Harden string-list handling

author Jeremy Harris <jgh146exb@wizmail.org>

Sat, 1 Dec 2018 16:49:50 +0000 (16:49 +0000)

committer Jeremy Harris <jgh146exb@wizmail.org>

Sun, 2 Dec 2018 14:02:21 +0000 (14:02 +0000)
author Jeremy Harris <jgh146exb@wizmail.org>
Sat, 1 Dec 2018 16:49:50 +0000 (16:49 +0000)
committer Jeremy Harris <jgh146exb@wizmail.org>
Sun, 2 Dec 2018 14:02:21 +0000 (14:02 +0000)
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog

index da4e1a8a703c76e3f16c1f26ba7cd6f0f0f69fee..2fa08c0a4a6fdd75355e140e039d009354a1e57e 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -71,6 +71,10 @@ JH/33 Bug 2338: Fix the cyrus-sasl authenticator to fill in the
        $authenticated_fail_id variable on authentication failure.  Previously
        it was unset.
  
+JH/36 Harder the handling of string-lists.  When a list consisted of a sole
+      "<" character, which should be a list-separator specification, we walked
+      off past the nul-terimation.
+
  
  Exim version 4.91
  -----------------
diff --git a/src/src/string.c b/src/src/string.c

index 29a87c57233f832f20be1264420bb79abc3fec46..0099ce0d97394bd71fd0a1e1cc89413501acab7d 100644 (file)
--- a/src/src/string.c
+++ b/src/src/string.c
@@ -894,7 +894,7 @@ if (sep <= 0)
    if (*s == '<' && (ispunct(s[1]) || iscntrl(s[1])))
      {
      sep = s[1];
-    s += 2;
+    if (*++s) ++s;
      while (isspace(*s) && *s != sep) s++;
      }
    else
author	Jeremy Harris <jgh146exb@wizmail.org>
	Sat, 1 Dec 2018 16:49:50 +0000 (16:49 +0000)
committer	Jeremy Harris <jgh146exb@wizmail.org>
	Sun, 2 Dec 2018 14:02:21 +0000 (14:02 +0000)
doc/doc-txt/ChangeLog		patch \| blob \| history
src/src/string.c		patch \| blob \| history