CVE-2020-28024: Heap buffer underflow in smtp_ungetc()

[exim.git] / src / src / tls.c

diff --git a/src/src/tls.c b/src/src/tls.c
index e6bf1c8d317a5165c54ba30b0796124dfdac1113..e073eadbeb3f47a4c12ed72ce1246324a6589888 100644 (file)
--- a/src/src/tls.c
+++ b/src/src/tls.c
@@ -222,7 +222,7 @@ if (kevent(tls_watch_fd, &kev[kev_used-cnt], cnt, &k_dummy, 1, &ts) >= 0)
 #else
 if (kevent(tls_watch_fd, &kev[kev_used-cnt], cnt, NULL, 0, NULL) >= 0)
   return TRUE;
-#endiv
+#endif
 s = US"kevent";
 
 bad:
@@ -457,6 +457,9 @@ Returns:       the character
 int
 tls_ungetc(int ch)
 {
+if (ssl_xfer_buffer_lwm <= 0)
+  log_write(0, LOG_MAIN|LOG_PANIC_DIE, "buffer underflow in tls_ungetc");
+
 ssl_xfer_buffer[--ssl_xfer_buffer_lwm] = ch;
 return ch;
 }