Attachment 88081 Details for Bug 135141 – sendmail-CVE-2006-1173.patch

[patch] sendmail-CVE-2006-1173.patch

sendmail-CVE-2006-1173.patch (text/plain), 1.45 KB, created by Andrea Barisani (RETIRED) on 2006-06-01 05:24:41 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Andrea Barisani (RETIRED)

Created: 2006-06-01 05:24:41 UTC

Size: 1.45 KB

patch

obsolete

>--- sendmail/mime.c	24 Mar 2006 03:17:06 -0000	8.140
>+++ sendmail/mime.c	27 Apr 2006 22:56:16 -0000	8.141
>@@ -242,7 +242,9 @@
> 	*/
>
> 	if (sm_strcasecmp(type, "multipart") == 0 &&
>-	    (!bitset(M87F_NO8BIT, flags) || bitset(M87F_NO8TO7, flags)))
>+	    (!bitset(M87F_NO8BIT, flags) || bitset(M87F_NO8TO7, flags)) &&
>+	    !bitset(EF_TOODEEP, e->e_flags)
>+	   )
> 	{
>
> 		if (sm_strcasecmp(subtype, "digest") == 0)
>@@ -286,10 +288,13 @@
> 		}
> 		if (i >= MAXMIMENESTING)
> 		{
>-			usrerr("mime8to7: multipart nesting boundary too deep");
>+			if (tTd(43, 4))
>+				sm_dprintf("mime8to7: too deep, i=%d\n", i);
>+			if (!bitset(EF_TOODEEP, e->e_flags))
>+				usrerr("mime8to7: multipart nesting boundary too deep");
>
> 			/* avoid bounce loops */
>-			e->e_flags |= EF_DONT_MIME;
>+			e->e_flags |= EF_DONT_MIME|EF_TOODEEP;
> 		}
> 		else
> 		{
>@@ -374,7 +379,8 @@
>
> 	if (sm_strcasecmp(type, "message") == 0)
> 	{
>-		if (!wordinclass(subtype, 's'))
>+		if (!wordinclass(subtype, 's') ||
>+		    bitset(EF_TOODEEP, e->e_flags))
> 		{
> 			flags |= M87F_NO8BIT;
> 		}
>--- sendmail/sendmail.h	22 Mar 2006 22:58:39 -0000	8.1007
>+++ sendmail/sendmail.h	27 Apr 2006 22:56:16 -0000	8.1008
>@@ -942,6 +942,7 @@
> #define EF_TOOBIG	0x02000000L	/* message is too big */
> #define EF_SPLIT	0x04000000L	/* envelope has been split */
> #define EF_UNSAFE	0x08000000L	/* unsafe: read from untrusted source */
>+#define EF_TOODEEP	0x10000000L	/* message is nested too deep */
>
> #define DLVR_NOTIFY	0x01
> #define DLVR_RETURN	0x02
>

Actions: View | Diff

Attachments on bug 135141: 88081 | 88082