git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
DNS: more hardening against crafted responses
[exim.git]
/
src
/
src
/
acl.c
diff --git
a/src/src/acl.c
b/src/src/acl.c
index 5ab6747764959f5380fbc998411e538fd4a5ea7f..302dedaeb21fdde5f982fd5613701b04810a13f2 100644
(file)
--- a/
src/src/acl.c
+++ b/
src/src/acl.c
@@
-1092,7
+1092,7
@@
for (header_line * h = acl_added_headers; h; h = h->next)
g = string_append_listele_n(g, '\n', h->text, i);
}
g = string_append_listele_n(g, '\n', h->text, i);
}
-return
g ? g->s : NULL
;
+return
string_from_gstring(g)
;
}
}
@@
-1434,6
+1434,7
@@
for (rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS);
/* Extract the numerical SRV fields (p is incremented) */
/* Extract the numerical SRV fields (p is incremented) */
+ if (rr_bad_size(rr, 3 * sizeof(uint16_t))) continue;
GETSHORT(priority, p);
GETSHORT(weight, p);
GETSHORT(port, p);
GETSHORT(priority, p);
GETSHORT(weight, p);
GETSHORT(port, p);
@@
-3428,7
+3429,7
@@
for (; cb; cb = cb->next)
case CONTROL_FAKEREJECT:
cancel_cutthrough_connection(TRUE, US"fakereject");
case CONTROL_FAKEDEFER:
case CONTROL_FAKEREJECT:
cancel_cutthrough_connection(TRUE, US"fakereject");
case CONTROL_FAKEDEFER:
- fake_response =
(control_type == CONTROL_FAKEDEFER)
? DEFER : FAIL;
+ fake_response =
control_type == CONTROL_FAKEDEFER
? DEFER : FAIL;
if (*p == '/')
{
const uschar *pp = p + 1;
if (*p == '/')
{
const uschar *pp = p + 1;
@@
-3773,8
+3774,9
@@
for (; cb; cb = cb->next)
if (!f.dmarc_has_been_checked)
dmarc_process();
f.dmarc_has_been_checked = TRUE;
if (!f.dmarc_has_been_checked)
dmarc_process();
f.dmarc_has_been_checked = TRUE;
+
/* used long way of dmarc_exim_expand_query() in case we need more
/* used long way of dmarc_exim_expand_query() in case we need more
-
*
view into the process in the future. */
+ view into the process in the future. */
rc = match_isinlist(dmarc_exim_expand_query(DMARC_VERIFY_STATUS),
&arg, 0, NULL, NULL, MCL_STRING, TRUE, NULL);
break;
rc = match_isinlist(dmarc_exim_expand_query(DMARC_VERIFY_STATUS),
&arg, 0, NULL, NULL, MCL_STRING, TRUE, NULL);
break;