aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJacques Vidrine <nectar@FreeBSD.org>2003-09-17 15:10:36 +0000
committerJacques Vidrine <nectar@FreeBSD.org>2003-09-17 15:10:36 +0000
commit58fec675655367c5258890235a8cb889c2b53fac (patch)
tree744c5b0875a46b49b26ea91524f8ff2e06b5d440
parent5ef517c097100c80269c8a0e02678a89fde6b35e (diff)
downloadsrc-58fec675655367c5258890235a8cb889c2b53fac.tar.gz
src-58fec675655367c5258890235a8cb889c2b53fac.zip
Correct address parsing bug that is believed to be remotely exploitable.
Submitted by: Michal Zalewski <lcamtuf@dione.ids.pl>
Notes
Notes: svn path=/vendor/sendmail/dist/; revision=120169
-rw-r--r--contrib/sendmail/src/parseaddr.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/contrib/sendmail/src/parseaddr.c b/contrib/sendmail/src/parseaddr.c
index 6acc86de20fd..8128171078ee 100644
--- a/contrib/sendmail/src/parseaddr.c
+++ b/contrib/sendmail/src/parseaddr.c
@@ -700,7 +700,11 @@ prescan(addr, delim, pvpbuf, pvpbsize, delimptr, toktab)
addr[MAXNAME] = '\0';
returnnull:
if (delimptr != NULL)
+ {
+ if (p > addr)
+ p--;
*delimptr = p;
+ }
CurEnv->e_to = saveto;
return NULL;
}