source:
http://seclists.org/oss-sec/2014/q3/495

Adopted by Debian as patch '27':
https://sources.debian.net/src/procmail/3.22-25/debian/patches/27/

--- a/src/formisc.c
+++ b/src/formisc.c
@@ -84,12 +84,11 @@
 	case '"':*target++=delim='"';start++;
       }
      ;{ int i;
-	do
+	while(*start)
 	   if((i= *target++= *start++)==delim)	 /* corresponding delimiter? */
 	      break;
 	   else if(i=='\\'&&*start)		    /* skip quoted character */
 	      *target++= *start++;
-	while(*start);						/* anything? */
       }
      hitspc=2;
    }
lect name='h' onchange='this.form.submit();'>
<option value='koszko' selected='selected'>koszko</option>
<option value='koszko-scripts'>koszko-scripts</option>
</select> <input type='submit' value='switch'/></form></td></tr>
<tr><td class='sub'>Wojtek's customized Guix</td><td class='sub right'></td></tr></table>
<table class='tabs'><tr><td>
<a href='/guix/about/'>about</a><a href='/guix/'>summary</a><a href='/guix/refs/?id=c9cb0fda5e58423d9a96b84c76251d103d00a8e9'>refs</a><a class='active' href='/guix/log/tests/guix-graph.sh?showmsg=1'>log</a><a href='/guix/tree/tests/guix-graph.sh?id=c9cb0fda5e58423d9a96b84c76251d103d00a8e9'>tree</a><a href='/guix/commit/tests/guix-graph.sh?id=c9cb0fda5e58423d9a96b84c76251d103d00a8e9'>commit</a><a href='/guix/diff/tests/guix-graph.sh?id=c9cb0fda5e58423d9a96b84c76251d103d00a8e9'>diff</a></td><td class='form'><form class='right' method='get' action='/guix/log/tests/guix-graph.sh'>
<input type='hidden' name='id' value='c9cb0fda5e58423d9a96b84c76251d103d00a8e9'/><input type='hidden' name='showmsg' value='1'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=c9cb0fda5e58423d9a96b84c76251d103d00a8e9&amp;showmsg=1'>root</a>/<a href='/guix/log/tests?id=c9cb0fda5e58423d9a96b84c76251d103d00a8e9&amp;showmsg=1'>tests</a>/<a href='/guix/log/tests/guix-graph.sh?id=c9cb0fda5e58423d9a96b84c76251d103d00a8e9&amp;showmsg=1'>guix-graph.sh</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/tests/guix-graph.sh?id=c9cb0fda5e58423d9a96b84c76251d103d00a8e9'>Collapse</a>)</th><th class='left'>Author</th></tr>
<tr class='logheader'><td><span title='2016-05-21 01:35:14 +0200'>2016-05-21</span></td><td class='logsubject'><a href='/guix/commit/tests/guix-graph.sh?id=a773c3142dd168e1c4480614d3f5fd9d003954cd'>graph: Allow store file names for 'derivation' and 'references' graphs.</a></td><td>Ludovic Courtès</td></tr>
<tr class='nohover-highlight'><td/><td colspan='3' class='logmsg'>
* guix/scripts/graph.scm (%derivation-node-type)[convert]: Add
'derivation-path?' and catch-all clauses.
(%reference-node-type)[convert]: Add 'store-path?' and catch-all
clauses.
(assert-package, nodes-from-package): New procedures.
(%package-node-type, %bag-node-type,%bag-with-origins-node-type)
(%bag-emerged-node-type): Add 'convert' field
(guix-graph): Rename 'packages' to 'items' and
allow 'store-path?' arguments.
* guix/graph.scm (&lt;node-type&gt;)[convert]: Adjust comment.
* doc/guix.texi (Invoking guix graph): Document it.


</td></tr>

Age	Commit message (Collapse)	Author
2016-05-21	graph: Allow store file names for 'derivation' and 'references' graphs.	Ludovic Courtès
	* guix/scripts/graph.scm (%derivation-node-type)[convert]: Add 'derivation-path?' and catch-all clauses. (%reference-node-type)[convert]: Add 'store-path?' and catch-all clauses. (assert-package, nodes-from-package): New procedures. (%package-node-type, %bag-node-type,%bag-with-origins-node-type) (%bag-emerged-node-type): Add 'convert' field (guix-graph): Rename 'packages' to 'items' and allow 'store-path?' arguments. * guix/graph.scm (<node-type>)[convert]: Adjust comment. * doc/guix.texi (Invoking guix graph): Document it.