SECURITY: off-by-one in smtp transport (read response)

[exim.git] / src / src / deliver.c

diff --git a/src/src/deliver.c b/src/src/deliver.c
index 9ebd281fca33d32ba750050d28355d0688bef00f..ba2948dfd71b8900e47316f39682f68c7e17da76 100644 (file)
--- a/src/src/deliver.c
+++ b/src/src/deliver.c
@@ -521,8 +521,12 @@ while (one && two)
   else if (one->port != two->port)
     return FALSE;
 
-  /* Hosts matched */
+#ifdef SUPPORT_DANE
+  /* DNSSEC equality */
+  if (one->dnssec != two->dnssec) return FALSE;
+#endif
 
+  /* Hosts matched */
   one = one->next;
   two = two->next;
   }
@@ -2884,10 +2888,8 @@ while (addr_local)
   deliveries (e.g. to pipes) can take a substantial time. */
 
   if (!(dbm_file = dbfn_open(US"retry", O_RDONLY, &dbblock, FALSE, TRUE)))
-    {
     DEBUG(D_deliver|D_retry|D_hints_lookup)
       debug_printf("no retry data available\n");
-    }
 
   addr2 = addr;
   addr3 = NULL;