Fix matching of long addresses. Bug 2677

[exim.git] / src / src / match.c

diff --git a/src/src/match.c b/src/src/match.c
index 65d44198e6a25b82f81e31a5ee09b9b3c130eaa2..53cd22353e360e19b3ec381a3358e7a848cce38d 100644 (file)
--- a/src/src/match.c
+++ b/src/src/match.c
@@ -1288,9 +1288,11 @@ compared. Therefore, Exim now forces the entire address into lower case here,
 provided that "caseless" is set. (It is FALSE for calls for matching rewriting
 patterns.) Otherwise just the domain is lower cases. A magic item "+caseful" in
 the list can be used to restore a caseful copy of the local part from the
-original address. */
+original address.
+Limit the subject address size to avoid mem-exhastion attacks.  The size chosen
+is historical (we used to use big_buffer her). */
 
-if ((len = Ustrlen(address)) > 255) len = 255;
+if ((len = Ustrlen(address)) > BIG_BUFFER_SIZE) len = BIG_BUFFER_SIZE;
 ab.address = string_copyn(address, len);
 
 for (uschar * p = ab.address + len - 1; p >= ab.address; p--)